Gitiles
Code Review Sign In
gerrit.avm99963.com / delefme-covid-tracability / backend / 559f93839c4c06fe16ea3e684517b7cd983f00fe / . / inc / API.php
blob: 7a8acc0568446dc6ca735f22ef40fc17a21c7286 [file] [log] [blame]
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]1<?php
2namespace DAFME\Covid;
3
4class API {
5 private static function returnJSON($array) {
6 echo json_encode($array);
avm99963339e6f72020-09-27 17:12:43 +0200[diff] [blame]7 exit();
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]8 }
9
10 public static function returnError($errorMessage = 'Unexpected error') {
11 http_response_code(400);
12 self::returnJson([
13 'status' => 'error',
14 'errorMessage' => $errorMessage
15 ]);
16 }
17
18 public static function returnPayload($payload) {
19 self::returnJson([
20 'status' => 'ok',
21 'payload' => $payload
22 ]);
23 }
24
25 public static function returnOk() {
26 self::returnJson([
27 'status' => 'ok'
28 ]);
29 }
30
31 private static function checkSignInStatus() {
32 if (!Users::isSignedIn()) {
33 self::returnError('The user hasn\'t signed in.');
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]34 }
35 }
36
avm9996380afa682020-09-27 17:23:09 +0200[diff] [blame]37 private static function checkRequestMethod(string $method) {
38 if ($_SERVER['REQUEST_METHOD'] !== $method)
39 self::returnError('This action requires using the '.$method.' method.');
40 }
41
avm99963339e6f72020-09-27 17:12:43 +0200[diff] [blame]42 private static function getJSONBody() {
avm9996380afa682020-09-27 17:23:09 +0200[diff] [blame]43 self::checkRequestMethod('POST');
avm99963339e6f72020-09-27 17:12:43 +0200[diff] [blame]44
45 $rawBody = file_get_contents('php://input');
46 $json = json_decode($rawBody, true);
47 if (json_last_error() !== JSON_ERROR_NONE)
48 self::returnError('The request body is malformed.');
49
50 return $json;
51 }
52
avm999633cc83b62020-09-27 21:03:44 +0200[diff] [blame]53 private static function setCORSHeaders() {
54 global $conf;
55 if ((isset($conf['allowAllOrigins']) && $conf['allowAllOrigins']) ||
56 (isset($conf['allowedOrigins']) &&
57 isset($_SERVER['HTTP_ORIGIN']) &&
58 in_array($_SERVER['HTTP_ORIGIN'], $conf['allowedOrigins']))) {
59 header('Access-Control-Allow-Origin: '.($_SERVER['HTTP_ORIGIN'] ?? '*'));
60 header('Access-Control-Allow-Credentials: true');
61 }
62 }
63
64
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]65 public static function process($path) {
66 global $conf;
67
68 header('Content-Type: application/json');
avm999633cc83b62020-09-27 21:03:44 +0200[diff] [blame]69 self::setCORSHeaders();
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]70
71 $parts = explode('/', $path);
72 $method = $parts[0] ?? '';
73
74 switch ($method) {
75 case 'getAuthUrl':
avm9996380afa682020-09-27 17:23:09 +0200[diff] [blame]76 self::checkRequestMethod('GET');
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]77 $auth = new Auth();
78 self::returnPayload([
79 'url' => $auth->getAuthUrl()
80 ]);
81 break;
82
83 case 'isSignedIn':
avm9996380afa682020-09-27 17:23:09 +0200[diff] [blame]84 self::checkRequestMethod('GET');
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]85 $isSignedIn = \DAFME\Covid\Users::isSignedIn();
86 self::returnPayload([
87 'signedIn' => $isSignedIn
88 ]);
89 break;
90
avm99963559f9382020-10-12 21:58:28 +0200[diff] [blame^]91 case 'getStartupData':
92 self::checkRequestMethod('GET');
93
94 $payload = [];
95 $payload['user'] = [];
96 $payload['user']['signedIn'] = \DAFME\Covid\Users::isSignedIn();
97 $payload['user']['email'] = ($payload['user']['signedIn'] ? Users::getUserData('email') : null);
98
99 $auth = new Auth();
100 $payload['authUrl'] = $auth->getAuthUrl();
101 $payload['subjects'] = \DAFME\Covid\Subjects::getStartupSubjects();
102
103 self::returnPayload($payload);
104 break;
105
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]106 case 'signOut':
avm9996380afa682020-09-27 17:23:09 +0200[diff] [blame]107 self::checkRequestMethod('POST');
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]108 \DAFME\Covid\Users::signOut();
109 self::returnOk();
110 break;
111
112 case 'getAllSubjects':
avm9996380afa682020-09-27 17:23:09 +0200[diff] [blame]113 self::checkRequestMethod('GET');
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]114 $subjects = Subjects::getAll();
115
116 if ($subjects === false)
117 self::returnError();
118
119 self::returnPayload([
120 'subjects' => $subjects
121 ]);
122 break;
123
124 case 'getUserSubjects':
avm9996380afa682020-09-27 17:23:09 +0200[diff] [blame]125 self::checkRequestMethod('GET');
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]126 self::checkSignInStatus();
avm99963339e6f72020-09-27 17:12:43 +0200[diff] [blame]127 $subjects = Subjects::getUserSubjects();
128
129 if ($subjects === false)
130 self::returnError();
131
132 self::returnPayload([
133 'subjects' => $subjects
134 ]);
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]135 break;
136
avm99963339e6f72020-09-27 17:12:43 +0200[diff] [blame]137 case 'addUserSubject':
138 self::checkSignInStatus();
139 $body = self::getJSONBody();
140 if (!isset($body['subject']))
141 self::returnError();
142
143 if (Subjects::addUserSubject((int)$body['subject']))
144 self::returnOk();
145 else
146 self::returnError();
147 break;
148
149 case 'removeUserSubject':
150 self::checkSignInStatus();
151 $body = self::getJSONBody();
152 if (!isset($body['subject']))
153 self::returnError();
154
155 if (Subjects::removeUserSubject((int)$body['subject']))
156 self::returnOk();
157 else
158 self::returnError();
159 break;
160
avm99963282af722020-09-28 17:43:37 +0200[diff] [blame]161 case 'getCurrentClasses':
162 self::checkRequestMethod('GET');
avm99963b8365752020-10-04 13:02:38 +0200[diff] [blame]163 $classes = Classes::getClasses();
164 if ($classes === false)
165 self::returnError();
166 else
167 self::returnPayload([
168 'classes' => $classes
169 ]);
170 break;
171
172 case 'getClassesInTime':
173 self::checkRequestMethod('GET');
174 if (!$parts[1]) self::returnError("You must provide a unix time");
175 $unix_time = filter_var($parts[1], FILTER_VALIDATE_INT);
176 if (!$unix_time) self::returnError("Received parameter is not an integer");
177
178 $classes = Classes::getClasses($unix_time);
avm99963282af722020-09-28 17:43:37 +0200[diff] [blame]179 if ($classes === false)
avm99963472b0de2020-09-28 17:15:42 +0200[diff] [blame]180 self::returnError();
181 else
avm99963282af722020-09-28 17:43:37 +0200[diff] [blame]182 self::returnPayload([
183 'classes' => $classes
184 ]);
avm9996370995382020-09-23 01:03:01 +0200[diff] [blame]185 break;
186
187 case 'setClassState':
188 self::checkSignInStatus();
189 // @TODO: Handle this method
190 break;
191
192 default:
193 self::returnError('The method requested doesn\'t exist.');
194 break;
195 }
196 }
197}