diff --git a/rest/index.php b/rest/index.php
index 688e4acf2ebc8d077d86e3f863253cd322884d91..5bf5fb2891a8752ff6704a3e6b3e9fc030f94d52 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -62,6 +62,7 @@ $app->get('/passwordRules', \SrcCore\controllers\PasswordController::class . ':g
//Users
$app->get('/users', \User\controllers\UserController::class . ':get');
+$app->get('/users/{id}', \User\controllers\UserController::class . ':getById');
$app->put('/users/{id}', \User\controllers\UserController::class . ':update');
$app->put('/users/{id}/password', \User\controllers\UserController::class . ':updatePassword');
$app->get('/users/{id}/signatures', \User\controllers\UserController::class . ':getSignatures');
diff --git a/sql/structure.sql b/sql/structure.sql
index a84947e49c548203733c8cc71478087527d4b53d..4a773fef79763c4206ae3d8fac4ef962cc0382ec 100755
--- a/sql/structure.sql
+++ b/sql/structure.sql
@@ -76,6 +76,7 @@ CREATE TABLE users
"password" character varying(255) NOT NULL,
firstname character varying(128) NOT NULL,
lastname character varying(128) NOT NULL,
+ picture text,
enabled boolean DEFAULT TRUE,
mode character varying(50) NOT NULL,
cookie_key character varying(255) DEFAULT NULL::character varying,
diff --git a/src/app/document/controllers/DocumentController.php b/src/app/document/controllers/DocumentController.php
index 6682fed5d32096dbba7b405a0dd3437a4679206a..eff0c06dff9c9ce5837c463b8b86a626572e2111 100755
--- a/src/app/document/controllers/DocumentController.php
+++ b/src/app/document/controllers/DocumentController.php
@@ -42,9 +42,10 @@ class DocumentController
$data['limit'] = empty($data['limit']) ? 0 : (int)$data['limit'];
$user = UserModel::getByEmail(['email' => $GLOBALS['email'], 'select' => ['id']]);
+ $status = StatusModel::getByReference(['select' => ['id'], 'reference' => 'NEW']);
- $where = ['processing_user = ?'];
- $dataGet = [$user['id']];
+ $where = ['processing_user = ?', 'status = ?'];
+ $dataGet = [$user['id'], $status['id']];
if (!empty($data['mode'])) {
$where[] = 'mode = ?';
$dataGet[] = $data['mode'];
diff --git a/src/app/status/models/StatusModel.php b/src/app/status/models/StatusModel.php
index 260b866d5470a3e359a43e30524e647f58830a4d..418c14708a4d9dc4f7a569e925ea91e8d38fad8b 100755
--- a/src/app/status/models/StatusModel.php
+++ b/src/app/status/models/StatusModel.php
@@ -53,4 +53,24 @@ class StatusModel
return $status[0];
}
+
+ public static function getByReference(array $aArgs)
+ {
+ ValidatorModel::notEmpty($aArgs, ['reference']);
+ ValidatorModel::stringType($aArgs, ['reference']);
+ ValidatorModel::arrayType($aArgs, ['select']);
+
+ $status = DatabaseModel::select([
+ 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
+ 'table' => ['status'],
+ 'where' => ['reference = ?'],
+ 'data' => [$aArgs['reference']]
+ ]);
+
+ if (empty($status[0])) {
+ return [];
+ }
+
+ return $status[0];
+ }
}
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index 005048bf912d58cc82298e6ef9258dfa58bf01c3..7ef7e47c1f1de0a8178cd21b07c455b89d62525a 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -37,6 +37,18 @@ class UserController
return $response->withJson(['users' => $users]);
}
+ public function getById(Request $request, Response $response, array $args)
+ {
+ $user = UserModel::getByEmail(['email' => $GLOBALS['email'], 'select' => ['id']]);
+ if ($user['id'] != $args['id']) {
+ return $response->withStatus(403)->withJson(['errors' => 'User out of perimeter']);
+ }
+
+ $user = UserModel::getById(['select' => ['firstname', 'lastname', 'picture'], 'id' => $args['id']]);
+
+ return $response->withJson(['user' => $user]);
+ }
+
public function update(Request $request, Response $response, array $args)
{
$user = UserModel::getByEmail(['email' => $GLOBALS['email'], 'select' => ['id']]);
@@ -51,6 +63,17 @@ class UserController
return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
}
+ if (!empty($data['picture'])) {
+ $picture = base64_decode($data['picture']);
+ $finfo = new \finfo(FILEINFO_MIME_TYPE);
+ $mimeType = $finfo->buffer($picture);
+ $type = explode('/', $mimeType);
+
+ if ($type[0] != 'image') {
+ return $response->withStatus(400)->withJson(['errors' => 'Picture is not an image']);
+ }
+ }
+
$data['id'] = $args['id'];
UserModel::update($data);
diff --git a/src/app/user/models/UserModel.php b/src/app/user/models/UserModel.php
index bd9e046158cd9c5ca6539f61f535c305396d5c0e..ec2d4f817b750560ac7b28b4f7566fd4e69f03da 100755
--- a/src/app/user/models/UserModel.php
+++ b/src/app/user/models/UserModel.php
@@ -79,13 +79,14 @@ class UserModel
{
ValidatorModel::notEmpty($aArgs, ['id', 'firstname', 'lastname']);
ValidatorModel::intVal($aArgs, ['id']);
- ValidatorModel::stringType($aArgs, ['firstname', 'lastname']);
+ ValidatorModel::stringType($aArgs, ['firstname', 'lastname', 'picture']);
DatabaseModel::update([
'table' => 'users',
'set' => [
'firstname' => $aArgs['firstname'],
'lastname' => $aArgs['lastname'],
+ 'picture' => empty($aArgs['picture']) ? null : $aArgs['picture']
],
'where' => ['id = ?'],
'data' => [$aArgs['id']]