From 49b5cfcb45d8886dacc9057b19d1dc6b4909ede5 Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Wed, 21 Nov 2018 11:32:21 +0100
Subject: [PATCH] FEAT #8836 Profile picture : say cheese
---
rest/index.php | 1 +
sql/structure.sql | 1 +
.../controllers/DocumentController.php | 5 ++--
src/app/status/models/StatusModel.php | 20 ++++++++++++++++
src/app/user/controllers/UserController.php | 23 +++++++++++++++++++
src/app/user/models/UserModel.php | 3 ++-
6 files changed, 50 insertions(+), 3 deletions(-)
diff --git a/rest/index.php b/rest/index.php
index 688e4acf2e..5bf5fb2891 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -62,6 +62,7 @@ $app->get('/passwordRules', \SrcCore\controllers\PasswordController::class . ':g
//Users
$app->get('/users', \User\controllers\UserController::class . ':get');
+$app->get('/users/{id}', \User\controllers\UserController::class . ':getById');
$app->put('/users/{id}', \User\controllers\UserController::class . ':update');
$app->put('/users/{id}/password', \User\controllers\UserController::class . ':updatePassword');
$app->get('/users/{id}/signatures', \User\controllers\UserController::class . ':getSignatures');
diff --git a/sql/structure.sql b/sql/structure.sql
index a84947e49c..4a773fef79 100755
--- a/sql/structure.sql
+++ b/sql/structure.sql
@@ -76,6 +76,7 @@ CREATE TABLE users
"password" character varying(255) NOT NULL,
firstname character varying(128) NOT NULL,
lastname character varying(128) NOT NULL,
+ picture text,
enabled boolean DEFAULT TRUE,
mode character varying(50) NOT NULL,
cookie_key character varying(255) DEFAULT NULL::character varying,
diff --git a/src/app/document/controllers/DocumentController.php b/src/app/document/controllers/DocumentController.php
index 6682fed5d3..eff0c06dff 100755
--- a/src/app/document/controllers/DocumentController.php
+++ b/src/app/document/controllers/DocumentController.php
@@ -42,9 +42,10 @@ class DocumentController
$data['limit'] = empty($data['limit']) ? 0 : (int)$data['limit'];
$user = UserModel::getByEmail(['email' => $GLOBALS['email'], 'select' => ['id']]);
+ $status = StatusModel::getByReference(['select' => ['id'], 'reference' => 'NEW']);
- $where = ['processing_user = ?'];
- $dataGet = [$user['id']];
+ $where = ['processing_user = ?', 'status = ?'];
+ $dataGet = [$user['id'], $status['id']];
if (!empty($data['mode'])) {
$where[] = 'mode = ?';
$dataGet[] = $data['mode'];
diff --git a/src/app/status/models/StatusModel.php b/src/app/status/models/StatusModel.php
index 260b866d54..418c14708a 100755
--- a/src/app/status/models/StatusModel.php
+++ b/src/app/status/models/StatusModel.php
@@ -53,4 +53,24 @@ class StatusModel
return $status[0];
}
+
+ public static function getByReference(array $aArgs)
+ {
+ ValidatorModel::notEmpty($aArgs, ['reference']);
+ ValidatorModel::stringType($aArgs, ['reference']);
+ ValidatorModel::arrayType($aArgs, ['select']);
+
+ $status = DatabaseModel::select([
+ 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
+ 'table' => ['status'],
+ 'where' => ['reference = ?'],
+ 'data' => [$aArgs['reference']]
+ ]);
+
+ if (empty($status[0])) {
+ return [];
+ }
+
+ return $status[0];
+ }
}
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index 005048bf91..7ef7e47c1f 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -37,6 +37,18 @@ class UserController
return $response->withJson(['users' => $users]);
}
+ public function getById(Request $request, Response $response, array $args)
+ {
+ $user = UserModel::getByEmail(['email' => $GLOBALS['email'], 'select' => ['id']]);
+ if ($user['id'] != $args['id']) {
+ return $response->withStatus(403)->withJson(['errors' => 'User out of perimeter']);
+ }
+
+ $user = UserModel::getById(['select' => ['firstname', 'lastname', 'picture'], 'id' => $args['id']]);
+
+ return $response->withJson(['user' => $user]);
+ }
+
public function update(Request $request, Response $response, array $args)
{
$user = UserModel::getByEmail(['email' => $GLOBALS['email'], 'select' => ['id']]);
@@ -51,6 +63,17 @@ class UserController
return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
}
+ if (!empty($data['picture'])) {
+ $picture = base64_decode($data['picture']);
+ $finfo = new \finfo(FILEINFO_MIME_TYPE);
+ $mimeType = $finfo->buffer($picture);
+ $type = explode('/', $mimeType);
+
+ if ($type[0] != 'image') {
+ return $response->withStatus(400)->withJson(['errors' => 'Picture is not an image']);
+ }
+ }
+
$data['id'] = $args['id'];
UserModel::update($data);
diff --git a/src/app/user/models/UserModel.php b/src/app/user/models/UserModel.php
index bd9e046158..ec2d4f817b 100755
--- a/src/app/user/models/UserModel.php
+++ b/src/app/user/models/UserModel.php
@@ -79,13 +79,14 @@ class UserModel
{
ValidatorModel::notEmpty($aArgs, ['id', 'firstname', 'lastname']);
ValidatorModel::intVal($aArgs, ['id']);
- ValidatorModel::stringType($aArgs, ['firstname', 'lastname']);
+ ValidatorModel::stringType($aArgs, ['firstname', 'lastname', 'picture']);
DatabaseModel::update([
'table' => 'users',
'set' => [
'firstname' => $aArgs['firstname'],
'lastname' => $aArgs['lastname'],
+ 'picture' => empty($aArgs['picture']) ? null : $aArgs['picture']
],
'where' => ['id = ?'],
'data' => [$aArgs['id']]
--
GitLab