2015-12-16 00:48:30 +01:00
< ? php
App :: uses ( 'AppController' , 'Controller' );
class SightingsController extends AppController {
public $components = array ( 'Session' , 'RequestHandler' );
public function beforeFilter () {
parent :: beforeFilter ();
2016-11-21 17:27:30 +01:00
if ( Configure :: read ( 'Plugin.Sightings_enable' ) === false ) throw new MethodNotAllowedException ( 'This feature is not enabled on this instance.' );
2015-12-16 00:48:30 +01:00
}
public $paginate = array (
'limit' => 60 ,
'maxLimit' => 9999 , // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
2015-12-20 13:41:52 +01:00
'order' => array ( 'Sighting.date_sighting' => 'DESC' ),
2015-12-16 00:48:30 +01:00
);
2015-12-20 13:41:52 +01:00
// takes an attribute ID or UUID
2016-04-09 18:48:33 +02:00
public function add ( $id = false ) {
2015-12-20 13:41:52 +01:00
if ( ! $this -> userRole [ 'perm_add' ]) throw new MethodNotAllowedException ( 'You are not authorised to add sightings data as you don\'t have write access.' );
if ( ! $this -> request -> is ( 'post' )) throw new MethodNotAllowedException ( 'This action can only be accessed via a post request.' );
2016-04-09 18:48:33 +02:00
$now = time ();
$values = false ;
$timestamp = false ;
$error = false ;
if ( $id === 'stix' ) {
$result = $this -> Sighting -> handleStixSighting ( file_get_contents ( 'php://input' ));
if ( $result [ 'success' ]) {
$result [ 'data' ] = json_decode ( $result [ 'data' ], true );
$timestamp = isset ( $result [ 'data' ][ 'timestamp' ]) ? strtotime ( $result [ 'data' ][ 'timestamp' ]) : $now ;
2017-02-05 23:48:18 +01:00
$type = '0' ;
$source = '' ;
2016-04-09 18:48:33 +02:00
if ( isset ( $result [ 'data' ][ 'values' ])) $values = $result [ 'data' ][ 'values' ];
else $error = 'No valid values found could be extracted from the sightings document.' ;
} $error = $result [ 'message' ];
} else {
if ( isset ( $this -> request -> data [ 'request' ])) $this -> request -> data = $this -> request -> data [ 'request' ];
if ( isset ( $this -> request -> data [ 'Sighting' ])) $this -> request -> data = $this -> request -> data [ 'Sighting' ];
$timestamp = isset ( $this -> request -> data [ 'timestamp' ]) ? $this -> request -> data [ 'timestamp' ] : $now ;
if ( isset ( $this -> request -> data [ 'value' ])) $this -> request -> data [ 'values' ] = array ( $this -> request -> data [ 'value' ]);
$values = isset ( $this -> request -> data [ 'values' ]) ? $this -> request -> data [ 'values' ] : false ;
if ( ! $id && isset ( $this -> request -> data [ 'id' ])) $id = $this -> request -> data [ 'id' ];
2017-02-05 23:48:18 +01:00
$type = isset ( $this -> request -> data [ 'type' ]) ? $this -> request -> data [ 'type' ] : '0' ;
$source = isset ( $this -> request -> data [ 'type' ]) ? $this -> request -> data [ 'type' ] : '' ;
2016-04-09 18:48:33 +02:00
}
2017-02-05 23:48:18 +01:00
if ( ! $error ) $result = $this -> Sighting -> saveSightings ( $id , $values , $timestamp , $this -> Auth -> user (), $type , $source );
2016-04-09 18:48:33 +02:00
if ( $result == 0 ) $error = 'No valid attributes found that would match the sighting criteria.' ;
2016-06-04 01:08:16 +02:00
2015-12-20 13:41:52 +01:00
if ( $this -> request -> is ( 'ajax' )) {
2016-04-09 18:48:33 +02:00
if ( $error ) {
$error_message = 'Could not add the Sighting. Reason: ' . $error ;
2015-12-20 13:41:52 +01:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => false , 'errors' => $error_message )), 'status' => 200 ));
} else {
2017-02-05 23:48:18 +01:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'success' => $result . ' ' . $this -> Sighting -> type [ $type ] . (( $result == 1 ) ? '' : 's' ) . ' added.' )), 'status' => 200 ));
2015-12-20 13:41:52 +01:00
}
} else {
2016-04-09 18:48:33 +02:00
if ( $error ) {
2017-01-05 20:48:03 +01:00
return $this -> RestResponse -> saveFailResponse ( 'Sighting' , 'add' , $id , $error );
2015-12-20 13:41:52 +01:00
} else {
2017-02-05 23:48:18 +01:00
return $this -> RestResponse -> saveSuccessResponse ( 'Sighting' , 'add' , $id , false , $result . ' ' . $this -> Sighting -> type [ $type ] . (( $result == 1 ) ? '' : 's' ) . ' successfuly added.' );
2015-12-20 13:41:52 +01:00
}
}
2015-12-16 00:48:30 +01:00
}
2015-12-20 13:41:52 +01:00
// takes a sighting ID
2015-12-16 00:48:30 +01:00
public function delete ( $id ) {
2015-12-20 13:41:52 +01:00
if ( ! $this -> userRole [ 'perm_modify_org' ]) throw new MethodNotAllowedException ( 'You are not authorised to remove sightings data as you don\'t have permission to modify your organisation\'s data.' );
if ( ! $this -> request -> is ( 'post' )) throw new MethodNotAllowedException ( 'This action can only be accessed via a post request.' );
$sighting = $this -> Sighting -> find ( 'first' , array ( 'conditions' => array ( 'Sighting.id' => $id ), 'recursive' => - 1 ));
if ( empty ( $sighting )) throw new NotFoundException ( 'Invalid sighting.' );
if ( ! $this -> _isSiteAdmin ()) {
if ( $sighting [ 'Sighting' ][ 'org_id' ] != $this -> Auth -> user ( 'org_id' )) throw new NotFoundException ( 'Invalid sighting.' );
}
$result = $this -> Sighting -> delete ( $sighting [ 'Sighting' ][ 'id' ]);
if ( ! $result ) {
2017-01-05 20:48:03 +01:00
return $this -> RestResponse -> saveFailResponse ( 'Sighting' , 'delete' , $id , 'Could not delete the Sighting.' );
2015-12-20 13:41:52 +01:00
} else {
2017-01-05 20:48:03 +01:00
return $this -> RestResponse -> saveSuccessResponse ( 'Sighting' , 'delete' , $id , false , 'Sighting successfuly deleted.' );
2015-12-20 13:41:52 +01:00
}
}
2017-01-05 20:48:03 +01:00
2017-01-06 15:25:31 +01:00
public function index ( $eventid = false ) {
2017-01-05 20:48:03 +01:00
$this -> loadModel ( 'Event' );
2017-01-06 15:25:31 +01:00
$sightingConditions = array ();
if ( $eventid ) {
$sightingConditions = array ( 'Sighting.event_id' => $eventid );
}
$sightedEvents = $this -> Sighting -> find ( 'list' , array (
'group' => 'Sighting.event_id' ,
2017-01-05 20:48:03 +01:00
'fields' => array ( 'Sighting.event_id' ),
2017-01-06 15:25:31 +01:00
'conditions' => $sightingConditions
));
if ( empty ( $sightedEvents )) {
$this -> RestResponse -> viewData ( array ());
}
$conditions = array ( 'metadata' => true , 'contain' => false );
if ( $eventid ) {
$conditions [ 'eventid' ] = $sightedEvents ;
2017-01-05 20:48:03 +01:00
}
2017-01-06 15:25:31 +01:00
$events = $this -> Event -> fetchEventIds ( $this -> Auth -> user (), false , false , false , false , false , false , $sightedEvents );
$sightings = array ();
if ( ! empty ( $events )) {
foreach ( $events as $k => $event ) {
$sightings = array_merge ( $sightings , $this -> Sighting -> attachToEvent ( $event , $this -> Auth -> user ()));
}
2017-01-05 20:48:03 +01:00
}
2017-01-06 15:25:31 +01:00
return $this -> RestResponse -> viewData ( $sightings );
2017-01-05 20:48:03 +01:00
}
2015-12-16 00:48:30 +01:00
}