2015-12-16 00:48:30 +01:00
< ? php
App :: uses ( 'AppController' , 'Controller' );
class SightingsController extends AppController {
public $components = array ( 'Session' , 'RequestHandler' );
public function beforeFilter () {
parent :: beforeFilter ();
2015-12-20 13:41:52 +01:00
if ( ! Configure :: read ( 'Plugin.Sightings_enable' )) throw new MethodNotAllowedException ( 'This feature is not enabled on this instance.' );
2015-12-16 00:48:30 +01:00
}
public $paginate = array (
'limit' => 60 ,
'maxLimit' => 9999 , // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
2015-12-20 13:41:52 +01:00
'order' => array ( 'Sighting.date_sighting' => 'DESC' ),
2015-12-16 00:48:30 +01:00
);
2015-12-20 13:41:52 +01:00
// takes an attribute ID or UUID
2016-04-09 18:48:33 +02:00
public function add ( $id = false ) {
2015-12-20 13:41:52 +01:00
if ( ! $this -> userRole [ 'perm_add' ]) throw new MethodNotAllowedException ( 'You are not authorised to add sightings data as you don\'t have write access.' );
if ( ! $this -> request -> is ( 'post' )) throw new MethodNotAllowedException ( 'This action can only be accessed via a post request.' );
2016-04-09 18:48:33 +02:00
$now = time ();
$values = false ;
$timestamp = false ;
$error = false ;
if ( $id === 'stix' ) {
$result = $this -> Sighting -> handleStixSighting ( file_get_contents ( 'php://input' ));
if ( $result [ 'success' ]) {
$result [ 'data' ] = json_decode ( $result [ 'data' ], true );
$timestamp = isset ( $result [ 'data' ][ 'timestamp' ]) ? strtotime ( $result [ 'data' ][ 'timestamp' ]) : $now ;
if ( isset ( $result [ 'data' ][ 'values' ])) $values = $result [ 'data' ][ 'values' ];
else $error = 'No valid values found could be extracted from the sightings document.' ;
} $error = $result [ 'message' ];
} else {
if ( isset ( $this -> request -> data [ 'request' ])) $this -> request -> data = $this -> request -> data [ 'request' ];
if ( isset ( $this -> request -> data [ 'Sighting' ])) $this -> request -> data = $this -> request -> data [ 'Sighting' ];
$timestamp = isset ( $this -> request -> data [ 'timestamp' ]) ? $this -> request -> data [ 'timestamp' ] : $now ;
if ( isset ( $this -> request -> data [ 'value' ])) $this -> request -> data [ 'values' ] = array ( $this -> request -> data [ 'value' ]);
$values = isset ( $this -> request -> data [ 'values' ]) ? $this -> request -> data [ 'values' ] : false ;
if ( ! $id && isset ( $this -> request -> data [ 'id' ])) $id = $this -> request -> data [ 'id' ];
}
if ( ! $error ) $result = $this -> Sighting -> saveSightings ( $id , $values , $timestamp , $this -> Auth -> user ());
if ( $result == 0 ) $error = 'No valid attributes found that would match the sighting criteria.' ;
2016-06-04 01:08:16 +02:00
2015-12-20 13:41:52 +01:00
if ( $this -> request -> is ( 'ajax' )) {
2016-04-09 18:48:33 +02:00
if ( $error ) {
$error_message = 'Could not add the Sighting. Reason: ' . $error ;
2015-12-20 13:41:52 +01:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => false , 'errors' => $error_message )), 'status' => 200 ));
} else {
2016-04-09 18:48:33 +02:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'success' => $result . ' sighting' . (( $result == 1 ) ? '' : 's' ) . ' added.' )), 'status' => 200 ));
2015-12-20 13:41:52 +01:00
}
} else {
2016-04-09 18:48:33 +02:00
if ( $error ) {
$this -> set ( 'errors' , $error );
$this -> set ( 'name' , 'Could not add the Sighting.' );
2015-12-20 13:41:52 +01:00
$this -> set ( 'message' , 'Could not add the Sighting.' );
$this -> set ( '_serialize' , array ( 'name' , 'message' , 'errors' ));
} else {
2016-04-09 18:48:33 +02:00
$this -> set ( 'name' , 'Sighting added.' );
$this -> set ( 'message' , $result . ' sighting' . (( $result == 1 ) ? '' : 's' ) . ' successfuly added.' );
2015-12-20 13:41:52 +01:00
$this -> set ( 'url' , '/sightings/add/' . $id );
$this -> set ( 'id' , $this -> Sighting -> id );
$this -> set ( '_serialize' , array ( 'name' , 'message' , 'url' , 'id' ));
}
}
2015-12-16 00:48:30 +01:00
}
2015-12-20 13:41:52 +01:00
// takes a sighting ID
2015-12-16 00:48:30 +01:00
public function delete ( $id ) {
2015-12-20 13:41:52 +01:00
if ( ! $this -> userRole [ 'perm_modify_org' ]) throw new MethodNotAllowedException ( 'You are not authorised to remove sightings data as you don\'t have permission to modify your organisation\'s data.' );
if ( ! $this -> request -> is ( 'post' )) throw new MethodNotAllowedException ( 'This action can only be accessed via a post request.' );
$sighting = $this -> Sighting -> find ( 'first' , array ( 'conditions' => array ( 'Sighting.id' => $id ), 'recursive' => - 1 ));
if ( empty ( $sighting )) throw new NotFoundException ( 'Invalid sighting.' );
if ( ! $this -> _isSiteAdmin ()) {
if ( $sighting [ 'Sighting' ][ 'org_id' ] != $this -> Auth -> user ( 'org_id' )) throw new NotFoundException ( 'Invalid sighting.' );
}
$result = $this -> Sighting -> delete ( $sighting [ 'Sighting' ][ 'id' ]);
if ( ! $result ) {
$this -> set ( 'errors' , '' );
$this -> set ( 'name' , 'Failed' );
$this -> set ( 'message' , 'Could not delete the Sighting.' );
$this -> set ( '_serialize' , array ( 'name' , 'message' , 'errors' ));
} else {
$this -> set ( 'name' , 'Success' );
$this -> set ( 'message' , 'Sighting successfuly deleted.' );
$this -> set ( 'url' , '/sightings/delete/' . $id );
$this -> set ( '_serialize' , array ( 'name' , 'message' , 'url' ));
}
}
2015-12-16 00:48:30 +01:00
}