validate activity input

Closes #149
directus · May 22, 2018 · 9e52009 · 9e52009
1 parent 96a5228
commit 9e52009
Show file tree

Hide file tree

Showing 3 changed files with 121 additions and 59 deletions.
diff --git a/src/core/Directus/Database/TableGateway/DirectusActivityTableGateway.php b/src/core/Directus/Database/TableGateway/DirectusActivityTableGateway.php
@@ -140,26 +140,6 @@ public function recordLogin($userId)
         $this->insertWith($insert);
     }
 
-    /**
-     * Records a message activity
-     *
-     * @param $data
-     *
-     * @return \Directus\Database\RowGateway\BaseRowGateway
-     */
-    public function recordMessage($data)
-    {
-        $logData = array_merge($data, [
-            'type' => self::TYPE_COMMENT,
-            'action' => static::ACTION_ADD,
-            'datetime' => DateTimeUtils::nowInUTC()->toString(),
-            'ip' => get_request_ip(),
-            'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''
-        ]);
-
-        return $this->updateRecord($logData);
-    }
-
     /**
      * Get the last update date from a list of row ids in the given table
      *

diff --git a/src/core/Directus/Services/ActivityService.php b/src/core/Directus/Services/ActivityService.php
@@ -0,0 +1,106 @@
+<?php
+
+namespace Directus\Services;
+
+use Directus\Application\Container;
+use Directus\Database\RowGateway\BaseRowGateway;
+use Directus\Database\Schema\SchemaManager;
+use Directus\Database\TableGateway\DirectusActivityTableGateway;
+use Directus\Database\TableGateway\DirectusRolesTableGateway;
+use Directus\Util\ArrayUtils;
+use Directus\Util\DateTimeUtils;
+
+class ActivityService extends AbstractService
+{
+    /**
+     * @var BaseRowGateway
+     */
+    protected $lastGroup = null;
+
+    /**
+     * @var DirectusRolesTableGateway
+     */
+    protected $tableGateway = null;
+
+    /**
+     * @var string
+     */
+    protected $collection;
+
+    /**
+     * @var ItemsService
+     */
+    protected $itemsService;
+
+    public function __construct(Container $container)
+    {
+        parent::__construct($container);
+        $this->collection = SchemaManager::COLLECTION_ACTIVITY;
+        $this->itemsService = new ItemsService($this->container);
+    }
+
+    public function createComment(array $data, array $params = [])
+    {
+        $data = array_merge($data, [
+            'type' => DirectusActivityTableGateway::TYPE_COMMENT,
+            'action' => DirectusActivityTableGateway::ACTION_ADD,
+            'datetime' => DateTimeUtils::nowInUTC()->toString(),
+            'ip' => get_request_ip(),
+            'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '',
+            'user' => $this->getAcl()->getUserId()
+        ]);
+
+        $this->validatePayload($this->collection, null, $data, $params);
+        $this->enforcePermissions($this->collection, $data, $params);
+
+        $tableGateway = $this->getTableGateway();
+
+        // make sure to create new one instead of update
+        unset($data[$tableGateway->primaryKeyFieldName]);
+        $newComment = $tableGateway->updateRecord($data, $this->getCRUDParams($params));
+
+        return $tableGateway->wrapData(
+            $newComment->toArray(),
+            true,
+            ArrayUtils::get($params, 'meta')
+        );
+    }
+
+    /**
+     * Finds a group by the given ID in the database
+     *
+     * @param int $id
+     * @param array $params
+     *
+     * @return array
+     */
+    public function find($id, array $params = [])
+    {
+        $tableGateway = $this->getTableGateway();
+        $params['id'] = $id;
+
+        return $this->getItemsAndSetResponseCacheTags($tableGateway, $params);
+    }
+
+    public function findAll(array $params = [])
+    {
+        $tableGateway = $this->getTableGateway();
+
+        return $this->getItemsAndSetResponseCacheTags($tableGateway, $params);
+    }
+
+    /**
+     * @return DirectusActivityTableGateway
+     */
+    public function getTableGateway()
+    {
+        if (!$this->tableGateway) {
+            $acl = $this->container->get('acl');
+            $dbConnection = $this->container->get('database');
+
+            $this->tableGateway = new DirectusActivityTableGateway($dbConnection, $acl);
+        }
+
+        return $this->tableGateway;
+    }
+}
diff --git a/src/endpoints/Activity.php b/src/endpoints/Activity.php
@@ -6,7 +6,8 @@
 use Directus\Application\Http\Request;
 use Directus\Application\Http\Response;
 use Directus\Application\Route;
-use Directus\Database\TableGateway\DirectusActivityTableGateway;
+use Directus\Services\ActivityService;
+use Directus\Util\ArrayUtils;
 
 class Activity extends Route
 {
@@ -28,23 +29,8 @@ public function __invoke(Application $app)
      */
     public function all(Request $request, Response $response)
     {
-        $dbConnection = $this->container->get('database');
-        $acl = $this->container->get('acl');
-        $params = $request->getQueryParams();
-
-        $activityTableGateway = new DirectusActivityTableGateway($dbConnection, $acl);
-
-        // a way to get records last updated from activity
-        // if (ArrayUtils::get($params, 'last_updated')) {
-        //     $table = key($params['last_updated']);
-        //     $ids = ArrayUtils::get($params, 'last_updated.' . $table);
-        //     $arrayOfIds = $ids ? explode(',', $ids) : [];
-        //     $responseData = $activityTableGateway->getLastUpdated($table, $arrayOfIds);
-        // } else {
-        //
-        // }
-
-        $responseData = $activityTableGateway->getItems($params);
+        $service = new ActivityService($this->container);
+        $responseData = $service->findAll($request->getQueryParams());
 
         return $this->responseWithData($request, $response, $responseData);
     }
@@ -57,14 +43,11 @@ public function all(Request $request, Response $response)
      */
     public function read(Request $request, Response $response)
     {
-        $dbConnection = $this->container->get('database');
-        $acl = $this->container->get('acl');
-        $params = array_merge($request->getQueryParams(), [
-            'id' => $request->getAttribute('id')
-        ]);
-
-        $activityTableGateway = new DirectusActivityTableGateway($dbConnection, $acl);
-        $responseData = $activityTableGateway->getItems($params);
+        $service = new ActivityService($this->container);
+        $responseData = $service->find(
+            $request->getAttribute('id'),
+            ArrayUtils::pick($request->getQueryParams(), ['fields', 'meta'])
+        );
 
         return $this->responseWithData($request, $response, $responseData);
     }
@@ -77,19 +60,12 @@ public function read(Request $request, Response $response)
      */
     public function createComment(Request $request, Response $response)
     {
-        $payload = $request->getParsedBody();
-        $dbConnection = $this->container->get('database');
-        $acl = $this->container->get('acl');
-        $activityTableGateway = new DirectusActivityTableGateway($dbConnection, $acl);
-        $payload = array_merge($payload, [
-            'user' => $acl->getUserId()
-        ]);
-
-        $record = $activityTableGateway->recordMessage($payload);
+        $service = new ActivityService($this->container);
+        $responseData = $service->createComment(
+            $request->getParsedBody() ?: [],
+            $request->getQueryParams()
+        );
 
-        return $this->responseWithData($request, $response, $activityTableGateway->wrapData(
-            $record->toArray(),
-            true
-        ));
+        return $this->responseWithData($request, $response, $responseData);
     }
 }