You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

185 lines
5.3 KiB

  1. <?php
  2. namespace App\Http\Controllers;
  3. use Laravel\Lumen\Routing\Controller as BaseController;
  4. use Illuminate\Http\Request;
  5. use DB;
  6. class Controller extends BaseController
  7. {
  8. private static function displayURL() {
  9. return preg_replace('/(^https?:\/\/|\/$)/', '', session('me'));
  10. }
  11. public function index(Request $request) {
  12. if(session('user_id')) {
  13. $databases = DB::select('SELECT d.*
  14. FROM `databases` d
  15. JOIN database_users u ON d.id = u.database_id
  16. WHERE u.user_id = ?
  17. ORDER BY name', [session('user_id')]);
  18. return view('dashboard', [
  19. 'displayURL' => self::displayURL(),
  20. 'databases' => $databases
  21. ]);
  22. } else {
  23. return view('index');
  24. }
  25. }
  26. public function createDatabase(Request $request) {
  27. if(!session('user_id'))
  28. return redirect('/');
  29. if($request->input('name') == '') {
  30. $request->session()->flash('create-error', 'Enter a name.');
  31. return redirect('/');
  32. }
  33. // Only alphanumeric chars are allowed
  34. if(preg_replace('/[^a-zA-Z0-9]/', '', $request->input('name')) != $request->input('name')) {
  35. $request->session()->flash('create-error', 'Only alphanumeric characters are allowed.');
  36. $request->session()->flash('database-name', preg_replace('/[^a-zA-Z0-9]/','',$request->input('name')));
  37. return redirect('/');
  38. }
  39. // Check for conflicts
  40. $db = DB::select('SELECT * FROM `databases` WHERE name = ?', [$request->input('name')]);
  41. if(count($db) == 0) {
  42. // Create the database records
  43. $id = DB::table('databases')->insertGetId([
  44. 'name' => $request->input('name'),
  45. 'read_token' => str_random(40),
  46. 'write_token' => str_random(40),
  47. 'created_by' => session('user_id'),
  48. 'created_at' => date('Y-m-d H:i:s')
  49. ]);
  50. DB::table('database_users')->insert([
  51. 'database_id' => $id,
  52. 'user_id' => session('user_id'),
  53. 'created_at' => date('Y-m-d H:i:s')
  54. ]);
  55. return redirect('/');
  56. } else {
  57. $request->session()->flash('create-error', 'That database name is already in use.');
  58. $request->session()->flash('database-name', $request->input('name'));
  59. return redirect('/');
  60. }
  61. }
  62. public function map(Request $request, $name) {
  63. if(!session('user_id'))
  64. return redirect('/');
  65. // Verify this user has access to the database
  66. $db = DB::table('databases')
  67. ->join('database_users', function($join){
  68. $join->on('databases.id','=','database_users.database_id');
  69. })
  70. ->where('user_id','=',session('user_id'))
  71. ->where('name','=',$name)
  72. ->first();
  73. if(!$db)
  74. return redirect('/');
  75. return view('map', [
  76. 'displayURL' => self::displayURL(),
  77. 'database' => $db,
  78. 'menu' => [
  79. '/settings/'.$name => 'Settings'
  80. ]
  81. ]);
  82. }
  83. public function settings(Request $request, $name) {
  84. if(!session('user_id'))
  85. return redirect('/');
  86. // Only the person that created the database can modify it
  87. $db = DB::table('databases')
  88. ->where('created_by','=',session('user_id'))
  89. ->where('name','=',$name)
  90. ->first();
  91. if(!$db)
  92. return redirect('/');
  93. $users = DB::select('SELECT u.*
  94. FROM users u
  95. JOIN database_users d ON u.id = d.user_id
  96. WHERE d.database_id = ?
  97. ORDER BY u.url', [$db->id]);
  98. return view('settings', [
  99. 'displayURL' => self::displayURL(),
  100. 'database' => $db,
  101. 'users' => $users,
  102. 'menu' => [
  103. '/map/'.$name => 'Map'
  104. ]
  105. ]);
  106. }
  107. public function updateSettings(Request $request, $name) {
  108. if(!session('user_id'))
  109. return redirect('/');
  110. // Only the person that created the database can modify it
  111. $db = DB::table('databases')
  112. ->where('created_by','=',session('user_id'))
  113. ->where('name','=',$name)
  114. ->first();
  115. if(!$db)
  116. return redirect('/');
  117. if($request->input('remove_user')) {
  118. $user = DB::table('users')->where('url','=',$request->input('remove_user'))->first();
  119. if($user) {
  120. DB::table('database_users')->where('database_id','=',$db->id)->where('user_id','=',$user->id)->delete();
  121. }
  122. return response(json_encode([
  123. 'result' => 'ok'
  124. ]))->header('Content-Type', 'application/json');
  125. } else if($request->input('add_user')) {
  126. // Find user if it exists already
  127. $user = DB::table('users')->where('url','=',$request->input('add_user'))->first();
  128. if($user) {
  129. $user_id = $user->id;
  130. } else {
  131. $user_id = DB::table('users')->insertGetId([
  132. 'url' => $request->input('add_user'),
  133. 'created_at' => date('Y-m-d H:i:s')
  134. ]);
  135. }
  136. // Add access to the database
  137. $exists = DB::table('database_users')->where('database_id','=',$db->id)->where('user_id','=',$user_id)->first();
  138. if(!$exists) {
  139. DB::table('database_users')->insert([
  140. 'database_id' => $db->id,
  141. 'user_id' => $user_id,
  142. 'created_at' => date('Y-m-d H:i:s')
  143. ]);
  144. }
  145. return redirect('/settings/'.$db->name);
  146. } else if($request->input('micropub_endpoint')) {
  147. DB::table('databases')->where('id', $db->id)
  148. ->update([
  149. 'micropub_endpoint' => $request->input('micropub_endpoint'),
  150. 'micropub_token' => $request->input('micropub_token'),
  151. ]);
  152. return redirect('/settings/'.$db->name);
  153. }
  154. }
  155. }