epagris/SpreadQuiz
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- ReqHandler added

Browse Source 
- interface reworked
This commit is contained in:
Wiesner András 2024-09-16 21:24:47 +02:00
parent 356615c70b
commit e6aadf0a5c
4 changed files with 669 additions and 427 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

139
class/ReqHandler.php Normal file
View File

@ -0,0 +1,139 @@
<?php
// response types
const RESP_NONE = "none";
const RESP_PLAIN = "plain";
const RESP_JSON = "json";
// Request Handler Assignment class
// Members get populated when instantiated by ReqHandler;
// should not be used outside ReqHandler
class ReqHandlerAssignment
{
// members
public string $action; // action string
public array $params; // request parameters
public string $handler; // handler function
public string $hint; // human-readable hint about what this action performs
public string $level; // required command authentication level
public string $resp_type; // response type
public ReqHandler $rh; // reference to request handler
function __construct(string $action, array $params, string $level, string $handler, string $resp_type, string $hint, ReqHandler &$rh)
{
$this->action = $action;
$this->params = $params;
$this->level = $level;
$this->handler = $handler;
$this->resp_type = $resp_type;
$this->hint = $hint;
$this->rh = &$rh; // assign be reference
}
}
// Request Handler class
class ReqHandler
{
private array $mapping; // action-handler mapping
private array $request; // reference to $_REQUEST
private array $files; // reference to $_FILES
private string $level; // max privilege level
// Constructor
function __construct()
{
// create reference bindings
$this->request = &$_REQUEST;
$this->files = &$_FILES;
$this->mapping = [PRIVILEGE_NONE => [], PRIVILEGE_PLAYER => [], PRIVILEGE_CREATOR => [], PRIVILEGE_QUIZMASTER => []]; // create assignment categories
$this->level = PRIVILEGE_NONE;
}
// Add new handler
function add(string|array $actions, array $params, string $level, string $handler, string $resp_type, string $hint): bool
{
// convert single actions to array
$actions = is_string($actions) ? [$actions] : $actions;
// cannot assign more than one handler to the same action
foreach ($actions as $action) {
if (in_array($action, $this->mapping[$level])) {
return false;
}
// create the assignment object
$assignment = new ReqHandlerAssignment($action, $params, $level, $handler, $resp_type, $hint, $this);
$this->mapping[$level][$action] = $assignment;
}
return true;
}
const ACTION_KEY = "action";
// Process possible pending request. Also check access privilege.
function process(string $level = null, string $action_key = self::ACTION_KEY) : array {
// get action
$action = $this->request[$action_key] ?? "";
// don't process empty actions
if (trim($action) === "") {
return ["", false];
}
// if privilege level is specified, then store
$this->level = $level ?? $this->level;
$resp = "";
$success = false;
// look up action
$categories = array_keys($this->mapping);
$highest_category_index = array_search($this->level, $categories);
for ($i = 0; ($i < count($categories)) && ($i <= $highest_category_index); $i++) {
// get category
$category = &$this->mapping[$categories[$i]];
// find the command level category that includes this action
if (array_key_exists($action, $category)) {
// get assignment
$assignment = &$category[$action];
// check that all required parameters were passed
$all_params_passed = true;
foreach ($assignment->params as $param) {
$all_params_passed &= array_key_exists($param, $this->request);
}
// if params were provided, then invoke the callback
if ($all_params_passed) {
$handler = $assignment->handler;
$raw_resp = $handler($this, $this->request);
// convert response to preset response type
if ($assignment->resp_type !== RESP_NONE) { // if command returns with anything at all
if ($assignment->resp_type === RESP_JSON) { // JSON
$resp = json_encode($raw_resp);
} else if ($assignment->resp_type === RESP_PLAIN) { // PLAIN
$resp = $raw_resp;
}
}
// processing successful
$success = true;
break; // break the loop
}
}
}
return [$resp, $success];
}
// Set access privilege level
function set_privilege_level(string $level) {
$this->level = $level;
}
}

442
interface.php
View File

@ -22,6 +22,9 @@ require_once "testmgr.php";
require_once "controller.php"; require_once "controller.php";
require_once "class/ReqHandler.php";
// ------------------------
function patch_through_image(string $gameid, string $img_url) function patch_through_image(string $gameid, string $img_url)
{ {
$game_dir = get_game_dir_by_gameid($gameid); $game_dir = get_game_dir_by_gameid($gameid);
@ -35,16 +38,24 @@ function patch_through_image(string $gameid, string $img_url)
fclose($img_fp); fclose($img_fp);
} }
// ------------------------
$action = $_REQUEST["action"]; $action = $_REQUEST["action"];
$result = ""; $result = "";
$success = false;
$privilege = PRIVILEGE_NONE;
// no-login accessible actions // create request handler
switch ($action) { $rh = new ReqHandler();
case "login":
/* ------------ ACTIONS AVAILABLE WITHOUT LOGGING IN ---------- */
// login the user
function login(ReqHandler &$rh, array $params): string
{ {
$nickname = $_REQUEST["nickname"]; $nickname = $params["nickname"];
$password = $_REQUEST["password"]; $password = $params["password"];
if (check_user_credentials($nickname, $password)) { if (check_user_credentials($nickname, $password)) {
session_start(); session_start();
$_SESSION["nickname"] = $nickname; $_SESSION["nickname"] = $nickname;
@ -52,13 +63,15 @@ switch ($action) {
} else { } else {
$result = "FAIL"; $result = "FAIL";
} }
return $result;
} }
break;
} $rh->add("login", ["nickname", "password"], PRIVILEGE_NONE, "login", RESP_PLAIN, "Log in the user.");
// exit script if there's no live session or nickname is missing or the referenced user is non-existent // exit script if there's no live session or nickname is missing or the referenced user is non-existent
if ((session_status() != PHP_SESSION_ACTIVE) || (!isset($_SESSION["nickname"])) || (count(get_user($_SESSION["nickname"])) == 0)) { if ((session_status() != PHP_SESSION_ACTIVE) || (!isset($_SESSION["nickname"])) || (count(get_user($_SESSION["nickname"])) == 0)) {
goto print_result; goto process_and_print;
} }
$user_data = get_user($_SESSION["nickname"]); $user_data = get_user($_SESSION["nickname"]);
@ -66,23 +79,26 @@ $nickname = $user_data["nickname"];
$privilege = $user_data["privilege"]; $privilege = $user_data["privilege"];
$is_quizmaster = $privilege === PRIVILEGE_QUIZMASTER; $is_quizmaster = $privilege === PRIVILEGE_QUIZMASTER;
// login-requiring actions /* ---------- ACTIONS REQUIRING BEING LOGGED IN ------------ */
switch ($action) {
case "logout": function logout(ReqHandler &$rh, array $params): string
{ {
$_SESSION = []; // clean up session data $_SESSION = []; // clean up session data
setcookie(SESSION_NAME, "", -1); // invalidate cookie setcookie(SESSION_NAME, "", -1); // invalidate cookie
return "OK";
} }
break;
case "get_user_info": function get_user_info(ReqHandler &$rh, array $params): array
{ {
global $user_data;
$user_data_filtered = $user_data; $user_data_filtered = $user_data;
unset($user_data_filtered["password"]); unset($user_data_filtered["password"]);
$result = json_encode($user_data_filtered); return $user_data_filtered;
} }
break;
case "get_available_games": function get_available_games(ReqHandler &$rh, array $params): array
{ {
global $user_data;
$games_by_groups = []; $games_by_groups = [];
$groupids = $user_data["groups"]; $groupids = $user_data["groups"];
foreach ($groupids as $groupid) { foreach ($groupids as $groupid) {
@ -99,20 +115,21 @@ switch ($action) {
} }
$games_by_groups[] = $game_collection; $games_by_groups[] = $game_collection;
} }
$result = json_encode($games_by_groups);
return $games_by_groups;
} }
break;
case "start_or_continue_test": function start_or_continue_test(ReqHandler &$rh, array $params): string
{ {
$gameid = trim($_REQUEST["gameid"] ?? ""); global $nickname;
$testid = create_or_continue_test($gameid, $nickname); $testid = create_or_continue_test($params["gameid"], $nickname);
$result = $testid; return $testid;
} }
break;
case "get_results_overview": function get_results_overview(ReqHandler &$rh, array $params): array
{ {
$gameid = trim($_REQUEST["gameid"] ?? ""); global $nickname;
$concluded_tests = get_concluded_tests($gameid, $nickname); $concluded_tests = get_concluded_tests($params["gameid"], $nickname);
$overviews = []; $overviews = [];
foreach ($concluded_tests as $ct) { foreach ($concluded_tests as $ct) {
$overview = [ $overview = [
@ -123,80 +140,124 @@ switch ($action) {
]; ];
$overviews[] = $overview; $overviews[] = $overview;
} }
$result = json_encode($overviews); return $overviews;
}
break;
} }
$rh->add("logout", [], PRIVILEGE_PLAYER, "logout", RESP_PLAIN, "Log out the user.");
$rh->add("get_user_info", [], PRIVILEGE_PLAYER, "get_user_info", RESP_JSON, "Get user information.");
$rh->add("get_available_games", [], PRIVILEGE_PLAYER, "get_available_games", RESP_JSON, "Get available games to the player.");
$rh->add("start_or_continue_test", ["gameid"], PRIVILEGE_PLAYER, "start_or_continue_test", RESP_PLAIN, "Start new or continue an ongoing test.");
$rh->add("get_results_overview", ["gameid"], PRIVILEGE_PLAYER, "get_results_overview", RESP_JSON, "Get a quick overview of player's results of a single game.");
// test-related queries // test-related queries
const TEST_RELATED_ACTIONS = ["get_test", "save_answer", "submit_test"]; function does_test_belong_to_user(array $test_data): bool
if (in_array($action, TEST_RELATED_ACTIONS)) { {
global $nickname;
return $test_data["nickname"] === $nickname;
}
$testid = trim($_REQUEST["testid"] ?? ""); function is_test_access_approved(array $test_data): bool
$test_data = ($testid !== "") ? get_test($testid) : []; {
$is_a_default_test_with_access = ($testid !== "") && ((count($test_data)) > 0) && (($test_data["nickname"] === $nickname)); global $nickname;
global $is_quizmaster;
$user_is_contributor_or_quizmaster = $is_quizmaster || is_user_contributor_to_game($test_data["gameid"], $nickname); return does_test_belong_to_user($test_data) || is_user_contributor_to_game($test_data["gameid"], $nickname) || $is_quizmaster;
}
if ($is_a_default_test_with_access || $user_is_contributor_or_quizmaster) { function access_test_data(string $testid): array|null
{
$testid = trim($testid);
$test_data = ($testid !== "") ? get_test($testid) : null;
// fetch test data
if ($test_data === null) {
return [];
}
// check if access is approved to the specific test
if (!is_test_access_approved($test_data)) {
return [];
}
// update the test if timed // update the test if timed
update_timed_tests([$test_data]); update_timed_tests([$test_data]);
switch ($action) { return $test_data;
case "get_test": }
function get_player_test(ReqHandler &$rh, array $params): array
{ {
$result = [];
$test_data = access_test_data($params["testid"]);
if ($test_data !== null) {
$test_data_with_current_time = $test_data; $test_data_with_current_time = $test_data;
$test_data_with_current_time["current_time"] = time(); $test_data_with_current_time["current_time"] = time();
$result = json_encode($test_data_with_current_time); $result = $test_data_with_current_time;
} }
break;
case "save_answer": return $result;
}
function save_player_answer(ReqHandler &$rh, array $params): string
{ {
$chidx = $_REQUEST["challenge_index"]; if (access_test_data($params["testid"] !== null)) {
$answeridx = $_REQUEST["answer_index"]; save_answer($params["testid"], $params["challenge_index"], $params["answer_index"]);
save_answer($testid, $chidx, $answeridx); return "OK";
} } else {
break; return "FAIL";
case "submit_test":
{
conclude_test($testid);
}
break;
} }
} }
// $user_has_access_to_game = does_user_access_game($nickname, $gameid); function submit_test(ReqHandler &$rh, array $params): string
{
if (access_test_data($params["testid"] !== null)) {
conclude_test($params["testid"]);
return "OK";
} else {
return "FAIL";
}
}
// get_image needs special treatment function get_image(ReqHandler &$rh, array $params): string
if ($action === "get_image") { {
if ($is_a_default_test_with_access || $user_is_contributor_or_quizmaster) { // default case $img_url = trim($params["img_url"] ?? "");
$img_url = trim($_REQUEST["img_url"] ?? "");
if ($img_url !== "") { if ($img_url !== "") {
$gameid = $_REQUEST["gameid"]; $gameid = $params["gameid"];
patch_through_image($gameid, $img_url); patch_through_image($gameid, $img_url);
} }
}
return "";
} }
$rh->add("get_test", ["testid"], PRIVILEGE_PLAYER, "get_player_test", RESP_JSON, "Get player's test by ID.");
$rh->add("save_answer", ["testid", "challenge_index", "answer_index"], PRIVILEGE_PLAYER, "save_player_answer", RESP_PLAIN, "Store player's answer.");
$rh->add("submit_test", ["testid"], PRIVILEGE_PLAYER, "submit_test", RESP_PLAIN, "Finish player's test.");
$rh->add("get_image", ["gameid", "img_url"], PRIVILEGE_PLAYER, "get_image", RESP_NONE, "Get image per game.");
// execute query if user has the player privilege level
if ($privilege === PRIVILEGE_PLAYER) {
goto process_and_print;
} }
// creator or quizmaster actions /* --------------- CREATOR LEVEL ACTIONS ---------------- */
if (($privilege !== PRIVILEGE_CREATOR) && ($privilege !== PRIVILEGE_QUIZMASTER)) {
goto print_result;
}
$requester_nickname = $is_quizmaster ? "*" : $nickname; // "*" means every game $requester_nickname = $is_quizmaster ? "*" : $nickname; // "*" means every game
switch ($action) { function create_update_game(ReqHandler &$rh, array $params): array
case "create_game":
case "update_game":
{ {
$update = $action === "update_game"; global $nickname;
$data = json_decode($_REQUEST["data"], true) ?? []; global $is_quizmaster;
$update = $params[ReqHandler::ACTION_KEY] === "update_game";
$data = json_decode($params["data"], true) ?? [];
if (($data === []) || (trim($data["name"] ?? "") === "")) { // no further processing if (($data === []) || (trim($data["name"] ?? "") === "")) { // no further processing
goto print_result; // ~exit... return []; // ~exit...
} }
// fetch fields
$gameid = $data["_id"]; $gameid = $data["_id"];
$name = $data["name"]; $name = $data["name"];
$description = $data["description"]; $description = $data["description"];
@ -205,15 +266,19 @@ switch ($action) {
$groups = explode_list($data["groups"] ?? ""); $groups = explode_list($data["groups"] ?? "");
$properties = $data["properties"] ?? []; $properties = $data["properties"] ?? [];
// convert group compounds to group IDs
$groupids = get_groupids_by_compounds($groups); // convert group compounds to _ids $groupids = get_groupids_by_compounds($groups); // convert group compounds to _ids
// remove group ID's this user cannot edit // remove group ID's this user cannot edit
$groupids_with_editor_access = []; // $groupids_with_editor_access = [];
foreach ($groupids as $groupid) { // foreach ($groupids as $groupid) {
if (is_user_editor_to_group($groupid, $nickname) || $is_quizmaster) { // if (is_user_editor_to_group($groupid, $nickname) || $is_quizmaster) {
$groupids_with_editor_access[] = $groupid; // $groupids_with_editor_access[] = $groupid;
} // }
} // }
// result
$result = [];
// create or update // create or update
if (!$update) { if (!$update) {
@ -221,6 +286,7 @@ switch ($action) {
} else if (is_user_contributor_to_game($gameid, $nickname) || $is_quizmaster) { } else if (is_user_contributor_to_game($gameid, $nickname) || $is_quizmaster) {
$game_data = get_game($gameid); $game_data = get_game($gameid);
if (count($game_data) !== 0) { if (count($game_data) !== 0) {
// group management // group management
$old_groupids = $game_data["groups"]; // retain old groupids $old_groupids = $game_data["groups"]; // retain old groupids
$new_groupids = $groupids; // get new groupids $new_groupids = $groupids; // get new groupids
@ -239,7 +305,7 @@ switch ($action) {
// update game header data // update game header data
$game_data["name"] = $name; $game_data["name"] = $name;
$game_data["description"] = $description; $game_data["description"] = $description;
if (($game_data["owner"] === $nickname) || ($privilege === PRIVILEGE_QUIZMASTER)) { if (($game_data["owner"] === $nickname) || $is_quizmaster) {
$game_data["owner"] = $owner; $game_data["owner"] = $owner;
} }
$game_data["contributors"] = array_intersect($contributors, get_all_nicknames()); $game_data["contributors"] = array_intersect($contributors, get_all_nicknames());
@ -247,11 +313,7 @@ switch ($action) {
$game_data["properties"]["repeatable"] = $properties["repeatable"]; $game_data["properties"]["repeatable"] = $properties["repeatable"];
// process game public flag: a game might be only public if not being time-constrained and is allowed to be taken multiple times // process game public flag: a game might be only public if not being time-constrained and is allowed to be taken multiple times
if (($properties["time_limit"] !== 0) || (!$properties["repeatable"])) { $game_data["public"] = ($properties["time_limit"] !== 0) || (!$properties["repeatable"]) ? false : $data["public"];
$game_data["public"] = false;
} else {
$game_data["public"] = $data["public"];
}
// update game data // update game data
update_game($game_data); update_game($game_data);
@ -270,7 +332,7 @@ switch ($action) {
if ($zip->open($file["tmp_name"])) { if ($zip->open($file["tmp_name"])) {
$game_dir = get_game_dir_by_gameid($gameid); // get game directory $game_dir = get_game_dir_by_gameid($gameid); // get game directory
$game_files = glob($game_dir); // get list of existing game files //$game_files = glob($game_dir); // get list of existing game files
// remove former files recursively // remove former files recursively
$dir_iter = new RecursiveDirectoryIterator($game_dir, FilesystemIterator::SKIP_DOTS); $dir_iter = new RecursiveDirectoryIterator($game_dir, FilesystemIterator::SKIP_DOTS);
foreach ($dir_iter as $dir_item) { foreach ($dir_iter as $dir_item) {
@ -290,43 +352,56 @@ switch ($action) {
} else if ($file_type === "csv") { // a plain table was uploaded } else if ($file_type === "csv") { // a plain table was uploaded
$challenge_import_status = import_challenges_from_csv($file["tmp_name"], $gameid); $challenge_import_status = import_challenges_from_csv($file["tmp_name"], $gameid);
} }
$result = json_encode($challenge_import_status); $result = $challenge_import_status;
} }
} }
} }
return $result;
} }
break;
case "get_all_game_headers": function get_all_game_headers(ReqHandler &$rh, array $params): array
{ {
global $requester_nickname;
$game_headers = get_all_game_data_by_contributor_nickname($requester_nickname); $game_headers = get_all_game_data_by_contributor_nickname($requester_nickname);
foreach ($game_headers as &$game_header) { foreach ($game_headers as &$game_header) {
resolve_groupids($game_header["groups"]); resolve_groupids($game_header["groups"]);
} }
$result = json_encode($game_headers); return $game_headers;
} }
break;
case "get_challenges": function get_challenges(ReqHandler &$rh, array $params): string
{ {
$gameid = ($_REQUEST["gameid"] ?? ""); global $is_quizmaster;
global $requester_nickname;
$gameid = $params["gameid"];
$game_data = get_game($gameid); $game_data = get_game($gameid);
$result = "";
if ((count($game_data) > 0) && ($is_quizmaster || (is_user_contributor_to_game($gameid, $requester_nickname)))) { if ((count($game_data) > 0) && ($is_quizmaster || (is_user_contributor_to_game($gameid, $requester_nickname)))) {
$result = file_get_contents(get_game_file_by_gameid($gameid)); $result = file_get_contents(get_game_file_by_gameid($gameid));
} }
return $result;
} }
break;
case "delete_games": function delete_games(ReqHandler &$rh, array $params): string
{ {
$gameids = explode_list(trim($_REQUEST["ids"] ?? "")); global $nickname;
$gameids = explode_list(trim($params["ids"]));
foreach ($gameids as $gameid) { foreach ($gameids as $gameid) {
if (($gameid !== "") && (is_user_owner_of_the_game($gameid, $nickname))) { // only the owner may delete a game if (($gameid !== "") && (is_user_owner_of_the_game($gameid, $nickname))) { // only the owner may delete a game
delete_game($gameid); delete_game($gameid);
} }
} }
return "OK";
} }
break;
case "export_game_file_csv": function export_game_file_csv(ReqHandler &$rh, array $params): string
{ {
$gameid = trim($_REQUEST["gameid"] ?? ""); global $nickname;
$gameid = trim($params["gameid"]);
if (($gameid !== "") && is_user_contributor_to_game($gameid, $nickname)) { if (($gameid !== "") && is_user_contributor_to_game($gameid, $nickname)) {
$f = tmpfile(); $f = tmpfile();
header("Content-Type: text/csv"); header("Content-Type: text/csv");
@ -335,62 +410,71 @@ switch ($action) {
fseek($f, 0); fseek($f, 0);
fpassthru($f); fpassthru($f);
} }
return "";
} }
break;
case "get_results_by_gameid": function get_player_results_by_gameid(ReqHandler &$rh, array $params): array
{ {
$gameid = trim($_REQUEST["gameid"] ?? ""); global $nickname;
$filter = trim($_REQUEST["filter"] ?? ""); global $is_quizmaster;
$ordering = trim($_REQUEST["orderby"] ?? "");
$gameid = trim($params["gameid"]);
$filter = trim($params["filter"] ?? "");
$ordering = trim($params["orderby"] ?? "");
$result = [];
if (($gameid !== "") && (is_user_contributor_to_game($gameid, $nickname) || $is_quizmaster)) { if (($gameid !== "") && (is_user_contributor_to_game($gameid, $nickname) || $is_quizmaster)) {
$game_results = get_results_by_gameid($gameid, $filter, $ordering, true); $game_results = get_results_by_gameid($gameid, $filter, $ordering, true);
$result = json_encode($game_results); $result = $game_results;
} }
return $result;
} }
break;
case "generate_detailed_stats": function generate_detailed_game_stats(ReqHandler &$rh, array $params): array
{ {
$testids = json_decode(trim($_REQUEST["testids"] ?? "[]"), true); $testids = json_decode(trim($params["testids"]), true);
$gameid = trim($_REQUEST["gameid"] ?? ""); $gameid = trim($params["gameid"]);
$stats = generate_detailed_stats($gameid, $testids); $stats = generate_detailed_stats($gameid, $testids);
$result = json_encode($stats); return $stats;
}
break;
// case "get_image":
// {
// $gameid = trim($_REQUEST["gameid"] ?? "");
// $img_url = trim($_REQUEST["img_url"] ?? "");
// patch_through_image($gameid, $img_url);
// }
// break;
} }
// quizmaster actions $rh->add(["create_game", "update_game"], ["data"], PRIVILEGE_CREATOR, "create_update_game", RESP_JSON, "Create or update game.");
if ($privilege !== PRIVILEGE_QUIZMASTER) { $rh->add("get_all_game_headers", [], PRIVILEGE_CREATOR, "get_all_game_headers", RESP_JSON, "Get all game headers.");
goto print_result; $rh->add("get_challenges", [], PRIVILEGE_CREATOR, "get_challenges", RESP_PLAIN, "Get game challenges.");
$rh->add("delete_games", ["ids"], PRIVILEGE_CREATOR, "delete_games", RESP_PLAIN, "Delete games.");
$rh->add("export_game_file_csv", ["gameid"], PRIVILEGE_CREATOR, "export_game_file_csv", RESP_NONE, "Export game CSV file.");
$rh->add("get_results_by_gameid", ["gameid"], PRIVILEGE_CREATOR, "get_player_results_by_gameid", RESP_JSON, "Get game results.");
$rh->add("generate_detailed_stats", ["gameid", "testids"], PRIVILEGE_CREATOR, "generate_detailed_game_stats", RESP_JSON, "Generate detailed game stats.");
// execute processing if user is a creator
if ($privilege === PRIVILEGE_CREATOR) {
goto process_and_print;
} }
switch ($action) {
case "create_group": /* ------------------------ QUIZMASTER ACTIONS --------------------- */
case "update_group":
function create_update_group(ReqHandler &$rh, array $params): string
{ {
$update = $action === "update_group"; global $user_data;
$groupname = trim($_REQUEST["groupname"] ?? "");
$description = trim($_REQUEST["description"] ?? ""); $update = $params[ReqHandler::ACTION_KEY] === "update_group";
$editors = explode_list(trim($_REQUEST["editors"] ?? "")); $groupname = trim($params["groupname"]);
$owner = (!$update) ? $user_data["nickname"] : trim($_REQUEST["owner"]); $description = trim($params["description"]);
$editors = (!$update) ? [] : explode_list(trim($params["editors"]));
$owner = (!$update) ? $user_data["nickname"] : trim($params["owner"]);
$result = "FAIL";
if ($owner === "") { if ($owner === "") {
$owner = $user_data["nickname"]; $owner = $user_data["nickname"];
} }
if ($groupname != "") { if ($groupname != "") {
switch ($action) { if (!$update) {
case "create_group":
create_group($groupname, $owner, $description); create_group($groupname, $owner, $description);
break; $result = "OK";
case "update_group": } else {
{ $gid = $params["id"];
$gid = $_REQUEST["id"];
$group = get_group($gid); $group = get_group($gid);
if (count($group) !== 0) { if (count($group) !== 0) {
$group["unique"] = manage_unique_in_siblings($gid, $groupname); // manage unique flag in case of renaming $group["unique"] = manage_unique_in_siblings($gid, $groupname); // manage unique flag in case of renaming
@ -399,48 +483,50 @@ switch ($action) {
$group["editors"] = array_intersect($editors, $group["users"]); // a user cannot be an editor if not part of the group $group["editors"] = array_intersect($editors, $group["users"]); // a user cannot be an editor if not part of the group
$group["owner"] = $owner; $group["owner"] = $owner;
update_group($group); update_group($group);
$result = "OK";
} }
} }
break; }
return $result;
} }
} function delete_groups(ReqHandler &$rh, array $params): string
}
break;
case "delete_groups":
{ {
$groups = explode_list($_REQUEST["ids"] ?? ""); $groups = explode_list($params["ids"] ?? "");
foreach ($groups as $g) { foreach ($groups as $g) {
delete_group($g); delete_group($g);
} }
return "OK";
} }
break;
case "get_all_groups": function get_all_player_groups(ReqHandler &$rh, array $params): array
$result = json_encode(get_all_groups());
break;
case "search_groups":
{ {
$needle = $_REQUEST["needle"] ?? ""; return get_all_groups();
$result = json_encode(search_groups($needle));
} }
break;
case "create_user": function search_player_groups(ReqHandler &$rh, array $params): array
case "update_user":
{ {
$update = $action === "update_user"; return search_groups($params["needle"]);
$target_nickname = trim($_REQUEST["nickname"] ?? ""); }
$password = trim($_REQUEST["password"] ?? "");
$groups = explode_list($_REQUEST["groups"] ?? ""); function create_update_user(ReqHandler &$rh, array $params): string
$realname = trim($_REQUEST["realname"] ?? ""); {
$privilege = trim($_REQUEST["privilege"] ?? PRIVILEGE_PLAYER); $update = $params[ReqHandler::ACTION_KEY] === "update_user";
$target_nickname = trim($params["nickname"]);
$password = trim($params["password"]);
$groups = explode_list($params["groups"]);
$realname = trim($params["realname"]);
$privilege = trim($params["privilege"]);
$groupids = get_groupids_by_compounds($groups); // convert group compounds to _ids $groupids = get_groupids_by_compounds($groups); // convert group compounds to _ids
$success = false;
if (($target_nickname !== "")) { if (($target_nickname !== "")) {
if ((!$update) && ($password !== "")) { // CREATE if ((!$update) && ($password !== "")) { // CREATE
add_user($target_nickname, $password, $realname, $groupids, $privilege); $success = add_user($target_nickname, $password, $realname, $groupids, $privilege);
} else if ($update) { // UPDATE } else if ($update) { // UPDATE
$user_data = get_user($target_nickname); // load user data $user_data = get_user($target_nickname); // load user data
if (count ($user_data) > 0) {
// group management // group management
$old_groupids = $user_data["groups"]; // retain old groupids $old_groupids = $user_data["groups"]; // retain old groupids
@ -466,43 +552,55 @@ switch ($action) {
$user_data["password"] = password_hash($password, PASSWORD_DEFAULT); $user_data["password"] = password_hash($password, PASSWORD_DEFAULT);
} }
update_user($user_data); $success = update_user($user_data);
}
} }
} }
return $success ? "OK" : "FAIL";
} }
break;
case "delete_users": function delete_users(ReqHandler &$rh, array $params): string {
{ $users = explode_list($params["users"]);
$users = explode_list($_REQUEST["users"] ?? "");
foreach ($users as $g) { foreach ($users as $g) {
delete_user($g); delete_user($g);
} }
return "OK";
} }
break;
case "get_all_users": function get_all_game_users(ReqHandler &$rh, array $params): array {
{
$user_data_filtered = get_all_users(); $user_data_filtered = get_all_users();
for ($i = 0; $i < count($user_data_filtered); $i++) { for ($i = 0; $i < count($user_data_filtered); $i++) {
unset($user_data_filtered[$i]["password"]); // remove password from records unset($user_data_filtered[$i]["password"]); // remove password from records
resolve_groupids($user_data_filtered[$i]["groups"]); // resolve group IDs resolve_groupids($user_data_filtered[$i]["groups"]); // resolve group IDs
} }
$result = json_encode($user_data_filtered); return $user_data_filtered;
} }
break;
case "import_users_from_csv": function import_users_from_csv(ReqHandler &$rh, array $params): string {
{
if (!isset($_FILES["users_table"])) { if (!isset($_FILES["users_table"])) {
goto print_result;
} }
return "OK";
} }
break;
} $rh->add("create_group", ["groupname", "description"], PRIVILEGE_QUIZMASTER, "create_update_group", RESP_PLAIN, "Create group.");
$rh->add("update_group", ["groupname", "description", "owner", "editors", "id"], PRIVILEGE_QUIZMASTER, "create_update_group", RESP_PLAIN, "Update group.");
$rh->add("delete_group", ["ids"], PRIVILEGE_QUIZMASTER, "delete_group", RESP_PLAIN, "Delete group.");
$rh->add("get_all_groups", [], PRIVILEGE_QUIZMASTER, "get_all_player_groups", RESP_JSON, "Get all player groups.");
$rh->add("search_groups", ["needle"], PRIVILEGE_QUIZMASTER, "search_player_groups", RESP_JSON, "Serach and fetch player groups.");
$rh->add(["create_user", "update_user"], ["nickname", "password", "groups", "realname", "privilege"], PRIVILEGE_QUIZMASTER, "create_update_user", RESP_PLAIN, "Create or update user.");
$rh->add("delete_users", ["users"], PRIVILEGE_QUIZMASTER, "delete_users", RESP_PLAIN, "Delete users.");
$rh->add("get_all_game_users", [], PRIVILEGE_QUIZMASTER, "get_all_users", RESP_JSON, "Get all users.");
$rh->add("import_users_from_csv", [], PRIVILEGE_QUIZMASTER, "import_", RESP_JSON, "Get all users.");
// ---------- // ----------
print_result: process_and_print:
if ($result !== "") { [$result, $success] = $rh->process($privilege);
if ($success && ($result !== "")) {
echo $result; echo $result;
} }

4
style/spreadquiz_mobile.css
View File

@ -38,6 +38,10 @@
width: calc(100vw - 3em); width: calc(100vw - 3em);
} }
section.answer label {
max-width: 80%;
}
section#infobox { section#infobox {
top: unset; top: unset;
left: 0; left: 0;

1
usermgr.php
View File

@ -7,6 +7,7 @@ require_once "controller.php";
$userdb = new \SleekDB\Store(USERDB, DATADIR, ["timeout" => false]); $userdb = new \SleekDB\Store(USERDB, DATADIR, ["timeout" => false]);
const PRIVILEGE_NONE = "none";
const PRIVILEGE_PLAYER = "player"; const PRIVILEGE_PLAYER = "player";
const PRIVILEGE_CREATOR = "creator"; const PRIVILEGE_CREATOR = "creator";
const PRIVILEGE_QUIZMASTER = "admin"; // TODO: refactor! const PRIVILEGE_QUIZMASTER = "admin"; // TODO: refactor!