dump_actions(); } $rh->add("dump_actions", [], PRIVILEGE_QUIZMASTER, "dump_actions", RESP_PLAIN, "Dump all registered actions."); /* ------------ ACTIONS AVAILABLE WITHOUT LOGGING IN ---------- */ // login the user function login(ReqHandler &$rh, array $params): string { global $userMgr; global $user; $nickname = $params["nickname"]; $password = $params["password"]; $user = $userMgr->getUser($nickname); if (($user !== null) && $user->checkPassword($password)) { session_start(); $_SESSION["nickname"] = $nickname; $result = "OK"; } else { $result = "FAIL"; } return $result; } $rh->add("login", ["nickname", "password"], PRIVILEGE_NONE, "login", RESP_PLAIN, "Log in the user."); // exit script if there's no live session or nickname is missing or the referenced user is non-existent if ((session_status() != PHP_SESSION_ACTIVE) || (!isset($_SESSION["nickname"])) || (count(get_user($_SESSION["nickname"])) == 0)) { goto process_and_print; } $user = $userMgr->getUser($_SESSION["nickname"]); $nickname = $user->getNickname(); $privilege = $user->getPrivilege(); $is_quizmaster = $privilege === PRIVILEGE_QUIZMASTER; /* ---------- ACTIONS REQUIRING BEING LOGGED IN ------------ */ function logout(ReqHandler &$rh, array $params): string { $_SESSION = []; // clean up session data setcookie(SESSION_NAME, "", -1); // invalidate cookie return "OK"; } function get_user_info(ReqHandler &$rh, array $params): array { global $user; $user_data_filtered = $user->toArray(); unset($user_data_filtered["password"]); return $user_data_filtered; } function get_available_games(ReqHandler &$rh, array $params): array { global $user; $games_by_groups = []; $groupids = $user->getGroups(); foreach ($groupids as $groupid) { $group_data = get_group($groupid); $game_collection = [ "groupname" => $group_data["groupname"], "description" => $group_data["description"], "games" => [] ]; $gameids = $group_data["games"]; foreach ($gameids as $gameid) { $game = get_game($gameid); $game_collection["games"][] = $game; } $games_by_groups[] = $game_collection; } return $games_by_groups; } function start_or_continue_test(ReqHandler &$rh, array $params): string { global $nickname; $testid = create_or_continue_test($params["gameid"], $nickname); return $testid; } function get_results_overview(ReqHandler &$rh, array $params): array { global $nickname; $concluded_tests = get_concluded_tests($params["gameid"], $nickname); $overviews = []; foreach ($concluded_tests as $ct) { $overview = [ "testid" => $ct["_id"], "start_time" => $ct["start_time"], "end_time" => $ct["end_time"], ...$ct["summary"] ]; $overviews[] = $overview; } return $overviews; } $rh->add("logout", [], PRIVILEGE_PLAYER, "logout", RESP_PLAIN, "Log out the user."); $rh->add("get_user_info", [], PRIVILEGE_PLAYER, "get_user_info", RESP_JSON, "Get user information."); $rh->add("get_available_games", [], PRIVILEGE_PLAYER, "get_available_games", RESP_JSON, "Get available games to the player."); $rh->add("start_or_continue_test", ["gameid"], PRIVILEGE_PLAYER, "start_or_continue_test", RESP_PLAIN, "Start new or continue an ongoing test."); $rh->add("get_results_overview", ["gameid"], PRIVILEGE_PLAYER, "get_results_overview", RESP_JSON, "Get a quick overview of player's results of a single game."); // test-related queries function does_test_belong_to_user(array $test_data): bool { global $nickname; return $test_data["nickname"] === $nickname; } function is_test_access_approved(array $test_data): bool { global $nickname; global $is_quizmaster; return does_test_belong_to_user($test_data) || is_user_contributor_to_game($test_data["gameid"], $nickname) || $is_quizmaster; } function access_test_data(string $testid): array|null { $testid = trim($testid); $test_data = ($testid !== "") ? get_test($testid) : null; // fetch test data if ($test_data === null) { return []; } // check if access is approved to the specific test if (!is_test_access_approved($test_data)) { return []; } // update the test if timed update_timed_tests([$test_data]); return $test_data; } function get_player_test(ReqHandler &$rh, array $params): array { $result = []; $test_data = access_test_data($params["testid"]); if ($test_data !== null) { $test_data_with_current_time = $test_data; $test_data_with_current_time["current_time"] = time(); $result = $test_data_with_current_time; } return $result; } function save_player_answer(ReqHandler &$rh, array $params): string { if (access_test_data($params["testid"] !== null)) { save_answer($params["testid"], $params["challenge_index"], $params["answer_index"]); return "OK"; } else { return "FAIL"; } } function submit_test(ReqHandler &$rh, array $params): string { if (access_test_data($params["testid"] !== null)) { conclude_test($params["testid"]); return "OK"; } else { return "FAIL"; } } function patch_through_image(string $gameid, string $img_url) { $game_dir = get_game_dir_by_gameid($gameid); $image_fetch_url = $game_dir . DIRECTORY_SEPARATOR . $img_url; $img_fp = fopen($image_fetch_url, "r"); if ($img_fp === false) { $img_fp = fopen(MISSING_IMAGE_PLACEHOLDER, "r"); } fpassthru($img_fp); fclose($img_fp); } function get_image(ReqHandler &$rh, array $params): string { $img_url = trim($params["img_url"] ?? ""); if ($img_url !== "") { $gameid = $params["gameid"]; patch_through_image($gameid, $img_url); } return ""; } $rh->add("get_test", ["testid"], PRIVILEGE_PLAYER, "get_player_test", RESP_JSON, "Get player's test by ID."); $rh->add("save_answer", ["testid", "challenge_index", "answer_index"], PRIVILEGE_PLAYER, "save_player_answer", RESP_PLAIN, "Store player's answer."); $rh->add("submit_test", ["testid"], PRIVILEGE_PLAYER, "submit_test", RESP_PLAIN, "Finish player's test."); $rh->add("get_image", ["gameid", "img_url"], PRIVILEGE_PLAYER, "get_image", RESP_NONE, "Get image per game."); // execute query if user has the player privilege level if ($privilege === PRIVILEGE_PLAYER) { goto process_and_print; } /* --------------- CREATOR LEVEL ACTIONS ---------------- */ $requester_nickname = $is_quizmaster ? "*" : $nickname; // "*" means every game function create_update_game(ReqHandler &$rh, array $params): array { global $userMgr; global $nickname; global $is_quizmaster; $update = $params[ReqHandler::ACTION_KEY] === "update_game"; $data = json_decode($params["data"], true) ?? []; if (($data === []) || (trim($data["name"] ?? "") === "")) { // no further processing return []; // ~exit... } // fetch fields $gameid = $data["_id"]; $name = $data["name"]; $description = $data["description"]; $contributors = explode_list($data["contributors"] ?? ""); $owner = $update ? trim($data["owner"] ?? $nickname) : $nickname; $groups = explode_list($data["groups"] ?? ""); $properties = $data["properties"] ?? []; // convert group compounds to group IDs $groupids = get_groupids_by_compounds($groups); // convert group compounds to _ids // remove group ID's this user cannot edit // $groupids_with_editor_access = []; // foreach ($groupids as $groupid) { // if (is_user_editor_to_group($groupid, $nickname) || $is_quizmaster) { // $groupids_with_editor_access[] = $groupid; // } // } // result $result = []; // create or update if (!$update) { create_game($name, $owner, $description); } else if (is_user_contributor_to_game($gameid, $nickname) || $is_quizmaster) { $game_data = get_game($gameid); if (count($game_data) !== 0) { // group management $old_groupids = $game_data["groups"]; // retain old groupids $new_groupids = $groupids; // get new groupids $groupids_add = array_diff($new_groupids, $old_groupids); // groups this user needs to be added to $groupids_remove = array_diff($old_groupids, $new_groupids); // groups this user need to be removed from foreach ($groupids_add as $groupid) { // execute insertion and removal change_group_game_assignments($groupid, $gameid, null); } foreach ($groupids_remove as $groupid) { change_group_game_assignments($groupid, null, $gameid); } // re-fetch game data $game_data = get_game($gameid); // update game header data $game_data["name"] = $name; $game_data["description"] = $description; if (($game_data["owner"] === $nickname) || $is_quizmaster) { $game_data["owner"] = $owner; } $game_data["contributors"] = array_intersect($contributors, $userMgr->getAllNicknames()); $game_data["properties"]["time_limit"] = $properties["time_limit"]; $game_data["properties"]["repeatable"] = $properties["repeatable"]; // process game public flag: a game might be only public if not being time-constrained and is allowed to be taken multiple times $game_data["public"] = ($properties["time_limit"] !== 0) || (!$properties["repeatable"]) ? false : $data["public"]; // update game data update_game($game_data); // update game file if supplied if (isset($_FILES["game_file"])) { // decide weather it's a package or a plain table $file = $_FILES["game_file"]; $challenge_import_status = []; // determine MIME type $file_type = strtolower(pathinfo($file["name"], PATHINFO_EXTENSION)); if ($file_type === "zip") { // a package was uploaded $zip = new ZipArchive; if ($zip->open($file["tmp_name"])) { $game_dir = get_game_dir_by_gameid($gameid); // get game directory //$game_files = glob($game_dir); // get list of existing game files // remove former files recursively $dir_iter = new RecursiveDirectoryIterator($game_dir, FilesystemIterator::SKIP_DOTS); foreach ($dir_iter as $dir_item) { $item_path = $dir_item->getPathname(); $dir_item->isDir() ? rmdir($item_path) : unlink($item_path); } // extract package contents to the game directory $zip->extractTo($game_dir . DIRECTORY_SEPARATOR); // search for the CSV table file $csv_files = glob($game_dir . DIRECTORY_SEPARATOR . "*.csv") ?? []; if (count($csv_files)) { $challenge_import_status = import_challenges_from_csv($csv_files[0], $gameid); } } } else if ($file_type === "csv") { // a plain table was uploaded $challenge_import_status = import_challenges_from_csv($file["tmp_name"], $gameid); } $result = $challenge_import_status; } } } return $result; } function get_all_game_headers(ReqHandler &$rh, array $params): array { global $requester_nickname; $game_headers = get_all_game_data_by_contributor_nickname($requester_nickname); foreach ($game_headers as &$game_header) { resolve_groupids($game_header["groups"]); } return $game_headers; } function get_challenges(ReqHandler &$rh, array $params): string { global $is_quizmaster; global $requester_nickname; $gameid = $params["gameid"]; $game_data = get_game($gameid); $result = ""; if ((count($game_data) > 0) && ($is_quizmaster || (is_user_contributor_to_game($gameid, $requester_nickname)))) { $result = file_get_contents(get_game_file_by_gameid($gameid)); } return $result; } function delete_games(ReqHandler &$rh, array $params): string { global $nickname; $gameids = explode_list(trim($params["ids"])); foreach ($gameids as $gameid) { if (($gameid !== "") && (is_user_owner_of_the_game($gameid, $nickname))) { // only the owner may delete a game delete_game($gameid); } } return "OK"; } function export_game_file_csv(ReqHandler &$rh, array $params): string { global $nickname; $gameid = trim($params["gameid"]); if (($gameid !== "") && is_user_contributor_to_game($gameid, $nickname)) { $f = tmpfile(); header("Content-Type: text/csv"); header("Content-Disposition: attachment; filename=\"challenges_$gameid.csv\"\r\n"); export_challenges_to_csv($f, $gameid); fseek($f, 0); fpassthru($f); } return ""; } function get_player_results_by_gameid(ReqHandler &$rh, array $params): array { global $nickname; global $is_quizmaster; $gameid = trim($params["gameid"]); $filter = trim($params["filter"] ?? ""); $ordering = trim($params["orderby"] ?? ""); $result = []; if (($gameid !== "") && (is_user_contributor_to_game($gameid, $nickname) || $is_quizmaster)) { $game_results = get_results_by_gameid($gameid, $filter, $ordering, true); $result = $game_results; } return $result; } function generate_detailed_game_stats(ReqHandler &$rh, array $params): array { $testids = json_decode(trim($params["testids"]), true); $gameid = trim($params["gameid"]); $stats = generate_detailed_stats($gameid, $testids); return $stats; } $rh->add(["create_game", "update_game"], ["data"], PRIVILEGE_CREATOR, "create_update_game", RESP_JSON, "Create or update game."); $rh->add("get_all_game_headers", [], PRIVILEGE_CREATOR, "get_all_game_headers", RESP_JSON, "Get all game headers."); $rh->add("get_challenges", [], PRIVILEGE_CREATOR, "get_challenges", RESP_PLAIN, "Get game challenges."); $rh->add("delete_games", ["ids"], PRIVILEGE_CREATOR, "delete_games", RESP_PLAIN, "Delete games."); $rh->add("export_game_file_csv", ["gameid"], PRIVILEGE_CREATOR, "export_game_file_csv", RESP_NONE, "Export game CSV file."); $rh->add("get_results_by_gameid", ["gameid"], PRIVILEGE_CREATOR, "get_player_results_by_gameid", RESP_JSON, "Get game results."); $rh->add("generate_detailed_stats", ["gameid", "testids"], PRIVILEGE_CREATOR, "generate_detailed_game_stats", RESP_JSON, "Generate detailed game stats."); // execute processing if user is a creator if ($privilege === PRIVILEGE_CREATOR) { goto process_and_print; } /* ------------------------ QUIZMASTER ACTIONS --------------------- */ function create_update_group(ReqHandler &$rh, array $params): string { global $user; $update = $params[ReqHandler::ACTION_KEY] === "update_group"; $groupname = trim($params["groupname"]); $description = trim($params["description"]); $editors = (!$update) ? [] : explode_list(trim($params["editors"])); $owner = (!$update) ? $user->getNickname() : (trim($params["owner"]) ?: $user->getNickname()); $result = "FAIL"; if ($groupname != "") { if (!$update) { create_group($groupname, $owner, $description); $result = "OK"; } else { $gid = $params["id"]; $group = get_group($gid); if (count($group) !== 0) { $group["unique"] = manage_unique_in_siblings($gid, $groupname); // manage unique flag in case of renaming $group["groupname"] = $groupname; $group["description"] = $description; $group["editors"] = array_intersect($editors, $group["users"]); // a user cannot be an editor if not part of the group $group["owner"] = $owner; update_group($group); $result = "OK"; } } } return $result; } function delete_groups(ReqHandler &$rh, array $params): string { $groups = explode_list($params["ids"] ?? ""); foreach ($groups as $g) { delete_group($g); } return "OK"; } function get_all_player_groups(ReqHandler &$rh, array $params): array { return get_all_groups(); } function search_player_groups(ReqHandler &$rh, array $params): array { return search_groups($params["needle"]); } function create_update_user(ReqHandler &$rh, array $params): string { global $userMgr; $update = $params[ReqHandler::ACTION_KEY] === "update_user"; $target_nickname = trim($params["nickname"]); $password = trim($params["password"]); $groups = explode_list($params["groups"]); $realname = trim($params["realname"]); $privilege = trim($params["privilege"]); $groupids = get_groupids_by_compounds($groups); // convert group compounds to _ids $success = false; if (($target_nickname !== "")) { if ((!$update) && ($password !== "")) { // CREATE $success = $userMgr->addUser($target_nickname, $password, $realname, $groupids, $privilege); } else if ($update) { // UPDATE $tuser = $userMgr->getUser($target_nickname); // load user data if ($tuser !== null) { // group management $old_groupids = $tuser->getGroups(); // retain old groupids $new_groupids = $groupids; // get new groupids $groupids_add = array_diff($new_groupids, $old_groupids); // groups this user needs to be added to $groupids_remove = array_diff($old_groupids, $new_groupids); // groups this user need to be removed from foreach ($groupids_add as $groupid) { // execute insertion and removal change_group_user_assignments($groupid, $target_nickname, null); } foreach ($groupids_remove as $groupid) { change_group_user_assignments($groupid, null, $target_nickname); } // re-fetch user //$tuser = get_user($target_nickname); // load user data // further field update $tuser->setRealname($realname); $tuser->setPrivilege($privilege); // password replacement, if requested if ($password !== "") { $tuser->changePassword(password_hash($password, PASSWORD_DEFAULT), "", false); } $success = true; } } } return $success ? "OK" : "FAIL"; } function delete_users(ReqHandler &$rh, array $params): string { global $userMgr; $nicknames = explode_list($params["users"]); foreach ($nicknames as $nick) { $userMgr->deleteUser($nick); } return "OK"; } function get_all_game_users(ReqHandler &$rh, array $params): array { global $userMgr; $user_data_filtered = []; $all_users = $userMgr->getAllUsers(); for ($i = 0; $i < count($all_users); $i++) { $a = $all_users[$i]->toArray(); // convert user to array unset($a["password"]); // remove password from records resolve_groupids($a["groups"]); // resolve group IDs $user_data_filtered[] = $a; } return $user_data_filtered; } function import_users_from_csv(ReqHandler &$rh, array $params): string { if (!isset($_FILES["users_table"])) { } return "OK"; } $rh->add("create_group", ["groupname", "description"], PRIVILEGE_QUIZMASTER, "create_update_group", RESP_PLAIN, "Create group."); $rh->add("update_group", ["groupname", "description", "owner", "editors", "id"], PRIVILEGE_QUIZMASTER, "create_update_group", RESP_PLAIN, "Update group."); $rh->add("delete_groups", ["ids"], PRIVILEGE_QUIZMASTER, "delete_groups", RESP_PLAIN, "Delete group."); $rh->add("get_all_groups", [], PRIVILEGE_QUIZMASTER, "get_all_player_groups", RESP_JSON, "Get all player groups."); $rh->add("search_groups", ["needle"], PRIVILEGE_QUIZMASTER, "search_player_groups", RESP_JSON, "Serach and fetch player groups."); $rh->add(["create_user", "update_user"], ["nickname", "password", "groups", "realname", "privilege"], PRIVILEGE_QUIZMASTER, "create_update_user", RESP_PLAIN, "Create or update user."); $rh->add("delete_users", ["users"], PRIVILEGE_QUIZMASTER, "delete_users", RESP_PLAIN, "Delete users."); $rh->add("get_all_users", [], PRIVILEGE_QUIZMASTER, "get_all_game_users", RESP_JSON, "Get all users."); $rh->add("import_users_from_csv", [], PRIVILEGE_QUIZMASTER, "import_users_from_csv", RESP_JSON, "Get all users."); function test(ReqHandler &$rh, array $params): string { $usrmgr = new UserMgr(); $nicknames = $usrmgr->getAllNicknames(); return join(", ", $nicknames); } $rh->add("test", [], PRIVILEGE_QUIZMASTER, "test", RESP_PLAIN, "Test."); // ---------- process_and_print: [$result, $success] = $rh->process($privilege); if ($success && ($result !== "")) { echo $result; }