diff options
Diffstat (limited to 'src/Controllers/Client/UserController.php')
| -rwxr-xr-x | src/Controllers/Client/UserController.php | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/src/Controllers/Client/UserController.php b/src/Controllers/Client/UserController.php new file mode 100755 index 0000000..63442ec --- /dev/null +++ b/src/Controllers/Client/UserController.php @@ -0,0 +1,184 @@ +<?php + +namespace App\Controllers\Client; + +use App\Database; +use App\Errors\AppException; +use App\Errors\NotFoundError; +use App\Errors\UnauthorizedError; +use App\Models\Device; +use App\Models\User; +use App\Support\RequestValidator; +use Cassandra\Exception\UnauthorizedException; +use Matrix\Enums\ErrorCode; +use Matrix\Responses\ClientAccountWhoamiGetResponse; +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpFoundation\JsonResponse; +use Symfony\Component\Routing\Attribute\Route; + +class UserController +{ + #[Route(path: "/_matrix/client/v3/account/whoami", methods: ["GET"])] + public function whoami(Request $request): Response + { + $user = User::authenticateWithRequest($request); + $device = Device::fetch(userId: $user->getId()); + + return new JsonResponse(new ClientAccountWhoamiGetResponse( + userId: $user->getId(), + deviceId: $device->getId(), + )); + } + + /** + * @see https://spec.matrix.org/v1.16/client-server-api/#post_matrixclientv3useruseridfilter + */ + #[Route(path: "/_matrix/client/r0/user/{userId}/filter", methods: ["POST"])] + #[Route(path: "/_matrix/client/v3/user/{userId}/filter", methods: ["POST"])] + public function uploadFilter(Request $request): Response + { + $accessToken = str_replace("Bearer ", "", $request->headers->get("authorization") ?: ""); + $user = User::fetchWithAccessToken($accessToken); + + if (empty($user)) { + throw new UnauthorizedError(); + } + + $userId = $request->get("userId"); + if ($user->getId() !== $userId) { + throw new UnauthorizedError(); + } + + $body = json_decode($request->getContent(), true); + RequestValidator::validateJson(); + + $filterId = md5($userId . random_bytes(512)); + + Database::getInstance()->query(<<<SQL + insert into filters (id, account_data, event_fields, event_format, presence, room, user_id) + values (:id, :account_data, :event_fields, :event_format, :presence, :room, :user_id) + SQL, [ + "id" => $filterId, + "account_data" => isset($body["account_data"]) ? json_encode($body["account_data"]) : null, + "event_fields" => isset($body["event_fields"]) ? json_encode($body["event_fields"]) : null, + "event_format" => isset($body["event_format"]) ? json_encode($body["event_format"]) : null, + "presence" => isset($body["presence"]) ? json_encode($body["presence"]) : null, + "room" => isset($body["room"]) ? json_encode($body["room"]) : null, + "user_id" => $userId, + ]); + + return new JsonResponse([ + "filter_id" => $filterId, + ]); + } + + #[Route(path: "/_matrix/client/v3/user/{userId}/{filter}/{filterId}", methods: ["GET"])] + public function getFilter(Request $request): Response + { + $user = User::authenticateWithRequest($request); + + $userId = $request->attributes->get("userId"); + $filterId = $request->attributes->get("filterId"); + + $filter = Database::getInstance() + ->query("select * from filters where id=:id and user_id=:user_id", [ + "id" => $filterId, + "user_id" => $userId, + ]) + ->fetch(); + + if (empty($filter)) { + throw new AppException( + ErrorCode::NOT_FOUND, + "Unknown filter.", + Response::HTTP_NOT_FOUND + ); + } + + return new JsonResponse([ + "account_data" => json_decode($filter["account_data"] ?? ""), + "event_fields" => json_decode($filter["event_fields"] ?? ""), + "event_format" => $filter["event_format"] ?? "", + "presence" => json_decode($filter["presence"] ?? ""), + "room" => json_decode($filter["room"] ?? ""), + ]); + } + + #[Route(path: "/_matrix/client/v3/profile/{userId}", methods: ["GET"])] + public function getProfile(Request $request): Response + { + $userId = $request->attributes->get("userId"); + + $user = Database::getInstance()->query("select * from users where id=:user_id", ["user_id" => $userId])->fetch(); + + if (empty($user)) { + throw new AppException( + ErrorCode::NOT_FOUND, + "There is no profile information for this user or this user does not exist.", + Response::HTTP_NOT_FOUND + ); + } + + return new JsonResponse(); + } + + #[Route(path: "/_matrix/client/v3/user/{userId}/account_data/{type}", methods: ["GET"])] + public function getAccountData(Request $request): Response + { + $user = User::authenticateWithRequest($request); + + $userId = $request->attributes->get("userId"); + $type = $request->attributes->get("type"); + + if ($user->getId() !== $userId) { + throw new UnauthorizedError("Cannot get account data for other users."); + } + + $value = Database::getInstance() + ->query("select value from account_data where user_id=:user_id and key=:key", [ + "user_id" => $userId, + "key" => $type, + ]) + ->fetchColumn(); + + if (empty($value)) { + throw new NotFoundError("Account data not found."); + } + + return new JsonResponse([ + $type => $value, + ]); + } + + #[Route(path: "/_matrix/client/v3/user/{userId}/account_data/{type}", methods: ["PUT"])] + public function setAccountData(Request $request): Response + { + $user = User::authenticateWithRequest($request); + $body = json_decode($request->getContent(), true); + RequestValidator::validateJson(); + + $userId = $request->attributes->get("userId"); + $type = $request->attributes->get("type"); + + if ($user->getId() !== $userId) { + throw new UnauthorizedError("Cannot add account data for other users."); + } + + Database::getInstance() + ->query( + <<<SQL + insert into account_data (key, value, user_id) values (:key, :value, :user_id) + on conflict (user_id, key) do update set + value = excluded.value + SQL, + [ + "key" => $type, + "value" => $request->getContent(), + "user_id" => $userId, + ] + ); + + return new JsonResponse(); + } +} |