1 files changed, 26 insertions, 1 deletions

diff --git a/src/Controllers/UserController.php b/src/Controllers/UserController.php
index a056e1d..d102160 100755
--- a/src/Controllers/UserController.php
+++ b/src/Controllers/UserController.php
@@ -2,8 +2,10 @@
 
 namespace App\Controllers;
 
+use App\Database;
 use App\Errors\UnauthorizedError;
 use App\Models\User;
+use App\Support\RequestValidator;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\JsonResponse;
@@ -25,8 +27,31 @@ class UserController
       throw new UnauthorizedError();
     }
 
+    $userId = $request->get("userId");
+    if ($user->getId() !== $userId) {
+      throw new UnauthorizedError();
+    }
+
+    $body = json_decode($request->getContent(), true);
+    RequestValidator::validateJson();
+
+    $filterId = md5($userId . random_bytes(512));
+
+    Database::getInstance()->query(<<<SQL
+      insert into filters (id, account_data, event_fields, event_format, presence, room, user_id)
+      values (:id, :account_data, :event_fields, :event_format, :presence, :room, :user_id)
+    SQL, [
+      "id" => $filterId,
+      "account_data" => isset($body["account_data"]) ? json_encode($body["account_data"]) : null,
+      "event_fields" => isset($body["event_fields"]) ? json_encode($body["event_fields"]) : null,
+      "event_format" => isset($body["event_format"]) ? json_encode($body["event_format"]) : null,
+      "presence" => isset($body["presence"]) ? json_encode($body["presence"]) : null,
+      "room" => isset($body["room"]) ? json_encode($body["room"]) : null,
+      "user_id" => $userId,
+    ]);
+
     return new JsonResponse([
-      "filter_id" => "1234",
+      "filter_id" => $filterId,
     ]);
   }
 }