Ajout d'une classe pour les fichiers à télécharger, meilleur support des organisateurs d'un tournoi

2019-09-07 18:43:51 +02:00 · 2019-09-07 18:43:51 +02:00 · 44e91a1f8b
parent 8606ae7b95
commit 44e91a1f8b
5 changed files with 338 additions and 39 deletions
--- a/dispatcher.php
+++ b/dispatcher.php
@ -2,6 +2,7 @@

 require_once "server_files/config.php";

+require_once "server_files/classes/Document.php";
 require_once "server_files/classes/Role.php";
 require_once "server_files/classes/SchoolClass.php";
 require_once "server_files/classes/Team.php";
--- a/server_files/classes/Document.php
+++ b/server_files/classes/Document.php
@ -0,0 +1,282 @@
+<?php
+
+class Document
+{
+	private $file_id;
+	private $user_id;
+	private $team_id;
+	private $tournament_id;
+	private $type;
+	private $uploaded_at;
+
+	private function __construct() {}
+
+	public static function fromId($id)
+	{
+		global $DB;
+		$req = $DB->prepare("SELECT * FROM `documents` WHERE `file_id` = ?;");
+		$req->execute([htmlspecialchars($id)]);
+		$data = $req->fetch();
+
+		if ($data === false)
+			return null;
+
+		$user = new Document();
+		$user->fill($data);
+		return $user;
+	}
+
+	private function fill($data)
+	{
+		$this->file_id = $data["file_id"];
+		$this->user_id = $data["user"];
+		$this->team_id = $data["team"];
+		$this->tournament_id = $data["tournament"];
+		$this->type = DocumentType::fromName($data["type"]);
+		$this->uploaded_at = $data["uploaded_at"];
+	}
+
+	public function getFileId()
+	{
+		return $this->file_id;
+	}
+
+	public function getUserId()
+	{
+		return $this->user_id;
+	}
+
+	public function getTeamId()
+	{
+		return $this->team_id;
+	}
+
+	public function getTournamentId()
+	{
+		return $this->tournament_id;
+	}
+
+	public function getType()
+	{
+		return $this->type;
+	}
+
+	public function getUploadedAt()
+	{
+		return $this->uploaded_at;
+	}
+}
+
+class Solution
+{
+	private $file_id;
+	private $team_id;
+	private $tournament_id;
+	private $problem;
+	private $uploaded_at;
+
+	private function __construct() {}
+
+	public static function fromId($id)
+	{
+		global $DB;
+		$req = $DB->prepare("SELECT * FROM `documents` WHERE `file_id` = ?;");
+		$req->execute([htmlspecialchars($id)]);
+		$data = $req->fetch();
+
+		if ($data === false)
+			return null;
+
+		$user = new Solution();
+		$user->fill($data);
+		return $user;
+	}
+
+	private function fill($data)
+	{
+		$this->file_id = $data["file_id"];
+		$this->team_id = $data["team_id"];
+		$this->tournament_id = $data["tournament_id"];
+		$this->problem = $data["problem"];
+		$this->uploaded_at = $data["uploaded_at"];
+	}
+
+	public function getFileId()
+	{
+		return $this->file_id;
+	}
+
+	public function getTeamId()
+	{
+		return $this->team_id;
+	}
+
+	public function getTournamentId()
+	{
+		return $this->tournament_id;
+	}
+
+	public function getProblem()
+	{
+		return $this->problem;
+	}
+
+	public function getUploadedAt()
+	{
+		return $this->uploaded_at;
+	}
+}
+
+class Synthese
+{
+	private $file_id;
+	private $team_id;
+	private $tournament_id;
+	private $dest;
+	private $uploaded_at;
+
+	private function __construct() {}
+
+	public static function fromId($id)
+	{
+		global $DB;
+		$req = $DB->prepare("SELECT * FROM `documents` WHERE `file_id` = ?;");
+		$req->execute([htmlspecialchars($id)]);
+		$data = $req->fetch();
+
+		if ($data === false)
+			return null;
+
+		$user = new Synthese();
+		$user->fill($data);
+		return $user;
+	}
+
+	private function fill($data)
+	{
+		$this->file_id = $data["file_id"];
+		$this->team_id = $data["team"];
+		$this->tournament_id = $data["tournament"];
+		$this->dest = DestType::fromName($data["dest"]);
+		$this->uploaded_at = $data["uploaded_at"];
+	}
+
+	public function getFileId()
+	{
+		return $this->file_id;
+	}
+
+	public function getTeamId()
+	{
+		return $this->team_id;
+	}
+
+	public function getTournamentId()
+	{
+		return $this->tournament_id;
+	}
+
+	public function getDest()
+	{
+		return $this->dest;
+	}
+
+	public function getUploadedAt()
+	{
+		return $this->uploaded_at;
+	}
+}
+
+class DestType
+{
+	const DEFENSEUR = 0;
+	const OPPOSANT = 1;
+	const RAPPORTEUR = 2;
+
+	public static function getTranslatedName($status) {
+		switch ($status) {
+			case self::DEFENSEUR:
+				return "Défenseur";
+			case self::OPPOSANT:
+				return "Opposant";
+			default:
+				return "Rapporteur";
+		}
+	}
+
+	public static function getName($status) {
+		switch ($status) {
+			case self::DEFENSEUR:
+				return "DEFENSEUR";
+			case self::OPPOSANT:
+				return "OPPOSANT";
+			default:
+				return "RAPPORTEUR";
+		}
+	}
+
+	public static function fromName($name) {
+		switch ($name) {
+			case "DEFENSEUR":
+				return self::DEFENSEUR;
+			case "OPPOSANT":
+				return self::OPPOSANT;
+			default:
+				return self::RAPPORTEUR;
+		}
+	}
+}
+
+class DocumentType
+{
+	const PARENTAL_CONSENT = 0;
+	const PHOTO_CONSENT = 1;
+	const SANITARY_PLUG = 2;
+	const SOLUTION = 3;
+	const SYNTHESE = 4;
+
+	public static function getTranslatedName($type) {
+		switch ($type) {
+			case self::PARENTAL_CONSENT:
+				return "Autorisation parentale";
+			case self::PHOTO_CONSENT:
+				return "Autorisation de droit à l'image";
+			case self::SANITARY_PLUG:
+				return "Fiche sanitaire";
+			case self::SOLUTION:
+				return "Solution";
+			default:
+				return "Note de synthèse";
+		}
+	}
+
+	public static function getName($type) {
+		switch ($type) {
+			case self::PARENTAL_CONSENT:
+				return "PARENTAL_CONSENT";
+			case self::PHOTO_CONSENT:
+				return "PHOTO_CONSENT";
+			case self::SANITARY_PLUG:
+				return "SANITARY_PLUG";
+			case self::SOLUTION:
+				return "SOLUTION";
+			default:
+				return "SYNTHESE";
+		}
+	}
+
+	public static function fromName($name) {
+		switch ($name) {
+			case "PARENTAL_CONSENT":
+				return self::PARENTAL_CONSENT;
+			case "PHOTO_CONSENT":
+				return self::PHOTO_CONSENT;
+			case "SANITARY_PLUG":
+				return self::SANITARY_PLUG;
+			case "SOLUTION":
+				return self::SOLUTION;
+			default:
+				return self::SYNTHESE;
+		}
+	}
+}
--- a/server_files/classes/Tournament.php
+++ b/server_files/classes/Tournament.php
@ -13,6 +13,7 @@ class Tournament
    private $date_solutions;
    private $date_syntheses;
    private $final;
+    private $organizers = [];
    private $year;

    private function __construct() {}
@ -76,6 +77,13 @@ class Tournament
 		$this->date_syntheses = $data["date_syntheses"];
 		$this->final = $data["final"] == true;
 		$this->year = $data["year"];
+
+		global $DB;
+		$req = $DB->prepare("SELECT `organizer` FROM `organizers` WHERE `tournament` = ?;");
+		$req->execute([$this->id]);
+
+		while (($data = $req->fetch()) !== false)
+			$this->organizers[] = User::fromId($data["organizer"]);
 	}

 	public function getId()
@ -215,6 +223,21 @@ class Tournament
 		$DB->prepare("UPDATE `tournaments` SET `final` = ? WHERE `id` = ?;")->execute([$final, $this->id]);
 	}

+	public function getOrganizers()
+	{
+		return $this->organizers;
+	}
+
+	public function organize($user_id)
+	{
+		foreach ($this->organizers as $organizer) {
+			if ($organizer->getId() == $user_id)
+				return true;
+		}
+
+		return false;
+	}
+
 	public function getYear()
 	{
 		return $this->year;
--- a/server_files/controllers/tournoi.php
+++ b/server_files/controllers/tournoi.php
@ -3,19 +3,12 @@
 $tournament_name = htmlspecialchars($_GET["name"]);

 $tournament = Tournament::fromName($tournament_name);
+$orgas = $tournament->getOrganizers();

 if ($tournament === null)
 	require_once "server_files/404.php";

-$orgas_req = $DB->query("SELECT `users`.`id` AS `id` FROM `users` JOIN `organizers` ON `users`.`id` = `organizer` WHERE `tournament` = " . $tournament->getId() . ";");
-$orgas = [];
-$orgas_id = [];
-while (($orga_data = $orgas_req->fetch()) !== false) {
-    $orgas[] = User::fromId($orga_data["id"]);
-    $orgas_id[] = $orga_data["id"];
-}
-
-if (isset($_GET["modifier"]) && $_SESSION["role"] != Role::ADMIN && !in_array($_SESSION["user_id"], $orgas_id))
+if (isset($_GET["modifier"]) && $_SESSION["role"] != Role::ADMIN && !$tournament->organize($_SESSION["user_id"]))
    require_once "server_files/403.php";

 if (isset($_POST["edit_tournament"])) {
--- a/server_files/controllers/view_file.php
+++ b/server_files/controllers/view_file.php
@ -9,58 +9,58 @@ if (!isset($_SESSION["user_id"]))
 	require_once "server_files/403.php";

 $id = htmlspecialchars($_GET["file_id"]);
-$type = "SOLUTION";

-$req = $DB->query("SELECT * FROM `solutions` WHERE `file_id` = '$id';");
-if (($data = $req->fetch()) === false) {
-	$req = $DB->query("SELECT * FROM `syntheses` WHERE `file_id` = '$id';");
-	$type = "SYNTHESE";
+$type = DocumentType::SOLUTION;
+$file = Solution::fromId($id);
+if ($file === null) {
+	$type = DocumentType::SYNTHESE;
+	$file = Synthese::fromId($id);

-	if (($data = $req->fetch()) === false) {
-		$req = $DB->query("SELECT * FROM `documents` WHERE `file_id` = '$id';");
-		$type = "DOCUMENT";
-		$data = $req->fetch();
+	if ($file === null) {
+		$file = Document::fromId($id);
+		$type = DocumentType::PARENTAL_CONSENT;
 	}
 }

-if ($data !== false) {
-	$team = Team::fromId($data["team"]);
-	$tournament = Tournament::fromId($data["tournament"]);
+if ($file !== null) {
+	$team = Team::fromId($file->getTeamId());
+	$tournament = Tournament::fromId($file->getTournamentId());
 	$trigram = $team->getTrigram();
-	if ($type == "SOLUTION") {
-		$problem = $data["problem"];
+
+	if ($_SESSION["role"] == Role::ORGANIZER && !$tournament->organize($_SESSION["user_id"]))
+		require_once "server_files/403.php";
+
+	if ($type == DocumentType::SOLUTION) {
+		$problem = $file->getProblem();
 		$name = "Problème $problem $trigram.pdf";

 		if (($_SESSION["role"] == Role::PARTICIPANT || $_SESSION["role"] == Role::ENCADRANT) && (!isset($_SESSION["team"]) || $_SESSION["team"]->getId() != $team->getId()))
 			require_once "server_files/403.php";
-
-		// TODO Seuls les organisateurs concernés doivent pouvoir télécharger les fichiers
 	}
 	else if ($type == "SYNTHESE") {
-		$dest = $data["dest"];
-		$name = "Note de synthèse $trigram pour " . ($dest == "OPPOSANT" ? "l'opposant" : "le rapporteur") . ".pdf";
+		$dest = $file->getDest();
+		$name = "Note de synthèse $trigram pour " . ($dest == DestType::OPPOSANT ? "l'opposant" : "le rapporteur") . ".pdf";

-		// TODO Seuls les organisateurs, défenseurs, opposants et rapporteurs doivent pouvoir télécharger les fichiers
-	}
-	else if ($type == "DOCUMENT") {
-		$user_id = $data["user"];
-		$user = User::fromId($user_id);
-
-		if (($_SESSION["role"] == Role::PARTICIPANT || $_SESSION["role"] == Role::ENCADRANT) && $user_id != $_SESSION["user_id"])
+		if (($_SESSION["role"] == Role::PARTICIPANT || $_SESSION["role"] == Role::ENCADRANT) && (!isset($_SESSION["team"]) || $_SESSION["team"]->getId() != $team->getId()))
 			require_once "server_files/403.php";
+	}
+	else {
+		$user = User::fromId($file->getUserId());
+		$type = $file->getType();

-		// TODO Seuls les organisateurs concernés doivent pouvoir télécharger les fichiers
+		if (($_SESSION["role"] == Role::PARTICIPANT || $_SESSION["role"] == Role::ENCADRANT) && $user->getId() != $_SESSION["user_id"])
+			require_once "server_files/403.php";

 		$surname = $user->getSurname();
 		$first_name = $user->getFirstName();
-		switch ($data["type"]) {
-			case "PARENTAL_CONSENT":
+		switch ($type) {
+			case DocumentType::PARENTAL_CONSENT:
 				$name = "Autorisation parentale";
 				break;
-			case "PHOTO_CONSENT":
+			case DocumentType::PHOTO_CONSENT:
 				$name = "Autorisation de droit à l'image";
 				break;
-			case "SANITARY_PLUG":
+			case DocumentType::SANITARY_PLUG:
 				$name = "Fiche sanitaire";
 				break;
 		}