class-qdr-tss-media-controller.php 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342
  1. <?php
  2. /**
  3. * Media REST API Controller for the plugin.
  4. *
  5. * This class handles REST API endpoints for media operations.
  6. *
  7. * @package QDR_Temporary_Shared_Storage
  8. * @since 1.0.0
  9. */
  10. class QDR_TSS_Media_Controller {
  11. /**
  12. * The plugin name.
  13. *
  14. * @since 1.0.0
  15. * @access private
  16. * @var string $plugin_name The name of this plugin.
  17. */
  18. private $plugin_name;
  19. /**
  20. * The plugin version.
  21. *
  22. * @since 1.0.0
  23. * @access private
  24. * @var string $version The version of this plugin.
  25. */
  26. private $version;
  27. /**
  28. * The namespace for the REST API routes.
  29. *
  30. * @since 1.0.0
  31. * @access private
  32. * @var string $namespace The namespace for the REST API routes.
  33. */
  34. private $namespace = 'qdr-tss/v1';
  35. /**
  36. * The base for the REST API routes.
  37. *
  38. * @since 1.0.0
  39. * @access private
  40. * @var string $base The base for the REST API routes.
  41. */
  42. private $base = 'media';
  43. /**
  44. * The database manager instance.
  45. *
  46. * @since 1.0.0
  47. * @access private
  48. * @var QDR_TSS_DB_Manager $db_manager The database manager instance.
  49. */
  50. private $db_manager;
  51. /**
  52. * The file manager instance.
  53. *
  54. * @since 1.0.0
  55. * @access private
  56. * @var QDR_TSS_File_Manager $file_manager The file manager instance.
  57. */
  58. private $file_manager;
  59. /**
  60. * Initialize the class and set its properties.
  61. *
  62. * @since 1.0.0
  63. * @param string $plugin_name The name of this plugin.
  64. * @param string $version The version of this plugin.
  65. */
  66. public function __construct($plugin_name, $version) {
  67. $this->plugin_name = $plugin_name;
  68. $this->version = $version;
  69. $this->db_manager = QDR_TSS_DB_Manager::instance();
  70. $this->file_manager = QDR_TSS_File_Manager::instance();
  71. }
  72. /**
  73. * Register the REST API routes.
  74. *
  75. * @since 1.0.0
  76. */
  77. public function register_routes() {
  78. register_rest_route($this->namespace, '/' . $this->base, array(
  79. array(
  80. 'methods' => WP_REST_Server::READABLE,
  81. 'callback' => array($this, 'get_items'),
  82. 'permission_callback' => array($this, 'check_permission'),
  83. ),
  84. ));
  85. register_rest_route($this->namespace, '/' . $this->base . '/(?P<id>[\w]+)', array(
  86. array(
  87. 'methods' => WP_REST_Server::READABLE,
  88. 'callback' => array($this, 'get_item'),
  89. 'permission_callback' => array($this, 'check_permission'),
  90. ),
  91. array(
  92. 'methods' => WP_REST_Server::EDITABLE,
  93. 'callback' => array($this, 'update_item'),
  94. 'permission_callback' => array($this, 'check_permission'),
  95. ),
  96. array(
  97. 'methods' => WP_REST_Server::DELETABLE,
  98. 'callback' => array($this, 'delete_item'),
  99. 'permission_callback' => array($this, 'check_permission'),
  100. ),
  101. ));
  102. }
  103. /**
  104. * Check permission for REST API requests.
  105. *
  106. * @since 1.0.0
  107. * @return bool True if authorized, false otherwise.
  108. */
  109. public function check_permission() {
  110. $rest_controller = new QDR_TSS_REST_Controller($this->plugin_name, $this->version);
  111. return $rest_controller->check_rest_permission();
  112. }
  113. /**
  114. * Get a collection of items.
  115. *
  116. * @since 1.0.0
  117. * @param WP_REST_Request $request Full details about the request.
  118. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
  119. */
  120. public function get_items($request) {
  121. $args = array(
  122. 'per_page' => isset($request['per_page']) ? (int) $request['per_page'] : 10,
  123. 'page' => isset($request['page']) ? (int) $request['page'] : 1,
  124. 'orderby' => isset($request['orderby']) ? $request['orderby'] : 'upload_date',
  125. 'order' => isset($request['order']) ? $request['order'] : 'DESC',
  126. 'original_file_name' => isset($request['original_file_name']) ? $request['original_file_name'] : '',
  127. 'reference' => isset($request['reference']) ? $request['reference'] : '',
  128. );
  129. $result = $this->db_manager->get_items($args);
  130. $response = new WP_REST_Response($result['items']);
  131. $response->header('X-WP-Total', $result['total']);
  132. $response->header('X-WP-TotalPages', $result['total_pages']);
  133. return $response;
  134. }
  135. /**
  136. * Get a single item.
  137. *
  138. * @since 1.0.0
  139. * @param WP_REST_Request $request Full details about the request.
  140. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
  141. */
  142. public function get_item($request) {
  143. $id = $request['id'];
  144. $item = $this->db_manager->get_item_by_fileid($id);
  145. if (!$item) {
  146. return new WP_Error(
  147. 'qdr_tss_not_found',
  148. __('Media not found.', 'qdr-temporary-shared-storage'),
  149. array('status' => 404)
  150. );
  151. }
  152. // Remove password from response
  153. unset($item->password);
  154. return new WP_REST_Response($item, 200);
  155. }
  156. /**
  157. * Update a single item.
  158. *
  159. * @since 1.0.0
  160. * @param WP_REST_Request $request Full details about the request.
  161. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
  162. */
  163. public function update_item($request) {
  164. $id = $request['id'];
  165. $item = $this->db_manager->get_item_by_fileid($id);
  166. if (!$item) {
  167. return new WP_Error(
  168. 'qdr_tss_not_found',
  169. __('Media not found.', 'qdr-temporary-shared-storage'),
  170. array('status' => 404)
  171. );
  172. }
  173. $data = array();
  174. // Update properties
  175. if (isset($request['message'])) {
  176. $data['message'] = sanitize_textarea_field($request['message']);
  177. }
  178. if (isset($request['active_from'])) {
  179. $data['active_from'] = sanitize_text_field($request['active_from']);
  180. }
  181. if (isset($request['active_to'])) {
  182. $data['active_to'] = sanitize_text_field($request['active_to']);
  183. }
  184. if (isset($request['reference'])) {
  185. $data['reference'] = sanitize_text_field($request['reference']);
  186. }
  187. if (isset($request['description'])) {
  188. $data['description'] = sanitize_textarea_field($request['description']);
  189. }
  190. // Validate the active period dates
  191. $validation_result = $this->validate_active_period($data);
  192. if (is_wp_error($validation_result)) {
  193. return $validation_result;
  194. }
  195. if (empty($data)) {
  196. return new WP_Error(
  197. 'qdr_tss_no_changes',
  198. __('No changes to update.', 'qdr-temporary-shared-storage'),
  199. array('status' => 400)
  200. );
  201. }
  202. $result = $this->db_manager->update_item_by_fileid($id, $data);
  203. if (!$result) {
  204. return new WP_Error(
  205. 'qdr_tss_update_failed',
  206. __('Failed to update media.', 'qdr-temporary-shared-storage'),
  207. array('status' => 500)
  208. );
  209. }
  210. $updated_item = $this->db_manager->get_item_by_fileid($id);
  211. // Remove password from response
  212. unset($updated_item->password);
  213. return new WP_REST_Response($updated_item, 200);
  214. }
  215. /**
  216. * Validate active period dates.
  217. *
  218. * @since 1.0.0
  219. * @param array $data The data array containing active_from and active_to
  220. * @return true|WP_Error True if valid, WP_Error if invalid
  221. */
  222. private function validate_active_period($data) {
  223. // If both dates are provided, validate them
  224. if (isset($data['active_from']) && isset($data['active_to'])) {
  225. $active_from = $data['active_from'];
  226. $active_to = $data['active_to'];
  227. // Skip validation if either field is empty
  228. if (empty($active_from) || empty($active_to)) {
  229. return true;
  230. }
  231. // Parse dates
  232. $from_timestamp = strtotime($active_from);
  233. $to_timestamp = strtotime($active_to);
  234. // Check if dates are valid
  235. if ($from_timestamp === false) {
  236. return new WP_Error(
  237. 'invalid_active_from',
  238. __('Invalid Active From date format.', 'qdr-temporary-shared-storage'),
  239. array('status' => 400)
  240. );
  241. }
  242. if ($to_timestamp === false) {
  243. return new WP_Error(
  244. 'invalid_active_to',
  245. __('Invalid Active To date format.', 'qdr-temporary-shared-storage'),
  246. array('status' => 400)
  247. );
  248. }
  249. // Check if active_from is greater than or equal to active_to
  250. if ($from_timestamp >= $to_timestamp) {
  251. return new WP_Error(
  252. 'invalid_active_period',
  253. __('Active From date must be before Active To date.', 'qdr-temporary-shared-storage'),
  254. array('status' => 400)
  255. );
  256. }
  257. }
  258. return true;
  259. }
  260. /**
  261. * Delete a single item.
  262. *
  263. * @since 1.0.0
  264. * @param WP_REST_Request $request Full details about the request.
  265. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
  266. */
  267. public function delete_item($request) {
  268. $id = $request['id'];
  269. $item = $this->db_manager->get_item_by_fileid($id);
  270. if (!$item) {
  271. return new WP_Error(
  272. 'qdr_tss_not_found',
  273. __('Media not found.', 'qdr-temporary-shared-storage'),
  274. array('status' => 404)
  275. );
  276. }
  277. // Delete file
  278. $this->file_manager->delete_file($item->file_path);
  279. // Delete from database
  280. $result = $this->db_manager->delete_item_by_fileid($id);
  281. if (!$result) {
  282. return new WP_Error(
  283. 'qdr_tss_delete_failed',
  284. __('Failed to delete media.', 'qdr-temporary-shared-storage'),
  285. array('status' => 500)
  286. );
  287. }
  288. return new WP_REST_Response(array(
  289. 'deleted' => true,
  290. 'fileid' => $id
  291. ), 200);
  292. }
  293. }