From c6e0e1913f889a202c80f0cee42490cd7e2339bb Mon Sep 17 00:00:00 2001
From: Skylar Ittner <admin@netsyms.com>
Date: Thu, 12 Jul 2018 02:19:06 -0600
Subject: [PATCH] Create Notifications class

---
 api.php                   | 62 ++++++++++++--------------
 lib/Notifications.lib.php | 93 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 122 insertions(+), 33 deletions(-)
 create mode 100644 lib/Notifications.lib.php

diff --git a/api.php b/api.php
index 3f5a40f..8519ba2 100644
--- a/api.php
+++ b/api.php
@@ -364,16 +364,13 @@ switch ($VARS['action']) {
             http_response_code(400);
             die("\"400 Bad Request\"");
         }
-        if ($user->exists()) {
-            $notifications = $database->select('notifications', ['notificationid (id)', 'timestamp', 'title', 'content', 'url', 'seen', 'sensitive'], ['uid' => $user->getUID()]);
-            for ($i = 0; $i < count($notifications); $i++) {
-                $notifications[$i]['id'] = $notifications[$i]['id'] * 1;
-                $notifications[$i]['seen'] = ($notifications[$i]['seen'] == "1" ? true : false);
-                $notifications[$i]['sensitive'] = ($notifications[$i]['sensitive'] == "1" ? true : false);
-            }
+        try {
+            $notifications = Notifications::get($user);
             exit(json_encode(["status" => "OK", "notifications" => $notifications]));
+        } catch (Exception $ex) {
+            exit(json_encode(["status" => "ERROR", "msg" => $ex->getMessage()]));
         }
-        exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("user does not exist", false)]));
+        break;
     case "readnotification":
         if (!empty($VARS['username'])) {
             $user = User::byUsername($VARS['username']);
@@ -383,15 +380,16 @@ switch ($VARS['action']) {
             http_response_code(400);
             die("\"400 Bad Request\"");
         }
-
-        if ($user->exists()) {
-            if ($database->has('notifications', ['AND' => ['uid' => $user->getUID(), 'notificationid' => $VARS['id']]])) {
-                $database->update('notifications', ['seen' => 1], ['AND' => ['uid' => $user->getUID(), 'notificationid' => $VARS['id']]]);
-                exit(json_encode(["status" => "OK"]));
-            }
+        if (empty($VARS['id'])) {
             exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("invalid parameters", false)]));
         }
-        exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("user does not exist", false)]));
+        try {
+            Notifications::read($user, $VARS['id']);
+            exit(json_encode(["status" => "OK"]));
+        } catch (Exception $ex) {
+            exit(json_encode(["status" => "ERROR", "msg" => $ex->getMessage()]));
+        }
+        break;
     case "addnotification":
         if (!empty($VARS['username'])) {
             $user = User::byUsername($VARS['username']);
@@ -402,11 +400,8 @@ switch ($VARS['action']) {
             die("\"400 Bad Request\"");
         }
 
-        if ($user->exists()) {
-            if (empty($VARS['title']) || empty($VARS['content'])) {
-                exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("invalid parameters", false)]));
-            }
-            $timestamp = date("Y-m-d H:i:s");
+        try {
+            $timestamp = "";
             if (!empty($VARS['timestamp'])) {
                 $timestamp = date("Y-m-d H:i:s", strtotime($VARS['timestamp']));
             }
@@ -414,14 +409,13 @@ switch ($VARS['action']) {
             if (!empty($VARS['url'])) {
                 $url = $VARS['url'];
             }
-            $sensitive = 0;
-            if (isset($VARS['sensitive'])) {
-                $sensitive = 1;
-            }
-            $database->insert('notifications', ['uid' => $user->getUID(), 'timestamp' => $timestamp, 'title' => $VARS['title'], 'content' => $VARS['content'], 'url' => $url, 'seen' => 0, 'sensitive' => $sensitive]);
-            exit(json_encode(["status" => "OK", "id" => $database->id() * 1]));
+            $nid = Notifications::add($user, $VARS['title'], $VARS['content'], $timestamp, $url, isset($VARS['sensitive']));
+
+            exit(json_encode(["status" => "OK", "id" => $nid]));
+        } catch (Exception $ex) {
+            exit(json_encode(["status" => "ERROR", "msg" => $ex->getMessage()]));
         }
-        exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("user does not exist", false)]));
+        break;
     case "deletenotification":
         if (!empty($VARS['username'])) {
             $user = User::byUsername($VARS['username']);
@@ -432,14 +426,16 @@ switch ($VARS['action']) {
             die("\"400 Bad Request\"");
         }
 
-        if ($user->exists()) {
-            if ($database->has('notifications', ['AND' => ['uid' => $user->getUID(), 'notificationid' => $VARS['id']]])) {
-                $database->delete('notifications', ['AND' => ['uid' => $user->getUID(), 'notificationid' => $VARS['id']]]);
-                exit(json_encode(["status" => "OK"]));
-            }
+        if (empty($VARS['id'])) {
             exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("invalid parameters", false)]));
         }
-        exit(json_encode(["status" => "ERROR", "msg" => $Strings->get("user does not exist", false)]));
+        try {
+            Notifications::delete($user, $VARS['id']);
+            exit(json_encode(["status" => "OK"]));
+        } catch (Exception $ex) {
+            exit(json_encode(["status" => "ERROR", "msg" => $ex->getMessage()]));
+        }
+        break;
     default:
         http_response_code(404);
         die(json_encode("404 Not Found: the requested action is not available."));
diff --git a/lib/Notifications.lib.php b/lib/Notifications.lib.php
new file mode 100644
index 0000000..5c39a83
--- /dev/null
+++ b/lib/Notifications.lib.php
@@ -0,0 +1,93 @@
+<?php
+
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+class Notifications {
+
+    /**
+     * Add a new notification.
+     * @global $database
+     * @param User $user
+     * @param string $title
+     * @param string $content
+     * @param string $timestamp If left empty, the current date and time will be used.
+     * @param string $url
+     * @param bool $sensitive If true, the notification is marked as containing sensitive content, and the $content might be hidden on lockscreens and other non-secure places.
+     * @return int The newly-created notification ID.
+     * @throws Exception
+     */
+    public static function add(User $user, string $title, string $content, string $timestamp = "", string $url = "", bool $sensitive = false): int {
+        global $database, $Strings;
+        if ($user->exists()) {
+            if (empty($title) || empty($content)) {
+                throw new Exception($Strings->get("invalid parameters", false));
+            }
+
+            $timestamp = date("Y-m-d H:i:s");
+            if (!empty($timestamp)) {
+                $timestamp = date("Y-m-d H:i:s", strtotime($timestamp));
+            }
+
+            $database->insert('notifications', ['uid' => $user->getUID(), 'timestamp' => $timestamp, 'title' => $title, 'content' => $content, 'url' => $url, 'seen' => 0, 'sensitive' => $sensitive]);
+            return $database->id() * 1;
+        }
+        throw new Exception($Strings->get("user does not exist", false));
+    }
+
+    /**
+     * Fetch all notifications for a user.
+     * @global $database
+     * @param User $user
+     * @return array
+     * @throws Exception
+     */
+    public static function get(User $user) {
+        global $database, $Strings;
+        if ($user->exists()) {
+            $notifications = $database->select('notifications', ['notificationid (id)', 'timestamp', 'title', 'content', 'url', 'seen', 'sensitive'], ['uid' => $user->getUID()]);
+            for ($i = 0; $i < count($notifications); $i++) {
+                $notifications[$i]['id'] = $notifications[$i]['id'] * 1;
+                $notifications[$i]['seen'] = ($notifications[$i]['seen'] == "1" ? true : false);
+                $notifications[$i]['sensitive'] = ($notifications[$i]['sensitive'] == "1" ? true : false);
+            }
+            return $notifications;
+        }
+        throw new Exception($Strings->get("user does not exist", false));
+    }
+
+    /**
+     * Mark the notification identified by $id as read.
+     * @global $database
+     * @global $Strings
+     * @param User $user
+     * @param int $id
+     * @throws Exception
+     */
+    public static function read(User $user, int $id) {
+        global $database, $Strings;
+        if ($user->exists()) {
+            if ($database->has('notifications', ['AND' => ['uid' => $user->getUID(), 'notificationid' => $id]])) {
+                $database->update('notifications', ['seen' => 1], ['AND' => ['uid' => $user->getUID(), 'notificationid' => $id]]);
+                return true;
+            }
+            throw new Exception($Strings->get("invalid parameters", false));
+        }
+        throw new Exception($Strings->get("user does not exist", false));
+    }
+
+    public static function delete(User $user, int $id) {
+        global $database, $Strings;
+        if ($user->exists()) {
+            if ($database->has('notifications', ['AND' => ['uid' => $user->getUID(), 'notificationid' => $id]])) {
+                $database->delete('notifications', ['AND' => ['uid' => $user->getUID(), 'notificationid' => $id]]);
+                return true;
+            }
+            throw new Exception($Strings->get("invalid parameters", false));
+        }
+        throw new Exception($Strings->get("user does not exist", false));
+    }
+}