UserController.class.php

<?php
    include_once __ROOT_DIR . '/libs/php-jwt/src/BeforeValidException.php';
    include_once __ROOT_DIR . '/libs/php-jwt/src/ExpiredException.php';
    include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php';
    include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php';
    use \Firebase\JWT\JWT;

    class UserController extends Controller {
        public function __construct($name, $request) {
            parent::__construct($name, $request);
        }

        // ==============
        // Actions
        // ==============
        public function processRequest() {
            switch ($this->request->getHttpMethod()) {
                case 'POST':
                    $post = json_decode(file_get_contents("php://input"));
                    return $this->createUser($post);
                break;
                case 'GET':
                    if (empty($this->request->getUriParameters()))
                        return $this->getAllUsers();
                    else 
                        return $this->getUserById($this->request->getUriParameters()[0]);
                break;
                case 'PUT':
                    $put = json_decode(file_get_contents("php://input"));
                    $id = $this->request->getUriParameters()[0];
                    return $this->updateUser($put, $id);
                break;
                case 'DELETE':
                    $id = $this->request->getUriParameters()[0];
                    return $this->deleteUser($id);
                break;
            }
            return Response::errorResponse("unsupported parameters or method in users");
        }

        protected function createUser($post) {
            if (isset($post->firstname)
                && isset($post->lastname)
                && isset($post->login)
                && isset($post->email)
                && isset($post->password)
                && isset($post->role)) {

                User::create($post);
                $response = Response::okResponse("Utilisateur ajouté");
            }
            else {
                $response = Response::errorInParametersResponse("Mauvais paramètres");
            }  

            return $response;
        }

        protected function getAllUsers() {
            $users = User::getList();

            if (!empty($users))
                $response = Response::okResponse(json_encode($users));
            else
                $response = Response::notFoundResponse("Aucun utilisateur trouvé");

            return $response;
        }

        protected function getUserById($id) {
            $user = User::getWithId($id);

            if (!empty($user))
                $response = Response::okResponse(json_encode($user));
            else
                $response = Response::notFoundResponse("Aucun utilisateur trouvé");

            return $response;
        }

        protected function updateUser($put, $id) {
            $user = User::getWithId($id);

            if (isset($put->email)) {
                if (!empty($user)) {
                    $jwt_token = $this->request->getJwtToken();
                    $jwt = JWT::decode($jwt_token, JWT_BACKEND_KEY, array('HS256'));
                
                    if ($jwt->data->id == $id) {
                        User::update($put, $id);
                        $response = Response::okResponse("Utilisateur modifié");
                        return $response;
                    }
                    else {
                        return Response::unauthorizedResponse("Modification non autorisée");
                    }
                }
                else {
                    return Response::notFoundResponse("Aucun utilisateur trouvé");
                }
            }
            else {
                return Response::errorInParametersResponse("Mauvais paramètres");
            }  
        }

        protected function deleteUser($id) {
            $user = User::getWithId($id);

            if (!empty($user)) {
                User::delete($id);
                $response = Response::okResponse("Utilisateur supprimé");
            }
            else {
                $response = Response::notFoundResponse("Aucun utilisateur trouvé");
            }  

            return $response;
        }
    }
?>