/
UserCourse.php
122 lines (111 loc) · 3.31 KB
/
UserCourse.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<?php
use Luracast\Restler\RestException;
class UserCourse
{
/**
* @smart-auto-routing false
*/
/**
* @url GET availablecourse/{userId}
*/
protected function getAvailableCourse($userId)
{
if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
$statement = '
SELECT C.*
FROM view_course_summary AS C
WHERE C.status = :status
AND NOT EXISTS (SELECT 1
FROM user_course AS UC
WHERE UC.courseId = C.courseId
AND UC.userId = :userId
)
';
$bind = array('status' => 'active', 'userId' => $userId);
return \Db::getResult($statement, $bind);
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url GET allusercourse
*/
protected function getAllUserCourse()
{
if (\TTO::getRole() == 'admin') {
$statement = '
SELECT UC.*, C.*, U.nickname
FROM user_course AS UC
INNER JOIN course AS C
ON UC.courseId = C.courseId
INNER JOIN user AS U
ON UC.userId = U.userId
';
return \Db::getResult($statement);
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url GET usercourselist/{userId}
*/
protected function getUserCourseList($userId)
{
if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
$statement = '
SELECT *
FROM user_course AS UC
INNER JOIN course AS C
ON UC.courseId = C.courseId
WHERE UC.userId = :userId
';
$bind = array('userId' => $userId);
return \Db::getResult($statement, $bind);
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url POST addusercourse/{userId}
*/
protected function postAddUserCourse($userId, $courseId)
{
if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
$statement = 'SELECT coin FROM user WHERE userId = :userId';
$bind = array('userId' => $userId);
$userCoin = \Db::getValue($statement, $bind);
$statement = 'SELECT coin FROM course WHERE courseId = :courseId';
$bind = array('courseId' => $courseId);
$courseCoin = \Db::getValue($statement, $bind);
if ($userCoin < $courseCoin) {
throw new RestException(500, 'Coin is not enough !!!');
}
$statement = '
INSERT INTO user_course (userId, courseId, coin)
VALUES (:userId, :courseId, :courseCoin)
';
$bind = array(
'userId' => $userId,
'courseId' => $courseId,
'courseCoin' => $courseCoin
);
\TTOMail::createAndSendAdmin('A user adding a course', json_encode($bind));
$row_insert = \Db::execute($statement, $bind);
if ($row_insert > 0) {
$statement = 'UPDATE user SET coin = coin - :courseCoin WHERE userId = :userId';
$bind = array('userId' => $userId, 'courseCoin' => $courseCoin);
$row_update = \Db::execute($statement, $bind);
if ($row_update > 0) {
$response = new \stdClass();
$response->row_insert = $row_insert;
$response->row_update = $row_update;
return $response;
}
} else {
throw new RestException(500, 'Add a new course error !!!');
}
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
}