forked from LearningLocker/learninglocker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathStatementController.php
101 lines (77 loc) · 2.23 KB
/
StatementController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php
use Locker\Repository\Statement\StatementRepository as Statement;
use Locker\Repository\Lrs\LrsRepository as Lrs;
class StatementController extends BaseController {
/**
* Statement
*/
protected $statement;
/**
* Lrs
*/
protected $lrs;
/**
* Construct
*
* @param StatementRepository $statement
*/
public function __construct( Statement $statement, Lrs $lrs ){
$this->statement = $statement;
$this->lrs = $lrs;
$this->beforeFilter('auth');
$this->beforeFilter('csrf', array('only' => 'store'));
$this->beforeFilter('@checkCanSubmit', array('only' => 'store'));
}
/**
* Show the form for creating a new resource.
*
* @return View
*/
public function create( $id ){
$lrs = $this->lrs->find( $id );
return View::make('partials.statements.create', array('lrs' => $lrs,
'statement_nav' => true));
}
/**
* Store a newly created resource in storage.
*
* This is ony used via the manual statement generator on the
* site. Look in /api/statements for incoming statements.
*
* @return Response
*/
public function store(){
$input = Input::all();
$lrs = $this->lrs->find( $input['lrs'] );
//remove lrs and _token from Input
unset( $input['lrs'] );
unset( $input['_token'] );
//add mailto to actor mbox
$input['actor']['mbox'] = 'mailto:' . $input['actor']['mbox'];
// Save the statement
$s = $this->statement->create( array($input), $lrs );
if($s){
return Redirect::back()->with('success', Lang::get('statement.added'));
}
return Redirect::back()
->withInput()
->withErrors($s->errors());
}
/**
* Can current user submit statements to this LRS?
**/
public function checkCanSubmit( $route, $request ){
$user = \Auth::user();
$lrs = $this->lrs->find( Input::get('lrs') );
$get_users = array();
if( $lrs ){
foreach( $lrs->users as $u ){
$get_users[] = $u['_id'];
}
}
//check current user is in the list of allowed users, or is super admin
if( !in_array($user->_id, $get_users) && $user->role != 'super' ){
return Redirect::to('/');
}
}
}