From 6a68967f81a45dcd564eeaeac589cb4f4a67b70b Mon Sep 17 00:00:00 2001 From: drigato Date: Thu, 13 Mar 2014 17:00:15 -0400 Subject: [PATCH] CC-5734: RESTful API media ownership --- .../rest/controllers/MediaController.php | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/airtime_mvc/application/modules/rest/controllers/MediaController.php b/airtime_mvc/application/modules/rest/controllers/MediaController.php index dd5f11da1..011f2eeff 100644 --- a/airtime_mvc/application/modules/rest/controllers/MediaController.php +++ b/airtime_mvc/application/modules/rest/controllers/MediaController.php @@ -69,6 +69,7 @@ class Rest_MediaController extends Zend_Rest_Controller //TODO: Strip or sanitize the JSON output $file = new CcFiles(); $file->fromArray($this->getRequest()->getPost()); + $file->setDbOwnerId($this->getOwnerId()); $file->save(); $callbackUrl = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->getRequest()->getRequestUri() . "/" . $file->getPrimaryKey(); @@ -200,5 +201,28 @@ class Rest_MediaController extends Zend_Rest_Controller $finalDestinationDir, $callbackUrl, $apiKey); } + + private function getOwnerId() + { + try { + if ($this->verifySession()) { + $service_user = new Application_Service_UserService(); + return $service_user->getCurrentUser()->getDbId(); + } else { + $defaultOwner = CcSubjsQuery::create() + ->filterByDbType('A') + ->orderByDbId() + ->findOne(); + if (!$defaultOwner) { + // what to do if there is no admin user? + // should we handle this case? + return null; + } + return $defaultOwner->getDbId(); + } + } catch(Exception $e) { + Logging::info($e->getMessage()); + } + } }