added request object, added url function that does all the security checks, improved controller object

2 files changed, 137 insertions, 28 deletions

diff --git a/controllers/controller.php b/controllers/controller.php
index 032cb45ee..e1cf3e866 100644
--- a/controllers/controller.php
+++ b/controllers/controller.php
@@ -10,18 +10,38 @@
 *
 */
 
+
+/*
+
+Usage
+
+MyController extends Controller {
+    
+    public function __construct($request=null, $userLoggedInCheck=true, $csrfCheck=true){
+        super($request, $userLoggedInCheck, $csrfCheck);
+    }
+
+    public function myRoute(){
+    
+    }
+
+}
+
+
+*/
+
+
 namespace OCA\News;
 
 class Controller {
 
-    protected $userId;
     protected $trans;
 
-
     public function __construct(){
-        $this->userId = \OCP\USER::getUser();
         $this->trans = \OC_L10N::get('news');
         $this->safeParams = array();
+
+
     }
 
 
@@ -65,36 +85,121 @@ class Controller {
 
 
     /**
+     * Renders a renderer and sets the csrf check and logged in check to true
+     * @param Renderer $renderer: the render which should be used to render the page
+     */
+    protected function render(Renderer $renderer){
+        $renderer->bind('userId', $this->request->userId);
+        $renderer->render();
+        $this->csrfCheck = true;
+        $this->userLoggedInCheck = true;
+    }
+
+
+    /**
      * Binds variables to the template and prints it
-     * The following values are always assigned: userId, trans
+     * @param $templateName the name of the template
      * @param $arguments an array with arguments in $templateVar => $content
-     * @param $template the name of the template
      * @param $safeParams template parameters which should not be escaped
      * @param $fullPage if true, it will render a full page, otherwise only a part
      *                  defaults to true
      */
-    protected function render($template, $arguments=array(), $safeParams=array(),
-                              $fullPage=true){
+    protected function renderTemplate($templateName, $arguments=array(), 
+                                      $safeParams=array(), $fullPage=true){
+        $renderer = new TemplateRenderer($templateName, $fullPage);
+        $renderer->bindSafe($safeParams);
+        $this->render($renderer);
+    }
+
+    /**
+     * Binds variables to a JSON array and prints it
+     * @param $arguments an array with arguments in $key => $value
+     * @param $error: Empty by default. If set, a log message written and the
+     *                $error will be sent to the client
+     */
+    protected function renderJSON($arguments=array(), $error=""){
+        $renderer = new JSONRenderer($error);
+        $this->render($renderer);
+    }
+
+
+}
+
+
 
+
+
+
+interface Renderer {
+    public function render();
+    public function bind($params);
+}
+
+
+
+class TemplateRenderer implements Renderer {
+
+    private $safeParams = array();
+
+    public function __construct($name, $fullPage=true){
         if($fullPage){
-            $template = new \OCP\Template('news', $template, 'user');
+            $this->template = new \OCP\Template('news', $template, 'user');
         } else {
-            $template = new \OCP\Template('news', $template);
+            $this->template = new \OCP\Template('news', $template);
         }
+    }
+
+    public function bindSafe($params){
+        $this->safeParams = $params;
+    }
 
-        foreach($arguments as $key => $value){
-            if(array_key_exists($key, $safeParams)) {
-                $template->assign($key, $value, false);
+
+    public function bind($params){
+        foreach($params as $key => $value){
+            if(array_key_exists($key, $this->safeParams)) {
+                $this->template->assign($key, $value, false);
             } else {
-                $template->assign($key, $value);
+                $this->template->assign($key, $value);
             }
-
         }
+    }
 
-        $template->assign('userId', $this->userId);
-        $template->assign('trans', $this->trans);
-        $template->printPage();
+
+    public function render(){
+        $this->template->printPage();
     }
 
 
 }
+
+
+class JSONRenderer implements Renderer {
+
+    private $params;
+
+    public function __construct($error){
+        $this->error = $error;
+    }
+
+
+    public function bind($params){
+        $this->params = $params;
+    }
+
+
+    public function render(){
+        if($this->error === ""){
+            OCP\JSON::success($this->params);        
+        } else {
+            OCP\JSON::error(array(
+                                'data' => array('message' => $l->t('An error occured: ') . $error)
+                            )
+            );
+            OCP\Util::writeLog('news',$_SERVER['REQUEST_URI'] . 'Error: '. $error, OCP\Util::ERROR);
+            exit();
+        }
+        
+    }
+
+    
+}
\ No newline at end of file
diff --git a/controllers/news.controller.php b/controllers/news.controller.php
index be3cdbf08..3a77d5f7e 100644
--- a/controllers/news.controller.php
+++ b/controllers/news.controller.php
@@ -12,23 +12,27 @@
 
 namespace OCA\News;
 
+require_once \OC_App::getAppPath('news') . '/controllers/controller.php';
+
+
 class NewsController extends Controller {
 
     /**
      * Decides wether to show the feedpage or the firstrun page
      */
-    public function index(){
+    public function index($request){
+        echo "hi";
         $feedMapper = new FeedMapper($this->userId);
 
         if($feedMapper->feedCount() > 0){
-            $this->feedPage();
+            $this->feedPage($request);
         } else {
-            $this->firstRun();
+            $this->firstRun($request);
         }
     }
 
 
-    public function firstRun(){
+    public function firstRun($request){
         $this->addScript('news');
         $this->addScript('firstrun');
         $this->addStyle('firstrun');
@@ -36,7 +40,7 @@ class NewsController extends Controller {
     }
 
 
-    public function feedPage(){
+    public function feedPage($request){
         $this->addScript('main');
         $this->addScript('news');
         $this->addScript('menu');
@@ -51,10 +55,10 @@ class NewsController extends Controller {
         $itemMapper = new ItemMapper($this->userId);
 
         // if no feed id is passed as parameter, then show the last viewed feed on reload
-        $lastViewedFeedId = isset( $_GET['feedid'] ) ? $_GET['feedid'] : (int)$this->getUserValue('lastViewedFeed');
-        $lastViewedFeedType = isset( $_GET['feedid'] ) ? FeedType::FEED : (int)$this->getUserValue('lastViewedFeedType');
+        $lastViewedFeedId = isset( $request->get['feedid'] ) ? $request->get['feedid'] : (int)$this->getUserValue('lastViewedFeed');
+        $lastViewedFeedType = isset( $request->get['feedid'] ) ? FeedType::FEED : (int)$this->getUserValue('lastViewedFeedType');
         
-	$showAll = $this->getUserValue('showAll');
+        $showAll = $this->getUserValue('showAll');
 
         if( $lastViewedFeedId === null || $lastViewedFeedType === null) {
             $lastViewedFeedId = $feedMapper->mostRecent();
@@ -87,7 +91,7 @@ class NewsController extends Controller {
             'items' => $items
         );
 
-        $this->render('main', $params, array('items' => true));
+        $this->renderTemplate('main', $params, array('items' => true));
     }
 
 
@@ -98,7 +102,7 @@ class NewsController extends Controller {
      * @param $showAll if true, it will also include unread items
      * @return an array with all items
      */
-    public function getItems($feedType, $feedId, $showAll){
+    private function getItems($feedType, $feedId, $showAll){
         $items = array();
         $itemMapper = new ItemMapper($this->userId);
 
@@ -148,7 +152,7 @@ class NewsController extends Controller {
      * @param $feedId the id of the feed or folder
      * @return the unread count
      */
-    public function getItemUnreadCount($feedType, $feedId){
+    private function getItemUnreadCount($feedType, $feedId){
         $unreadCount = 0;
         $itemMapper = new ItemMapper($this->userId);