rgutierrez/resq
1
0
Fork 0
Code Issues 126 Pull requests 49 Projects Releases 4 Packages Wiki Activity Actions

Add comments for the Generator and Voter classes in the auth bundle. Add support for add, update, and delete API Role. #194

Browse source
This commit is contained in:
Korina Cordero 2019-05-09 04:24:05 +00:00
parent 2bd703fc5c
commit b8ab5bb3c0
4 changed files with 352 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
catalyst/auth-bundle/Service/Generator.php
View file

@ -9,9 +9,10 @@ use Symfony\Component\Config\Resource\FileResource;
use Symfony\Component\Routing\RouterInterface; use Symfony\Component\Routing\RouterInterface;
// NOTES: This class is inherited by the API Bundle and the main site
abstract class Generator abstract class Generator
{ {
// TODO: make api_acl and acl yaml generator have its own bundle
protected $router; protected $router;
protected $cache_dir; protected $cache_dir;
protected $config_dir; protected $config_dir;
@ -44,14 +45,14 @@ abstract class Generator
try try
{ {
// get location of api_acl.yaml // get location of the yaml file with the acls
// $path = $this->config_dir . '/api_acl.yaml'; // $path = $this->config_dir . '/<acl yaml filename>';
$path = $this->config_dir . '/' . $this->acl_file; $path = $this->config_dir . '/' . $this->acl_file;
$files[] = $path; $files[] = $path;
$resources[] = new FileResource($path); $resources[] = new FileResource($path);
// process api acl config file // process acl config file
$data = $this->parseACL($path, $key); $data = $this->parseACL($path, $key);
} }
catch (\InvalidArgumentException $e) catch (\InvalidArgumentException $e)

2
catalyst/auth-bundle/Service/Voter.php
View file

@ -5,6 +5,8 @@ namespace Catalyst\AuthBundle\Service;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter as BaseVoter; use Symfony\Component\Security\Core\Authorization\Voter\Voter as BaseVoter;
// NOTES: This class is inherited by the API Bundle and the main site
abstract class Voter extends BaseVoter abstract class Voter extends BaseVoter
{ {
protected $acl_gen; protected $acl_gen;

187
src/Controller/APIRoleController.php
View file

@ -5,6 +5,7 @@ namespace App\Controller;
use App\Ramcar\BaseController; use App\Ramcar\BaseController;
use Catalyst\APIBundle\Entity\Role as APIRole; use Catalyst\APIBundle\Entity\Role as APIRole;
use Catalyst\APIBundle\Access\Generator as APIACLGenerator;
use Doctrine\ORM\Query; use Doctrine\ORM\Query;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
@ -17,10 +18,12 @@ use App\Access\Generator as ACLGenerator;
class APIRoleController extends BaseController class APIRoleController extends BaseController
{ {
protected $acl_gen; protected $acl_gen;
protected $api_acl_gen;
public function __construct(MenuGenerator $menu_gen, ACLGenerator $acl_gen) public function __construct(MenuGenerator $menu_gen, ACLGenerator $acl_gen, APIACLGenerator $api_acl_gen)
{ {
$this->acl_gen = $acl_gen; $this->acl_gen = $acl_gen;
$this->api_acl_gen = $api_acl_gen;
parent::__construct($menu_gen); parent::__construct($menu_gen);
} }
@ -127,12 +130,185 @@ class APIRoleController extends BaseController
]); ]);
} }
public function addForm()
{
$this->denyAccessUnlessGranted('apirole.add', null, 'No access.');
protected function padACLHierarchy(&$params) $params = $this->initParameters('apirole_list');
$this->padAPIACLHierarchy($params);
$params['obj'] = new APIRole();
$params['mode'] = 'create';
// response
return $this->render('api-role/form.html.twig', $params);
}
public function addSubmit(Request $req, ValidatorInterface $validator)
{
$this->denyAccessUnlessGranted('apirole.add', null, 'No access.');
// create new row
$em = $this->getDoctrine()->getManager();
$row = new APIRole();
// set and save values
$row->setID($req->request->get('id'))
->setName($req->request->get('name'));
// acl attributes
$acl_attribs = $req->request->get('acl');
if (!empty($acl_attribs))
{
foreach ($acl_attribs as $acl_key)
{
$row->addACLAccess($acl_key);
}
}
// validate
$errors = $validator->validate($row);
// initialize error list
$error_array = [];
// add errors to list
foreach ($errors as $error) {
$error_array[$error->getPropertyPath()] = $error->getMessage();
}
// check if any errors were found
if (!empty($error_array)) {
// return validation failure response
return $this->json([
'success' => false,
'errors' => $error_array
], 422);
} else {
// validated! save the entity
$em->persist($row);
$em->flush();
// return successful response
return $this->json([
'success' => 'Changes have been saved!'
]);
}
}
public function updateForm($id)
{
$this->denyAccessUnlessGranted('apirole.update', null, 'No access.');
$params = $this->initParameters('api_role_list');
$this->padAPIACLHierarchy($params);
$params['mode'] = 'update';
// get row data
$em = $this->getDoctrine()->getManager();
$row = $em->getRepository(APIRole::class)->find($id);
// make sure this row exists
if (empty($row))
throw $this->createNotFoundException('The item does not exist');
$params['obj'] = $row;
// response
return $this->render('api-role/form.html.twig', $params);
}
public function updateSubmit(Request $req, ValidatorInterface $validator, $id)
{
$this->denyAccessUnlessGranted('apirole.update', null, 'No access.');
// get row data
$em = $this->getDoctrine()->getManager();
$row = $em->getRepository(APIRole::class)->find($id);
// make sure this row exists
if (empty($row))
throw $this->createNotFoundException('The item does not exist');
// set and save values
$row->setID($req->request->get('id'))
->setName($req->request->get('name'));
// don't update acl attributes for super user since they don't need it
if (!$row->isSuperAdmin())
{
// clear first
$row->clearACLAttributes();
// then add
$acl_attribs = $req->request->get('acl');
if (!empty($acl_attribs))
{
foreach ($acl_attribs as $acl_key)
{
$row->addACLAccess($acl_key);
}
}
}
// validate
$errors = $validator->validate($row);
// initialize error list
$error_array = [];
// add errors to list
foreach ($errors as $error) {
$error_array[$error->getPropertyPath()] = $error->getMessage();
}
// check if any errors were found
if (!empty($error_array)) {
// return validation failure response
return $this->json([
'success' => false,
'errors' => $error_array
], 422);
} else {
// validated! save the entity
$em->flush();
// return successful response
return $this->json([
'success' => 'Changes have been saved!'
]);
}
}
public function destroy($id)
{
$this->denyAccessUnlessGranted('apirole.delete', null, 'No access.');
$params = $this->initParameters('apirole_list');
// get row data
$em = $this->getDoctrine()->getManager();
$row = $em->getRepository(APIRole::class)->find($id);
if (empty($row))
throw $this->createNotFoundException('The item does not exist');
// delete this row
$em->remove($row);
$em->flush();
// response
$response = new Response();
$response->setStatusCode(Response::HTTP_OK);
$response->send();
}
protected function padAPIACLHierarchy(&$params)
{ {
// get acl keys hierarchy // get acl keys hierarchy
$acl_data = $this->acl_gen->getACL(); $api_acl_data = $this->api_acl_gen->getACL();
$params['acl_hierarchy'] = $acl_data['hierarchy']; $params['api_acl_hierarchy'] = $api_acl_data['hierarchy'];
} }
// check if datatable filter is present and append to query // check if datatable filter is present and append to query
@ -145,7 +321,4 @@ class APIRoleController extends BaseController
->setParameter('filter', '%' . $datatable['query']['data-rows-search'] . '%'); ->setParameter('filter', '%' . $datatable['query']['data-rows-search'] . '%');
} }
} }
} }

165
templates/api-role/form.html.twig Normal file
View file

@ -0,0 +1,165 @@
{% extends 'base.html.twig' %}
{% block body %}
<!-- BEGIN: Subheader -->
<div class="m-subheader">
<div class="d-flex align-items-center">
<div class="mr-auto">
<h3 class="m-subheader__title">API Roles</h3>
</div>
</div>
</div>
<!-- END: Subheader -->
<div class="m-content">
<!--Begin::Section-->
<div class="row">
<div class="col-xl-8">
<div class="m-portlet m-portlet--mobile">
<div class="m-portlet__head">
<div class="m-portlet__head-caption">
<div class="m-portlet__head-title">
<span class="m-portlet__head-icon">
<i class="la la-key"></i>
</span>
<h3 class="m-portlet__head-text">
{% if mode == 'update' %}
Edit API Role
<small>{{ obj.getID() }}</small>
{% else %}
New API Role
{% endif %}
</h3>
</div>
</div>
</div>
<form id="row-form" class="m-form m-form--fit m-form--label-align-right m-form--group-seperator-dashed" method="post" action="{{ mode == 'update' ? url('api_role_update_submit', {'id': obj.getID()}) : url('api_role_create_submit') }}">
<div class="m-portlet__body">
<div class="form-group m-form__group row no-border">
<label class="col-lg-3 col-form-label" data-field="id">
API Role ID:
</label>
<div class="col-lg-9">
<input type="text" name="id" class="form-control m-input" value="{{ obj.getID() }}">
<div class="form-control-feedback hide" data-field="id"></div>
<span class="m-form__help">Unique identifier for this role</span>
</div>
</div>
<div class="form-group m-form__group row">
<label class="col-lg-3 col-form-label" data-field="name">
Name:
</label>
<div class="col-lg-9">
<input type="text" name="name" class="form-control m-input" value="{{ obj.getName() }}">
<div class="form-control-feedback hide" data-field="name"></div>
<span class="m-form__help">Display name for this role</span>
</div>
</div>
<div class="form-group m-form__group row">
<label class="col-lg-3 col-form-label" data-field="acl">
Access Levels:
</label>
<div class="col-lg-9">
<div class="m-checkbox-list">
{% for api_acl_layer in api_acl_hierarchy %}
<b>{{ api_acl_layer.label }}</b><br>
{% for key, label in api_acl_layer.acls %}
<label class="m-checkbox">
<input type="checkbox" name="acl[]" value="{{ key }}" {{ obj.hasACLAccess(key) ? 'checked' : '' }}>
{{ label }}
<span></span>
</label>
{% endfor %}
<br>
{% endfor %}
</div>
</div>
</div>
</div>
<div class="m-portlet__foot m-portlet__foot--fit">
<div class="m-form__actions m-form__actions--solid m-form__actions--right">
<div class="row">
<div class="col-lg-12">
<button type="submit" class="btn btn-success">Submit</button>
<a href="{{ url('api_role_list') }}" class="btn btn-secondary">Back</a>
</div>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
{% endblock %}
{% block scripts %}
<script>
$(function() {
$("#row-form").submit(function(e) {
var form = $(this);
e.preventDefault();
$.ajax({
method: "POST",
url: form.prop('action'),
data: form.serialize()
}).done(function(response) {
// remove all error classes
removeErrors();
swal({
title: 'Done!',
text: 'Your changes have been saved!',
type: 'success',
onClose: function() {
window.location.href = "{{ url('api_role_list') }}";
}
});
}).fail(function(response) {
if (response.status == 422) {
var errors = response.responseJSON.errors;
var firstfield = false;
// remove all error classes first
removeErrors();
// display errors contextually
$.each(errors, function(field, msg) {
var formfield = $("[name='" + field + "']");
var label = $("label[data-field='" + field + "']");
var msgbox = $(".form-control-feedback[data-field='" + field + "']");
// add error classes to bad fields
formfield.addClass('form-control-danger');
label.addClass('has-danger');
msgbox.html(msg).addClass('has-danger').removeClass('hide');
// check if this field comes first in DOM
var domfield = formfield.get(0);
if (!firstfield || (firstfield && firstfield.compareDocumentPosition(domfield) === 2)) {
firstfield = domfield;
}
});
// focus on first bad field
firstfield.focus();
// scroll to above that field to make it visible
$('html, body').animate({
scrollTop: $(firstfield).offset().top - 200
}, 100);
}
});
});
// remove all error classes
function removeErrors() {
$(".form-control-danger").removeClass('form-control-danger');
$("[data-field]").removeClass('has-danger');
$(".form-control-feedback[data-field]").addClass('hide');
}
});
</script>
{% endblock %}