diff --git a/config/api_acl.yaml b/config/api_acl.yaml index bae91221..c6867ac3 100644 --- a/config/api_acl.yaml +++ b/config/api_acl.yaml @@ -101,3 +101,12 @@ access_keys: acls: - id: mobile_vehicle.list label: List Vehicle Makes + - id: mobile_customer_vehicle + label: Mobile customer Vehicle Access + acls: + - id: mobile_customer_vehicle.add + label: Add Mobile Customer Vehicle + - id: mobile_customer_vehicle.update + label: Update Mobile Customer Vehicle + - id: mobile_customer_vehicle.list + label: List Mobile Customer Vehicles diff --git a/src/Controller/ResqAPI/CustomerVehicleController.php b/src/Controller/ResqAPI/CustomerVehicleController.php index 36f8e12a..884b5142 100644 --- a/src/Controller/ResqAPI/CustomerVehicleController.php +++ b/src/Controller/ResqAPI/CustomerVehicleController.php @@ -9,15 +9,15 @@ use Doctrine\ORM\Query; use Doctrine\ORM\EntityManagerInterface; use Catalyst\APIBundle\Controller\APIController; -// TODO: what do we use for response? APIResponse or APIResult? -// APIResult is what is used by APIController. APIResponse is what is used by CAPI use Catalyst\APIBundle\Response\APIResponse; -use App\Ramcar\APIResult; +use App\Entity\MobileUser; use App\Entity\VehicleManufacturer; use App\Entity\Vehicle; use App\Entity\CustomerVehicle; +use App\Service\MobileAPIHandler; + use Catalyst\APIBundle\Access\Generator as ACLGenerator; class CustomerVehicleController extends APIController @@ -29,70 +29,92 @@ class CustomerVehicleController extends APIController $this->acl_gen = $acl_gen; } - public function addVehicle(Request $req, EntityManagerInterface $em) + public function addVehicle(Request $req, EntityManagerInterface $em, + MobileAPIHandler $mah) { + $this->denyAccessUnlessGranted('mobile_customer_vehicle.add', null, 'No access.'); + // check requirements - $res = $this->checkVehicleRequirements($req, $em); - if ($res->isError()) - return $res->getReturnResponse(); + $msg = $this->checkVehicleRequirements($req); + if ($msg) + return new APIResponse(false, $msg); + + // get capi user to link to mobile user + $user_id = $this->getUser()->getID(); + + // get mobile user + $mobile_user = $mah->findMobileUser($em, $user_id); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); // customer vehicle $cv = new CustomerVehicle(); - $res = $this->setCustomerVehicleObject($req, $res, $cv, $em); - - return $res->getReturnResponse(); + $res = $this->setCustomerVehicleObject($mobile_user, $req, $cv, $em); + if (isset($res['cv_id'])) + return new APIResponse(true, 'Customer vehicle added', $res); + else + return new APIResponse(false, $res); } - // TODO: needs to be modified for mobile user - public function updateVehicle(Request $req, $id, EntityManagerInterface $em) + public function updateVehicle(Request $req, $id, EntityManagerInterface $em, + MobileAPIHandler $mah) { + $this->denyAccessUnlessGranted('mobile_customer_vehicle.update', null, 'No access.'); + // check requirements - $res = $this->checkVehicleRequirements($req, $em); - if ($res->isError()) - return $res->getReturnResponse(); + $msg = $this->checkVehicleRequirements($req); + if ($msg) + return new APIResponse(false, $msg); + + // get capi user to link to mobile user + $user_id = $this->getUser()->getID(); + + // get mobile user + $mobile_user = $mah->findMobileUser($em, $user_id); // get customer vehicle $cv = $em->getRepository(CustomerVehicle::class)->find($id); // check if it exists if ($cv == null) - { - $res->setError(true) - ->setErrorMessage('Vehicle does not exist'); - return $res->getReturnResponse(); - } + return new APIResponse(false, 'Vehicle does not exist'); // check if it's owned by customer - if ($cv->getCustomer()->getID() != $this->session->getCustomer()->getID()) - { - $res->setError(true) - ->setErrorMessage('Invalid vehicle'); - return $res->getReturnResponse(); - } + if ($cv->getCustomer()->getID() != $mobile_user->getCustomer()->getID()) + return new APIResponse(false, 'Invalid vehicle'); - $res = $this->setCustomerVehicleObject($req, $res, $cv, $em); + $res = $this->setCustomerVehicleObject($mobile_user, $req, $cv, $em); + if (isset($res['cv_id'])) + return new APIResponse(true, 'Customer vehicle updated', $res); + else + return new APIResponse(false, $res); - return $res->getReturnResponse(); } - // TODO: needs to be modified for mobile user - public function listVehicles(Request $req, EntityManagerInterface $em) + public function listVehicles(Request $req, EntityManagerInterface $em, MobileAPIHandler $mah) { - // check required parameters and api key - $required_params = []; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res->getReturnResponse(); + $this->denyAccessUnlessGranted('mobile_customer_vehicle.list', null, 'No access.'); - // customer - $cust = $this->session->getCustomer(); + // check required parameters + $required_params = []; + $msg = $this->checkRequiredParameters($req, $required_params); + if ($msg) + return new APIResponse(false, $msg); + + // get capi user to link to mobile user + $user_id = $this->getUser()->getID(); + + // get mobile user + $mobile_user = $mah->findMobileUser($em, $user_id); + + if ($mobile_user == null) + return new APIResponse(false, 'No mobile user found.'); + + $cust = $mobile_user->getCustomer(); if ($cust == null) - { - $res->setError(true) - ->setErrorMessage('No customer information found'); - return $res->getReturnResponse(); - } + return new APIResponse(false, 'No customer information found'); // vehicles $cv_list = []; @@ -107,7 +129,7 @@ class CustomerVehicleController extends APIController if ($cv->getWarrantyExpiration() != null) $wty_ex = $cv->getWarrantyExpiration()->format('Y-m-d'); - $warranty = $this->findWarranty($cv->getPlateNumber(), $em); + $warranty = $mah->findWarranty($cv->getPlateNumber(), $em); $cv_name = ''; if ($cv->getName() != null) @@ -136,14 +158,13 @@ class CustomerVehicleController extends APIController $data = [ 'vehicles' => $cv_list ]; - $res->setData($data); - return $res->getReturnResponse(); + return new APIResponse(true, 'Customer vehicles listed', $data); } - protected function checkVehicleRequirements(Request $req, EntityManagerInterface $em) + protected function checkVehicleRequirements(Request $req) { - // check required parameters and api key + // check required parameters $required_params = [ 'make_id', 'name', @@ -153,9 +174,7 @@ class CustomerVehicleController extends APIController 'condition', 'fuel_type', ]; - $res = $this->checkParamsAndKey($req, $em, $required_params); - if ($res->isError()) - return $res; + $msg = $this->checkRequiredParameters($req, $required_params); // TODO: check valid plate number // TODO: check valid fuel type (gas / diesel) @@ -165,28 +184,27 @@ class CustomerVehicleController extends APIController // TODO: check warranty expiration date (YYYYMMDD) // TODO: check model year coverage if it fits in between - return $res; + return $msg; } - protected function setCustomerVehicleObject(Request $req, APIResult $res, + protected function setCustomerVehicleObject(MobileUser $mobile_user, Request $req, CustomerVehicle $cv, EntityManagerInterface $em) { + $msg = ''; // check customer - $cust = $this->session->getCustomer(); + $cust = $mobile_user->getCustomer(); if ($cust == null) { - $res->setError(true) - ->setErrorMessage('No customer information found'); - return $res; + $msg = 'No customer information found'; + return $msg; } // get vehicle $vehicle = $em->getRepository(Vehicle::class)->find($req->request->get('make_id')); if ($vehicle == null) { - $res->setError(true) - ->setErrorMessage('Invalid vehicle make id'); - return $res; + $msg = 'Invalid vehicle make id'; + return $msg; } $cv->setCustomer($cust) @@ -227,163 +245,7 @@ class CustomerVehicleController extends APIController $data = [ 'cv_id' => $cv->getID() ]; - $res->setData($data); - return $res; - } - - // TODO: what to do with this? listVehicles calls this and so does getJOHistory in the JobOrderController - protected function findWarranty($plate_number, $em) - { - // NOTE: Modify the search for the latest warranty. This seems hacky. - // get latest warranty using plate number - $warranty_results = $em->getRepository(Warranty::class)->findBy(['plate_number' => $plate_number], - ['date_create' => 'desc']); - - $warr = []; - - // check if warranty_results is empty - if (empty($warranty_results)) - { - /* - $res->setError(true) - ->setErrorMessage('No warranty found for plate number'); - return $res->getReturnResponse(); - */ - - return $warr; - } - - // get first entry - $warranty = current($warranty_results); - - // check for null values for battery and date claim and date expire - $batt_model = ''; - $batt_size = ''; - $sap_batt = ''; - $claim_date = ''; - $expiry_date = ''; - - if (!(is_null($warranty->getBatteryModel()))) { - $batt_model = $warranty->getBatteryModel()->getName(); - } - if (!(is_null($warranty->getBatterySize()))) { - $batt_size = $warranty->getBatterySize()->getName(); - } - if (!(is_null($warranty->getSAPBattery()))) { - $sap_batt = $warranty->getSAPBattery()->getID(); - } - if (!(is_null($warranty->getDateClaim()))) { - $claim_date = $warranty->getDateClaim()->format("d M Y"); - } - if (!(is_null($warranty->getDateExpire()))) { - $expiry_date = $warranty->getDateExpire()->format("d M Y"); - } - - $warr[] = [ - 'id' => $warranty->getID(), - 'serial' => $warranty->getSerial(), - 'warranty_class' => $warranty->getWarrantyClass(), - 'plate_number' => $warranty->getPlateNumber(), - 'first_name' => $warranty->getFirstName(), - 'last_name' => $warranty->getLastName(), - 'mobile_number' => $warranty->getMobileNumber(), - 'battery_model' => $batt_model, - 'battery_size' => $batt_size, - 'sap_battery' => $sap_batt, - 'status' => $warranty->getStatus(), - 'date_create' => $warranty->getDateCreate()->format("d M Y g:i A"), - 'date_purchase' => $warranty->getDatePurchase()->format("d M Y"), - 'date_expire' => $expiry_date, - 'date_claim' => $claim_date, - 'claim_from' => $warranty->getClaimedFrom(), - 'is_activated' => $warranty->isActivated() ? 1 : 0, - ]; - - return $warr; - } - - // TODO: since we broke the functions into separate files, we need - // to figure out how to make this accessible to all ResqAPI controllers - protected function checkParamsAndKey(Request $req, $em, $params) - { - // TODO: depends on what we decide to return - // returns APIResult object - $res = new APIResult(); - - // check for api_key in query string - $api_key = $req->query->get('api_key'); - if (empty($api_key)) - { - $res->setError(true) - ->setErrorMessage('Missing API key'); - return $res; - } - - // check missing parameters - $missing = $this->checkMissingParameters($req, $params); - if (count($missing) > 0) - { - $miss_string = implode(', ', $missing); - $res->setError(true) - ->setErrorMessage('Missing parameter(s): ' . $miss_string); - return $res; - } - - // check api key - $mobile_user = $this->checkAPIKey($em, $req->query->get('api_key')); - if ($mobile_user == null) - { - $res->setError(true) - ->setErrorMessage('Invalid API Key'); - return $res; - } - - // store session - $this->session = $sess; - - return $res; - } - - // TODO: this might not be needed if we use APIController's checkRequiredParameters - // or we put this into a service? - protected function checkMissingParameters(Request $req, $params = []) - { - $missing = []; - - // check if parameters are there - foreach ($params as $param) - { - if ($req->getMethod() == 'GET') - { - $check = $req->query->get($param); - if (empty($check)) - $missing[] = $param; - } - else if ($req->getMethod() == 'POST') - { - $check = $req->request->get($param); - if (empty($check)) - $missing[] = $param; - } - else - return $params; - } - - return $missing; - } - - // TODO: type hint entity manager - // TODO: since we broke the functions into separate files, we need - // to figure out how to make this accessible to all ResqAPI controllers - protected function checkAPIKey($em, $api_key) - { - // find the api key (session id) - // TODO: user validation needs to be changed - $m_user = $em->getRepository(MobileUser::class)->find($api_key); - if ($m_user == null) - return null; - - return $m_user; + return $data; } } diff --git a/src/Service/MobileAPIHandler.php b/src/Service/MobileAPIHandler.php index 534cec99..f95ef6ad 100644 --- a/src/Service/MobileAPIHandler.php +++ b/src/Service/MobileAPIHandler.php @@ -5,6 +5,7 @@ namespace App\Service; use Doctrine\ORM\EntityManagerInterface; use App\Entity\MobileUser; +use App\Entity\Warranty; class MobileAPIHandler { @@ -23,4 +24,66 @@ class MobileAPIHandler return $mobile_user; } + public function findWarranty($plate_number, $em) + { + // NOTE: Modify the search for the latest warranty. This seems hacky. + // get latest warranty using plate number + $warranty_results = $em->getRepository(Warranty::class)->findBy(['plate_number' => $plate_number], + ['date_create' => 'desc']); + + $warr = []; + + // check if warranty_results is empty + if (empty($warranty_results)) + return $warr; + + // get first entry + $warranty = current($warranty_results); + + // check for null values for battery and date claim and date expire + $batt_model = ''; + $batt_size = ''; + $sap_batt = ''; + $claim_date = ''; + $expiry_date = ''; + + if (!(is_null($warranty->getBatteryModel()))) { + $batt_model = $warranty->getBatteryModel()->getName(); + } + if (!(is_null($warranty->getBatterySize()))) { + $batt_size = $warranty->getBatterySize()->getName(); + } + if (!(is_null($warranty->getSAPBattery()))) { + $sap_batt = $warranty->getSAPBattery()->getID(); + } + if (!(is_null($warranty->getDateClaim()))) { + $claim_date = $warranty->getDateClaim()->format("d M Y"); + } + if (!(is_null($warranty->getDateExpire()))) { + $expiry_date = $warranty->getDateExpire()->format("d M Y"); + } + + $warr[] = [ + 'id' => $warranty->getID(), + 'serial' => $warranty->getSerial(), + 'warranty_class' => $warranty->getWarrantyClass(), + 'plate_number' => $warranty->getPlateNumber(), + 'first_name' => $warranty->getFirstName(), + 'last_name' => $warranty->getLastName(), + 'mobile_number' => $warranty->getMobileNumber(), + 'battery_model' => $batt_model, + 'battery_size' => $batt_size, + 'sap_battery' => $sap_batt, + 'status' => $warranty->getStatus(), + 'date_create' => $warranty->getDateCreate()->format("d M Y g:i A"), + 'date_purchase' => $warranty->getDatePurchase()->format("d M Y"), + 'date_expire' => $expiry_date, + 'date_claim' => $claim_date, + 'claim_from' => $warranty->getClaimedFrom(), + 'is_activated' => $warranty->isActivated() ? 1 : 0, + ]; + + return $warr; + } + }