api_acl_gen = $api_acl_gen; } /** * @Menu(selected="api_role_list") */ public function index() { $this->denyAccessUnlessGranted('apirole.list', null, 'No access.'); // response return $this->render('api-role/list.html.twig'); } public function rows(Request $req) { $this->denyAccessUnlessGranted('apirole.list', null, 'No access.'); // build query $qb = $this->getDoctrine() ->getRepository(APIRole::class) ->createQueryBuilder('q'); // get datatable params $datatable = $req->request->get('datatable'); // count total records $tquery = $qb->select('COUNT(q)'); // add filters to count query $this->setQueryFilters($datatable, $tquery); $total = $tquery->getQuery() ->getSingleScalarResult(); // get current page number $page = $datatable['pagination']['page'] ?? 1; $perpage = $datatable['pagination']['perpage']; $offset = ($page - 1) * $perpage; // add metadata $meta = [ 'page' => $page, 'perpage' => $perpage, 'pages' => ceil($total / $perpage), 'total' => $total, 'sort' => 'asc', 'field' => 'id' ]; // build query $query = $qb->select('q'); // add filters to query $this->setQueryFilters($datatable, $query); // check if sorting is present, otherwise use default if (isset($datatable['sort']['field']) && !empty($datatable['sort']['field'])) { $order = $datatable['sort']['sort'] ?? 'asc'; $query->orderBy('q.' . $datatable['sort']['field'], $order); } else { $query->orderBy('q.id', 'asc'); } // get rows for this page $obj_rows = $query->setFirstResult($offset) ->setMaxResults($perpage) ->getQuery() ->getResult(); // process rows $rows = []; foreach ($obj_rows as $orow) { // add row data $row['id'] = $orow->getID(); $row['name'] = $orow->getName(); // add row metadata $row['meta'] = [ 'update_url' => '', 'delete_url' => '' ]; // check if they have access to super admin users if (!$this->isGranted('user.role.sadmin') && $orow->isSuperAdmin()) { $rows[] = $row; continue; } // add crud urls if ($this->isGranted('user.update')) $row['meta']['update_url'] = $this->generateUrl('api_role_update', ['id' => $row['id']]); if ($this->isGranted('user.delete')) $row['meta']['delete_url'] = $this->generateUrl('api_role_delete', ['id' => $row['id']]); $rows[] = $row; } // response return $this->json([ 'meta' => $meta, 'data' => $rows ]); } /** * @Menu(selected="api_role_list") */ public function addForm() { $this->denyAccessUnlessGranted('apirole.add', null, 'No access.'); $params = []; $this->padAPIACLHierarchy($params); $params['obj'] = new APIRole(); $params['mode'] = 'create'; // response return $this->render('api-role/form.html.twig', $params); } public function addSubmit(Request $req, ValidatorInterface $validator) { $this->denyAccessUnlessGranted('apirole.add', null, 'No access.'); // create new row $em = $this->getDoctrine()->getManager(); $row = new APIRole(); // set and save values $row->setID($req->request->get('id')) ->setName($req->request->get('name')); // acl attributes $acl_attribs = $req->request->get('acl'); if (!empty($acl_attribs)) { foreach ($acl_attribs as $acl_key) { $row->addACLAccess($acl_key); } } // validate $errors = $validator->validate($row); // initialize error list $error_array = []; // add errors to list foreach ($errors as $error) { $error_array[$error->getPropertyPath()] = $error->getMessage(); } // check if any errors were found if (!empty($error_array)) { // return validation failure response return $this->json([ 'success' => false, 'errors' => $error_array ], 422); } else { // validated! save the entity $em->persist($row); $em->flush(); // return successful response return $this->json([ 'success' => 'Changes have been saved!' ]); } } /** * @Menu(selected="api_role_list") */ public function updateForm($id) { $this->denyAccessUnlessGranted('apirole.update', null, 'No access.'); $params = []; $this->padAPIACLHierarchy($params); $params['mode'] = 'update'; // get row data $em = $this->getDoctrine()->getManager(); $row = $em->getRepository(APIRole::class)->find($id); // make sure this row exists if (empty($row)) throw $this->createNotFoundException('The item does not exist'); $params['obj'] = $row; // response return $this->render('api-role/form.html.twig', $params); } public function updateSubmit(Request $req, ValidatorInterface $validator, $id) { $this->denyAccessUnlessGranted('apirole.update', null, 'No access.'); // get row data $em = $this->getDoctrine()->getManager(); $row = $em->getRepository(APIRole::class)->find($id); // make sure this row exists if (empty($row)) throw $this->createNotFoundException('The item does not exist'); // set and save values $row->setID($req->request->get('id')) ->setName($req->request->get('name')); // don't update acl attributes for super user since they don't need it if (!$row->isSuperAdmin()) { // clear first $row->clearACLAttributes(); // then add $acl_attribs = $req->request->get('acl'); if (!empty($acl_attribs)) { foreach ($acl_attribs as $acl_key) { $row->addACLAccess($acl_key); } } } // validate $errors = $validator->validate($row); // initialize error list $error_array = []; // add errors to list foreach ($errors as $error) { $error_array[$error->getPropertyPath()] = $error->getMessage(); } // check if any errors were found if (!empty($error_array)) { // return validation failure response return $this->json([ 'success' => false, 'errors' => $error_array ], 422); } else { // validated! save the entity // catch the exception in case user updated the id try { $em->flush(); } catch(ForeignKeyConstraintViolationException $e) { $error_array['id'] = 'Role has already been assigned to user/s and id cannot be updated'; return $this->json([ 'success' => false, 'errors' => $error_array ], 403); } // return successful response return $this->json([ 'success' => 'Changes have been saved!' ]); } } /** * @Menu(selected="api_role_list") */ public function destroy($id) { $this->denyAccessUnlessGranted('apirole.delete', null, 'No access.'); $params = []; // get row data $em = $this->getDoctrine()->getManager(); $row = $em->getRepository(APIRole::class)->find($id); if (empty($row)) throw $this->createNotFoundException('The item does not exist'); // delete this row $em->remove($row); $em->flush(); // response $response = new Response(); $response->setStatusCode(Response::HTTP_OK); $response->send(); } protected function padAPIACLHierarchy(&$params) { // get acl keys hierarchy $api_acl_data = $this->api_acl_gen->getACL(); $params['api_acl_hierarchy'] = $api_acl_data['hierarchy']; } // check if datatable filter is present and append to query protected function setQueryFilters($datatable, &$query) { if (isset($datatable['query']['data-rows-search']) && !empty($datatable['query']['data-rows-search'])) { $query->where('q.id LIKE :filter') ->orWhere('q.name LIKE :filter') ->setParameter('filter', '%' . $datatable['query']['data-rows-search'] . '%'); } } }