rgutierrez/resq
1
0
Fork 0
Code Issues 126 Pull requests 49 Projects Releases 4 Packages Wiki Activity Actions
resq/src/Controller/APIRoleController.php

343 lines
9.7 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use Catalyst\APIBundle\Entity\Role as APIRole;
use Catalyst\APIBundle\Access\Generator as APIACLGenerator;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Validator\Validator\ValidatorInterface;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Doctrine\ORM\Query;
use Doctrine\DBAL\Exception\ForeignKeyConstraintViolationException;
use Catalyst\MenuBundle\Annotation\Menu;
class APIRoleController extends Controller
{
protected $api_acl_gen;
public function __construct(APIACLGenerator $api_acl_gen)
{
$this->api_acl_gen = $api_acl_gen;
}
/**
* @Menu(selected="api_role_list")
*/
public function index()
{
$this->denyAccessUnlessGranted('apirole.list', null, 'No access.');
// response
return $this->render('api-role/list.html.twig');
}
public function rows(Request $req)
{
$this->denyAccessUnlessGranted('apirole.list', null, 'No access.');
// build query
$qb = $this->getDoctrine()
->getRepository(APIRole::class)
->createQueryBuilder('q');
// get datatable params
$datatable = $req->request->get('datatable');
// count total records
$tquery = $qb->select('COUNT(q)');
// add filters to count query
$this->setQueryFilters($datatable, $tquery);
$total = $tquery->getQuery()
->getSingleScalarResult();
// get current page number
$page = $datatable['pagination']['page'] ?? 1;
$perpage = $datatable['pagination']['perpage'];
$offset = ($page - 1) * $perpage;
// add metadata
$meta = [
'page' => $page,
'perpage' => $perpage,
'pages' => ceil($total / $perpage),
'total' => $total,
'sort' => 'asc',
'field' => 'id'
];
// build query
$query = $qb->select('q');
// add filters to query
$this->setQueryFilters($datatable, $query);
// check if sorting is present, otherwise use default
if (isset($datatable['sort']['field']) && !empty($datatable['sort']['field'])) {
$order = $datatable['sort']['sort'] ?? 'asc';
$query->orderBy('q.' . $datatable['sort']['field'], $order);
} else {
$query->orderBy('q.id', 'asc');
}
// get rows for this page
$obj_rows = $query->setFirstResult($offset)
->setMaxResults($perpage)
->getQuery()
->getResult();
// process rows
$rows = [];
foreach ($obj_rows as $orow) {
// add row data
$row['id'] = $orow->getID();
$row['name'] = $orow->getName();
// add row metadata
$row['meta'] = [
'update_url' => '',
'delete_url' => ''
];
// check if they have access to super admin users
if (!$this->isGranted('user.role.sadmin') && $orow->isSuperAdmin())
{
$rows[] = $row;
continue;
}
// add crud urls
if ($this->isGranted('user.update'))
$row['meta']['update_url'] = $this->generateUrl('api_role_update', ['id' => $row['id']]);
if ($this->isGranted('user.delete'))
$row['meta']['delete_url'] = $this->generateUrl('api_role_delete', ['id' => $row['id']]);
$rows[] = $row;
}
// response
return $this->json([
'meta' => $meta,
'data' => $rows
]);
}
/**
* @Menu(selected="api_role_list")
*/
public function addForm()
{
$this->denyAccessUnlessGranted('apirole.add', null, 'No access.');
$params = [];
$this->padAPIACLHierarchy($params);
$params['obj'] = new APIRole();
$params['mode'] = 'create';
// response
return $this->render('api-role/form.html.twig', $params);
}
public function addSubmit(Request $req, ValidatorInterface $validator)
{
$this->denyAccessUnlessGranted('apirole.add', null, 'No access.');
// create new row
$em = $this->getDoctrine()->getManager();
$row = new APIRole();
// set and save values
$row->setID($req->request->get('id'))
->setName($req->request->get('name'));
// acl attributes
$acl_attribs = $req->request->get('acl');
if (!empty($acl_attribs))
{
foreach ($acl_attribs as $acl_key)
{
$row->addACLAccess($acl_key);
}
}
// validate
$errors = $validator->validate($row);
// initialize error list
$error_array = [];
// add errors to list
foreach ($errors as $error) {
$error_array[$error->getPropertyPath()] = $error->getMessage();
}
// check if any errors were found
if (!empty($error_array)) {
// return validation failure response
return $this->json([
'success' => false,
'errors' => $error_array
], 422);
} else {
// validated! save the entity
$em->persist($row);
$em->flush();
// return successful response
return $this->json([
'success' => 'Changes have been saved!'
]);
}
}
/**
* @Menu(selected="api_role_list")
*/
public function updateForm($id)
{
$this->denyAccessUnlessGranted('apirole.update', null, 'No access.');
$params = [];
$this->padAPIACLHierarchy($params);
$params['mode'] = 'update';
// get row data
$em = $this->getDoctrine()->getManager();
$row = $em->getRepository(APIRole::class)->find($id);
// make sure this row exists
if (empty($row))
throw $this->createNotFoundException('The item does not exist');
$params['obj'] = $row;
// response
return $this->render('api-role/form.html.twig', $params);
}
public function updateSubmit(Request $req, ValidatorInterface $validator, $id)
{
$this->denyAccessUnlessGranted('apirole.update', null, 'No access.');
// get row data
$em = $this->getDoctrine()->getManager();
$row = $em->getRepository(APIRole::class)->find($id);
// make sure this row exists
if (empty($row))
throw $this->createNotFoundException('The item does not exist');
// set and save values
$row->setID($req->request->get('id'))
->setName($req->request->get('name'));
// don't update acl attributes for super user since they don't need it
if (!$row->isSuperAdmin())
{
// clear first
$row->clearACLAccess();
// then add
$acl_attribs = $req->request->get('acl');
if (!empty($acl_attribs))
{
foreach ($acl_attribs as $acl_key)
{
$row->addACLAccess($acl_key);
}
}
}
// validate
$errors = $validator->validate($row);
// initialize error list
$error_array = [];
// add errors to list
foreach ($errors as $error) {
$error_array[$error->getPropertyPath()] = $error->getMessage();
}
// check if any errors were found
if (!empty($error_array)) {
// return validation failure response
return $this->json([
'success' => false,
'errors' => $error_array
], 422);
} else {
// validated! save the entity
// catch the exception in case user updated the id
try
{
$em->flush();
}
catch(ForeignKeyConstraintViolationException $e)
{
$error_array['id'] = 'Role has already been assigned to user/s and id cannot be updated';
return $this->json([
'success' => false,
'errors' => $error_array
], 403);
}
// return successful response
return $this->json([
'success' => 'Changes have been saved!'
]);
}
}
/**
* @Menu(selected="api_role_list")
*/
public function destroy($id)
{
$this->denyAccessUnlessGranted('apirole.delete', null, 'No access.');
$params = [];
// get row data
$em = $this->getDoctrine()->getManager();
$row = $em->getRepository(APIRole::class)->find($id);
if (empty($row))
throw $this->createNotFoundException('The item does not exist');
// delete this row
$em->remove($row);
$em->flush();
// response
$response = new Response();
$response->setStatusCode(Response::HTTP_OK);
$response->send();
}
protected function padAPIACLHierarchy(&$params)
{
// get acl keys hierarchy
$api_acl_data = $this->api_acl_gen->getACL();
$params['api_acl_hierarchy'] = $api_acl_data['hierarchy'];
}
// check if datatable filter is present and append to query
protected function setQueryFilters($datatable, &$query)
{
if (isset($datatable['query']['data-rows-search']) && !empty($datatable['query']['data-rows-search']))
{
$query->where('q.id LIKE :filter')
->orWhere('q.name LIKE :filter')
->setParameter('filter', '%' . $datatable['query']['data-rows-search'] . '%');
}
}
}
Reference in a new issue View git blame Copy permalink