FEAT #8564 Change route and controller for multi delete

271e2d46 · Vinciane · 8839b75b · 271e2d46 · 271e2d46
Commit 271e2d46 authored 6 years ago by Vinciane
--- a/rest/index.php
+++ b/rest/index.php
@@ -314,7 +314,7 @@ $app->get('/users/{id}/signatures/{signatureId}/content', \User\controllers\User
 $app->put('/users/{id}/signatures/{signatureId}', \User\controllers\UserController::class . ':updateSignature');
 $app->delete('/users/{id}/signatures/{signatureId}', \User\controllers\UserController::class . ':deleteSignature');
 $app->post('/users/{id}/redirectedBaskets', \User\controllers\UserController::class . ':setRedirectedBaskets');
-$app->delete('/users/{id}/redirectedBaskets/{redirectBasketid}', \User\controllers\UserController::class . ':deleteRedirectedBasket');
+$app->delete('/users/{id}/redirectedBaskets', \User\controllers\UserController::class . ':deleteRedirectedBasket');
 $app->put('/users/{id}/baskets', \User\controllers\UserController::class . ':updateBasketsDisplay');
 //VersionsUpdate

--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -414,21 +414,30 @@ class UserController
            return $response->withStatus($error['status'])->withJson(['errors' => $error['error']]);
        }
-        $redirectedBasket = RedirectBasketModel::get(['select' => ['actual_user_id', 'owner_user_id'], 'where' => ['id = ?'], 'data' => [$aArgs['redirectBasketid']]]);
+        $data = $request->getQueryParams();
-        if (empty($redirectedBasket[0]) || ($redirectedBasket[0]['actual_user_id'] != $aArgs['id'] && $redirectedBasket[0]['owner_user_id'] != $aArgs['id'])) {
-            return $response->withStatus(403)->withJson(['errors' => 'Redirected basket out of perimeter']);
+        $check = Validator::notEmpty()->arrayType()->validate($data['redirectedBasketIds']);
+        if (!$check) {
+            return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
        }
-        RedirectBasketModel::delete(['where' => ['id = ?'], 'data' => [$aArgs['redirectBasketid']]]);
+        foreach($data['redirectedBasketIds'] as $redirectedBasketId) {
+            $redirectedBasket = RedirectBasketModel::get(['select' => ['actual_user_id', 'owner_user_id', 'basket_id'], 'where' => ['id = ?'], 'data' => [$redirectedBasketId]]);
+            if (empty($redirectedBasket[0]) || ($redirectedBasket[0]['actual_user_id'] != $aArgs['id'] && $redirectedBasket[0]['owner_user_id'] != $aArgs['id'])) {
+                return $response->withStatus(403)->withJson(['errors' => 'Redirected basket out of perimeter']);
+            }
-        $user = UserModel::getById(['id' => $aArgs['id'], 'select' => ['user_id']]);
+            RedirectBasketModel::delete(['where' => ['id = ?'], 'data' => [$redirectedBasketId]]);
-        HistoryController::add([
-            'tableName'    => 'redirected_baskets',
+            $user = UserModel::getById(['id' => $aArgs['id'], 'select' => ['user_id']]);
-            'recordId'     => $GLOBALS['userId'],
+            HistoryController::add([
-            'eventType'    => 'DEL',
+                'tableName'    => 'redirected_baskets',
-            'eventId'      => 'basketRedirection',
+                'recordId'     => $GLOBALS['userId'],
-            'info'         => _BASKET_REDIRECTION_SUPPRESSION . " {$user['user_id']}"
+                'eventType'    => 'DEL',
-        ]);
+                'eventId'      => 'basketRedirection',
+                'info'         => _BASKET_REDIRECTION_SUPPRESSION . " {$user['user_id']} : " . $redirectedBasket[0]['basket_id']
+            ]);
+        }
        return $response->withJson([
            'baskets'   => BasketModel::getBasketsByLogin(['login' => $user['user_id'], 'unneededBasketId' => ['IndexingBasket']])