FEAT #12091 TIME 1:300 create private template

fdccd644 · Guillaume Heurtier · c83b0377 · fdccd644 · fdccd644
Commit fdccd644 authored 5 years ago by Guillaume Heurtier
--- a/src/app/entity/controllers/ListTemplateController.php
+++ b/src/app/entity/controllers/ListTemplateController.php
@@ -97,12 +97,26 @@ class ListTemplateController
    {
        $body = $request->getParsedBody();

-        if (!PrivilegeController::hasPrivilege(['privilegeId' => 'manage_entities', 'userId' => $GLOBALS['id']]) && !empty($body['entityId'])) {
-            return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
-        }
+        if (empty($body['private'])) {
+            if (!PrivilegeController::hasPrivilege(['privilegeId' => 'manage_entities', 'userId'      => $GLOBALS['id']]) && !empty($body['entityId'])) {
+                return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+            }

-        if (!PrivilegeController::hasPrivilege(['privilegeId' => 'admin_listmodels', 'userId' => $GLOBALS['id']]) && empty($body['entityId'])) {
-            return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+            if (!PrivilegeController::hasPrivilege(['privilegeId' => 'admin_listmodels', 'userId'      => $GLOBALS['id']]) && empty($body['entityId'])) {
+                return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+            }
+
+            $owner = null;
+        } else {
+            if (!empty($body['entityId'])) {
+                return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+            }
+
+            if ($body['type'] == 'visaCircuit'
+                && !PrivilegeController::hasPrivilege(['privilegeId' => 'config_visa_workflow', 'userId' => $GLOBALS['id']])) {
+                return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+            }
+            $owner = $GLOBALS['id'];
        }

        $allowedTypes = ['diffusionList', 'visaCircuit', 'opinionCircuit'];
@@ -135,7 +149,8 @@ class ListTemplateController
            'title'         => $body['title'] ?? $body['description'],
            'description'   => $body['description'] ?? null,
            'type'          => $body['type'],
-            'entity_id'     => $body['entityId'] ?? null
+            'entity_id'     => $body['entityId'] ?? null,
+            'owner'         => $owner
        ]);

        foreach ($body['items'] as $key => $item) {

--- a/src/app/entity/models/ListTemplateModel.php
+++ b/src/app/entity/models/ListTemplateModel.php
@@ -65,11 +65,12 @@ class ListTemplateModel
        DatabaseModel::insert([
            'table'         => 'list_templates',
            'columnsValues' => [
-                'id'            => $nextSequenceId,
-                'title'         => $args['title'],
-                'description'   => $args['description'] ?? null,
-                'type'          => $args['type'],
-                'entity_id'     => $args['entity_id'] ?? null
+                'id'          => $nextSequenceId,
+                'title'       => $args['title'],
+                'description' => $args['description'] ?? null,
+                'type'        => $args['type'],
+                'entity_id'   => $args['entity_id'] ?? null,
+                'owner'       => $args['owner']
            ]
        ]);