GroupController.php 14.5 KB
Newer Older
1
2
3
<?php

/**
4
5
* Copyright Maarch since 2008 under license.
* See LICENSE.txt file at the root folder for more details.
6
7
8
9
10
* This file is part of Maarch software.
*
*/

/**
Florian Azizian's avatar
Florian Azizian committed
11
* @brief Group Controller
12
13
14
15
16
17
* @author dev@maarch.org
*/

namespace Group\controllers;

use Group\models\GroupModel;
18
use Group\models\GroupPrivilegeModel;
19
20
21
22
23
use History\controllers\HistoryController;
use Respect\Validation\Validator;
use Slim\Http\Request;
use Slim\Http\Response;
use User\models\UserGroupModel;
24
use User\models\UserModel;
25
26
27
28
29
30
31
32
33

class GroupController
{
    public function get(Request $request, Response $response)
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
        }

34
        $groups = GroupModel::get();
35
36
37
38

        return $response->withJson(['groups' => $groups]);
    }

Damien's avatar
Damien committed
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
    public function getById(Request $request, Response $response, array $args)
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
        }

        if (!Validator::intVal()->notEmpty()->validate($args['id'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Route id must be an integer']);
        }

        $group = GroupModel::getById(['id' => $args['id']]);
        if (empty($group)) {
            return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
        }

        $group['users'] = UserGroupModel::getByGroupId([
            'id'     => $group['id'],
            'select' => ['users.id', 'users.firstname', 'users.lastname']
        ]);

59
60
61
62
63
64
65
66
67
68
69
70
        $groupPrivileges = GroupPrivilegeModel::getPrivilegesByGroupId(['groupId' => $args['id']]);
        $groupPrivileges = array_column($groupPrivileges, 'privilege');

        $aPrivileges = PrivilegeController::PRIVILEGES;
        foreach ($aPrivileges as $key => $value) {
            if (in_array($value['id'], $groupPrivileges)) {
                $aPrivileges[$key]['checked'] = true;
            } else {
                $aPrivileges[$key]['checked'] = false;
            }
        }
        $group['privileges'] = $aPrivileges;
71

Damien's avatar
Damien committed
72
73
74
        return $response->withJson(['group' => $group]);
    }

75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
    public function create(Request $request, Response $response)
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
        }

        $body = $request->getParsedBody();

        if (empty($body)) {
            return $response->withStatus(400)->withJson(['errors' => 'Body is not set or empty']);
        } elseif (!Validator::stringType()->notEmpty()->length(1, 128)->validate($body['label'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Body label is empty or not a string or longer than 128 caracteres']);
        }

        $id = GroupModel::create(['label' => $body['label']]);

        HistoryController::add([
            'code'          => 'OK',
            'objectType'    => 'groups',
            'objectId'      => $id,
            'type'          => 'CREATION',
            'message'       => "{groupAdded} : {$body['label']}"
        ]);

        return $response->withJson(['id' => $id]);
    }

Damien's avatar
Damien committed
102
    public function update(Request $request, Response $response, array $aArgs)
103
104
105
106
107
108
109
110
111
112
113
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
        }

        $body = $request->getParsedBody();

        if (empty($body)) {
            return $response->withStatus(400)->withJson(['errors' => 'Body is not set or empty']);
        } elseif (!Validator::stringType()->notEmpty()->length(1, 128)->validate($body['label'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Body label is empty or not a string or longer than 128 caracteres']);
114
115
116
117
118
119
120
        } elseif (!Validator::intVal()->notEmpty()->validate($aArgs['id'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Id must be an integer']);
        }

        $group = GroupModel::getById(['id' => $aArgs['id']]);
        if (empty($group)) {
            return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
121
122
123
124
125
126
127
128
129
130
131
132
        }

        GroupModel::update([
            'set' => ['label' => $body['label']],
            'where' => ['id = ?'],
            'data'  => [$aArgs['id']]
        ]);

        HistoryController::add([
            'code'       => 'OK',
            'objectType' => 'groups',
            'objectId'   => $aArgs['id'],
Damien's avatar
Damien committed
133
            'type'       => 'MODIFICATION',
134
135
136
137
138
139
            'message'    => "{groupUpdated} : {$body['label']}"
        ]);

        return $response->withStatus(204);
    }

Damien's avatar
Damien committed
140
    public function delete(Request $request, Response $response, array $aArgs)
141
142
143
144
145
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
        }

146
147
148
149
        if (!Validator::intVal()->notEmpty()->validate($aArgs['id'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Id must be an integer']);
        }

150
151
152
153
154
        $group = GroupModel::getById(['id' => $aArgs['id']]);
        if (empty($group)) {
            return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
        }

155
156
157
158
159
        $groupCount = GroupModel::get(['select' => ['count(*) as nb']]);
        if ($groupCount[0]['nb'] == 0) {
            return $response->withStatus(400)->withJson(['errors' => 'This is the last group']);
        }

160
161
162
163
164
165
166
167
        UserGroupModel::delete(['where' => ['group_id = ?'], 'data' => [$aArgs['id']]]);
        GroupPrivilegeModel::delete(['where' => ['group_id = ?'], 'data' => [$aArgs['id']]]);
        GroupModel::delete(['where' => ['id = ?'], 'data' => [$aArgs['id']]]);

        HistoryController::add([
            'code'          => 'OK',
            'objectType'    => 'groups',
            'objectId'      => $aArgs['id'],
Damien's avatar
Damien committed
168
            'type'          => 'SUPPRESSION',
169
170
171
172
173
174
            'message'       => "{groupdeleted} : {$group['label']}"
        ]);

        return $response->withStatus(204);
    }

175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
    public function getGroupPrivilege(Request $request, Response $response, array $args)
    {
        if (!UserGroupModel::hasGroup(['userId' => $GLOBALS['id'], 'groupId' => $args['id']])) {
            return $response->withStatus(403)->withJson(['errors' => 'Current user out of target group']);
        }

        $privilege = GroupPrivilegeModel::getPrivileges([
            'where' => ['group_id = ?', 'privilege = ?'],
            'data'  => [$args['id'], $args['privilegeId']],
            'limit' => 1
        ]);

        if (empty($privilege[0])) {
            return $response->withStatus(400)->withJson(['errors' => 'Privilege not enabled for this group']);
        }

        $privilege = [
            'groupId'    => $privilege[0]['group_id'],
            'privilege'  => $privilege[0]['privilege'],
            'parameters' => json_decode($privilege[0]['parameters'], true)
        ];

        return $response->withJson($privilege);
    }

Damien's avatar
Damien committed
200
    public function updateGroupPrivilege(Request $request, Response $response, array $aArgs)
201
202
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
203
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
204
205
        }

Damien's avatar
Damien committed
206
207
208
209
210
211
212
213
214
        $body = $request->getParsedBody();

        if (empty($body)) {
            return $response->withStatus(400)->withJson(['errors' => 'Body is not set or empty']);
        } elseif (!Validator::stringType()->notEmpty()->validate($aArgs['privilegeId'])) {
            return $response->withStatus(400)->withJson(['errors' => 'privilegeId is empty']);
        } elseif (!Validator::boolType()->validate($body['checked'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Body checked is empty']);
        } elseif (!Validator::intVal()->notEmpty()->validate($aArgs['id'])) {
215
216
217
            return $response->withStatus(400)->withJson(['errors' => 'Id must be an integer']);
        }

218
219
220
221
222
        $group = GroupModel::getById(['id' => $aArgs['id']]);
        if (empty($group)) {
            return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
        }

223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
        $parameters = $body['parameters'] ?? [];
        $parametersJson = empty($parameters) ? '{}' : json_encode($parameters);

        $privilege = GroupPrivilegeModel::getPrivileges([
            'select' => ['parameters'],
            'where' => [
                'privilege = ?',
                'group_id = ?'
            ],
            'data' => [
                $aArgs['privilegeId'],
                $aArgs['id']
            ]
        ]);
        $privilege = $privilege[0] ?? null;

        if ($body['checked'] === true && !empty($privilege) && $privilege['parameters'] == $parametersJson) {
Damien's avatar
Damien committed
240
241
242
243
            return $response->withStatus(400)->withJson(['errors' => 'Privilege is already linked to this group']);
        }

        if ($body['checked']) {
244
245
246
247
248
249
250
            if (!PrivilegeController::canGivePrivilege(['userId' => $GLOBALS['id'], 'groupId' => $aArgs['id'], 'privilegeId' => $aArgs['privilegeId'], 'parameters' => $parameters])) {
                return $response->withStatus(400)->withJson(['errors' => 'Privilege not allowed with these parameters']);
            }
            if (empty($privilege)) {
                GroupPrivilegeModel::addPrivilege(['groupId' => $aArgs['id'], 'privilegeId' => $aArgs['privilegeId']]);
            }
            GroupPrivilegeModel::updateParameters(['groupId' => $aArgs['id'], 'privilegeId' => $aArgs['privilegeId'], 'parameters' => $parametersJson]);
Damien's avatar
Damien committed
251
252
253
254
255
256
257
258
259
260
        } else {
            GroupPrivilegeModel::deletePrivilege(['groupId' => $aArgs['id'], 'privilegeId' => $aArgs['privilegeId']]);
        }

        HistoryController::add([
            'code'       => 'OK',
            'objectType' => 'groups',
            'objectId'   => $aArgs['id'],
            'type'       => 'MODIFICATION',
            'message'    => "{privilegeUpdated} : {$aArgs['privilegeId']}"
261
262
        ]);

Damien's avatar
Damien committed
263
        return $response->withStatus(204);
264
    }
265
266
267
268

    public function addUser(Request $request, Response $response, array $aArgs)
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups']) && !PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_users'])) {
269
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
270
271
        }

272
        $body = $request->getParsedBody();
273
274
        if (!Validator::intVal()->notEmpty()->validate($aArgs['id'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Id must be an integer']);
275
        } elseif (!Validator::intVal()->notEmpty()->validate($body['userId'])) {
276
277
278
279
            return $response->withStatus(400)->withJson(['errors' => 'userId must be an integer']);
        }

        $group = GroupModel::getById(['id' => $aArgs['id']]);
280
        $user  = UserModel::getById(['id' => $body['userId'], 'select' => ['firstname', 'lastname']]);
281
282
283
284
285
        
        if (empty($group)) {
            return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
        } elseif (empty($user)) {
            return $response->withStatus(400)->withJson(['errors' => 'User not found']);
286
        } elseif (UserGroupModel::hasGroup(['groupId' => $aArgs['id'], 'userId' => $body['userId']])) {
287
288
289
290
291
            return $response->withStatus(400)->withJson(['errors' => 'This user already has this group']);
        }

        UserGroupModel::addUser([
            'groupId' => $aArgs['id'],
292
            'userId'  => $body['userId']
293
294
295
296
297
298
        ]);

        HistoryController::add([
            'code'          => 'OK',
            'objectType'    => 'groups',
            'objectId'      => $aArgs['id'],
Damien's avatar
Damien committed
299
            'type'          => 'MODIFICATION',
Damien's avatar
Damien committed
300
            'message'       => "{userAddedToGroup} : {$user['firstname']} {$user['lastname']}"
301
302
303
304
305
        ]);

        HistoryController::add([
            'code'          => 'OK',
            'objectType'    => 'users',
306
            'objectId'      => $body['userId'],
Damien's avatar
Damien committed
307
            'type'          => 'MODIFICATION',
Damien's avatar
Damien committed
308
            'message'       => "{groupAddedToUser} : {$group['label']}"
309
310
311
312
313
314
315
316
        ]);

        return $response->withStatus(204);
    }

    public function removeUser(Request $request, Response $response, array $aArgs)
    {
        if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups']) && !PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_users'])) {
317
            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
        }

        if (!Validator::intVal()->notEmpty()->validate($aArgs['id'])) {
            return $response->withStatus(400)->withJson(['errors' => 'Id must be an integer']);
        } elseif (!Validator::intVal()->notEmpty()->validate($aArgs['userId'])) {
            return $response->withStatus(400)->withJson(['errors' => 'userId must be an integer']);
        }

        $group = GroupModel::getById(['id' => $aArgs['id']]);
        $user  = UserModel::getById(['id' => $aArgs['userId'], 'select' => ['firstname', 'lastname']]);
        
        if (empty($group)) {
            return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
        } elseif (empty($user)) {
            return $response->withStatus(400)->withJson(['errors' => 'User not found']);
        }

        UserGroupModel::removeUser([
            'groupId' => $aArgs['id'],
            'userId'  => $aArgs['userId']
        ]);

        HistoryController::add([
            'code'          => 'OK',
            'objectType'    => 'groups',
            'objectId'      => $aArgs['id'],
Damien's avatar
Damien committed
344
            'type'          => 'MODIFICATION',
345
            'message'       => "{removedFromGroup} : {$user['firstname']} {$user['lastname']}"
346
347
348
349
350
351
        ]);

        HistoryController::add([
            'code'          => 'OK',
            'objectType'    => 'users',
            'objectId'      => $aArgs['userId'],
Damien's avatar
Damien committed
352
            'type'          => 'MODIFICATION',
353
            'message'       => "{removedFromGroup} : {$group['label']}"
354
355
356
357
        ]);

        return $response->withStatus(204);
    }
358
}