Commit daf048f1 authored by Quentin Ribac's avatar Quentin Ribac
Browse files

FEAT #17436 TIME 0:30 removed GroupController::getGroupPrivilege() route in...

FEAT #17436 TIME 0:30 removed GroupController::getGroupPrivilege() route in favor of GroupController::getById()
parent 568f6ce7
......@@ -112,7 +112,6 @@ $app->get('/groups/{id}', \Group\controllers\GroupController::class . ':getById'
$app->delete('/groups/{id}', \Group\controllers\GroupController::class . ':delete');
$app->put('/groups/{id}', \Group\controllers\GroupController::class . ':update');
$app->put('/groups/{id}/privilege/{privilegeId}', \Group\controllers\GroupController::class . ':updateGroupPrivilege');
$app->get('/groups/{id}/privilege/{privilegeId}', \Group\controllers\GroupController::class . ':getGroupPrivilege');
$app->put('/groups/{id}/users', \Group\controllers\GroupController::class . ':addUser');
$app->delete('/groups/{id}/users/{userId}', \Group\controllers\GroupController::class . ':removeUser');
......
......@@ -57,13 +57,20 @@ class GroupController
'select' => ['users.id', 'users.firstname', 'users.lastname']
]);
$groupPrivileges = GroupPrivilegeModel::getPrivilegesByGroupId(['groupId' => $args['id']]);
$groupPrivileges = array_column($groupPrivileges, 'privilege');
$groupPrivileges = GroupPrivilegeModel::getPrivilegesByGroupId([
'select' => ['privilege', 'parameters'],
'groupId' => $args['id']
]);
$groupPrivileges = array_column($groupPrivileges, 'parameters', 'privilege');
$groupPrivileges = array_map(function ($parameters) {
return json_decode($parameters, 'true');
}, $groupPrivileges);
$aPrivileges = PrivilegeController::PRIVILEGES;
foreach ($aPrivileges as $key => $value) {
if (in_array($value['id'], $groupPrivileges)) {
if (array_key_exists($value['id'], $groupPrivileges)) {
$aPrivileges[$key]['checked'] = true;
$aPrivileges[$key]['parameters'] = $groupPrivileges[$value['id']];
} else {
$aPrivileges[$key]['checked'] = false;
}
......@@ -173,40 +180,6 @@ class GroupController
return $response->withStatus(204);
}
public function getGroupPrivilege(Request $request, Response $response, array $args)
{
if (!Validator::intVal()->notEmpty()->validate($args['id'])) {
return $response->withStatus(400)->withJson(['errors' => 'Route id in not an integer']);
}
if (!Validator::stringType()->notEmpty()->validate($args['privilegeId'])) {
return $response->withStatus(400)->withJson(['errors' => 'Route privilegeId is empty or not a string']);
}
$hasGroup = UserGroupModel::hasGroup(['userId' => $GLOBALS['id'], 'groupId' => $args['id']]);
$hasRight = PrivilegeController::hasRightByPrivilege(['userId' => $GLOBALS['id'], 'groupId' => $args['id'], 'privilegeId' => $args['privilegeId'], 'readOnly' => true]);
if (!$hasGroup && !$hasRight) {
return $response->withStatus(403)->withJson(['errors' => 'Current user cannot see this privilege']);
}
$privilege = GroupPrivilegeModel::getPrivileges([
'where' => ['group_id = ?', 'privilege = ?'],
'data' => [$args['id'], $args['privilegeId']],
'limit' => 1
]);
if (empty($privilege[0])) {
return $response->withStatus(400)->withJson(['errors' => 'Privilege not enabled for this group']);
}
$privilege = [
'groupId' => $privilege[0]['group_id'],
'privilege' => $privilege[0]['privilege'],
'parameters' => json_decode($privilege[0]['parameters'], true)
];
return $response->withJson($privilege);
}
public function updateGroupPrivilege(Request $request, Response $response, array $args)
{
if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment