AVSDev/sprinkle-organisations
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Added capability to merge organisations

Browse Source 
- Added an interface for organisation
- Added beforeDelete and beforeMerge callbacks
- Added hard/soft delete to organisations
This commit is contained in:
Craig Williams
2022-02-07 16:20:30 +00:00
parent b6edcf03e8
commit 28255e315a
11 changed files with 536 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
src/Controller/OrganisationController.php
View File

@@ -298,6 +298,110 @@ class OrganisationController extends SimpleController
return $response->withJson([], 200);
}
/**
* Processes the request to merge two organisations.
*
* Processes the request from the merge organisation form, checking that:
* 1. The source organisation slug exists;
* 2. The target organisation slug exists;
* 3. The user has permission to merge organisations;
* 4. The submitted data is valid.
* This route requires authentication (and should generally be limited to admins or the root user).
*
* Request type: POST
*
* @see getModalMerge
*
* @param Request $request
* @param Response $response
* @param array $args
*
* @throws ForbiddenException If user is not authorized to access page
*/
public function merge(Request $request, Response $response, $args)
{
// Get POST parameters
$params = $request->getParsedBody();
// Load the request schema
$schema = new RequestSchema('schema://requests/organisation/merge.yaml');
// Whitelist and set parameter defaults
$transformer = new RequestDataTransformer($schema);
$data = $transformer->transform($params);
// Validate, and throw exception on validation errors.
$validator = new ServerSideValidator($schema, $this->ci->translator);
if (!$validator->validate($data)) {
$e = new BadRequestException();
foreach ($validator->errors() as $idx => $field) {
foreach ($field as $eidx => $error) {
$e->addUserMessage($error);
}
}
throw $e;
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// Get the organisations
$source = $classMapper->getClassMapping('organisation')::where('slug', $data['source_slug'])->first();
$target = $classMapper->getClassMapping('organisation')::where('slug', $data['target_slug'])->first();
// If a organisation doesn't exist, return 404
if (!$source || !$target) {
throw new BadRequestException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'merge_organisation')) {
throw new ForbiddenException();
}
/** @var \UserFrosting\Support\Repository\Repository $config */
$config = $this->ci->config;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
$sourceName = $source->name;
// Begin transaction - DB will be rolled back if an exception occurs
Capsule::transaction(function () use ($source, $sourceName, $target, $currentUser) {
$this->ci->get('organisation.beforeMerge')($source, $target);
$source->beforeMerge($target, ['currentUser' => $currentUser]);
$source->delete();
unset($source);
// Create activity record
$this->ci->userActivityLogger->info("User {$currentUser->user_name} merged organisation {$sourceName} into {$target->name}.", [
'type' => 'organisation_merge',
'user_id' => $currentUser->id,
]);
});
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$ms->addMessageTranslated('success', 'ORGANISATION.MERGE_SUCCESSFUL', [
'source' => $sourceName,
'target' => $target->name,
]);
return $response->withJson([], 200);
}
/**
* Processes the request to delete an existing organisation.
*
@@ -589,7 +693,70 @@ class OrganisationController extends SimpleController
],
]);
}
/**
* Renders the modal form for merging two organisations.
*
* This does NOT render a complete page. Instead, it renders the HTML for the modal, which can be embedded in other pages.
* This page requires authentication.
*
* Request type: GET
*
* @param Request $request
* @param Response $response
* @param array $args
*
* @throws ForbiddenException If user is not authorized to access page
*/
public function getModalMerge(Request $request, Response $response, $args)
{
// GET parameters
$params = $request->getQueryParams();
$organisation = $this->getOrganisationFromParams($params);
// If the organisation doesn't exist, return 404
if (!$organisation) {
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\I18n\Translator $translator */
$translator = $this->ci->translator;
// Access-controlled resource - check that currentUser has permission to merge organisations.
if (!$authorizer->checkAccess($currentUser, 'organisation_merge')) {
throw new ForbiddenException();
}
// Load validation rules
$schema = new RequestSchema('schema://requests/organisation/merge.yaml');
$validator = new JqueryValidationAdapter($schema, $translator);
$otherOrganisations = $classMapper->getClassMapping('organisation')::where('id', '!=', $organisation->id)->get();
return $this->ci->view->render($response, 'modals/organisation-merge.html.twig', [
'organisation' => $organisation,
'other_organisations' => $otherOrganisations,
'form' => [
'action' => "api/organisations/o/{$organisation->slug}/merge",
'method' => 'POST',
'submit_text' => $translator->translate('MERGE'),
],
'page' => [
'validators' => $validator->rules('json', false),
],
]);
}
/**
* Renders a page displaying a organisation's information, in read-only mode.