Delete organisation functionality

2022-02-04 11:42:43 +00:00
parent f850e4cace
commit 2cf2777494
9 changed files with 251 additions and 4 deletions
--- a/src/Controller/OrganisationController.php
+++ b/src/Controller/OrganisationController.php
@@ -16,7 +16,7 @@ use UserFrosting\Fortress\Adapter\JqueryValidationAdapter;
 use UserFrosting\Fortress\RequestDataTransformer;
 use UserFrosting\Fortress\RequestSchema;
 use UserFrosting\Fortress\ServerSideValidator;
-use UserFrosting\Sprinkle\Account\Database\Models\Group;
+use UserFrosting\Sprinkle\Organisations\Database\Models\Organisation;
 use UserFrosting\Sprinkle\Core\Controller\SimpleController;
 use UserFrosting\Support\Exception\BadRequestException;
 use UserFrosting\Support\Exception\ForbiddenException;
@@ -125,6 +125,78 @@ class OrganisationController extends SimpleController
        return $response->withJson([], 200);
    }

+    /**
+     * Processes the request to delete an existing organisation.
+     *
+     * Deletes the specified organisation.
+     * Organisations with members will retain the membership information.
+     * Before doing so, checks that:
+     * 1. The user has permission to delete this organisation;
+     * 2. The submitted data is valid.
+     * This route requires authentication (and should generally be limited to admins or the root user).
+     *
+     * Request type: DELETE
+     *
+     * @param Request  $request
+     * @param Response $response
+     * @param array    $args
+     *
+     * @throws NotFoundException   If organisation is not found
+     * @throws ForbiddenException  If user is not authorized to access page
+     * @throws BadRequestException
+     */
+    public function delete(Request $request, Response $response, $args)
+    {
+        $organisation = $this->getOrganisationFromParams($args);
+
+        // If the organisation doesn't exist, return 404
+        if (!$organisation) {
+            throw new NotFoundException();
+        }
+
+        /** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
+        $authorizer = $this->ci->authorizer;
+
+        /** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
+        $currentUser = $this->ci->currentUser;
+
+        // Access-controlled page
+        if (!$authorizer->checkAccess($currentUser, 'delete_organisation', [
+            'organisation' => $organisation,
+        ])) {
+            throw new ForbiddenException();
+        }
+
+        /** @var \UserFrosting\Support\Repository\Repository $config */
+        $config = $this->ci->config;
+
+        /** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
+        $classMapper = $this->ci->classMapper;
+
+        $organisationName = $organisation->name;
+
+        // Begin transaction - DB will be rolled back if an exception occurs
+        Capsule::transaction(function () use ($organisation, $organisationName, $currentUser) {
+            $organisation->delete();
+            unset($organisation);
+
+            // Create activity record
+            $this->ci->userActivityLogger->info("User {$currentUser->user_name} deleted organisation {$organisationName}.", [
+                'type'    => 'organisation_delete',
+                'user_id' => $currentUser->id,
+            ]);
+        });
+
+        /** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
+        $ms = $this->ci->alerts;
+
+        $ms->addMessageTranslated('success', 'ORGANISATION.DELETION_SUCCESSFUL', [
+            'name' => $organisationName,
+        ]);
+
+        return $response->withJson([], 200);
+    }
+
    /**
     * Returns a list of Organisations.
     *
@@ -165,6 +237,53 @@ class OrganisationController extends SimpleController
        return $sprunje->toResponse($response);
    }

+    /**
+     * Get deletion confirmation modal.
+     *
+     * @param Request  $request
+     * @param Response $response
+     * @param array    $args
+     *
+     * @throws NotFoundException   If organisation is not found
+     * @throws ForbiddenException  If user is not authorized to access page
+     * @throws BadRequestException
+     */
+    public function getModalConfirmDelete(Request $request, Response $response, $args)
+    {
+        // GET parameters
+        $params = $request->getQueryParams();
+
+        $organisation = $this->getOrganisationFromParams($params);
+
+        // If the organisation no longer exists, forward to main organisation listing page
+        if (!$organisation) {
+            throw new NotFoundException();
+        }
+
+        /** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
+        $authorizer = $this->ci->authorizer;
+
+        /** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
+        $currentUser = $this->ci->currentUser;
+
+        // Access-controlled page
+        if (!$authorizer->checkAccess($currentUser, 'delete_organisation', [
+            'organisation' => $organisation,
+        ])) {
+            throw new ForbiddenException();
+        }
+
+        /** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
+        $classMapper = $this->ci->classMapper;
+
+        return $this->ci->view->render($response, 'modals/confirm-delete-organisation.html.twig', [
+            'organisation' => $organisation,
+            'form'  => [
+                'action' => "api/organisations/o/{$organisation->slug}",
+            ],
+        ]);
+    }
+
    /**
     * Renders the modal form for creating a new organisation.
     *
@@ -228,7 +347,7 @@ class OrganisationController extends SimpleController
    /**
     * Renders the organisation listing page.
     *
-     * This page renders a table of groups, with dropdown menus for admin actions for each organisation.
+     * This page renders a table of organisations, with dropdown menus for admin actions for each organisation.
     * Actions typically include: edit organisation, delete organisation.
     * This page requires authentication.
     *
@@ -255,4 +374,46 @@ class OrganisationController extends SimpleController

        return $this->ci->view->render($response, 'pages/organisations.html.twig');
    }
+
+    /**
+     * Get organisation from params.
+     *
+     * @param array $params
+     *
+     * @throws BadRequestException
+     *
+     * @return Organisation
+     */
+    protected function getOrganisationFromParams($params)
+    {
+        // Load the request schema
+        $schema = new RequestSchema('schema://requests/organisation/get-by-slug.yaml');
+
+        // Whitelist and set parameter defaults
+        $transformer = new RequestDataTransformer($schema);
+        $data = $transformer->transform($params);
+
+        // Validate, and throw exception on validation errors.
+        $validator = new ServerSideValidator($schema, $this->ci->translator);
+        if (!$validator->validate($data)) {
+            // TODO: encapsulate the communication of error messages from ServerSideValidator to the BadRequestException
+            $e = new BadRequestException();
+            foreach ($validator->errors() as $idx => $field) {
+                foreach ($field as $eidx => $error) {
+                    $e->addUserMessage($error);
+                }
+            }
+
+            throw $e;
+        }
+
+        /** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
+        $classMapper = $this->ci->classMapper;
+
+        // Get the organisation
+        $organisation = $classMapper->getClassMapping('organisation')::where('slug', $data['slug'])
+            ->first();
+
+        return $organisation;
+    }
 }
--- a/src/Database/Seeds/OrganisationPermissions.php
+++ b/src/Database/Seeds/OrganisationPermissions.php
@@ -49,6 +49,12 @@ class OrganisationPermissions extends BaseSeed
                'conditions'  => 'always()',
                'description' => 'Create a new organisation.',
            ]),
+            'delete_organisation' => new Permission([
+                'slug'        => 'delete_organisation',
+                'name'        => 'Delete organisation',
+                'conditions'  => 'always()',
+                'description' => 'Delete an organisation.',
+            ]),
            'uri_organisations' => new Permission([
                'slug'        => 'uri_organisations',
                'name'        => 'Organisation management page',
@@ -91,6 +97,7 @@ class OrganisationPermissions extends BaseSeed
        if ($roleSiteAdmin) {
            $roleSiteAdmin->permissions()->sync([
                $permissions['create_organisation'],
+                $permissions['delete_organisation'],
                $permissions['uri_organisations'],
            ], false);
        }