AVSDev/sprinkle-organisations
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Revamped the organisation approvals process & refactored some files

Browse Source
This commit is contained in:
Craig Williams
2022-02-15 15:26:56 +00:00
parent e029728d69
commit cd8a16f4a8
10 changed files with 643 additions and 668 deletions
Download Patch File Download Diff File Expand all files Collapse all files

353
src/Controller/OrganisationController.php
View File

@@ -50,22 +50,26 @@ class OrganisationController extends SimpleController
*/
public function create(Request $request, Response $response, $args)
{
// Get POST parameters: name, slug, icon, description
$params = $request->getParsedBody();
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'create_organisation')) {
throw new ForbiddenException();
}
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
// Get POST parameters: name, slug, icon, description
$params = $request->getParsedBody();
// Load the request schema
$schema = new RequestSchema('schema://requests/organisation/create.yaml');
@@ -83,9 +87,6 @@ class OrganisationController extends SimpleController
$error = true;
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// Check if name or slug already exists
if ($classMapper->getClassMapping('organisation')::findUnique($data['name'], 'name')) {
$ms->addMessageTranslated('danger', 'ORGANISATION.NAME.IN_USE', $data);
@@ -102,6 +103,7 @@ class OrganisationController extends SimpleController
}
$data['flag_approved'] = 1;
$data['registrant_id'] = $currentUser->id;
// All checks passed! log events/activities and create organisation
// Begin transaction - DB will be rolled back if an exception occurs
@@ -139,6 +141,13 @@ class OrganisationController extends SimpleController
*/
public function getInfo(Request $request, Response $response, array $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
$organisation = $this->getOrganisationFromParams($args);
// If the organisation doesn't exist, return 404
@@ -146,21 +155,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// Join organisation's most recent activity
$organisation = $classMapper->createInstance('organisation')
->where('slug', $organisation->slug)
->joinMemberCounts()
->first();
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'uri_organisation', [
'organisation' => $organisation,
@@ -168,10 +162,11 @@ class OrganisationController extends SimpleController
throw new ForbiddenException();
}
// Join organisation's member counts
$organisation = $organisation->joinMemberCounts()->first();
$result = $organisation->toArray();
// Be careful how you consume this data - it has not been escaped and contains untrusted user-supplied content.
// For example, if you plan to insert it into an HTML DOM, you must escape it on the client side (or use client-side templating).
return $response->withJson($result, 200, JSON_PRETTY_PRINT);
}
@@ -197,6 +192,19 @@ class OrganisationController extends SimpleController
*/
public function update(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
// Get the organisation based on slug in URL
$organisation = $this->getOrganisationFromParams($args);
@@ -207,9 +215,6 @@ class OrganisationController extends SimpleController
// Get PUT parameters: (name, slug, icon, description)
$params = $request->getParsedBody();
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
// Load the request schema
$schema = new RequestSchema('schema://requests/organisation/edit-info.yaml');
@@ -232,12 +237,6 @@ class OrganisationController extends SimpleController
$fieldNames[] = $name;
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled resource - check that currentUser has permission to edit submitted fields for this organisation
if (!$authorizer->checkAccess($currentUser, 'update_organisation_field', [
'organisation' => $organisation,
@@ -246,14 +245,11 @@ class OrganisationController extends SimpleController
throw new ForbiddenException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// Check if name or slug already exists
if (
isset($data['name']) &&
$data['name'] != $organisation->name &&
$classMapper->getClassMapping('organisation')::where('name', $data['name'])->first()
$classMapper->getClassMapping('organisation')::findUnique($data['name'], 'name')
) {
$ms->addMessageTranslated('danger', 'ORGANISATION.NAME.IN_USE', $data);
$error = true;
@@ -262,7 +258,7 @@ class OrganisationController extends SimpleController
if (
isset($data['slug']) &&
$data['slug'] != $organisation->slug &&
$classMapper->getClassMapping('organisation')::where('slug', $data['slug'])->first()
$classMapper->getClassMapping('organisation')::findUnique($data['slug'], 'slug')
) {
$ms->addMessageTranslated('danger', 'ORGANISATION.SLUG.IN_USE', $data);
$error = true;
@@ -319,6 +315,24 @@ class OrganisationController extends SimpleController
*/
public function merge(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'merge_organisations')) {
throw new ForbiddenException();
}
// Get POST parameters
$params = $request->getParsedBody();
@@ -329,53 +343,26 @@ class OrganisationController extends SimpleController
$transformer = new RequestDataTransformer($schema);
$data = $transformer->transform($params);
// Validate, and throw exception on validation errors.
// Validate, and return bad request on validation errors.
$validator = new ServerSideValidator($schema, $this->ci->translator);
if (!$validator->validate($data)) {
$e = new BadRequestException();
foreach ($validator->errors() as $idx => $field) {
foreach ($field as $eidx => $error) {
$e->addUserMessage($error);
}
}
throw $e;
$ms->addValidationErrors($validator);
return $response->withJson([], 400);
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// Get the organisations
$source = $classMapper->getClassMapping('organisation')::where('slug', $data['source_slug'])->first();
$target = $classMapper->getClassMapping('organisation')::where('slug', $data['target_slug'])->first();
$source = $classMapper->getClassMapping('organisation')::findUnique($data['source_slug'], 'slug', false);
$target = $classMapper->getClassMapping('organisation')::findUnique($data['target_slug'], 'slug', false);
// If a organisation doesn't exist, return 404
if (!$source || !$target) {
throw new BadRequestException();
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'merge_organisations')) {
throw new ForbiddenException();
}
/** @var \UserFrosting\Support\Repository\Repository $config */
$config = $this->ci->config;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
$sourceName = $source->name;
// Begin transaction - DB will be rolled back if an exception occurs
Capsule::transaction(function () use ($source, $sourceName, $target, $currentUser) {
Capsule::transaction(function () use ($source, $target, $currentUser) {
$sourceName = $source->name;
$this->ci->get('organisation.beforeMerge')($source, $target);
$source->beforeMerge($target, ['currentUser' => $currentUser]);
@@ -390,9 +377,6 @@ class OrganisationController extends SimpleController
]);
});
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$ms->addMessageTranslated('success', 'ORGANISATION.MERGE_SUCCESSFUL', [
'source' => $sourceName,
'target' => $target->name,
@@ -423,6 +407,16 @@ class OrganisationController extends SimpleController
*/
public function delete(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$organisation = $this->getOrganisationFromParams($args);
// If the organisation doesn't exist, return 404
@@ -430,12 +424,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'delete_organisation', [
'organisation' => $organisation,
@@ -443,16 +431,11 @@ class OrganisationController extends SimpleController
throw new ForbiddenException();
}
/** @var \UserFrosting\Support\Repository\Repository $config */
$config = $this->ci->config;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
$organisationName = $organisation->name;
// Begin transaction - DB will be rolled back if an exception occurs
Capsule::transaction(function () use ($organisation, $organisationName, $currentUser) {
Capsule::transaction(function () use ($organisation, $currentUser) {
$organisationName = $organisation->name;
// Delete the organisation (soft)
$organisation->delete();
unset($organisation);
@@ -463,9 +446,6 @@ class OrganisationController extends SimpleController
]);
});
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$ms->addMessageTranslated('success', 'ORGANISATION.DELETION_SUCCESSFUL', [
'name' => $organisationName,
]);
@@ -495,6 +475,16 @@ class OrganisationController extends SimpleController
*/
public function deletePermenent(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$organisation = $this->getOrganisationFromParams($args, true);
// If the organisation doesn't exist, return 404
@@ -502,12 +492,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'permenent_delete_organisation', [
'organisation' => $organisation,
@@ -515,16 +499,11 @@ class OrganisationController extends SimpleController
throw new ForbiddenException();
}
/** @var \UserFrosting\Support\Repository\Repository $config */
$config = $this->ci->config;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
$organisationName = $organisation->name;
// Begin transaction - DB will be rolled back if an exception occurs
Capsule::transaction(function () use ($organisation, $organisationName, $currentUser) {
// Delete the organisation (HARD)
$organisation->delete(true);
unset($organisation);
@@ -535,9 +514,6 @@ class OrganisationController extends SimpleController
]);
});
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$ms->addMessageTranslated('success', 'ORGANISATION.PERMENENT_DELETION_SUCCESSFUL', [
'name' => $organisationName,
]);
@@ -565,6 +541,16 @@ class OrganisationController extends SimpleController
*/
public function restore(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$organisation = $this->getOrganisationFromParams($args, true);
// If the organisation doesn't exist, return 404
@@ -572,12 +558,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'restore_organisation', [
'organisation' => $organisation,
@@ -585,16 +565,10 @@ class OrganisationController extends SimpleController
throw new ForbiddenException();
}
/** @var \UserFrosting\Support\Repository\Repository $config */
$config = $this->ci->config;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// Begin transaction - DB will be rolled back if an exception occurs
Capsule::transaction(function () use ($organisation, $currentUser) {
if (!$organisation->flag_approved) {
$verification = $this->ci->repoOrganisationApproval->revert($organisation);
$this->ci->repoOrganisationApproval->revert($organisation);
}
$organisation->restore();
@@ -606,9 +580,6 @@ class OrganisationController extends SimpleController
]);
});
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
$ms->addMessageTranslated('success', 'ORGANISATION.RESTORE_SUCCESSFUL', [
'name' => $organisation->name,
]);
@@ -633,22 +604,23 @@ class OrganisationController extends SimpleController
*/
public function getList(Request $request, Response $response, $args)
{
// GET parameters
$params = $request->getQueryParams();
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'uri_organisations')) {
throw new ForbiddenException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// GET parameters
$params = $request->getQueryParams();
$params['ci'] = $this->ci;
@@ -682,22 +654,23 @@ class OrganisationController extends SimpleController
*/
public function getListDeleted(Request $request, Response $response, $args)
{
// GET parameters
$params = $request->getQueryParams();
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'uri_deleted_organisations')) {
throw new ForbiddenException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// GET parameters
$params = $request->getQueryParams();
$sprunje = $classMapper->createInstance('organisation_sprunje', $classMapper, $params);
$sprunje->extendQuery(function ($query) use ($user) {
@@ -722,6 +695,16 @@ class OrganisationController extends SimpleController
*/
public function getModalConfirmDelete(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// GET parameters
$params = $request->getQueryParams();
@@ -732,12 +715,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'delete_organisation', [
'organisation' => $organisation,
@@ -745,9 +722,6 @@ class OrganisationController extends SimpleController
throw new ForbiddenException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
return $this->ci->view->render($response, 'modals/confirm-delete-organisation.html.twig', [
'organisation' => $organisation,
'form' => [
@@ -769,6 +743,16 @@ class OrganisationController extends SimpleController
*/
public function getModalConfirmPermenentDelete(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// GET parameters
$params = $request->getQueryParams();
@@ -779,12 +763,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'permenent_delete_organisation', [
'organisation' => $organisation,
@@ -792,9 +770,6 @@ class OrganisationController extends SimpleController
throw new ForbiddenException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
return $this->ci->view->render($response, 'modals/confirm-permenent-delete-organisation.html.twig', [
'organisation' => $organisation,
'form' => [
@@ -822,20 +797,21 @@ class OrganisationController extends SimpleController
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\I18n\Translator $translator */
$translator = $this->ci->translator;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'create_organisation')) {
throw new ForbiddenException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
// Create a dummy organisation to prepopulate fields
$organisation = $classMapper->createInstance('organisation', []);
@@ -880,6 +856,16 @@ class OrganisationController extends SimpleController
*/
public function getModalEdit(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\I18n\Translator $translator */
$translator = $this->ci->translator;
// GET parameters
$params = $request->getQueryParams();
@@ -890,18 +876,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\I18n\Translator $translator */
$translator = $this->ci->translator;
// Access-controlled resource - check that currentUser has permission to edit basic fields "name", "slug", "description" for this organisation
$fieldNames = ['name', 'slug', 'description'];
if (!$authorizer->checkAccess($currentUser, 'update_organisation_field', [
@@ -955,6 +929,19 @@ class OrganisationController extends SimpleController
*/
public function getModalMerge(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\I18n\Translator $translator */
$translator = $this->ci->translator;
// GET parameters
$params = $request->getQueryParams();
@@ -965,18 +952,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
/** @var \UserFrosting\I18n\Translator $translator */
$translator = $this->ci->translator;
// Access-controlled resource - check that currentUser has permission to merge organisations.
if (!$authorizer->checkAccess($currentUser, 'merge_organisations')) {
throw new ForbiddenException();
@@ -1020,7 +995,13 @@ class OrganisationController extends SimpleController
* @throws ForbiddenException If user is not authorized to access page
*/
public function pageInfo(Request $request, Response $response, $args)
{
{ /** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
$organisation = $this->getOrganisationFromParams($args);
// If the organisation no longer exists, forward to main organisation listing page
@@ -1028,12 +1009,6 @@ class OrganisationController extends SimpleController
throw new NotFoundException();
}
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
if (!$authorizer->checkAccess($currentUser, 'uri_organisation', [
'organisation' => $organisation,