Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
12 / 12 |
|
100.00% |
1 / 1 |
CRAP | |
100.00% |
1 / 1 |
| RemoveUserRoleMembershipEndpoint | |
100.00% |
12 / 12 |
|
100.00% |
1 / 1 |
3 | |
100.00% |
1 / 1 |
| handle | |
100.00% |
12 / 12 |
|
100.00% |
1 / 1 |
3 | |||
| 1 | <?php |
| 2 | |
| 3 | namespace Olz\Roles\Endpoints; |
| 4 | |
| 5 | use Olz\Api\OlzRemoveRelationTypedEndpoint; |
| 6 | use PhpTypeScriptApi\HttpError; |
| 7 | |
| 8 | /** |
| 9 | * @phpstan-import-type OlzRoleMembershipIds from UserRoleMembershipEndpointTrait |
| 10 | * |
| 11 | * @extends OlzRemoveRelationTypedEndpoint<OlzRoleMembershipIds> |
| 12 | */ |
| 13 | class RemoveUserRoleMembershipEndpoint extends OlzRemoveRelationTypedEndpoint { |
| 14 | use UserRoleMembershipEndpointTrait; |
| 15 | |
| 16 | protected function handle(mixed $input): mixed { |
| 17 | $role = $this->getRoleEntityById($input['ids']['roleId']); |
| 18 | $user = $this->getUserEntityById($input['ids']['userId']); |
| 19 | |
| 20 | $is_superior = $this->authUtils()->hasRoleEditPermission($input['ids']['roleId']); |
| 21 | $is_owner = $this->entityUtils()->canUpdateOlzEntity($role, null, 'roles'); |
| 22 | if (!$is_superior && !$is_owner) { |
| 23 | throw new HttpError(403, "Kein Zugriff!"); |
| 24 | } |
| 25 | |
| 26 | $role->removeUser($user); |
| 27 | $user->removeRole($role); |
| 28 | $this->entityManager()->persist($role); |
| 29 | $this->entityManager()->persist($user); |
| 30 | $this->entityManager()->flush(); |
| 31 | |
| 32 | return []; |
| 33 | } |
| 34 | } |