Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
94.12% |
32 / 34 |
|
0.00% |
0 / 1 |
CRAP | |
0.00% |
0 / 1 |
| UpdateRoleEndpoint | |
94.12% |
32 / 34 |
|
0.00% |
0 / 1 |
10.02 | |
0.00% |
0 / 1 |
| handle | |
94.12% |
32 / 34 |
|
0.00% |
0 / 1 |
10.02 | |||
| 1 | <?php |
| 2 | |
| 3 | namespace Olz\Roles\Endpoints; |
| 4 | |
| 5 | use Olz\Api\OlzUpdateEntityTypedEndpoint; |
| 6 | use Olz\Entity\Roles\Role; |
| 7 | use Olz\Entity\Users\User; |
| 8 | use PhpTypeScriptApi\Fields\ValidationError; |
| 9 | use PhpTypeScriptApi\HttpError; |
| 10 | |
| 11 | /** |
| 12 | * @phpstan-import-type OlzRoleId from RoleEndpointTrait |
| 13 | * @phpstan-import-type OlzRoleData from RoleEndpointTrait |
| 14 | * |
| 15 | * @extends OlzUpdateEntityTypedEndpoint<OlzRoleId, OlzRoleData> |
| 16 | */ |
| 17 | class UpdateRoleEndpoint extends OlzUpdateEntityTypedEndpoint { |
| 18 | use RoleEndpointTrait; |
| 19 | |
| 20 | protected function handle(mixed $input): mixed { |
| 21 | $user_repo = $this->entityManager()->getRepository(User::class); |
| 22 | $role_repo = $this->entityManager()->getRepository(Role::class); |
| 23 | $entity = $this->getEntityById($input['id']); |
| 24 | |
| 25 | $is_superior = $this->authUtils()->hasRoleEditPermission($input['id']); |
| 26 | $is_owner = $this->entityUtils()->canUpdateOlzEntity($entity, null, 'roles'); |
| 27 | if (!$is_superior && !$is_owner) { |
| 28 | throw new HttpError(403, "Kein Zugriff!"); |
| 29 | } |
| 30 | |
| 31 | // Username validation |
| 32 | $new_username = $input['data']['username']; |
| 33 | $is_username_updated = $new_username !== $entity->getUsername(); |
| 34 | if (!$this->authUtils()->isUsernameAllowed($new_username)) { |
| 35 | throw new ValidationError(['username' => ["Der Benutzername darf nur Buchstaben, Zahlen, und die Zeichen -_. enthalten."]]); |
| 36 | } |
| 37 | if ($is_username_updated && !$this->authUtils()->isUsernameUnique($new_username, $entity)) { |
| 38 | throw new ValidationError(['username' => ["Dieser Benutzername ist bereits vergeben."]]); |
| 39 | } |
| 40 | |
| 41 | // TODO Do this more elegantly? |
| 42 | $old_data = $this->getEntityData($entity); |
| 43 | $this->log()->notice('OLD:', [$old_data]); |
| 44 | |
| 45 | $this->entityUtils()->updateOlzEntity($entity, $input['meta']); |
| 46 | if ($is_username_updated) { |
| 47 | $entity->setOldUsername($entity->getUsername()); |
| 48 | } |
| 49 | $role_repo = $this->entityManager()->getRepository(Role::class); |
| 50 | $parent_role_id = $entity->getParentRoleId(); |
| 51 | $parent_role = $role_repo->findOneBy(['id' => $parent_role_id]); |
| 52 | $is_parent_superior = $this->authUtils()->hasRoleEditPermission($parent_role_id); |
| 53 | $is_parent_owner = $parent_role && $this->entityUtils()->canUpdateOlzEntity($parent_role, null, 'roles'); |
| 54 | if ($is_parent_superior || $is_parent_owner) { |
| 55 | $this->updateEntityWithData($entity, $input['data']); |
| 56 | } else { |
| 57 | $this->updateEntityWithNonParentData($entity, $input['data']); |
| 58 | } |
| 59 | |
| 60 | // TODO Do this more elegantly? |
| 61 | $new_data = $this->getEntityData($entity); |
| 62 | $this->log()->notice('NEW:', [$new_data]); |
| 63 | |
| 64 | $this->entityManager()->persist($entity); |
| 65 | $this->entityManager()->flush(); |
| 66 | $this->persistUploads($entity, $input['data']); |
| 67 | |
| 68 | return [ |
| 69 | 'id' => $entity->getId() ?? 0, |
| 70 | ]; |
| 71 | } |
| 72 | } |