From c1cba31d06d5c1aff2231c441f0945d871f39c09 Mon Sep 17 00:00:00 2001 From: Jonathan Treffler Date: Wed, 20 Nov 2024 02:27:31 +0100 Subject: [PATCH] added resource member controller --- appinfo/routes.php | 2 + lib/Controller/ResourceMemberController.php | 92 +++++++++++++++++++++ 2 files changed, 94 insertions(+) create mode 100644 lib/Controller/ResourceMemberController.php diff --git a/appinfo/routes.php b/appinfo/routes.php index c6be018..3e38267 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -8,6 +8,8 @@ return [ ['name' => 'resource#show', 'url' => '/resources/{resourceId}', 'verb' => 'GET'], ['name' => 'resource#create', 'url' => '/resources/{resourceId}', 'verb' => 'POST'], ['name' => 'resource#update', 'url' => '/resources/{resourceId}', 'verb' => 'PUT'], + ['name' => 'resource_member#index', 'url' => '/resources/{resourceId}/members', 'verb' => 'GET'], + ['name' => 'resource_member#create', 'url' => '/resources/{resourceId}/members', 'verb' => 'POST'], ['name' => 'organization#getOrganizationProviders', 'url' => '/organizationProviders', 'verb' => 'GET'], ['name' => 'organization#getOrganization', 'url' => '/organizationProviders/{organizationProviderId}/organizations/{organizationId}', 'verb' => 'GET'], ['name' => 'organization#getSubOrganizations', 'url' => '/organizationProviders/{organizationProviderId}/organizations/{parentOrganizationId}/subOrganizations', 'verb' => 'GET'], diff --git a/lib/Controller/ResourceMemberController.php b/lib/Controller/ResourceMemberController.php new file mode 100644 index 0000000..2e86134 --- /dev/null +++ b/lib/Controller/ResourceMemberController.php @@ -0,0 +1,92 @@ +handleNotFound(function () use ($resourceId) { + $resource = $this->resourceService->find($resourceId); + + $this->denyAccessUnlessGranted(['READ'], $resource); + + return $this->service->findAll($resourceId); + }); + } + + #[NoAdminRequired] + public function create( + int $resourceId, + string|int $permissionLevel, + string|int $principalType, + string $principalId, + ): JSONResponse { + return $this->handleErrors(function () use ($resourceId, $permissionLevel, $principalType, $principalId): ResourceMember { + $resource = $this->resourceService->find($resourceId); + + $this->denyAccessUnlessGranted(['UPDATE_MEMBERS'], $resource); + + $resourceMember = $this->service->create( + resourceId: $resourceId, + permissionLevel: ResourceMemberPermissionLevel::fromNameOrValue($permissionLevel), + principal: new Principal(PrincipalType::fromNameOrValue($principalType), $principalId), + ); + + return $resourceMember; + }); + } + + #[NoAdminRequired] + public function update( + int $id, + string|int $permissionLevel, + ): JSONResponse { + return $this->handleErrors(function () use ($id, $permissionLevel): ResourceMember { + $resourceMember = $this->service->find($id); + + $resource = $this->resourceService->find($resourceMember->getResourceId()); + + $this->denyAccessUnlessGranted(['UPDATE_MEMBERS'], $resource); + + $resourceMember = $this->service->update( + id: $resourceMember->getId(), + permissionLevel: ResourceMemberPermissionLevel::fromNameOrValue($permissionLevel), + ); + + return $resourceMember; + }); + } + + #[NoAdminRequired] + public function destroy(int $id): JSONResponse { + return $this->handleNotFound(function () use ($id): ResourceMember { + $resourceMember = $this->service->find($id); + + $resource = $this->resourceService->find($resourceMember->getResourceId()); + + $this->denyAccessUnlessGranted(['UPDATE_MEMBERS'], $resource); + + return $this->service->delete($resourceMember->getId()); + }); + } +} \ No newline at end of file