14 namespace Fossology\UI\Api\Controllers;
27 use Psr\Http\Message\ServerRequestInterface;
44 public function getGroups($request, $response, $args)
46 $userDao = $this->restHelper->getUserDao();
49 $groups = $userDao->getAdminGroupMap($this->restHelper->getUserId(),
Auth::PERM_ADMIN);
51 $groups = $userDao->getUserGroupMap($this->restHelper->getUserId());
54 foreach ($groups as $key => $value) {
55 $groupObject =
new Group($key,$value);
56 $groupList[] = $groupObject->getArray();
58 return $response->withJson($groupList, 200);
72 $groupName = $request->getHeaderLine(
"name");
73 if (empty($request->getHeaderLine(
"name"))) {
76 $userDao = $this->restHelper->getUserDao();
77 $groupId = $userDao->addGroup($groupName);
78 $userDao->addGroupMembership($groupId, $this->restHelper->getUserId());
79 $returnVal =
new Info(200,
"Group $groupName added.", InfoType::INFO);
80 return $response->withJson($returnVal->getArray(), $returnVal->getCode());
92 public function deleteGroup($request, $response, $args)
94 if (empty($args[
'id'])) {
97 $userId = $this->restHelper->getUserId();
100 $userDao = $this->restHelper->getUserDao();
101 $groupMap = $userDao->getDeletableAdminGroupMap($userId,
103 $groupId = intval($args[
'id']);
105 if (!$this->dbHelper->doesIdExist(
"groups",
"group_pk", $groupId)) {
106 throw new HttpNotFoundException(
"Group id not found!");
109 $userDao->deleteGroup($groupId);
110 $returnVal =
new Info(202,
"User Group will be deleted", InfoType::INFO);
111 unset($groupMap[$groupId]);
112 }
catch (\Exception $e) {
113 throw new HttpBadRequestException($e->getMessage(), $e);
115 return $response->withJson($returnVal->getArray(), $returnVal->getCode());
127 public function deleteGroupMember($request, $response, $args)
129 $dbManager = $this->dbHelper->getDbManager();
131 $group_pk = intval($args[
'id']);
132 $user_pk = intval($args[
'userId']);
135 $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
136 $this->restHelper->getUserId(), $group_pk);
138 if (!$this->dbHelper->doesIdExist(
"groups",
"group_pk", $group_pk)) {
139 throw new HttpNotFoundException(
"Group id not found!");
141 if (!$this->dbHelper->doesIdExist(
"users",
"user_pk", $user_pk)) {
142 throw new HttpNotFoundException(
"User id not found!");
144 if (! $userIsAdmin && ! $userHasGroupAccess) {
145 throw new HttpForbiddenException(
"Not advisor or admin of the group. " .
146 "Can not process request.");
148 $fetchResult = $dbManager->getSingleRow(
149 "SELECT group_user_member_pk FROM group_user_member " .
150 "WHERE group_fk=$1 AND user_fk=$2", [$group_pk, $user_pk],
151 __METHOD__ .
".getByGroupAndUser");
152 if (empty($fetchResult)) {
153 throw new HttpNotFoundException(
"Not a member!");
155 $group_user_member_pk = $fetchResult[
'group_user_member_pk'];
157 $adminGroupUsers = $this->restHelper->getPlugin(
'group_manage_users');
158 $adminGroupUsers->updateGUMPermission($group_user_member_pk, -1,$dbManager);
159 $returnVal =
new Info(200,
"User will be removed from group.", InfoType::INFO);
160 return $response->withJson($returnVal->getArray(), $returnVal->getCode());
173 $userId = $this->restHelper->getUserId();
175 $userDao = $this->restHelper->getUserDao();
176 $groupMap = $userDao->getDeletableAdminGroupMap($userId,
179 $groupList = array();
180 foreach ($groupMap as $key => $value) {
181 $groupObject =
new Group($key, $value);
182 $groupList[] = $groupObject->getArray();
184 return $response->withJson($groupList, 200);
198 $userId = $this->restHelper->getUserId();
199 $userDao = $this->restHelper->getUserDao();
200 $groupMap = $userDao->getAdminGroupMap($userId, $_SESSION[
Auth::USER_LEVEL]);
202 if (empty($groupMap)) {
207 $groupId = intval($args[
'id']);
210 $dbManager = $this->dbHelper->getDbManager();
212 $stmt = __METHOD__ .
"getUsersWithGroup";
213 $dbManager->prepare($stmt,
"SELECT user_pk, group_perm
214 FROM users INNER JOIN group_user_member gum ON gum.user_fk=users.user_pk AND gum.group_fk=$1;");
216 $result = $dbManager->execute($stmt, array($groupId));
217 $usersWithGroup = $dbManager->fetchAll($result);
220 $memberList = array();
221 foreach ($usersWithGroup as $record) {
222 $user = $this->dbHelper->getUsers($record[
'user_pk']);
223 $userGroupMember =
new UserGroupMember($user[0],$record[
"group_perm"]);
224 $memberList[] = $userGroupMember->getArray();
226 $dbManager->freeResult($result);
228 return $response->withJson($memberList, 200);
243 $dbManager = $this->dbHelper->getDbManager();
247 $group_pk = intval($args[
'id']);
248 $newuser = intval($args[
'userId']);
249 $newperm = intval($body[
'perm']);
252 $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
253 $this->restHelper->getUserId(), $group_pk);
255 if (!isset($newperm)) {
258 if (!$this->dbHelper->doesIdExist(
"groups",
"group_pk", $group_pk)) {
261 if (!$this->dbHelper->doesIdExist(
"users",
"user_pk", $newuser)) {
264 if ($newperm < 0 || $newperm > 2) {
267 if (! $userIsAdmin && ! $userHasGroupAccess) {
269 "Can not process request.");
271 $stmt = __METHOD__ .
".getByGroupAndUser";
272 $sql =
"SELECT group_user_member_pk FROM group_user_member WHERE group_fk=$1 AND user_fk=$2;";
273 $fetchResult = $dbManager->getSingleRow($sql, [$group_pk, $newuser], $stmt);
276 if (!empty($fetchResult)) {
279 $dbManager->prepare($stmt = __METHOD__ .
".insertGUP",
280 "INSERT INTO group_user_member (group_fk, user_fk, group_perm) VALUES ($1,$2,$3)");
281 $dbManager->freeResult(
282 $dbManager->execute($stmt, array($group_pk, $newuser, $newperm)));
284 $returnVal =
new Info(200,
"User will be added to group.", InfoType::INFO);
285 return $response->withJson($returnVal->getArray(), $returnVal->getCode());
297 public function changeUserPermission($request, $response, $args)
300 $dbManager = $this->dbHelper->getDbManager();
301 $user_pk = intval($args[
'userId']);
303 $group_pk = intval($args[
'id']);
305 $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
306 $this->restHelper->getUserId(), $group_pk);
310 if (!isset($newperm)) {
313 if (!$this->dbHelper->doesIdExist(
"groups",
"group_pk", $group_pk)) {
314 throw new HttpNotFoundException(
"Group id not found!");
316 if (!$this->dbHelper->doesIdExist(
"users",
"user_pk", $user_pk)) {
317 throw new HttpNotFoundException(
"User id not found!");
320 throw new HttpBadRequestException(
"Permission can not be negative");
323 throw new HttpBadRequestException(
"Permission can not be greater than 2");
325 if (! $userIsAdmin && ! $userHasGroupAccess) {
326 throw new HttpForbiddenException(
"Not advisor or admin of the group. " .
327 "Can not process request.");
332 $group_user_member_pk = $dbManager->getSingleRow(
"SELECT group_user_member_pk FROM group_user_member WHERE group_fk=$1 AND user_fk=$2",
333 [$group_pk, $user_pk],
334 __METHOD__ .
".getByGroupAndUser")[
'group_user_member_pk'];
336 if (empty($group_user_member_pk)) {
337 throw new HttpNotFoundException(
"User not part of the group");
340 $adminGroupUsers = $this->restHelper->getPlugin(
'group_manage_users');
341 $adminGroupUsers->updateGUMPermission($group_user_member_pk, $newperm,$dbManager);
342 $info =
new Info(202,
"Permission updated successfully.", InfoType::INFO);
343 return $response->withJson($info->getArray(), $info->getCode());
Contains the constants and helpers for authentication of user.
static isAdmin()
Check if user is admin.
Controller for Group model.
createGroup($request, $response, $args)
getGroups($request, $response, $args)
getDeletableGroups($request, $response, $args)
getGroupMembers($request, $response, $args)
addMember($request, $response, $args)
Base controller for REST calls.
getParsedBody(ServerRequestInterface $request)
Parse request body as JSON and return associative PHP array.
Override Slim response for withJson function.
Different type of infos provided by REST.
Info model to contain general error and return values.