1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
<?php
namespace JsonApi\Routes\Courseware\PeerReview;
use Course;
use Courseware\PeerReviewProcess;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\BadRequestException;
use JsonApi\JsonApiController;
use JsonApi\Routes\Courses\Authority as CoursesAuthority;
use JsonApi\Routes\Courseware\Authority;
use JsonApi\Schemas\Courseware\PeerReviewProcess as ProcessSchema;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use User;
/**
* Displays all visible PeerReviewProcesses.
*
* @SuppressWarnings(PHPMD.LongVariable)
* @SuppressWarnings(PHPMD.StaticAccess)
*/
class ProcessesIndex extends JsonApiController
{
protected $allowedFilteringParameters = ['cid'];
protected $allowedIncludePaths = [
ProcessSchema::REL_COURSE,
ProcessSchema::REL_OWNER,
ProcessSchema::REL_TASK_GROUP,
];
protected $allowedPagingParameters = ['offset', 'limit'];
/**
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*
* @param array $args
*
* @return Response
*/
public function __invoke(Request $request, Response $response, $args)
{
$user = $this->getUser($request);
$filtering = $this->getQueryParameters()->getFilteringParameters() ?: [];
$this->validateFilters($filtering);
$this->authorize($user, $filtering);
$resources = empty($filtering) ? $this->findAllProcesses($user) : $this->filterProcesses($user, $filtering);
return $this->getPaginatedContentResponse(
array_slice($resources, ...$this->getOffsetAndLimit()),
count($resources)
);
}
/**
* @throws BadRequestException
*/
private function validateFilters(array $filtering): void
{
if (isset($filtering['cid']) && !Course::exists($filtering['cid'])) {
throw new BadRequestException('Could not find a course matching this `filter[cid]`.');
}
}
/**
* @throws AuthorizationFailedException
*/
private function authorize(User $user, array $filtering): void
{
if (!Authority::canIndexPeerReviewProcesses($user)) {
throw new AuthorizationFailedException();
}
if (isset($filtering['cid'])) {
if (
!CoursesAuthority::canShowCourse(
$user,
Course::find($filtering['cid']),
CoursesAuthority::SCOPE_EXTENDED
)
) {
throw new AuthorizationFailedException();
}
}
}
private function findAllProcesses(User $user): array
{
return PeerReviewProcess::findByUser($user);
}
private function filterProcesses(User $user, array $filtering): array
{
if (isset($filtering['cid'])) {
/** @var ?\Course $course */
$course = \Course::find($filtering['cid']);
return array_filter(PeerReviewProcess::findByCourse($course), function ($process) use ($user) {
return Authority::canShowPeerReviewProcess($user, $process);
});
}
return [];
}
}
|
