1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
<?php
namespace JsonApi\Routes\News;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\InternalServerError;
use JsonApi\Errors\RecordNotFoundException;
use JsonApi\JsonApiController;
use JsonApi\Routes\ValidationTrait;
use JsonApi\Schemas\StudipNews as NewsSchema;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
/**
* Edits content of a news.
*/
class NewsUpdate extends JsonApiController
{
use StudipNewsDatesHelper, ValidationTrait;
/**
* @SuppressWarnings(PHPMD.UnusedFormalParameters)
*/
public function __invoke(Request $request, Response $response, $args)
{
if (!$news = \StudipNews::find($args['id'])) {
throw new RecordNotFoundException();
}
$json = $this->validate($request, $news);
if (!Authority::canEditNews($user = $this->getUser($request), $news)) {
throw new AuthorizationFailedException();
}
if (!$news = $this->updateNewsFromJSON($user, $news, $json)) {
throw new InternalServerError('Could not update news.');
}
return $this->getContentResponse($news);
}
protected function updateNewsFromJSON($user, $news, array $json)
{
$getField = function ($key, $default = null) use ($json) {
return self::arrayGet($json, 'data.attributes.'.$key, $default);
};
if (self::arrayHas($json, 'data.attributes.title')) {
$news->topic = $getField('title');
}
if (self::arrayHas($json, 'data.attributes.content')) {
$content = $getField('content');
if (method_exists(\Studip\Markup::class, 'purifyHtml')) {
$content = \Studip\Markup::purifyHtml($content);
}
$news->body = $content;
}
if (self::arrayHas($json, 'data.attributes.comments-allowed')) {
$commentsAllowed = $getField('comments-allowed');
$news->allow_comments = (bool) $commentsAllowed;
}
list($news->date, $news->expire) = self::convertTimestampsToDateExpire(
$getField('publication-start'),
$getField('publication-end')
);
$news->user_id = $user->id;
$news->author = get_fullname($user->id, 'full', false);
$news->store();
return $news;
}
protected function validateResourceDocument($json, $data)
{
if (NewsSchema::TYPE !== self::arrayGet($json, 'data.type')) {
return 'Missing or wrong type.';
}
if (self::arrayHas($json, 'data.attributes.title')) {
$title = self::arrayGet($json, 'data.attributes.title');
if (!mb_strlen(trim($title))) {
return 'The attribute `title` must not be empty.';
}
}
if (self::arrayHas($json, 'data.attributes.content')) {
$content = self::arrayGet($json, 'data.attributes.content');
if (!mb_strlen(trim($content))) {
return 'The attribute `content` must not be empty.';
}
}
if (self::arrayHas($json, 'data.attributes.comments-allowed')) {
$comments = self::arrayGet($json, 'data.attributes.comments-allowed');
if (!is_bool($comments)) {
return 'The attribute `comments` must be of type boolean.';
}
}
if ($error = $this->checkNewsDates($json)) {
return $error;
}
}
}
|
