Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 137 |
|
0.00% |
0 / 13 |
CRAP | |
0.00% |
0 / 1 |
| tao_actions_RestResource | |
0.00% |
0 / 137 |
|
0.00% |
0 / 13 |
2550 | |
0.00% |
0 / 1 |
| create | |
0.00% |
0 / 11 |
|
0.00% |
0 / 1 |
30 | |||
| edit | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
30 | |||
| getAll | |
0.00% |
0 / 42 |
|
0.00% |
0 / 1 |
182 | |||
| getRequestParameters | |
0.00% |
0 / 18 |
|
0.00% |
0 / 1 |
42 | |||
| processForm | |
0.00% |
0 / 7 |
|
0.00% |
0 / 1 |
6 | |||
| getForm | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getResourceParameter | |
0.00% |
0 / 6 |
|
0.00% |
0 / 1 |
20 | |||
| getClassParameter | |
0.00% |
0 / 6 |
|
0.00% |
0 / 1 |
20 | |||
| returnValidationFailure | |
0.00% |
0 / 10 |
|
0.00% |
0 / 1 |
12 | |||
| returnFailure | |
0.00% |
0 / 17 |
|
0.00% |
0 / 1 |
12 | |||
| returnSuccess | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
6 | |||
| getResourceService | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getAdvancedLogger | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * This program is free software; you can redistribute it and/or |
| 5 | * modify it under the terms of the GNU General Public License |
| 6 | * as published by the Free Software Foundation; under version 2 |
| 7 | * of the License (non-upgradable). |
| 8 | * |
| 9 | * This program is distributed in the hope that it will be useful, |
| 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | * GNU General Public License for more details. |
| 13 | * |
| 14 | * You should have received a copy of the GNU General Public License |
| 15 | * along with this program; if not, write to the Free Software |
| 16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | * |
| 18 | * Copyright (c) 2017-2018 (original work) Open Assessment Technologies SA; |
| 19 | * |
| 20 | */ |
| 21 | |
| 22 | use oat\generis\model\OntologyAwareTrait; |
| 23 | use oat\oatbox\log\logger\AdvancedLogger; |
| 24 | use oat\oatbox\log\logger\extender\ContextExtenderInterface; |
| 25 | use oat\tao\model\resources\ResourceService; |
| 26 | use oat\oatbox\log\LoggerAwareTrait; |
| 27 | use Psr\Log\LoggerInterface; |
| 28 | |
| 29 | /** |
| 30 | * Class tao_actions_RestResourceController |
| 31 | * |
| 32 | * The rest controller to manage resource APIs |
| 33 | */ |
| 34 | class tao_actions_RestResource extends tao_actions_CommonModule |
| 35 | { |
| 36 | use OntologyAwareTrait; |
| 37 | use LoggerAwareTrait; |
| 38 | |
| 39 | public const CLASS_PARAMETER = 'classUri'; |
| 40 | public const RESOURCE_PARAMETER = 'uri'; |
| 41 | |
| 42 | /** |
| 43 | * Create a resource for class found into http request parameters |
| 44 | * |
| 45 | * If http method is GET, return the form data |
| 46 | * If http method is POST, process form |
| 47 | * |
| 48 | * The POST request has to follow this structure: |
| 49 | * array ( |
| 50 | * 'propertyUri' => 'value', |
| 51 | * 'propertyUri1' => 'value1', |
| 52 | * 'propertyUri2' => 'value2', |
| 53 | * 'propertyUri3' => array( |
| 54 | * 'value', 'value2', |
| 55 | * ) |
| 56 | * ) |
| 57 | * |
| 58 | * @requiresRight classUri WRITE |
| 59 | */ |
| 60 | public function create() |
| 61 | { |
| 62 | if ($this->isRequestGet()) { |
| 63 | try { |
| 64 | $this->returnSuccess($this->getForm($this->getClassParameter())->getData()); |
| 65 | } catch (common_Exception $e) { |
| 66 | $this->returnFailure($e); |
| 67 | } |
| 68 | } elseif ($this->isRequestPost()) { |
| 69 | try { |
| 70 | $this->processForm($this->getClassParameter()); |
| 71 | } catch (common_Exception $e) { |
| 72 | $this->returnFailure($e); |
| 73 | } |
| 74 | } else { |
| 75 | $this->returnFailure( |
| 76 | new common_exception_MethodNotAllowed(__METHOD__ . ' only accepts GET or POST method') |
| 77 | ); |
| 78 | } |
| 79 | } |
| 80 | |
| 81 | /** |
| 82 | * Edit a resource found into http request parameters |
| 83 | * |
| 84 | * If http method is GET, return the form data |
| 85 | * If http method is PUT, process form |
| 86 | * |
| 87 | * The PUT request has to follow this structure: |
| 88 | * array ( |
| 89 | * 'propertyUri' => 'value', |
| 90 | * 'propertyUri1' => 'value1', |
| 91 | * 'propertyUri2' => 'value2', |
| 92 | * 'propertyUri3' => array( |
| 93 | * 'value', 'value2', |
| 94 | * ) |
| 95 | * ) |
| 96 | * |
| 97 | * @requiresRight uri WRITE |
| 98 | */ |
| 99 | public function edit() |
| 100 | { |
| 101 | if ($this->isRequestGet()) { |
| 102 | try { |
| 103 | $this->returnSuccess($this->getForm($this->getResourceParameter())->getData()); |
| 104 | } catch (common_Exception $e) { |
| 105 | $this->returnFailure($e); |
| 106 | } |
| 107 | } |
| 108 | |
| 109 | if ($this->isRequestPost()) { |
| 110 | try { |
| 111 | $this->processForm($this->getResourceParameter()); |
| 112 | } catch (common_Exception $e) { |
| 113 | $this->returnFailure($e); |
| 114 | } |
| 115 | } |
| 116 | |
| 117 | $this->returnFailure(new common_exception_MethodNotAllowed(__METHOD__ . ' only accepts GET or PUT method')); |
| 118 | } |
| 119 | |
| 120 | /** |
| 121 | * Get all resources belonging to a given class. |
| 122 | * The result is paginated and structured based on the given format. |
| 123 | * The result can be filtered, or target a given selection. |
| 124 | * |
| 125 | * @requiresRight classUri READ |
| 126 | */ |
| 127 | public function getAll() |
| 128 | { |
| 129 | if ($this->isRequestGet()) { |
| 130 | try { |
| 131 | $format = $this->getRequestParameter('format'); |
| 132 | $search = $this->hasRequestParameter('search') ? $this->getRawParameter('search') : ''; |
| 133 | $limit = $this->hasRequestParameter('limit') ? $this->getRequestParameter('limit') : 30; |
| 134 | $offset = $this->hasRequestParameter('offset') ? $this->getRequestParameter('offset') : 0; |
| 135 | $selectedUris = []; |
| 136 | |
| 137 | if (! empty($search)) { |
| 138 | $decodedSearch = json_decode($search, true); |
| 139 | if (is_array($decodedSearch) && count($decodedSearch) > 0) { |
| 140 | $search = $decodedSearch; |
| 141 | } |
| 142 | } |
| 143 | if ($this->hasRequestParameter('selectedUri')) { |
| 144 | $selectedUri = $this->getRequestParameter('selectedUri'); |
| 145 | if (!empty($selectedUri)) { |
| 146 | $selectedUris = [$selectedUri]; |
| 147 | } |
| 148 | } |
| 149 | |
| 150 | $class = $this->getClassParameter(); |
| 151 | if ($this->hasRequestParameter('classOnly')) { |
| 152 | $resources = $this->getResourceService()->getClasses( |
| 153 | $class, |
| 154 | $format, |
| 155 | $selectedUris, |
| 156 | $search, |
| 157 | $offset, |
| 158 | $limit |
| 159 | ); |
| 160 | } else { |
| 161 | $resources = $this->getResourceService()->getResources( |
| 162 | $class, |
| 163 | $format, |
| 164 | $selectedUris, |
| 165 | $search, |
| 166 | $offset, |
| 167 | $limit |
| 168 | ); |
| 169 | } |
| 170 | |
| 171 | $user = \common_Session_SessionManager::getSession()->getUser(); |
| 172 | if (isset($resources['nodes'])) { |
| 173 | $permissions = $this->getResourceService()->getResourcesPermissions($user, $resources['nodes']); |
| 174 | } else { |
| 175 | $permissions = $this->getResourceService()->getResourcesPermissions($user, $resources); |
| 176 | } |
| 177 | |
| 178 | $this->returnSuccess([ |
| 179 | 'resources' => $resources, |
| 180 | 'permissions' => $permissions |
| 181 | ]); |
| 182 | } catch (common_Exception $e) { |
| 183 | $this->returnFailure($e); |
| 184 | } |
| 185 | } |
| 186 | } |
| 187 | |
| 188 | /** |
| 189 | * Get the request parameters |
| 190 | * If http method is POST read stream from php://input |
| 191 | * Otherwise call parent method |
| 192 | * |
| 193 | * @return array |
| 194 | */ |
| 195 | public function getRequestParameters() |
| 196 | { |
| 197 | $parameters = []; |
| 198 | |
| 199 | if ($this->isRequestPost()) { |
| 200 | $input = file_get_contents("php://input"); |
| 201 | $arguments = explode('&', $input); |
| 202 | foreach ($arguments as $argument) { |
| 203 | $argumentSplited = explode('=', $argument); |
| 204 | $key = urldecode($argumentSplited[0]); |
| 205 | $value = urldecode($argumentSplited[1]); |
| 206 | // for multiple values |
| 207 | if (strpos($value, ',')) { |
| 208 | $value = explode(',', $value); |
| 209 | } |
| 210 | if (substr($key, -2) == '[]') { |
| 211 | $key = substr($key, 0, strlen($key) - 2); |
| 212 | if (!isset($parameters[$key])) { |
| 213 | $parameters[$key] = []; |
| 214 | } |
| 215 | $parameters[$key][] = $value; |
| 216 | } else { |
| 217 | $parameters[$key] = $value; |
| 218 | } |
| 219 | } |
| 220 | } else { |
| 221 | $parameters = parent::getRequestParameters(); |
| 222 | } |
| 223 | |
| 224 | return $parameters; |
| 225 | } |
| 226 | |
| 227 | /** |
| 228 | * Process the form submission |
| 229 | * Bind the http data to form, validate, and save |
| 230 | * |
| 231 | * @param $instance |
| 232 | */ |
| 233 | protected function processForm($instance) |
| 234 | { |
| 235 | $parameters = $this->getRequestParameters(); |
| 236 | $form = $this->getForm($instance)->bind($parameters); |
| 237 | $report = $form->validate(); |
| 238 | if ($report->containsError()) { |
| 239 | $this->returnValidationFailure($report); |
| 240 | } else { |
| 241 | $resource = $form->save(); |
| 242 | $this->returnSuccess(['uri' => $resource->getUri()]); |
| 243 | } |
| 244 | } |
| 245 | |
| 246 | /** |
| 247 | * Get the form object to manage |
| 248 | * The $instance should be a class for creation or resource in case of edit |
| 249 | * |
| 250 | * @param $instance |
| 251 | * @return tao_actions_form_RestForm |
| 252 | */ |
| 253 | protected function getForm($instance) |
| 254 | { |
| 255 | return new \tao_actions_form_RestForm($instance); |
| 256 | } |
| 257 | |
| 258 | /** |
| 259 | * Extract the resource from http request |
| 260 | * The parameter 'uri' must exists and be a valid uri |
| 261 | * |
| 262 | * @return core_kernel_classes_Resource |
| 263 | * @throws common_exception_MissingParameter |
| 264 | */ |
| 265 | protected function getResourceParameter() |
| 266 | { |
| 267 | if (! $this->hasRequestParameter(self::RESOURCE_PARAMETER)) { |
| 268 | throw new \common_exception_MissingParameter(self::RESOURCE_PARAMETER, __CLASS__); |
| 269 | } |
| 270 | |
| 271 | $uri = $this->getRequestParameter(self::RESOURCE_PARAMETER); |
| 272 | if (empty($uri) || !common_Utils::isUri($uri)) { |
| 273 | throw new \common_exception_MissingParameter(self::RESOURCE_PARAMETER, __CLASS__); |
| 274 | } |
| 275 | |
| 276 | return $this->getResource($uri); |
| 277 | } |
| 278 | |
| 279 | /** |
| 280 | * Extract the class from http request |
| 281 | * The parameter 'classUri' must exists and be a valid uri |
| 282 | * |
| 283 | * @return core_kernel_classes_Class |
| 284 | * @throws common_exception_MissingParameter |
| 285 | */ |
| 286 | protected function getClassParameter() |
| 287 | { |
| 288 | if (! $this->hasRequestParameter(self::CLASS_PARAMETER)) { |
| 289 | throw new \common_exception_MissingParameter(self::CLASS_PARAMETER, __CLASS__); |
| 290 | } |
| 291 | |
| 292 | $uri = $this->getRequestParameter(self::CLASS_PARAMETER); |
| 293 | if (empty($uri) || !common_Utils::isUri($uri)) { |
| 294 | throw new \common_exception_MissingParameter(self::CLASS_PARAMETER, __CLASS__); |
| 295 | } |
| 296 | |
| 297 | return $this->getClass($uri); |
| 298 | } |
| 299 | |
| 300 | /** |
| 301 | * Transform a report to http response with 422 code and report error messages |
| 302 | * |
| 303 | * @param common_report_Report $report |
| 304 | * @param bool $withMessage |
| 305 | */ |
| 306 | protected function returnValidationFailure(common_report_Report $report, $withMessage = true) |
| 307 | { |
| 308 | $data = ['data' => []]; |
| 309 | /** @var common_report_Report $error */ |
| 310 | foreach ($report->getErrors() as $error) { |
| 311 | $data['data'][$error->getData()] = $error->getMessage(); |
| 312 | } |
| 313 | |
| 314 | if ($withMessage) { |
| 315 | $data['success'] = false; |
| 316 | $data['errorCode'] = 400; |
| 317 | $data['errorMsg'] = 'Some fields are invalid'; |
| 318 | $data['version'] = TAO_VERSION; |
| 319 | } |
| 320 | |
| 321 | $this->returnJson($data, 400); |
| 322 | exit(0); |
| 323 | } |
| 324 | |
| 325 | /** |
| 326 | * Return an error reponse following the given exception |
| 327 | * An exception handler manages http code, avoid to use returnJson to add unneeded header |
| 328 | * |
| 329 | * @param Exception $exception |
| 330 | * @param bool $withMessage |
| 331 | */ |
| 332 | protected function returnFailure(Exception $exception, $withMessage = true) |
| 333 | { |
| 334 | $this->getAdvancedLogger()->error( |
| 335 | $exception->getMessage(), |
| 336 | [ |
| 337 | ContextExtenderInterface::CONTEXT_EXCEPTION => $exception |
| 338 | ] |
| 339 | ); |
| 340 | |
| 341 | $data = []; |
| 342 | if ($withMessage) { |
| 343 | $data['success'] = false; |
| 344 | $data['errorCode'] = 500; |
| 345 | $data['version'] = TAO_VERSION; |
| 346 | if ($exception instanceof common_exception_UserReadableException) { |
| 347 | $data['errorMsg'] = $exception->getUserMessage(); |
| 348 | } else { |
| 349 | $this->logWarning(__CLASS__ . ' : ' . $exception->getMessage()); |
| 350 | $data['errorMsg'] = __('Unexpected error. Please contact administrator'); |
| 351 | } |
| 352 | } |
| 353 | |
| 354 | $this->returnJson($data, 500); |
| 355 | exit(0); |
| 356 | } |
| 357 | |
| 358 | /** |
| 359 | * Return a successful http response |
| 360 | * |
| 361 | * @param array $rawData |
| 362 | * @param bool $withMessage |
| 363 | */ |
| 364 | protected function returnSuccess($rawData = [], $withMessage = true) |
| 365 | { |
| 366 | $data = []; |
| 367 | if ($withMessage) { |
| 368 | $data['success'] = true; |
| 369 | $data['data'] = $rawData; |
| 370 | $data['version'] = TAO_VERSION; |
| 371 | } else { |
| 372 | $data = $rawData; |
| 373 | } |
| 374 | |
| 375 | $this->returnJson($data); |
| 376 | // exit(0); |
| 377 | } |
| 378 | |
| 379 | /** |
| 380 | * Get the resource service |
| 381 | * @return ResourceService |
| 382 | */ |
| 383 | protected function getResourceService() |
| 384 | { |
| 385 | return $this->getServiceLocator()->get(ResourceService::SERVICE_ID); |
| 386 | } |
| 387 | |
| 388 | private function getAdvancedLogger(): LoggerInterface |
| 389 | { |
| 390 | return $this->getPsrContainer()->get(AdvancedLogger::class); |
| 391 | } |
| 392 | } |