Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 62 |
|
0.00% |
0 / 14 |
CRAP | |
0.00% |
0 / 1 |
| SharedStimulus | |
0.00% |
0 / 62 |
|
0.00% |
0 / 14 |
462 | |
0.00% |
0 / 1 |
| create | |
0.00% |
0 / 13 |
|
0.00% |
0 / 1 |
6 | |||
| get | |
0.00% |
0 / 13 |
|
0.00% |
0 / 1 |
6 | |||
| patch | |
0.00% |
0 / 15 |
|
0.00% |
0 / 1 |
6 | |||
| renderSharedStimulus | |
0.00% |
0 / 5 |
|
0.00% |
0 / 1 |
6 | |||
| getPreviewPermission | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
| getResponseFormatter | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getCommandFactory | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getQueryFactory | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getCreateService | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getPatchService | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getSharedStimulusRepository | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getSharedStimulusAttributesParser | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| validateWritePermission | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
6 | |||
| validateReadPermission | |
0.00% |
0 / 4 |
|
0.00% |
0 / 1 |
6 | |||
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * This program is free software; you can redistribute it and/or |
| 5 | * modify it under the terms of the GNU General Public License |
| 6 | * as published by the Free Software Foundation; under version 2 |
| 7 | * of the License (non-upgradable). |
| 8 | * |
| 9 | * This program is distributed in the hope that it will be useful, |
| 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | * GNU General Public License for more details. |
| 13 | * |
| 14 | * You should have received a copy of the GNU General Public License |
| 15 | * along with this program; if not, write to the Free Software |
| 16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | * |
| 18 | * Copyright (c) 2020-2021 (original work) Open Assessment Technologies SA; |
| 19 | * |
| 20 | */ |
| 21 | |
| 22 | declare(strict_types=1); |
| 23 | |
| 24 | namespace oat\taoMediaManager\controller; |
| 25 | |
| 26 | use common_session_SessionManager; |
| 27 | use oat\oatbox\log\LoggerAwareTrait; |
| 28 | use oat\tao\model\accessControl\data\DataAccessControl; |
| 29 | use oat\tao\model\http\formatter\ResponseFormatter; |
| 30 | use oat\tao\model\http\response\ErrorJsonResponse; |
| 31 | use oat\tao\model\http\response\SuccessJsonResponse; |
| 32 | use oat\tao\model\resources\ResourceAccessDeniedException; |
| 33 | use oat\taoMediaManager\model\sharedStimulus\factory\CommandFactory; |
| 34 | use oat\taoMediaManager\model\sharedStimulus\factory\QueryFactory; |
| 35 | use oat\taoMediaManager\model\sharedStimulus\parser\JsonQtiAttributeParser; |
| 36 | use oat\taoMediaManager\model\sharedStimulus\repository\SharedStimulusRepository; |
| 37 | use oat\taoMediaManager\model\sharedStimulus\service\CreateService; |
| 38 | use oat\taoMediaManager\model\sharedStimulus\SharedStimulus as SharedStimulusObject; |
| 39 | use oat\taoMediaManager\model\sharedStimulus\service\PatchService; |
| 40 | use tao_actions_SaSModule; |
| 41 | use Throwable; |
| 42 | |
| 43 | class SharedStimulus extends tao_actions_SaSModule |
| 44 | { |
| 45 | use LoggerAwareTrait; |
| 46 | |
| 47 | private const PERMISSION_READ = 'READ'; |
| 48 | |
| 49 | /** |
| 50 | * @requiresRight classUri WRITE |
| 51 | */ |
| 52 | public function create(): void |
| 53 | { |
| 54 | $formatter = $this->getResponseFormatter() |
| 55 | ->withJsonHeader(); |
| 56 | |
| 57 | try { |
| 58 | $command = $this->getCommandFactory() |
| 59 | ->makeCreateCommandByRequest($this->getPsrRequest()); |
| 60 | |
| 61 | $this->validateWritePermission($command->getClassId()); |
| 62 | |
| 63 | $sharedStimulus = $this->getCreateService() |
| 64 | ->create($command); |
| 65 | |
| 66 | $this->renderSharedStimulus($formatter, $sharedStimulus); |
| 67 | } catch (Throwable $exception) { |
| 68 | $this->logError(sprintf('Error creating Shared Stimulus: %s', $exception->getMessage())); |
| 69 | |
| 70 | $formatter->withStatusCode(400) |
| 71 | ->withBody(new ErrorJsonResponse($exception->getCode(), $exception->getMessage())); |
| 72 | } |
| 73 | |
| 74 | $this->setResponse($formatter->format($this->getPsrResponse())); |
| 75 | } |
| 76 | |
| 77 | /** |
| 78 | * @requiresRight id READ |
| 79 | */ |
| 80 | public function get(): void |
| 81 | { |
| 82 | $formatter = $this->getResponseFormatter() |
| 83 | ->withJsonHeader(); |
| 84 | |
| 85 | try { |
| 86 | $command = $this->getQueryFactory() |
| 87 | ->makeFindQueryByRequest($this->getPsrRequest()); |
| 88 | |
| 89 | $this->validateReadPermission($command->getId()); |
| 90 | |
| 91 | $sharedStimulus = $this->getSharedStimulusRepository() |
| 92 | ->find($command); |
| 93 | |
| 94 | $this->renderSharedStimulus($formatter, $sharedStimulus); |
| 95 | } catch (Throwable $exception) { |
| 96 | $this->logError(sprintf('Error retrieving Shared Stimulus: %s', $exception->getMessage())); |
| 97 | |
| 98 | $formatter->withStatusCode(400) |
| 99 | ->withBody(new ErrorJsonResponse($exception->getCode(), $exception->getMessage())); |
| 100 | } |
| 101 | |
| 102 | $this->setResponse($formatter->format($this->getPsrResponse())); |
| 103 | } |
| 104 | |
| 105 | /** |
| 106 | * @requiresRight id WRITE |
| 107 | */ |
| 108 | public function patch(): void |
| 109 | { |
| 110 | $formatter = $this->getResponseFormatter() |
| 111 | ->withJsonHeader(); |
| 112 | |
| 113 | try { |
| 114 | $request = $this->getPsrRequest(); |
| 115 | |
| 116 | $user = common_session_SessionManager::getSession()->getUser(); |
| 117 | $id = $request->getQueryParams()['id']; |
| 118 | $body = json_decode((string)$request->getBody(), true)['body']; |
| 119 | |
| 120 | $this->validateWritePermission($id); |
| 121 | |
| 122 | $command = $this->getCommandFactory()->makePatchCommand($id, $body, $user); |
| 123 | |
| 124 | $this->getPatchService()->patch($command); |
| 125 | |
| 126 | $formatter->withBody(new SuccessJsonResponse([])); |
| 127 | } catch (Throwable $exception) { |
| 128 | $this->logError(sprintf('Error Updating Shared Stimulus: %s', $exception->getMessage())); |
| 129 | |
| 130 | $formatter->withStatusCode(400) |
| 131 | ->withBody(new ErrorJsonResponse($exception->getCode(), $exception->getMessage())); |
| 132 | } |
| 133 | |
| 134 | $this->setResponse($formatter->format($this->getPsrResponse())); |
| 135 | } |
| 136 | |
| 137 | private function renderSharedStimulus(ResponseFormatter $formatter, SharedStimulusObject $sharedStimulus): void |
| 138 | { |
| 139 | $data = $sharedStimulus->jsonSerialize(); |
| 140 | if (isset($data['body'])) { |
| 141 | $data['body'] = $this->getSharedStimulusAttributesParser()->parse($sharedStimulus); |
| 142 | } |
| 143 | $data['permissions'] = $this->getPreviewPermission(); |
| 144 | $formatter->withBody(new SuccessJsonResponse($data)); |
| 145 | } |
| 146 | |
| 147 | private function getPreviewPermission(): array |
| 148 | { |
| 149 | if ($this->hasAccess(MediaManager::class, 'getFile')) { |
| 150 | return [self::PERMISSION_READ]; |
| 151 | } |
| 152 | return []; |
| 153 | } |
| 154 | |
| 155 | private function getResponseFormatter(): ResponseFormatter |
| 156 | { |
| 157 | return $this->getServiceLocator()->get(ResponseFormatter::class); |
| 158 | } |
| 159 | |
| 160 | private function getCommandFactory(): CommandFactory |
| 161 | { |
| 162 | return $this->getServiceLocator()->get(CommandFactory::class); |
| 163 | } |
| 164 | |
| 165 | private function getQueryFactory(): QueryFactory |
| 166 | { |
| 167 | return $this->getServiceLocator()->get(QueryFactory::class); |
| 168 | } |
| 169 | |
| 170 | private function getCreateService(): CreateService |
| 171 | { |
| 172 | return $this->getServiceLocator()->get(CreateService::class); |
| 173 | } |
| 174 | |
| 175 | private function getPatchService(): PatchService |
| 176 | { |
| 177 | return $this->getServiceLocator()->get(PatchService::class); |
| 178 | } |
| 179 | |
| 180 | private function getSharedStimulusRepository(): SharedStimulusRepository |
| 181 | { |
| 182 | return $this->getServiceLocator()->get(SharedStimulusRepository::class); |
| 183 | } |
| 184 | |
| 185 | private function getSharedStimulusAttributesParser(): JsonQtiAttributeParser |
| 186 | { |
| 187 | return $this->getServiceLocator()->get(JsonQtiAttributeParser::class); |
| 188 | } |
| 189 | |
| 190 | private function validateWritePermission(string $resourceId): void |
| 191 | { |
| 192 | if (!$this->hasWriteAccess($resourceId)) { |
| 193 | throw new ResourceAccessDeniedException($resourceId); |
| 194 | } |
| 195 | } |
| 196 | |
| 197 | private function validateReadPermission(string $resourceId): void |
| 198 | { |
| 199 | $user = $this->getSession()->getUser(); |
| 200 | |
| 201 | $hasReadAccess = (new DataAccessControl())->hasPrivileges($user, [$resourceId => 'READ']); |
| 202 | |
| 203 | if (!$hasReadAccess) { |
| 204 | throw new ResourceAccessDeniedException($resourceId); |
| 205 | } |
| 206 | } |
| 207 | } |