Fixed edit speaker profile permissions
Change-Id: Id75d77c5809b313fede84afbc02c4cbb4495f6a0
This commit is contained in:
smarcet
parent
b3e2549e1d
commit
271408adb9
@ -766,6 +766,14 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
|
|||||||
if (!Request::isJson()) return $this->error400();
|
if (!Request::isJson()) return $this->error400();
|
||||||
$data = Input::json();
|
$data = Input::json();
|
||||||
|
|
||||||
|
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
|
||||||
|
if (is_null($current_member_id))
|
||||||
|
return $this->error403();
|
||||||
|
|
||||||
|
$creator = $this->member_repository->getById($current_member_id);
|
||||||
|
if (is_null($creator))
|
||||||
|
return $this->error403();
|
||||||
|
|
||||||
$rules = [
|
$rules = [
|
||||||
'title' => 'required|string|max:100',
|
'title' => 'required|string|max:100',
|
||||||
'first_name' => 'required|string|max:100',
|
'first_name' => 'required|string|max:100',
|
||||||
@ -810,7 +818,7 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
|
|||||||
'notes'
|
'notes'
|
||||||
];
|
];
|
||||||
|
|
||||||
$speaker = $this->service->addSpeaker(HTMLCleaner::cleanData($data->all(), $fields));
|
$speaker = $this->service->addSpeaker(HTMLCleaner::cleanData($data->all(), $fields), $creator);
|
||||||
|
|
||||||
return $this->created(SerializerRegistry::getInstance()->getSerializer($speaker, SerializerRegistry::SerializerType_Private)->serialize());
|
return $this->created(SerializerRegistry::getInstance()->getSerializer($speaker, SerializerRegistry::SerializerType_Private)->serialize());
|
||||||
} catch (ValidationException $ex1) {
|
} catch (ValidationException $ex1) {
|
||||||
@ -1215,7 +1223,6 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $speaker_id
|
* @param $speaker_id
|
||||||
* @param $hash
|
* @param $hash
|
||||||
|
|||||||
@ -1634,6 +1634,7 @@ SQL;
|
|||||||
*/
|
*/
|
||||||
public function canBeEditedBy(Member $member):bool{
|
public function canBeEditedBy(Member $member):bool{
|
||||||
if($member->isAdmin()) return true;
|
if($member->isAdmin()) return true;
|
||||||
|
if($this->getMemberId() == $member->getId()) return true;
|
||||||
$criteria = Criteria::create();
|
$criteria = Criteria::create();
|
||||||
$criteria
|
$criteria
|
||||||
->where(Criteria::expr()->eq('requested_by', $member))
|
->where(Criteria::expr()->eq('requested_by', $member))
|
||||||
|
|||||||
@ -153,7 +153,6 @@ class SpeakerEditPermissionRequest extends SilverstripeBaseModel
|
|||||||
return md5($token);
|
return md5($token);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public function approve():void{
|
public function approve():void{
|
||||||
$this->approved = true;
|
$this->approved = true;
|
||||||
$this->approved_date = new \DateTime('now', new \DateTimeZone('UTC'));
|
$this->approved_date = new \DateTime('now', new \DateTimeZone('UTC'));
|
||||||
|
|||||||
@ -16,6 +16,7 @@ use models\exceptions\EntityNotFoundException;
|
|||||||
use models\exceptions\ValidationException;
|
use models\exceptions\ValidationException;
|
||||||
use models\main\EmailCreationRequest;
|
use models\main\EmailCreationRequest;
|
||||||
use models\main\File;
|
use models\main\File;
|
||||||
|
use models\main\Member;
|
||||||
use models\summit\PresentationSpeaker;
|
use models\summit\PresentationSpeaker;
|
||||||
use models\summit\PresentationSpeakerSummitAssistanceConfirmationRequest;
|
use models\summit\PresentationSpeakerSummitAssistanceConfirmationRequest;
|
||||||
use models\summit\SpeakerSummitRegistrationPromoCode;
|
use models\summit\SpeakerSummitRegistrationPromoCode;
|
||||||
@ -37,10 +38,11 @@ interface ISpeakerService
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $data
|
* @param array $data
|
||||||
|
* @param null|Member $creator
|
||||||
* @return PresentationSpeaker
|
* @return PresentationSpeaker
|
||||||
* @throws ValidationException
|
* @throws ValidationException
|
||||||
*/
|
*/
|
||||||
public function addSpeaker(array $data);
|
public function addSpeaker(array $data, ?Member $creator = null);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Summit $summit
|
* @param Summit $summit
|
||||||
|
|||||||
@ -35,6 +35,7 @@ use models\main\EmailCreationRequest;
|
|||||||
use models\main\File;
|
use models\main\File;
|
||||||
use models\main\IEmailCreationRequestRepository;
|
use models\main\IEmailCreationRequestRepository;
|
||||||
use models\main\IMemberRepository;
|
use models\main\IMemberRepository;
|
||||||
|
use models\main\Member;
|
||||||
use models\main\MemberPromoCodeEmailCreationRequest;
|
use models\main\MemberPromoCodeEmailCreationRequest;
|
||||||
use models\main\SpeakerCreationEmailCreationRequest;
|
use models\main\SpeakerCreationEmailCreationRequest;
|
||||||
use models\main\SpeakerSelectionAnnouncementEmailCreationRequest;
|
use models\main\SpeakerSelectionAnnouncementEmailCreationRequest;
|
||||||
@ -170,13 +171,14 @@ final class SpeakerService
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $data
|
* @param array $data
|
||||||
* @throws ValidationException
|
* @param null|Member $creator
|
||||||
* @return PresentationSpeaker
|
* @return PresentationSpeaker
|
||||||
|
* @throws ValidationException
|
||||||
*/
|
*/
|
||||||
public function addSpeaker(array $data)
|
public function addSpeaker(array $data, ?Member $creator = null)
|
||||||
{
|
{
|
||||||
|
|
||||||
return $this->tx_service->transaction(function () use ($data) {
|
return $this->tx_service->transaction(function () use ($data, $creator) {
|
||||||
|
|
||||||
$speaker = new PresentationSpeaker();
|
$speaker = new PresentationSpeaker();
|
||||||
$speaker->setCreatedFromApi(true);
|
$speaker->setCreatedFromApi(true);
|
||||||
@ -236,6 +238,12 @@ final class SpeakerService
|
|||||||
$email_request->setSpeaker($speaker);
|
$email_request->setSpeaker($speaker);
|
||||||
$this->email_creation_request_repository->add($email_request);
|
$this->email_creation_request_repository->add($email_request);
|
||||||
|
|
||||||
|
if(!is_null($creator)){
|
||||||
|
// create edit permission for creator
|
||||||
|
$request = SpeakerEditPermissionRequestFactory::build($speaker, $creator);
|
||||||
|
$request->approve();
|
||||||
|
$this->speaker_edit_permisssion_repository->add($request);
|
||||||
|
}
|
||||||
return $speaker;
|
return $speaker;
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@ -1087,6 +1095,13 @@ final class SpeakerService
|
|||||||
|
|
||||||
$request = $this->speaker_edit_permisssion_repository->getBySpeakerAndRequestor($speaker, $requestor);
|
$request = $this->speaker_edit_permisssion_repository->getBySpeakerAndRequestor($speaker, $requestor);
|
||||||
|
|
||||||
|
if(is_null($request) && $speaker->canBeEditedBy($requestor)){
|
||||||
|
$request = SpeakerEditPermissionRequestFactory::build($speaker, $requestor);
|
||||||
|
$request->approve();
|
||||||
|
$this->speaker_edit_permisssion_repository->add($request);
|
||||||
|
return $request;
|
||||||
|
}
|
||||||
|
|
||||||
if(is_null($request))
|
if(is_null($request))
|
||||||
throw new EntityNotFoundException();
|
throw new EntityNotFoundException();
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user