Fixed CFP endpoints
* fixed delete presentation * fixed scopes issues Change-Id: I141f144de11d459c1743e90bdd628c8900b6afe9
This commit is contained in:
Sebastian Marcet
parent
b75c54bb2a
commit
8fc781dc69
Libs/ModelSerializers
app
Http
ModelSerializers
Models/Foundation/Summit/Events/Presentations
Services/Model
tests
@ -14,6 +14,7 @@
|
||||
**/
|
||||
|
||||
use libs\utils\JsonUtils;
|
||||
use models\oauth2\IResourceServerContext;
|
||||
use models\utils\IEntity;
|
||||
|
||||
/**
|
||||
@ -27,13 +28,19 @@ abstract class AbstractSerializer implements IModelSerializer
|
||||
*/
|
||||
protected $object;
|
||||
|
||||
/**
|
||||
* @var IResourceServerContext
|
||||
*/
|
||||
protected $resource_server_context;
|
||||
|
||||
/**
|
||||
* AbstractSerializer constructor.
|
||||
* @param $object
|
||||
* @param IResourceServerContext $resource_server_context
|
||||
*/
|
||||
public function __construct($object){
|
||||
public function __construct($object, IResourceServerContext $resource_server_context){
|
||||
$this->object = $object;
|
||||
|
||||
$this->resource_server_context = $resource_server_context;
|
||||
}
|
||||
|
||||
protected static $array_mappings = [];
|
||||
@ -52,7 +59,7 @@ abstract class AbstractSerializer implements IModelSerializer
|
||||
|
||||
foreach($hierarchy as $class_name){
|
||||
if($class_name === 'Libs\ModelSerializers\AbstractSerializer') continue;
|
||||
$class = new $class_name($this->object);
|
||||
$class = new $class_name($this->object, $this->resource_server_context);
|
||||
$mappings = array_merge($mappings, $class->getSelfAllowedFields());
|
||||
}
|
||||
$mappings = array_merge($mappings, $this->getSelfAllowedFields());
|
||||
@ -73,7 +80,7 @@ abstract class AbstractSerializer implements IModelSerializer
|
||||
|
||||
foreach($hierarchy as $class_name){
|
||||
if($class_name === 'Libs\ModelSerializers\AbstractSerializer') continue;
|
||||
$class = new $class_name($this->object);
|
||||
$class = new $class_name($this->object, $this->resource_server_context);
|
||||
$mappings = array_merge($mappings, $class->getSelfAllowedRelations());
|
||||
}
|
||||
$mappings = array_merge($mappings, $this->getSelfAllowedRelations());
|
||||
@ -94,7 +101,7 @@ abstract class AbstractSerializer implements IModelSerializer
|
||||
|
||||
foreach($hierarchy as $class_name){
|
||||
if($class_name === 'Libs\ModelSerializers\AbstractSerializer') continue;
|
||||
$class = new $class_name($this->object);
|
||||
$class = new $class_name($this->object, $this->resource_server_context);
|
||||
$mappings = array_merge($mappings, $class->getSelfMappings());
|
||||
}
|
||||
$mappings = array_merge($mappings, $this->getSelfMappings());
|
||||
|
||||
@ -20,6 +20,7 @@ interface IModelSerializer
|
||||
* @param array $relations
|
||||
* @param array $params
|
||||
* @return array
|
||||
* @throw HTTP403ForbiddenException
|
||||
*/
|
||||
public function serialize($expand = null, array $fields = array(), array $relations = array(), array $params = array() );
|
||||
}
|
||||
@ -11,6 +11,7 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
**/
|
||||
use App\Http\Exceptions\HTTP403ForbiddenException;
|
||||
use Exception;
|
||||
use Illuminate\Support\Facades\Input;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
@ -175,7 +176,12 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
|
||||
if (is_null($summit)) return $this->error404();
|
||||
$serializer_type = $this->serializer_type_selector->getSerializerType();
|
||||
return $this->ok(SerializerRegistry::getInstance()->getSerializer($summit, $serializer_type)->serialize($expand));
|
||||
} catch (Exception $ex) {
|
||||
}
|
||||
catch(HTTP403ForbiddenException $ex1){
|
||||
Log::warning($ex1);
|
||||
return $this->error403();
|
||||
}
|
||||
catch (Exception $ex) {
|
||||
Log::error($ex);
|
||||
return $this->error500($ex);
|
||||
}
|
||||
|
||||
23
app/Http/Exceptions/HTTP403ForbiddenException.php
Normal file
23
app/Http/Exceptions/HTTP403ForbiddenException.php
Normal file
@ -0,0 +1,23 @@
|
||||
<?php namespace App\Http\Exceptions;
|
||||
|
||||
/**
|
||||
* Copyright 2018 OpenStack Foundation
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
**/
|
||||
use Exception;
|
||||
/**
|
||||
* Class HTTP403ForbiddenException
|
||||
* @package App\Http\Exceptions
|
||||
*/
|
||||
final class HTTP403ForbiddenException extends Exception
|
||||
{
|
||||
|
||||
}
|
||||
@ -549,8 +549,7 @@ Route::group([
|
||||
// track tag groups
|
||||
Route::group(['prefix' => 'track-tag-groups'], function(){
|
||||
|
||||
Route::get('', [ 'middleware' => 'auth.user:administrators|summit-front-end-administrators',
|
||||
'uses' => 'OAuth2SummitTrackTagGroupsApiController@getTrackTagGroupsBySummit']);
|
||||
Route::get('', ['uses' => 'OAuth2SummitTrackTagGroupsApiController@getTrackTagGroupsBySummit']);
|
||||
|
||||
Route::post('', [ 'middleware' => 'auth.user:administrators|summit-front-end-administrators',
|
||||
'uses' => 'OAuth2SummitTrackTagGroupsApiController@addTrackTagGroup']);
|
||||
@ -692,7 +691,8 @@ Route::group([
|
||||
Route::group(['prefix' => 'summits'], function () {
|
||||
|
||||
Route::group(['prefix' => '{id}'], function () {
|
||||
Route::get('', [ 'middleware' => 'auth.user:administrators|summit-front-end-administrators|summit-room-administrators', 'uses' => 'OAuth2SummitApiController@getSummit'])->where('id', 'current|[0-9]+');
|
||||
|
||||
Route::get('', ['uses' => 'OAuth2SummitApiController@getSummit'])->where('id', 'current|[0-9]+');
|
||||
// events
|
||||
Route::group(['prefix' => 'events'], function () {
|
||||
|
||||
|
||||
@ -55,6 +55,7 @@ use App\ModelSerializers\Summit\SummitLocationBannerSerializer;
|
||||
use App\ModelSerializers\Summit\TrackTagGroups\TrackTagGroupAllowedTagSerializer;
|
||||
use App\ModelSerializers\Summit\TrackTagGroups\TrackTagGroupSerializer;
|
||||
use Libs\ModelSerializers\IModelSerializer;
|
||||
use models\oauth2\IResourceServerContext;
|
||||
use ModelSerializers\ChatTeams\ChatTeamInvitationSerializer;
|
||||
use ModelSerializers\ChatTeams\ChatTeamMemberSerializer;
|
||||
use ModelSerializers\ChatTeams\ChatTeamPushNotificationMessageSerializer;
|
||||
@ -67,6 +68,7 @@ use ModelSerializers\Locations\SummitVenueFloorSerializer;
|
||||
use ModelSerializers\Locations\SummitVenueRoomSerializer;
|
||||
use ModelSerializers\Locations\SummitVenueSerializer;
|
||||
use App\ModelSerializers\Marketplace\ApplianceSerializer;
|
||||
use Illuminate\Support\Facades\App;
|
||||
/**
|
||||
* Class SerializerRegistry
|
||||
* @package ModelSerializers
|
||||
@ -78,6 +80,11 @@ final class SerializerRegistry
|
||||
*/
|
||||
private static $instance;
|
||||
|
||||
/**
|
||||
* @var IResourceServerContext
|
||||
*/
|
||||
private $resource_server_context;
|
||||
|
||||
const SerializerType_Public = 'PUBLIC';
|
||||
const SerializerType_Private = 'PRIVATE';
|
||||
|
||||
@ -94,11 +101,12 @@ final class SerializerRegistry
|
||||
return self::$instance;
|
||||
}
|
||||
|
||||
private $registry = array();
|
||||
private $registry = [];
|
||||
|
||||
private function __construct()
|
||||
{
|
||||
$this->registry['Summit'] =
|
||||
$this->resource_server_context = App::make(IResourceServerContext::class);
|
||||
$this->registry['Summit'] =
|
||||
[
|
||||
self::SerializerType_Public => SummitSerializer::class,
|
||||
self::SerializerType_Private => AdminSummitSerializer::class
|
||||
@ -267,7 +275,6 @@ final class SerializerRegistry
|
||||
$serializer_class = $serializer_class[$type];
|
||||
}
|
||||
|
||||
|
||||
return new $serializer_class($object);
|
||||
return new $serializer_class($object, $this->resource_server_context);
|
||||
}
|
||||
}
|
||||
@ -19,7 +19,6 @@ use Libs\ModelSerializers\AbstractSerializer;
|
||||
class SilverStripeSerializer extends AbstractSerializer
|
||||
{
|
||||
protected static $array_mappings = [
|
||||
|
||||
'Id' => 'id:json_int',
|
||||
'CreatedUTC' => 'created:datetime_epoch',
|
||||
'LastEditedUTC' => 'last_edited:datetime_epoch',
|
||||
|
||||
@ -12,6 +12,8 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
**/
|
||||
use App\Http\Exceptions\HTTP403ForbiddenException;
|
||||
use App\Security\SummitScopes;
|
||||
use Illuminate\Support\Facades\Config;
|
||||
use models\summit\Summit;
|
||||
use DateTime;
|
||||
@ -22,7 +24,6 @@ use DateTime;
|
||||
class SummitSerializer extends SilverStripeSerializer
|
||||
{
|
||||
protected static $array_mappings = [
|
||||
|
||||
'Name' => 'name:json_string',
|
||||
'BeginDate' => 'start_date:datetime_epoch',
|
||||
'EndDate' => 'end_date:datetime_epoch',
|
||||
@ -53,7 +54,6 @@ class SummitSerializer extends SilverStripeSerializer
|
||||
];
|
||||
|
||||
protected static $allowed_relations = [
|
||||
|
||||
'ticket_types',
|
||||
'locations',
|
||||
'wifi_connections',
|
||||
@ -66,6 +66,7 @@ class SummitSerializer extends SilverStripeSerializer
|
||||
* @param array $relations
|
||||
* @param array $params
|
||||
* @return array
|
||||
* @throws HTTP403ForbiddenException
|
||||
*/
|
||||
public function serialize($expand = null, array $fields = [], array $relations = [], array $params = [])
|
||||
{
|
||||
@ -187,6 +188,16 @@ class SummitSerializer extends SilverStripeSerializer
|
||||
}
|
||||
break;
|
||||
case 'schedule': {
|
||||
// only could get schedule expanded if summit its available to public or
|
||||
// we had proper scopes
|
||||
if(!$summit->isAvailableOnApi()) {
|
||||
$scopes = $this->resource_server_context->getCurrentScope();
|
||||
$current_realm = Config::get('app.url');
|
||||
$needed_scope = sprintf(SummitScopes::ReadAllSummitData, $current_realm);
|
||||
if (!in_array($needed_scope, $scopes))
|
||||
throw new HTTP403ForbiddenException;
|
||||
}
|
||||
|
||||
$event_types = [];
|
||||
foreach ($summit->getEventTypes() as $event_type) {
|
||||
$event_types[] = SerializerRegistry::getInstance()->getSerializer($event_type)->serialize();
|
||||
|
||||
@ -18,8 +18,7 @@
|
||||
*/
|
||||
final class TagSerializer extends SilverStripeSerializer
|
||||
{
|
||||
protected static $array_mappings = array
|
||||
(
|
||||
protected static $array_mappings = [
|
||||
'Tag' => 'tag:json_string',
|
||||
);
|
||||
];
|
||||
}
|
||||
@ -719,7 +719,7 @@ class Presentation extends SummitEvent
|
||||
* @return bool
|
||||
*/
|
||||
public function canEdit(PresentationSpeaker $speaker){
|
||||
if($this->getCreatorId() == $speaker->getId()) return true;
|
||||
if($this->getCreatorId() == $speaker->getMemberId()) return true;
|
||||
if($this->getModeratorId() == $speaker->getId()) return true;
|
||||
if($this->isSpeaker($speaker)) return true;
|
||||
return false;
|
||||
|
||||
@ -507,7 +507,7 @@ final class PresentationService
|
||||
if(is_null($current_speaker))
|
||||
throw new EntityNotFoundException(sprintf("member %s does not has a speaker profile", $member->getId()));
|
||||
|
||||
$presentation = $this->event_repository->getById($presentation_id);
|
||||
$presentation = $this->presentation_repository->getById($presentation_id);
|
||||
if(is_null($presentation))
|
||||
throw new EntityNotFoundException(sprintf("presentation %s not found", $presentation_id));
|
||||
|
||||
|
||||
@ -77,11 +77,11 @@ final class OAuth2SummitApiTest extends ProtectedApiTest
|
||||
public function testGetSummit($summit_id = 25)
|
||||
{
|
||||
|
||||
$params = array
|
||||
(
|
||||
$params = [
|
||||
|
||||
'expand' => 'schedule',
|
||||
'id' => $summit_id
|
||||
);
|
||||
];
|
||||
|
||||
$headers = array("HTTP_Authorization" => " Bearer " . $this->access_token);
|
||||
$start = time();
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user