RecordsRequestHandler - Code Metrics - Inspection of "Moved permission check" - Divergence/framework - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( a87492...a67e20 )

by Henry

created 2018-05-25 23:28 UTC

RecordsRequestHandler F

↳ Parent: Project

Complexity

Total Complexity

107

Size/Duplication

Total Lines	595
Duplicated Lines	0 %

Importance

Changes

Metric	Value
dl	0
loc	595
rs	1.5789
c	0
b	0
f	0
wmc	107

29 Methods

Rating	Name	Size	Complexity
A	handleRequest()	17	4
C	handleMultiDestroyRequest()	73	16
A	checkWriteAccess()	3	1
A	onRecordDeleted()	2	1
A	onBeforeRecordSaved()	2	1
C	handleEditRequest()	62	8
A	onRecordRequestNotHandled()	6	1
A	throwNotFoundError()	6	1
A	handleCreateRequest()	14	2
A	checkAPIAccess()	3	1
A	applyRecordDelta()	6	2
A	checkBrowseAccess()	3	1
B	handleDeleteRequest()	25	3
A	onBeforeRecordValidated()	2	1
A	throwUnauthorizedError()	6	1
A	respond()	8	2
A	onRecordSaved()	2	1
A	throwRecordNotFoundError()	3	1
A	onRecordCreated()	2	1
A	checkReadAccess()	3	1
F	handleMultiSaveRequest()	84	16
A	throwAPIUnAuthorizedError()	6	1
A	getTemplateName()	5	1
C	handleRecordsRequest()	30	8
A	prepareBrowseConditions()	9	3
B	prepareDefaultBrowseOptions()	16	7
C	handleRecordRequest()	31	7
C	handleBrowseRequest()	57	12
A	getRecordByHandle()	6	2

How to fix Complexity

<?php
namespace Divergence\Controllers;

use Exception;

use Divergence\Helpers\JSON;
use Divergence\Helpers\JSONP;
use Divergence\Helpers\Util as Util;
use Divergence\IO\Database\MySQL as DB;
use Divergence\Models\ActiveRecord as ActiveRecord;

abstract class RecordsRequestHandler extends RequestHandler
{
    public static $config;

    // configurables
    public static $recordClass;
    public static $accountLevelRead = false;
    public static $accountLevelBrowse = 'Staff';
    public static $accountLevelWrite = 'Staff';
    public static $accountLevelAPI = false;
    public static $browseOrder = false;
    public static $browseConditions = false;
    public static $browseLimitDefault = false;
    public static $editableFields = false;
    public static $searchConditions = false;
    
    public static $calledClass = __CLASS__;
    public static $responseMode = 'dwoo';
    
    public static function handleRequest()
    {
        // save static class
        static::$calledClass = get_called_class();
    
        // handle JSON requests
        if (static::peekPath() == 'json') {
            // check access for API response modes
            static::$responseMode = static::shiftPath();
            if (in_array(static::$responseMode, ['json','jsonp'])) {
                if (!static::checkAPIAccess()) {
                    return static::throwAPIUnAuthorizedError();
                }
            }
        }
        
        return static::handleRecordsRequest();
    }


    public static function handleRecordsRequest($action = false)
    {
        switch ($action ? $action : $action = static::shiftPath()) {
            case 'save':
            {
                return static::handleMultiSaveRequest();
            }
            
            case 'destroy':
            {
                return static::handleMultiDestroyRequest();
            }
            
            case 'create':
            {
                return static::handleCreateRequest();
            }
            
            case '':
            case false:
            {
                return static::handleBrowseRequest();
            }

            default:
            {
                if ($Record = static::getRecordByHandle($action)) {
                    return static::handleRecordRequest($Record);
                } else {
                    return static::throwRecordNotFoundError();
                }
            }
        }
    }
    
    public static function getRecordByHandle($handle)
    {
        $className = static::$recordClass;
        
        if (method_exists($className, 'getByHandle')) {
            return $className::getByHandle($handle);
        }
    }

    public static function prepareBrowseConditions($conditions = [])
    {
        if (static::$browseConditions) {
            if (!is_array(static::$browseConditions)) {
                static::$browseConditions = [static::$browseConditions];
            }
            $conditions = array_merge(static::$browseConditions, $conditions);
        }
        return $conditions;
    }

    public static function prepareDefaultBrowseOptions()
    {
        if (empty($_REQUEST['offset']) && is_numeric($_REQUEST['start'])) {
            $_REQUEST['offset'] = $_REQUEST['start'];
        }

        $limit = !empty($_REQUEST['limit']) && is_numeric($_REQUEST['limit']) ? $_REQUEST['limit'] : static::$browseLimitDefault;
        $offset = !empty($_REQUEST['offset']) && is_numeric($_REQUEST['offset']) ? $_REQUEST['offset'] : false;
        
        $options = [
            'limit' =>  $limit,
            'offset' => $offset,
            'order' => static::$browseOrder,
        ];

        return $options;
    }

    public static function handleBrowseRequest($options = [], $conditions = [], $responseID = null, $responseData = [])
    {
        if (!static::checkBrowseAccess(func_get_args())) {
            return static::throwUnauthorizedError();
        }
        
        $conditions = static::prepareBrowseConditions($conditions);
        
        $options = static::prepareDefaultBrowseOptions();

        // process sorter
        if (!empty($_REQUEST['sort'])) {
            $sort = json_decode($_REQUEST['sort'], true);
            if (!$sort || !is_array($sort)) {
                return static::respond('error', [
                    'success' => false,
                    'failed' => [
                        'errors'	=>	'Invalid sorter.',
                    ],
                ]);
            }

            if (is_array($sort)) {

                foreach ($sort as $field) {
                    $options['order'][$field['property']] = $field['direction'];
                }
            }
        }
        
        // process filter
        if (!empty($_REQUEST['filter'])) {
            $filter = json_decode($_REQUEST['filter'], true);
            if (!$filter || !is_array($filter)) {
                return static::respond('error', [
                    'success' => false,
                    'failed' => [
                        'errors'	=>	'Invalid filter.',
                    ],
                ]);
            }

            foreach ($filter as $field) {
                $conditions[$field['property']] = $field['value'];
            }
        }

        $className = static::$recordClass;

        return static::respond(
            isset($responseID) ? $responseID : static::getTemplateName($className::$pluralNoun),
            array_merge($responseData, [
                'success' => true,
                'data' => $className::getAllByWhere($conditions, $options),
                'conditions' => $conditions,
                'total' => DB::foundRows(),
                'limit' => $options['limit'],
                'offset' => $options['offset'],
            ])
        );
    }


    public static function handleRecordRequest(ActiveRecord $Record, $action = false)
    {
        if (!static::checkReadAccess($Record)) {
            return static::throwUnauthorizedError();
        }
        
        switch ($action ? $action : $action = static::shiftPath()) {
            case '':
            case false:
            {
                $className = static::$recordClass;
                
                return static::respond(static::getTemplateName($className::$singularNoun), [
                    'success' => true,
                    'data' => $Record,
                ]);
            }
            
            case 'edit':
            {
                return static::handleEditRequest($Record);
            }
            
            case 'delete':
            {
                return static::handleDeleteRequest($Record);
            }
        
            default:
            {
                return static::onRecordRequestNotHandled($Record, $action);
            }
        }
    }



    public static function handleMultiSaveRequest()
    {
        $className = static::$recordClass;
    
        $PrimaryKey = $className::getPrimaryKey();
            
        if (static::$responseMode == 'json' && in_array($_SERVER['REQUEST_METHOD'], ['POST','PUT'])) {
            $JSONData = JSON::getRequestData();
            if (is_array($JSONData)) {
                $_REQUEST = $JSONData;
            }
        }
        
        if ($className::fieldExists(key($_REQUEST['data']))) {
            $_REQUEST['data'] = [$_REQUEST['data']];
        }

        if (empty($_REQUEST['data']) || !is_array($_REQUEST['data'])) {
            if (static::$responseMode == 'json') {
                return static::respond('error', [
                    'success' => false,
                    'failed' => [
                        'errors'	=>	'Save expects "data" field as array of records.',
                    ],
                ]);
            }
        }
        
        $results = [];
        $failed = [];

        foreach ($_REQUEST['data'] as $datum) {
            // get record
            if (empty($datum[$PrimaryKey])) {
                $Record = new $className::$defaultClass();
                static::onRecordCreated($Record, $datum);
            } else {
                if (!$Record = $className::getByID($datum[$PrimaryKey])) {
                    $failed[] = [
                        'record' => $datum,
                        'errors' => 'Record not found',
                    ];
                    continue;
                }
            }
            
            // check write access
            if (!static::checkWriteAccess($Record)) {
                $failed[] = [
                    'record' => $datum,
                    'errors' => 'Write access denied',
                ];
                continue;
            }
            
            // apply delta
            static::applyRecordDelta($Record, $datum);

            // call template function
            static::onBeforeRecordValidated($Record, $datum);

            // try to save record
            try {
                // call template function
                static::onBeforeRecordSaved($Record, $datum);

                $Record->save();
                $results[] = (!$Record::fieldExists('Class') || get_class($Record) == $Record->Class) ? $Record : $Record->changeClass();
                
                // call template function
                static::onRecordSaved($Record, $datum);
            } catch (Exception $e) {
                $failed[] = [
                    'record' => $Record->data,
                    'validationErrors' => $Record->validationErrors,
                ];
            }
        }
        
        
        return static::respond(static::getTemplateName($className::$pluralNoun).'Saved', [
            'success' => count($results) || !count($failed),
            'data' => $results,
            'failed' => $failed,
        ]);
    }
    
    
    public static function handleMultiDestroyRequest()
    {
        $className = static::$recordClass;

        $PrimaryKey = $className::getPrimaryKey();
            
        if (static::$responseMode == 'json' && in_array($_SERVER['REQUEST_METHOD'], ['POST','PUT','DELETE'])) {
            $JSONData = JSON::getRequestData();
            if (is_array($JSONData)) {
                $_REQUEST = $JSONData;
            }
        }
        
        if ($className::fieldExists(key($_REQUEST['data']))) {
            $_REQUEST['data'] = [$_REQUEST['data']];
        }

        if (empty($_REQUEST['data']) || !is_array($_REQUEST['data'])) {
            if (static::$responseMode == 'json') {
                return static::respond('error', [
                    'success' => false,
                    'failed' => [
                        'errors'	=>	'Save expects "data" field as array of records.',
                    ],
                ]);
            }
        }


        $results = [];
        $failed = [];
        
        foreach ($_REQUEST['data'] as $datum) {
            // get record
            if (is_numeric($datum)) {
                $recordID = $datum;
            } elseif (!empty($datum[$PrimaryKey]) && is_numeric($datum[$PrimaryKey])) {
                $recordID = $datum[$PrimaryKey];
            } else {
                $failed[] = [
                    'record' => $datum,
                    'errors' => $PrimaryKey.' missing',
                ];
                continue;
            }

            if (!$Record = $className::getByField($PrimaryKey, $recordID)) {
                $failed[] = [
                    'record' => $datum,
                    'errors' => $PrimaryKey.' not found',
                ];
                continue;
            }
            
            // check write access
            if (!static::checkWriteAccess($Record)) {
                $failed[] = [
                    'record' => $datum,
                    'errors' => 'Write access denied',
                ];
                continue;
            }
        
            // destroy record
            if ($Record->destroy()) {
                $results[] = $Record;
            }
        }
        
        return static::respond(static::getTemplateName($className::$pluralNoun).'Destroyed', [
            'success' => count($results) || !count($failed),
            'data' => $results,
            'failed' => $failed,
        ]);
    }


    public static function handleCreateRequest(ActiveRecord $Record = null)
    {
        // save static class
        static::$calledClass = get_called_class();

        if (!$Record) {
            $className = static::$recordClass;
            $Record = new $className::$defaultClass();
        }
        
        // call template function
        static::onRecordCreated($Record, $_REQUEST);

        return static::handleEditRequest($Record);
    }

    public static function handleEditRequest(ActiveRecord $Record)
    {
        $className = static::$recordClass;

        if (!static::checkWriteAccess($Record)) {
            return static::throwUnauthorizedError();
        }

        if (in_array($_SERVER['REQUEST_METHOD'], ['POST','PUT'])) {
            if (static::$responseMode == 'json') {
                $_REQUEST = JSON::getRequestData();
                if (is_array($_REQUEST['data'])) {
                    $_REQUEST = $_REQUEST['data'];
                }
            }
            $_REQUEST = $_REQUEST ? $_REQUEST : $_POST;
        
            // apply delta
            static::applyRecordDelta($Record, $_REQUEST);
            
            // call template function
            static::onBeforeRecordValidated($Record, $_REQUEST);

            // validate
            if ($Record->validate()) {
                // call template function
                static::onBeforeRecordSaved($Record, $_REQUEST);
                
                try {
                    // save session
                    $Record->save();
                } catch (Exception $e) {
                    return static::respond('Error', [
                        'success' => false,
                        'failed' => [
                            'errors'	=>	$e->getMessage(),
                        ],
                    ]);
                }
                
                // call template function
                static::onRecordSaved($Record, $_REQUEST);
        
                // fire created response
                $responseID = static::getTemplateName($className::$singularNoun).'Saved';
                $responseData = [
                    'success' => true,
                    'data' => $Record,
                ];
                return static::respond($responseID, $responseData);
            }
            
            // fall through back to form if validation failed
        }
        
        $responseID = static::getTemplateName($className::$singularNoun).'Edit';
        $responseData = [
            'success' => false,
            'data' => $Record,
        ];
    
        return static::respond($responseID, $responseData);
    }


    public static function handleDeleteRequest(ActiveRecord $Record)
    {
        $className = static::$recordClass;

        if (!static::checkWriteAccess($Record)) {
            return static::throwUnauthorizedError();
        }
    
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
            $data = $Record->data;
            $Record->destroy();
                    
            // call cleanup function after delete
            static::onRecordDeleted($Record, $data);
            
            // fire created response
            return static::respond(static::getTemplateName($className::$singularNoun).'Deleted', [
                'success' => true,
                'data' => $Record,
            ]);
        }
    
        return static::respond('confirm', [
            'question' => 'Are you sure you want to delete this '.$className::$singularNoun.'?',
            'data' => $Record,
        ]);
    }
    
    
    public static function respond($responseID, $responseData = [], $responseMode = false)
    {
        // default to static property
        if (!$responseMode) {
            $responseMode = static::$responseMode;
        }
    
        return parent::respond($responseID, $responseData, $responseMode);
    }
    
    // access control template functions
    public static function checkBrowseAccess($arguments)
    {
        return true;
    }

    public static function checkReadAccess(ActiveRecord $Record)
    {
        return true;
    }
    
    public static function checkWriteAccess(ActiveRecord $Record)
    {
        return true;
    }
    
    public static function checkAPIAccess()
    {
        return true;
    }
    
    public static function throwUnauthorizedError()
    {
        return static::respond('Unauthorized', [
            'success' => false,
            'failed' => [
                'errors'	=>	'Login required.',
            ],
        ]);
    }

    public static function throwAPIUnAuthorizedError()
    {
        return static::respond('Unauthorized', [
            'success' => false,
            'failed' => [
                'errors'	=>	'API access required.',
            ],
        ]);
    }

    public static function throwNotFoundError()
    {
        return static::respond('error', [
            'success' => false,
            'failed' => [
                'errors'	=>	'Record not found.',
            ],
        ]);
    }
    
    public static function onRecordRequestNotHandled(ActiveRecord $Record, $action)
    {
        return static::respond('error', [
            'success' => false,
            'failed' => [
                'errors'	=>	'Malformed request.',
            ],
        ]);
    }
    


    public static function getTemplateName($noun)
    {
        return preg_replace_callback('/\s+([a-zA-Z])/', function ($matches) {
            return strtoupper($matches[1]);
        }, $noun);
    }
    
    public static function applyRecordDelta(ActiveRecord $Record, $data)
    {
        if (is_array(static::$editableFields)) {

            $Record->setFields(array_intersect_key($data, array_flip(static::$editableFields)));
        } else {
            $Record->setFields($data);
        }
    }
    
    // event template functions
    protected static function onRecordCreated(ActiveRecord $Record, $data)
    {
    }
    protected static function onBeforeRecordValidated(ActiveRecord $Record, $data)
    {
    }
    protected static function onBeforeRecordSaved(ActiveRecord $Record, $data)
    {
    }
    protected static function onRecordDeleted(ActiveRecord $Record, $data)
    {
    }
    protected static function onRecordSaved(ActiveRecord $Record, $data)
    {
    }
    
    protected static function throwRecordNotFoundError()
    {
        return static::throwNotFoundError();
    }
}


1			<?php
2			namespace Divergence\Controllers;
3
4			use Exception;
5
6			use Divergence\Helpers\JSON;
7			use Divergence\Helpers\JSONP;
8			use Divergence\Helpers\Util as Util;
9			use Divergence\IO\Database\MySQL as DB;
10			use Divergence\Models\ActiveRecord as ActiveRecord;
11
12			abstract class RecordsRequestHandler extends RequestHandler
13			{
14			public static $config;
15
16			// configurables
17			public static $recordClass;
18			public static $accountLevelRead = false;
19			public static $accountLevelBrowse = 'Staff';
20			public static $accountLevelWrite = 'Staff';
21			public static $accountLevelAPI = false;
22			public static $browseOrder = false;
23			public static $browseConditions = false;
24			public static $browseLimitDefault = false;
25			public static $editableFields = false;
26			public static $searchConditions = false;
27
28			public static $calledClass = __CLASS__;
29			public static $responseMode = 'dwoo';
30
31			public static function handleRequest()
32			{
33			// save static class
34			static::$calledClass = get_called_class();
35
36			// handle JSON requests
37			if (static::peekPath() == 'json') {
38			// check access for API response modes
39			static::$responseMode = static::shiftPath();
40			if (in_array(static::$responseMode, ['json','jsonp'])) {
41			if (!static::checkAPIAccess()) {
42			return static::throwAPIUnAuthorizedError();
43			}
44			}
45			}
46
47			return static::handleRecordsRequest();
48			}
49
50
51			public static function handleRecordsRequest($action = false)
52			{
53			switch ($action ? $action : $action = static::shiftPath()) {
54			case 'save':
55			{
56			return static::handleMultiSaveRequest();
57			}
58
59			case 'destroy':
60			{
61			return static::handleMultiDestroyRequest();
62			}
63
64			case 'create':
65			{
66			return static::handleCreateRequest();
67			}
68
69			case '':
70			case false:
71			{
72			return static::handleBrowseRequest();
73			}
74
75			default:
76			{
77			if ($Record = static::getRecordByHandle($action)) {
78			return static::handleRecordRequest($Record);
79			} else {
80			return static::throwRecordNotFoundError();
81			}
82			}
83			}
84			}
85
86			public static function getRecordByHandle($handle)
87			{
88			$className = static::$recordClass;
89
90			if (method_exists($className, 'getByHandle')) {
91			return $className::getByHandle($handle);
92			}
93			}
94
95			public static function prepareBrowseConditions($conditions = [])
96			{
97			if (static::$browseConditions) {
98			if (!is_array(static::$browseConditions)) {
99			static::$browseConditions = [static::$browseConditions];
100			}
101			$conditions = array_merge(static::$browseConditions, $conditions);
102			}
103			return $conditions;
104			}
105
106			public static function prepareDefaultBrowseOptions()
107			{
108			if (empty($_REQUEST['offset']) && is_numeric($_REQUEST['start'])) {
109			$_REQUEST['offset'] = $_REQUEST['start'];
110			}
111
112			$limit = !empty($_REQUEST['limit']) && is_numeric($_REQUEST['limit']) ? $_REQUEST['limit'] : static::$browseLimitDefault;
113			$offset = !empty($_REQUEST['offset']) && is_numeric($_REQUEST['offset']) ? $_REQUEST['offset'] : false;
114
115			$options = [
116			'limit' => $limit,
117			'offset' => $offset,
118			'order' => static::$browseOrder,
119			];
120
121			return $options;
122			}
123
124			public static function handleBrowseRequest($options = [], $conditions = [], $responseID = null, $responseData = [])
125			{
126			if (!static::checkBrowseAccess(func_get_args())) {
127			return static::throwUnauthorizedError();
128			}
129
130			$conditions = static::prepareBrowseConditions($conditions);
131
132			$options = static::prepareDefaultBrowseOptions();
133
134			// process sorter
135			if (!empty($_REQUEST['sort'])) {
136			$sort = json_decode($_REQUEST['sort'], true);
137			if (!$sort \|\| !is_array($sort)) {
138			return static::respond('error', [
139			'success' => false,
140			'failed' => [
141			'errors' => 'Invalid sorter.',
142			],
143			]);
144			}
145
146			if (is_array($sort)) {
			1 ignored issue – show introduced 2018-05-15 05:01 UTC by Report Bug Copy Issue Report The condition `is_array($sort)` is always `true`. Loading history...
147			foreach ($sort as $field) {
148			$options['order'][$field['property']] = $field['direction'];
149			}
150			}
151			}
152
153			// process filter
154			if (!empty($_REQUEST['filter'])) {
155			$filter = json_decode($_REQUEST['filter'], true);
156			if (!$filter \|\| !is_array($filter)) {
157			return static::respond('error', [
158			'success' => false,
159			'failed' => [
160			'errors' => 'Invalid filter.',
161			],
162			]);
163			}
164
165			foreach ($filter as $field) {
166			$conditions[$field['property']] = $field['value'];
167			}
168			}
169
170			$className = static::$recordClass;
171
172			return static::respond(
173			isset($responseID) ? $responseID : static::getTemplateName($className::$pluralNoun),
174			array_merge($responseData, [
175			'success' => true,
176			'data' => $className::getAllByWhere($conditions, $options),
177			'conditions' => $conditions,
178			'total' => DB::foundRows(),
179			'limit' => $options['limit'],
180			'offset' => $options['offset'],
181			])
182			);
183			}
184
185
186			public static function handleRecordRequest(ActiveRecord $Record, $action = false)
187			{
188			if (!static::checkReadAccess($Record)) {
189			return static::throwUnauthorizedError();
190			}
191
192			switch ($action ? $action : $action = static::shiftPath()) {
193			case '':
194			case false:
195			{
196			$className = static::$recordClass;
197
198			return static::respond(static::getTemplateName($className::$singularNoun), [
199			'success' => true,
200			'data' => $Record,
201			]);
202			}
203
204			case 'edit':
205			{
206			return static::handleEditRequest($Record);
207			}
208
209			case 'delete':
210			{
211			return static::handleDeleteRequest($Record);
212			}
213
214			default:
215			{
216			return static::onRecordRequestNotHandled($Record, $action);
217			}
218			}
219			}
220
221
222
223			public static function handleMultiSaveRequest()
224			{
225			$className = static::$recordClass;
226
227			$PrimaryKey = $className::getPrimaryKey();
228
229			if (static::$responseMode == 'json' && in_array($_SERVER['REQUEST_METHOD'], ['POST','PUT'])) {
230			$JSONData = JSON::getRequestData();
231			if (is_array($JSONData)) {
232			$_REQUEST = $JSONData;
233			}
234			}
235
236			if ($className::fieldExists(key($_REQUEST['data']))) {
237			$_REQUEST['data'] = [$_REQUEST['data']];
238			}
239
240			if (empty($_REQUEST['data']) \|\| !is_array($_REQUEST['data'])) {
241			if (static::$responseMode == 'json') {
242			return static::respond('error', [
243			'success' => false,
244			'failed' => [
245			'errors' => 'Save expects "data" field as array of records.',
246			],
247			]);
248			}
249			}
250
251			$results = [];
252			$failed = [];
253
254			foreach ($_REQUEST['data'] as $datum) {
255			// get record
256			if (empty($datum[$PrimaryKey])) {
257			$Record = new $className::$defaultClass();
258			static::onRecordCreated($Record, $datum);
259			} else {
260			if (!$Record = $className::getByID($datum[$PrimaryKey])) {
261			$failed[] = [
262			'record' => $datum,
263			'errors' => 'Record not found',
264			];
265			continue;
266			}
267			}
268
269			// check write access
270			if (!static::checkWriteAccess($Record)) {
271			$failed[] = [
272			'record' => $datum,
273			'errors' => 'Write access denied',
274			];
275			continue;
276			}
277
278			// apply delta
279			static::applyRecordDelta($Record, $datum);
280
281			// call template function
282			static::onBeforeRecordValidated($Record, $datum);
283
284			// try to save record
285			try {
286			// call template function
287			static::onBeforeRecordSaved($Record, $datum);
288
289			$Record->save();
290			$results[] = (!$Record::fieldExists('Class') \|\| get_class($Record) == $Record->Class) ? $Record : $Record->changeClass();
291
292			// call template function
293			static::onRecordSaved($Record, $datum);
294			} catch (Exception $e) {
295			$failed[] = [
296			'record' => $Record->data,
297			'validationErrors' => $Record->validationErrors,
298			];
299			}
300			}
301
302
303			return static::respond(static::getTemplateName($className::$pluralNoun).'Saved', [
304			'success' => count($results) \|\| !count($failed),
305			'data' => $results,
306			'failed' => $failed,
307			]);
308			}
309
310
311			public static function handleMultiDestroyRequest()
312			{
313			$className = static::$recordClass;
314
315			$PrimaryKey = $className::getPrimaryKey();
316
317			if (static::$responseMode == 'json' && in_array($_SERVER['REQUEST_METHOD'], ['POST','PUT','DELETE'])) {
318			$JSONData = JSON::getRequestData();
319			if (is_array($JSONData)) {
320			$_REQUEST = $JSONData;
321			}
322			}
323
324			if ($className::fieldExists(key($_REQUEST['data']))) {
325			$_REQUEST['data'] = [$_REQUEST['data']];
326			}
327
328			if (empty($_REQUEST['data']) \|\| !is_array($_REQUEST['data'])) {
329			if (static::$responseMode == 'json') {
330			return static::respond('error', [
331			'success' => false,
332			'failed' => [
333			'errors' => 'Save expects "data" field as array of records.',
334			],
335			]);
336			}
337			}
338
339
340			$results = [];
341			$failed = [];
342
343			foreach ($_REQUEST['data'] as $datum) {
344			// get record
345			if (is_numeric($datum)) {
346			$recordID = $datum;
347			} elseif (!empty($datum[$PrimaryKey]) && is_numeric($datum[$PrimaryKey])) {
348			$recordID = $datum[$PrimaryKey];
349			} else {
350			$failed[] = [
351			'record' => $datum,
352			'errors' => $PrimaryKey.' missing',
353			];
354			continue;
355			}
356
357			if (!$Record = $className::getByField($PrimaryKey, $recordID)) {
358			$failed[] = [
359			'record' => $datum,
360			'errors' => $PrimaryKey.' not found',
361			];
362			continue;
363			}
364
365			// check write access
366			if (!static::checkWriteAccess($Record)) {
367			$failed[] = [
368			'record' => $datum,
369			'errors' => 'Write access denied',
370			];
371			continue;
372			}
373
374			// destroy record
375			if ($Record->destroy()) {
376			$results[] = $Record;
377			}
378			}
379
380			return static::respond(static::getTemplateName($className::$pluralNoun).'Destroyed', [
381			'success' => count($results) \|\| !count($failed),
382			'data' => $results,
383			'failed' => $failed,
384			]);
385			}
386
387
388			public static function handleCreateRequest(ActiveRecord $Record = null)
389			{
390			// save static class
391			static::$calledClass = get_called_class();
392
393			if (!$Record) {
394			$className = static::$recordClass;
395			$Record = new $className::$defaultClass();
396			}
397
398			// call template function
399			static::onRecordCreated($Record, $_REQUEST);
400
401			return static::handleEditRequest($Record);
402			}
403
404			public static function handleEditRequest(ActiveRecord $Record)
405			{
406			$className = static::$recordClass;
407
408			if (!static::checkWriteAccess($Record)) {
409			return static::throwUnauthorizedError();
410			}
411
412			if (in_array($_SERVER['REQUEST_METHOD'], ['POST','PUT'])) {
413			if (static::$responseMode == 'json') {
414			$_REQUEST = JSON::getRequestData();
415			if (is_array($_REQUEST['data'])) {
416			$_REQUEST = $_REQUEST['data'];
417			}
418			}
419			$_REQUEST = $_REQUEST ? $_REQUEST : $_POST;
420
421			// apply delta
422			static::applyRecordDelta($Record, $_REQUEST);
423
424			// call template function
425			static::onBeforeRecordValidated($Record, $_REQUEST);
426
427			// validate
428			if ($Record->validate()) {
429			// call template function
430			static::onBeforeRecordSaved($Record, $_REQUEST);
431
432			try {
433			// save session
434			$Record->save();
435			} catch (Exception $e) {
436			return static::respond('Error', [
437			'success' => false,
438			'failed' => [
439			'errors' => $e->getMessage(),
440			],
441			]);
442			}
443
444			// call template function
445			static::onRecordSaved($Record, $_REQUEST);
446
447			// fire created response
448			$responseID = static::getTemplateName($className::$singularNoun).'Saved';
449			$responseData = [
450			'success' => true,
451			'data' => $Record,
452			];
453			return static::respond($responseID, $responseData);
454			}
455
456			// fall through back to form if validation failed
457			}
458
459			$responseID = static::getTemplateName($className::$singularNoun).'Edit';
460			$responseData = [
461			'success' => false,
462			'data' => $Record,
463			];
464
465			return static::respond($responseID, $responseData);
466			}
467
468
469			public static function handleDeleteRequest(ActiveRecord $Record)
470			{
471			$className = static::$recordClass;
472
473			if (!static::checkWriteAccess($Record)) {
474			return static::throwUnauthorizedError();
475			}
476
477			if ($_SERVER['REQUEST_METHOD'] == 'POST') {
478			$data = $Record->data;
479			$Record->destroy();
480
481			// call cleanup function after delete
482			static::onRecordDeleted($Record, $data);
483
484			// fire created response
485			return static::respond(static::getTemplateName($className::$singularNoun).'Deleted', [
486			'success' => true,
487			'data' => $Record,
488			]);
489			}
490
491			return static::respond('confirm', [
492			'question' => 'Are you sure you want to delete this '.$className::$singularNoun.'?',
493			'data' => $Record,
494			]);
495			}
496
497
498			public static function respond($responseID, $responseData = [], $responseMode = false)
499			{
500			// default to static property
501			if (!$responseMode) {
502			$responseMode = static::$responseMode;
503			}
504
505			return parent::respond($responseID, $responseData, $responseMode);
506			}
507
508			// access control template functions
509			public static function checkBrowseAccess($arguments)
510			{
511			return true;
512			}
513
514			public static function checkReadAccess(ActiveRecord $Record)
515			{
516			return true;
517			}
518
519			public static function checkWriteAccess(ActiveRecord $Record)
520			{
521			return true;
522			}
523
524			public static function checkAPIAccess()
525			{
526			return true;
527			}
528
529			public static function throwUnauthorizedError()
530			{
531			return static::respond('Unauthorized', [
532			'success' => false,
533			'failed' => [
534			'errors' => 'Login required.',
535			],
536			]);
537			}
538
539			public static function throwAPIUnAuthorizedError()
540			{
541			return static::respond('Unauthorized', [
542			'success' => false,
543			'failed' => [
544			'errors' => 'API access required.',
545			],
546			]);
547			}
548
549			public static function throwNotFoundError()
550			{
551			return static::respond('error', [
552			'success' => false,
553			'failed' => [
554			'errors' => 'Record not found.',
555			],
556			]);
557			}
558
559			public static function onRecordRequestNotHandled(ActiveRecord $Record, $action)
560			{
561			return static::respond('error', [
562			'success' => false,
563			'failed' => [
564			'errors' => 'Malformed request.',
565			],
566			]);
567			}
568
569
570
571			public static function getTemplateName($noun)
572			{
573			return preg_replace_callback('/\s+([a-zA-Z])/', function ($matches) {
574			return strtoupper($matches[1]);
575			}, $noun);
576			}
577
578			public static function applyRecordDelta(ActiveRecord $Record, $data)
579			{
580			if (is_array(static::$editableFields)) {
			1 ignored issue – show introduced 2018-05-16 00:31 UTC by Report Bug Copy Issue Report The condition `is_array(static::editableFields)` is always `false`. Loading history...
581			$Record->setFields(array_intersect_key($data, array_flip(static::$editableFields)));
582			} else {
583			$Record->setFields($data);
584			}
585			}
586
587			// event template functions
588			protected static function onRecordCreated(ActiveRecord $Record, $data)
589			{
590			}
591			protected static function onBeforeRecordValidated(ActiveRecord $Record, $data)
592			{
593			}
594			protected static function onBeforeRecordSaved(ActiveRecord $Record, $data)
595			{
596			}
597			protected static function onRecordDeleted(ActiveRecord $Record, $data)
598			{
599			}
600			protected static function onRecordSaved(ActiveRecord $Record, $data)
601			{
602			}
603
604			protected static function throwRecordNotFoundError()
605			{
606			return static::throwNotFoundError();
607			}
608			}
609

Divergence / framework

Push — master ( a87492...a67e20 )

RecordsRequestHandler F

Complexity

Size/Duplication

Importance

29 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like