1 | <?php |
||
2 | /** |
||
3 | * BEdita, API-first content management framework |
||
4 | * Copyright 2018 ChannelWeb Srl, Chialab Srl |
||
5 | * |
||
6 | * This file is part of BEdita: you can redistribute it and/or modify |
||
7 | * it under the terms of the GNU Lesser General Public License as published |
||
8 | * by the Free Software Foundation, either version 3 of the License, or |
||
9 | * (at your option) any later version. |
||
10 | * |
||
11 | * See LICENSE.LGPL or <http://gnu.org/licenses/lgpl-3.0.html> for more details. |
||
12 | */ |
||
13 | |||
14 | namespace BEdita\Core\Model\Table; |
||
15 | |||
16 | use BEdita\Core\Utility\LoggedUser; |
||
17 | use Cake\Database\Schema\TableSchema; |
||
18 | use Cake\Datasource\EntityInterface; |
||
19 | use Cake\Event\Event; |
||
20 | use Cake\Http\Exception\ForbiddenException; |
||
21 | use Cake\ORM\RulesChecker; |
||
22 | use Cake\ORM\Table; |
||
23 | use Cake\Validation\Validator; |
||
24 | |||
25 | /** |
||
26 | * Annotations Model |
||
27 | * |
||
28 | * @property \Cake\ORM\Association\BelongsTo $Objects |
||
29 | * @property \Cake\ORM\Association\BelongsTo $Users |
||
30 | * @method \BEdita\Core\Model\Entity\Annotation get($primaryKey, $options = []) |
||
31 | * @method \BEdita\Core\Model\Entity\Annotation newEntity($data = null, array $options = []) |
||
32 | * @method \BEdita\Core\Model\Entity\Annotation[] newEntities(array $data, array $options = []) |
||
33 | * @method \BEdita\Core\Model\Entity\Annotation|bool save(\Cake\Datasource\EntityInterface $entity, $options = []) |
||
34 | * @method \BEdita\Core\Model\Entity\Annotation patchEntity(\Cake\Datasource\EntityInterface $entity, array $data, array $options = []) |
||
35 | * @method \BEdita\Core\Model\Entity\Annotation[] patchEntities($entities, array $data, array $options = []) |
||
36 | * @method \BEdita\Core\Model\Entity\Annotation findOrCreate($search, callable $callback = null, $options = []) |
||
37 | * @mixin \Cake\ORM\Behavior\TimestampBehavior |
||
38 | * @mixin \BEdita\Core\Model\Behavior\UserModifiedBehavior |
||
39 | */ |
||
40 | class AnnotationsTable extends Table |
||
41 | { |
||
42 | /** |
||
43 | * @inheritDoc |
||
44 | */ |
||
45 | public function initialize(array $config): void |
||
46 | { |
||
47 | parent::initialize($config); |
||
48 | |||
49 | $this->setTable('annotations'); |
||
50 | $this->setDisplayField('id'); |
||
51 | $this->setPrimaryKey('id'); |
||
52 | |||
53 | $this->addBehavior('Timestamp'); |
||
54 | $this->addBehavior('BEdita/Core.UserModified', [ |
||
55 | 'events' => [ |
||
56 | 'Model.beforeSave' => [ |
||
57 | 'user_id' => 'new', |
||
58 | ], |
||
59 | ], |
||
60 | ]); |
||
61 | $this->addBehavior('BEdita/Core.Searchable', [ |
||
62 | 'fields' => [ |
||
63 | 'description' => 10, |
||
64 | ], |
||
65 | ]); |
||
66 | |||
67 | $this->belongsTo('Objects', [ |
||
68 | 'foreignKey' => 'object_id', |
||
69 | 'joinType' => 'INNER', |
||
70 | 'className' => 'BEdita/Core.Objects', |
||
71 | ]); |
||
72 | $this->belongsTo('Users', [ |
||
73 | 'foreignKey' => 'user_id', |
||
74 | 'joinType' => 'INNER', |
||
75 | 'className' => 'BEdita/Core.Users', |
||
76 | ]); |
||
77 | } |
||
78 | |||
79 | /** |
||
80 | * {@inheritDoc} |
||
81 | * |
||
82 | * @codeCoverageIgnore |
||
83 | */ |
||
84 | public function validationDefault(Validator $validator): Validator |
||
85 | { |
||
86 | $validator |
||
87 | ->integer('id') |
||
88 | ->allowEmptyString('id', null, 'create'); |
||
89 | |||
90 | $validator |
||
91 | ->integer('object_id') |
||
92 | ->requirePresence('object_id', 'create') |
||
93 | ->notEmptyString('object_id'); |
||
94 | |||
95 | $validator |
||
96 | ->allowEmptyString('description'); |
||
97 | |||
98 | $validator |
||
99 | ->allowEmptyArray('params'); |
||
100 | |||
101 | return $validator; |
||
102 | } |
||
103 | |||
104 | /** |
||
105 | * {@inheritDoc} |
||
106 | * |
||
107 | * @codeCoverageIgnore |
||
108 | */ |
||
109 | public function buildRules(RulesChecker $rules): RulesChecker |
||
110 | { |
||
111 | $rules->add($rules->existsIn(['object_id'], 'Objects')); |
||
112 | $rules->add($rules->existsIn(['user_id'], 'Users')); |
||
113 | |||
114 | return $rules; |
||
115 | } |
||
116 | |||
117 | /** |
||
118 | * {@inheritDoc} |
||
119 | * |
||
120 | * @codeCoverageIgnore |
||
121 | */ |
||
122 | protected function _initializeSchema(TableSchema $schema) |
||
123 | { |
||
124 | $schema->setColumnType('params', 'json'); |
||
125 | |||
126 | return $schema; |
||
127 | } |
||
128 | |||
129 | /** |
||
130 | * Before save checks: |
||
131 | * - `user_id` must match LoggedUser::id() on entity update |
||
132 | * - `object_id` cannot be modified |
||
133 | * |
||
134 | * @param \Cake\Event\Event $event The beforeSave event that was fired |
||
135 | * @param \Cake\Datasource\EntityInterface $entity the entity that is going to be saved |
||
136 | * @return void |
||
137 | * @throws \BEdita\Core\Exception\ForbiddenException on save check failure |
||
138 | */ |
||
139 | public function beforeSave(Event $event, EntityInterface $entity) |
||
140 | { |
||
141 | if (!$entity->isNew() && $entity->get('user_id') !== LoggedUser::id()) { |
||
142 | throw new ForbiddenException( |
||
143 | __d( |
||
144 | 'bedita', |
||
145 | 'Could not change annotation "{0}" of user "{1}"', |
||
146 | $entity->get('id'), |
||
147 | $entity->get('user_id') |
||
148 | ) |
||
149 | ); |
||
150 | } |
||
151 | if (!$entity->isNew() && $entity->isDirty('object_id')) { |
||
152 | throw new ForbiddenException( |
||
153 | __d( |
||
154 | 'bedita', |
||
155 | 'Could not change object id on annotation "{0}"', |
||
156 | $entity->get('id') |
||
157 | ) |
||
158 | ); |
||
159 | } |
||
160 | } |
||
161 | |||
162 | /** |
||
163 | * Before delete checks: `user_id` must match LoggedUser::id() |
||
164 | * |
||
165 | * @param \Cake\Event\Event $event The beforeSave event that was fired |
||
166 | * @param \Cake\Datasource\EntityInterface $entity the entity that is going to be saved |
||
167 | * @return void |
||
168 | * @throws \BEdita\Core\Exception\ForbiddenException on delete check failure |
||
169 | */ |
||
170 | public function beforeDelete(Event $event, EntityInterface $entity) |
||
0 ignored issues
–
show
|
|||
171 | { |
||
172 | if ($entity->get('user_id') !== LoggedUser::id()) { |
||
173 | throw new ForbiddenException( |
||
174 | __d( |
||
175 | 'bedita', |
||
176 | 'Could not delete annotation "{0}" of user "{1}"', |
||
177 | $entity->get('id'), |
||
178 | $entity->get('user_id') |
||
179 | ) |
||
180 | ); |
||
181 | } |
||
182 | } |
||
183 | } |
||
184 |
This check looks for parameters that have been defined for a function or method, but which are not used in the method body.