1 | <?php |
||
2 | |||
3 | namespace DNADesign\Elemental\Controllers; |
||
4 | |||
5 | use DNADesign\Elemental\Forms\EditFormFactory; |
||
6 | use DNADesign\Elemental\Models\BaseElement; |
||
7 | use Exception; |
||
8 | use Psr\Log\LoggerInterface; |
||
9 | use SilverStripe\Admin\LeftAndMain; |
||
10 | use SilverStripe\Control\HTTPRequest; |
||
11 | use SilverStripe\Control\HTTPResponse; |
||
12 | use SilverStripe\Control\HTTPResponse_Exception; |
||
13 | use SilverStripe\Core\Convert; |
||
14 | use SilverStripe\Core\Injector\Injector; |
||
15 | use SilverStripe\Forms\Form; |
||
16 | use SilverStripe\Security\SecurityToken; |
||
17 | |||
18 | /** |
||
19 | * Controller for "ElementalArea" - handles loading and saving of in-line edit forms in an elemental area in admin |
||
20 | */ |
||
21 | class ElementalAreaController extends LeftAndMain |
||
22 | { |
||
23 | private static $url_segment = 'elemental-area'; |
||
24 | |||
25 | private static $ignore_menuitem = true; |
||
26 | |||
27 | private static $url_handlers = [ |
||
28 | // API access points with structured data |
||
29 | 'POST api/saveForm/$ID' => 'apiSaveForm', |
||
30 | ]; |
||
31 | |||
32 | private static $allowed_actions = [ |
||
0 ignored issues
–
show
introduced
by
Loading history...
|
|||
33 | 'elementForm', |
||
34 | 'schema', |
||
35 | 'apiSaveForm', |
||
36 | ]; |
||
37 | |||
38 | public function getClientConfig() |
||
39 | { |
||
40 | $clientConfig = parent::getClientConfig(); |
||
41 | $clientConfig['form']['elementForm'] = [ |
||
42 | 'schemaUrl' => $this->Link('schema/elementForm'), |
||
43 | 'saveUrl' => $this->Link('api/saveForm'), |
||
44 | 'saveMethod' => 'post', |
||
45 | 'payloadFormat' => 'json', |
||
46 | ]; |
||
47 | return $clientConfig; |
||
48 | } |
||
49 | |||
50 | /** |
||
51 | * @param HTTPRequest|null $request |
||
52 | * @return Form |
||
53 | * @throws HTTPResponse_Exception |
||
54 | */ |
||
55 | public function elementForm(HTTPRequest $request = null) |
||
56 | { |
||
57 | // Get ID either from posted back value, or url parameter |
||
58 | if (!$request) { |
||
59 | $this->jsonError(400); |
||
60 | return null; |
||
61 | } |
||
62 | $id = $request->param('ID'); |
||
63 | if (!$id) { |
||
64 | $this->jsonError(400); |
||
65 | return null; |
||
66 | } |
||
67 | return $this->getElementForm($id) ?: $this->jsonError(404); |
||
68 | } |
||
69 | |||
70 | /** |
||
71 | * @param int $elementID |
||
72 | * @return Form|null Returns null if no element exists for the given ID |
||
73 | */ |
||
74 | public function getElementForm($elementID) |
||
75 | { |
||
76 | $scaffolder = Injector::inst()->get(EditFormFactory::class); |
||
77 | $element = BaseElement::get()->byID($elementID); |
||
78 | |||
79 | if (!$element) { |
||
80 | return null; |
||
81 | } |
||
82 | |||
83 | /** @var Form $form */ |
||
84 | $form = $scaffolder->getForm( |
||
85 | $this, |
||
86 | 'ElementForm_'.$elementID, |
||
87 | ['Record' => $element] |
||
88 | ); |
||
89 | |||
90 | return $form; |
||
91 | } |
||
92 | |||
93 | /** |
||
94 | * Save an inline edit form for a block |
||
95 | * |
||
96 | * @param HTTPRequest $request |
||
97 | * @return HTTPResponse|null JSON encoded string or null if an exception is thrown |
||
98 | * @throws HTTPResponse_Exception |
||
99 | */ |
||
100 | public function apiSaveForm(HTTPRequest $request) |
||
101 | { |
||
102 | // Validate required input data |
||
103 | if (!isset($this->urlParams['ID'])) { |
||
104 | $this->jsonError(400); |
||
105 | return null; |
||
106 | } |
||
107 | |||
108 | $data = Convert::json2array($request->getBody()); |
||
109 | if (empty($data)) { |
||
110 | $this->jsonError(400); |
||
111 | return null; |
||
112 | } |
||
113 | |||
114 | // Inject request body as request vars |
||
115 | foreach ($data as $key => $value) { |
||
116 | $request->offsetSet($key, $value); |
||
117 | } |
||
118 | |||
119 | // Check security token |
||
120 | if (!SecurityToken::inst()->checkRequest($request)) { |
||
121 | $this->jsonError(400); |
||
122 | return null; |
||
123 | } |
||
124 | |||
125 | /** @var BaseElement $element */ |
||
126 | $element = BaseElement::get()->byID($this->urlParams['ID']); |
||
127 | // Ensure the element can be edited by the current user |
||
128 | if (!$element || !$element->canEdit()) { |
||
129 | $this->jsonError(403); |
||
130 | return null; |
||
131 | } |
||
132 | |||
133 | // Remove the pseudo namespaces that were added by the form factory |
||
134 | $data = $this->removeNamespacesFromFields($data, $element->ID); |
||
135 | |||
136 | try { |
||
137 | $updated = false; |
||
138 | $element->update($data); |
||
139 | // Check if anything will actually be changed before writing |
||
140 | if ($element->isChanged()) { |
||
141 | $element->write(); |
||
142 | // Track changes so we can return to the client |
||
143 | $updated = true; |
||
144 | } |
||
145 | } catch (Exception $ex) { |
||
146 | Injector::inst()->get(LoggerInterface::class)->debug($ex->getMessage()); |
||
147 | |||
148 | $this->jsonError(500); |
||
149 | return null; |
||
150 | } |
||
151 | |||
152 | $body = Convert::raw2json([ |
||
153 | 'status' => 'success', |
||
154 | 'updated' => $updated, |
||
155 | ]); |
||
156 | return HTTPResponse::create($body)->addHeader('Content-Type', 'application/json'); |
||
157 | } |
||
158 | |||
159 | /** |
||
160 | * Remove the pseudo namespaces that were added to form fields by the form factory |
||
161 | * |
||
162 | * @param array $data |
||
163 | * @param int $elementID |
||
164 | * @return array |
||
165 | */ |
||
166 | protected function removeNamespacesFromFields(array $data, $elementID) |
||
167 | { |
||
168 | $output = []; |
||
169 | $template = sprintf(EditFormFactory::FIELD_NAMESPACE_TEMPLATE, $elementID, ''); |
||
170 | foreach ($data as $key => $value) { |
||
171 | // Only look at fields that match the namespace template |
||
172 | if (substr($key, 0, strlen($template)) !== $template) { |
||
173 | continue; |
||
174 | } |
||
175 | |||
176 | $fieldName = substr($key, strlen($template)); |
||
177 | $output[$fieldName] = $value; |
||
178 | } |
||
179 | return $output; |
||
180 | } |
||
181 | } |
||
182 |