Issues in ElementalAreaController.php - All Issues - Inspection of "Merge pull request #482 from open-sausages/pulls/4..." - dnadesign/silverstripe-elemental - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( e6b7ee...40e526 )

unknown

created 2018-10-30 23:08 UTC

src/Controllers/ElementalAreaController.php (1 issue)

Severity

Unknown 1

Will Rossiter 1

<?php

namespace DNADesign\Elemental\Controllers;

use DNADesign\Elemental\Forms\EditFormFactory;
use DNADesign\Elemental\Models\BaseElement;
use Exception;
use Psr\Log\LoggerInterface;
use SilverStripe\CMS\Controllers\CMSMain;
use SilverStripe\Control\HTTPRequest;
use SilverStripe\Control\HTTPResponse;
use SilverStripe\Control\HTTPResponse_Exception;
use SilverStripe\Core\Convert;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\Forms\Form;
use SilverStripe\Security\SecurityToken;

/**
 * Controller for "ElementalArea" - handles loading and saving of in-line edit forms in an elemental area in admin
 */
class ElementalAreaController extends CMSMain
{
    const FORM_NAME_TEMPLATE = 'ElementForm_%s';

    private static $url_segment = 'elemental-area';

    private static $ignore_menuitem = true;

    private static $url_handlers = [
        // API access points with structured data
        'POST api/saveForm/$ID' => 'apiSaveForm',
    ];

    private static $allowed_actions = [

        'elementForm',
        'schema',
        'apiSaveForm',
    ];

    public function getClientConfig()
    {
        $clientConfig = parent::getClientConfig();
        $clientConfig['form']['elementForm'] = [
            'schemaUrl' => $this->Link('schema/elementForm'),
            'saveUrl' => $this->Link('api/saveForm'),
            'saveMethod' => 'post',
            'payloadFormat' => 'json',
            'formNameTemplate' => sprintf(static::FORM_NAME_TEMPLATE, '{id}'),
        ];
        return $clientConfig;
    }

    /**
     * @param HTTPRequest|null $request
     * @return Form
     * @throws HTTPResponse_Exception
     */
    public function elementForm(HTTPRequest $request = null)
    {
        // Get ID either from posted back value, or url parameter
        if (!$request) {
            $this->jsonError(400);
            return null;
        }
        $id = $request->param('ID');
        if (!$id) {
            $this->jsonError(400);
            return null;
        }
        return $this->getElementForm($id) ?: $this->jsonError(404);
    }

    /**
     * @param int $elementID
     * @return Form|null Returns null if no element exists for the given ID
     */
    public function getElementForm($elementID)
    {
        $scaffolder = Injector::inst()->get(EditFormFactory::class);
        $element = BaseElement::get()->byID($elementID);

        if (!$element) {
            return null;
        }

        /** @var Form $form */
        $form = $scaffolder->getForm(
            $this,
            sprintf(static::FORM_NAME_TEMPLATE, $elementID),
            ['Record' => $element]
        );

        if (!$element->canEdit()) {
            $form->makeReadonly();
        }

        return $form;
    }

    /**
     * Save an inline edit form for a block
     *
     * @param HTTPRequest $request
     * @return HTTPResponse|null JSON encoded string or null if an exception is thrown
     * @throws HTTPResponse_Exception
     */
    public function apiSaveForm(HTTPRequest $request)
    {
        // Validate required input data
        if (!isset($this->urlParams['ID'])) {
            $this->jsonError(400);
            return null;
        }

        $data = Convert::json2array($request->getBody());
        if (empty($data)) {
            $this->jsonError(400);
            return null;
        }

        // Inject request body as request vars
        foreach ($data as $key => $value) {
            $request->offsetSet($key, $value);
        }

        // Check security token
        if (!SecurityToken::inst()->checkRequest($request)) {
            $this->jsonError(400);
            return null;
        }

        /** @var BaseElement $element */
        $element = BaseElement::get()->byID($this->urlParams['ID']);
        // Ensure the element can be edited by the current user
        if (!$element || !$element->canEdit()) {
            $this->jsonError(403);
            return null;
        }

        // Remove the pseudo namespaces that were added by the form factory
        $data = $this->removeNamespacesFromFields($data, $element->ID);

        try {
            $updated = false;
            $element->update($data);
            // Check if anything will actually be changed before writing
            if ($element->isChanged()) {
                $element->write();
                // Track changes so we can return to the client
                $updated = true;
            }
        } catch (Exception $ex) {
            Injector::inst()->get(LoggerInterface::class)->debug($ex->getMessage());

            $this->jsonError(500);
            return null;
        }

        $body = Convert::raw2json([
            'status' => 'success',
            'updated' => $updated,
        ]);
        return HTTPResponse::create($body)->addHeader('Content-Type', 'application/json');
    }

    /**
     * Remove the pseudo namespaces that were added to form fields by the form factory
     *
     * @param array $data
     * @param int $elementID
     * @return array
     */
    protected function removeNamespacesFromFields(array $data, $elementID)
    {
        $output = [];
        $template = sprintf(EditFormFactory::FIELD_NAMESPACE_TEMPLATE, $elementID, '');
        foreach ($data as $key => $value) {
            // Only look at fields that match the namespace template
            if (substr($key, 0, strlen($template)) !== $template) {
                continue;
            }

            $fieldName = substr($key, strlen($template));
            $output[$fieldName] = $value;
        }
        return $output;
    }
}


1			<?php
2
3			namespace DNADesign\Elemental\Controllers;
4
5			use DNADesign\Elemental\Forms\EditFormFactory;
6			use DNADesign\Elemental\Models\BaseElement;
7			use Exception;
8			use Psr\Log\LoggerInterface;
9			use SilverStripe\CMS\Controllers\CMSMain;
10			use SilverStripe\Control\HTTPRequest;
11			use SilverStripe\Control\HTTPResponse;
12			use SilverStripe\Control\HTTPResponse_Exception;
13			use SilverStripe\Core\Convert;
14			use SilverStripe\Core\Injector\Injector;
15			use SilverStripe\Forms\Form;
16			use SilverStripe\Security\SecurityToken;
17
18			/**
19			* Controller for "ElementalArea" - handles loading and saving of in-line edit forms in an elemental area in admin
20			*/
21			class ElementalAreaController extends CMSMain
22			{
23			const FORM_NAME_TEMPLATE = 'ElementForm_%s';
24
25			private static $url_segment = 'elemental-area';
26
27			private static $ignore_menuitem = true;
28
29			private static $url_handlers = [
30			// API access points with structured data
31			'POST api/saveForm/$ID' => 'apiSaveForm',
32			];
33
34			private static $allowed_actions = [
			0 ignored issues – show introduced 2017-11-11 14:30 UTC by Report Bug Copy Issue Report Show Similar Issues like this The private property `$allowed_actions` is not used, and could be removed. Loading history...
35			'elementForm',
36			'schema',
37			'apiSaveForm',
38			];
39
40			public function getClientConfig()
41			{
42			$clientConfig = parent::getClientConfig();
43			$clientConfig['form']['elementForm'] = [
44			'schemaUrl' => $this->Link('schema/elementForm'),
45			'saveUrl' => $this->Link('api/saveForm'),
46			'saveMethod' => 'post',
47			'payloadFormat' => 'json',
48			'formNameTemplate' => sprintf(static::FORM_NAME_TEMPLATE, '{id}'),
49			];
50			return $clientConfig;
51			}
52
53			/**
54			* @param HTTPRequest\|null $request
55			* @return Form
56			* @throws HTTPResponse_Exception
57			*/
58			public function elementForm(HTTPRequest $request = null)
59			{
60			// Get ID either from posted back value, or url parameter
61			if (!$request) {
62			$this->jsonError(400);
63			return null;
64			}
65			$id = $request->param('ID');
66			if (!$id) {
67			$this->jsonError(400);
68			return null;
69			}
70			return $this->getElementForm($id) ?: $this->jsonError(404);
71			}
72
73			/**
74			* @param int $elementID
75			* @return Form\|null Returns null if no element exists for the given ID
76			*/
77			public function getElementForm($elementID)
78			{
79			$scaffolder = Injector::inst()->get(EditFormFactory::class);
80			$element = BaseElement::get()->byID($elementID);
81
82			if (!$element) {
83			return null;
84			}
85
86			/** @var Form $form */
87			$form = $scaffolder->getForm(
88			$this,
89			sprintf(static::FORM_NAME_TEMPLATE, $elementID),
90			['Record' => $element]
91			);
92
93			if (!$element->canEdit()) {
94			$form->makeReadonly();
95			}
96
97			return $form;
98			}
99
100			/**
101			* Save an inline edit form for a block
102			*
103			* @param HTTPRequest $request
104			* @return HTTPResponse\|null JSON encoded string or null if an exception is thrown
105			* @throws HTTPResponse_Exception
106			*/
107			public function apiSaveForm(HTTPRequest $request)
108			{
109			// Validate required input data
110			if (!isset($this->urlParams['ID'])) {
111			$this->jsonError(400);
112			return null;
113			}
114
115			$data = Convert::json2array($request->getBody());
116			if (empty($data)) {
117			$this->jsonError(400);
118			return null;
119			}
120
121			// Inject request body as request vars
122			foreach ($data as $key => $value) {
123			$request->offsetSet($key, $value);
124			}
125
126			// Check security token
127			if (!SecurityToken::inst()->checkRequest($request)) {
128			$this->jsonError(400);
129			return null;
130			}
131
132			/** @var BaseElement $element */
133			$element = BaseElement::get()->byID($this->urlParams['ID']);
134			// Ensure the element can be edited by the current user
135			if (!$element \|\| !$element->canEdit()) {
136			$this->jsonError(403);
137			return null;
138			}
139
140			// Remove the pseudo namespaces that were added by the form factory
141			$data = $this->removeNamespacesFromFields($data, $element->ID);
142
143			try {
144			$updated = false;
145			$element->update($data);
146			// Check if anything will actually be changed before writing
147			if ($element->isChanged()) {
148			$element->write();
149			// Track changes so we can return to the client
150			$updated = true;
151			}
152			} catch (Exception $ex) {
153			Injector::inst()->get(LoggerInterface::class)->debug($ex->getMessage());
154
155			$this->jsonError(500);
156			return null;
157			}
158
159			$body = Convert::raw2json([
160			'status' => 'success',
161			'updated' => $updated,
162			]);
163			return HTTPResponse::create($body)->addHeader('Content-Type', 'application/json');
164			}
165
166			/**
167			* Remove the pseudo namespaces that were added to form fields by the form factory
168			*
169			* @param array $data
170			* @param int $elementID
171			* @return array
172			*/
173			protected function removeNamespacesFromFields(array $data, $elementID)
174			{
175			$output = [];
176			$template = sprintf(EditFormFactory::FIELD_NAMESPACE_TEMPLATE, $elementID, '');
177			foreach ($data as $key => $value) {
178			// Only look at fields that match the namespace template
179			if (substr($key, 0, strlen($template)) !== $template) {
180			continue;
181			}
182
183			$fieldName = substr($key, strlen($template));
184			$output[$fieldName] = $value;
185			}
186			return $output;
187			}
188			}
189

dnadesign / silverstripe-elemental

Push — master ( e6b7ee...40e526 )

src/Controllers/ElementalAreaController.php (1 issue)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like