Dev: Indentation; more defensive programming to spit out error messag…

…es (CPDB)
LimeSurvey · Sep 23, 2016 · a72784d · Shnoulle · Sep 23, 2016 · a72784d
1 parent 0db0891
commit a72784d
Show file tree

Hide file tree

Showing 3 changed files with 98 additions and 36 deletions.
diff --git a/application/controllers/admin/participantsaction.php b/application/controllers/admin/participantsaction.php
@@ -534,15 +534,18 @@ public function opendeleteparticipant()
         $this->getController()->renderPartial('/admin/participants/modal_subviews/_deleteParticipant', array('model' => $model));
     }
     /**
-     * Resposible for editing data on the jqGrid
+     * Saving participant details
      * @return void
      */
     public function editParticipant()
     {
         $sOperation = Yii::app()->request->getPost('oper');
 
-        // if edit it will update the row
-        if ($sOperation == 'edit' && Permission::model()->hasGlobalPermission('participantpanel','update') && Participant::model()->is_owner(Yii::app()->request->getPost('id')))
+        // If edit it will update the row
+        $isSuperAdmin = Permission::model()->hasGlobalPermission('superadmin','read');
+        $isOwner = Participant::model()->is_owner(Yii::app()->request->getPost('id'));
+        $hasPermissionToEdit = Permission::model()->hasGlobalPermission('participantpanel','update') && ($isSuperAdmin || $isOwner);
+        if ($sOperation == 'edit' && $hasPermissionToEdit)
         {
             $aData = Yii::app()->request->getPost('Participant');
             $extraAttributes = Yii::app()->request->getPost('Attributes');
@@ -565,36 +568,58 @@ public function editParticipant()
                 "success" => $success,
                 "successMessage" => gT("Participant successfully updated")
             ));
-            Yii::app()->end();
         }
-        // if add it will insert a new row
-        elseif ($sOperation == 'add' && Permission::model()->hasGlobalPermission('participantpanel','create'))
+        // If add it will insert a new row
+        elseif ($sOperation == 'add' && Permission::model()->hasGlobalPermission('participantpanel', 'create'))
         {
             $aData = Yii::app()->request->getPost('Participant');
             $extraAttributes = Yii::app()->request->getPost('Attributes');
             $uuid = Participant::gen_uuid();
             $aData['participant_id'] = $uuid;
-            $aData['owner_uid'] = Yii::app()->session['loginID'];
-            $aData['created_by'] = Yii::app()->session['loginID'];
+            $aData['owner_uid'] = Yii::app()->user->id;
+            $aData['created_by'] = Yii::app()->user->id;
 
-            Participant::model()->insertParticipant($aData);
+            // String = error message, object = success
+            $result = Participant::model()->insertParticipant($aData);
 
-            foreach( $extraAttributes as $htmlName => $attributeValue )
-             {
-                 list(,$attribute_id) = explode('_',$htmlName);
-                 $data = array(
-                     'attribute_id'=>$attribute_id, 
-                     'participant_id'=>$uuid,
-                     'value' => $attributeValue
-                 );
-                 ParticipantAttribute::model()->updateParticipantAttributeValue($data);
-             }
+            if (is_object($result))
+            {
+                foreach( $extraAttributes as $htmlName => $attributeValue )
+                {
+                    list(,$attribute_id) = explode('_',$htmlName);
+                    $data = array(
+                        'attribute_id'   =>$attribute_id,
+                        'participant_id' =>$uuid,
+                        'value'          => $attributeValue
+                    );
+                    ParticipantAttribute::model()->updateParticipantAttributeValue($data);
+                }
 
+                echo json_encode(array(
+                    "success" => true,
+                    "successMessage" => gT("Participant successfully added")
+                ));
+            }
+            else if (is_string($result))
+            {
+                echo json_encode(array(
+                    "success" => false,
+                    // TODO: Localization?
+                    "errorMessage" => 'Could not add new participant: ' . $result
+                ));
+            }
+            else
+            {
+                // "Impossible"
+                assert(false);
+            }
+        }
+        else
+        {
             echo json_encode(array(
-                "success" => true,
-                "successMessage" => gT("Participant successfully updated")
+                "success" => false,
+                "errorMessage" => gT("Unknown error")
             ));
-            Yii::app()->end();
         }
     }
 

diff --git a/application/models/Participant.php b/application/models/Participant.php
@@ -386,7 +386,7 @@ public function search()
 
         // Users can only see: 1) Participants they own; and 2) shared participants.
         // Superadmins can see all users.
-        //$criteria->addCondition('(t.owner_uid = ' . Yii::app()->user->id . ' OR );
+        $criteria->addCondition('t.owner_uid = ' . Yii::app()->user->id . ' AND true');
 
         $pageSize = Yii::app()->user->getState('pageSizeParticipantView', Yii::app()->params['defaultPageSize']);      
         return new CActiveDataProvider($this, array(
@@ -443,23 +443,44 @@ static function gen_uuid()
     /**
      * This function is responsible for adding the participant to the database
      * @param array $aData Participant data
-     * @return boolean true on success, false on failure
+     * @return string|Participant Error message on failure, participant object on success
      */
     public function insertParticipant($aData)
     {
         $oParticipant = new self;
-        foreach ($aData as $sField => $sValue){
+        foreach ($aData as $sField => $sValue)
+        {
             $oParticipant->$sField = $sValue;
         }
         try
         {
-            $oParticipant->save();
-            return true;
+            $result = $oParticipant->save();
+            if (!$result)
+            {
+                return $this->flattenErrorMessages($oParticipant->getErrors());
+            }
+            return $oParticipant;
         }
         catch(Exception $e)
         {
-            return false;
+            return $e->getMessage();
+        }
+    }
+
+    /**
+     * Takes result from model->getErrors() and creates a
+     * long string of all messages.
+     * @param array $errors
+     * @return string
+     */
+    private function flattenErrorMessages(array $errors)
+    {
+        $result = '';
+        foreach ($errors as $error)
+        {
+            $result .= $error[0] . ' ';
         }
+        return $result;
     }
 
     /**
@@ -562,6 +583,9 @@ public function getParticipantsSharedCount($userid)
         return $count;
     }
 
+    /**
+     * @return array
+     */
     public function getParticipants($page, $limit,$attid, $order = null, $search = null, $userid = null)
     {
         $data = $this->getParticipantsSelectCommand(false, $attid, $search, $userid, $page, $limit, $order);
@@ -574,18 +598,20 @@ public function getParticipants($page, $limit,$attid, $order = null, $search = n
     /**
      * Duplicated from getparticipants, only to have a count
      *
-     * @param type $attid
-     * @param type $order
+     * @param int $attid
      * @param CDbCriteria $search
-     * @param type $userid
-     * @return type
+     * @param int $userid
+     * @return int
      */
     public function getParticipantsCount($attid, $search = null, $userid = null) {
         $data = $this->getParticipantsSelectCommand(true, $attid, $search, $userid);
 
         return $data->queryScalar();
     }
 
+    /**
+     * @return array
+     */
     private function getParticipantsSelectCommand($count = false, $attid, $search = null, $userid = null, $page = null, $limit = null, $order = null)
     {
         $selectValue = array();
@@ -1686,7 +1712,7 @@ public function copyCPDBAttributesToTokens($surveyId, array $participantIds, arr
      *
      * @return bool true/false
      */
-    function updateTokenAttributeValue($surveyId, $participantId, $participantAttributeId, $tokenFieldname) {
+    public function updateTokenAttributeValue($surveyId, $participantId, $participantAttributeId, $tokenFieldname) {
 
         if (intval($participantAttributeId) === 0)  // OBS: intval returns 0 at fail, but also at intval("0"). lolphp.
         {
@@ -1724,7 +1750,7 @@ function updateTokenAttributeValue($surveyId, $participantId, $participantAttrib
      *
      * @return bool true/false
      */
-     function updateAttributeValueToken($surveyId, $participantId, $participantAttributeId, $tokenFieldname) {
+     public function updateAttributeValueToken($surveyId, $participantId, $participantAttributeId, $tokenFieldname) {
         $val = Yii::app()->db
                          ->createCommand()
                          ->select($tokenFieldname)
@@ -1947,10 +1973,17 @@ public function copyToCentral($surveyid, $aAttributesToBeCreated, $aMapped, $ove
 
     /**
      * The purpose of this function is to check for duplicate in participants
+     * @param array $fields
+     * @param string $output
+     * @return mixed
      */
     public function checkforDuplicate($fields, $output="bool")
     {
-        $query = Yii::app()->db->createCommand()->select('participant_id')->where($fields)->from('{{participants}}')->queryAll();
+        $query = Yii::app()->db->createCommand()
+            ->select('participant_id')
+            ->where($fields)
+            ->from('{{participants}}')
+            ->queryAll();
         if (count($query) > 0)
         {
             if($output=="bool") {return true;}
@@ -1962,6 +1995,10 @@ public function checkforDuplicate($fields, $output="bool")
         }
     }
 
+    /**
+     * @param array $data
+     * @return void
+     */
     public function insertParticipantCSV($data)
     {
         $insertData = array(

diff --git a/application/views/admin/participants/modal_subviews/_editParticipant.php b/application/views/admin/participants/modal_subviews/_editParticipant.php
@@ -37,7 +37,7 @@
             </label>
             <label class='radio-inline'>"
              . "<input name=\"Participant[blacklisted]\" id=\"Participant_blacklisted\" type=\"radio\" value=\"N\" "
-                .($model->blacklisted == "N" ? "checked" : "")." />"
+                .(($model->blacklisted == "N" || empty($model->blacklisted)) ? "checked" : "")." />"
              . gT("No")."
             </label>
             </div>