Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Add delete button to versions #253

Merged
merged 3 commits into from

3 participants

@mvriel

@seldaek indicated on IRC that he would very much love to be able to delete
versions using the web interface of packagist. Since I figured it shouldn't
be much work and he just deleted a version for me I decided to throw some time
against the issue and behold! A new button!

The button only appears if the current user is maintainer or has the
ROLE_EDIT_PACKAGES role; the action executing this code is also protected using
same credentials.

This button replicates the behaviour of the clearVersionsCommand as indicated
by Seldaek.

I have tested this in a local setup.

p.s. the button is explicitly disabled on the first version as that is the main version
and it will only show when expanding the foldout. I assumed the interface would
become too cluttered if I placed it in the top.

@mvriel mvriel Add delete button to versions
@seldaek indicated on IRC that he would very much love to be able to delete
versions using the web interface of packagist. Since I figured it shouldn't
be much work and he just deleted a version for me I decided to throw some time
against the issue and behold! A new button!

The button only appears if the current user is maintainer or has the
ROLE_EDIT_PACKAGES role; the action executing this code is also protected using
same credentials.

This button replicates the behaviour of the clearVersionsCommand as indicated
by Seldaek.

I have tested this in a local setup.
4bfdcb3
src/Packagist/WebBundle/Controller/WebController.php
((8 lines not shown))
$version = $repo->getFullVersion($versionId);
+ $package = $version->getPackage();
+
+ $is_maintainer = $package->getMaintainers()->contains($this->getUser());
@stof
stof added a note

Please use camelCased names for variables

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
src/Packagist/WebBundle/Controller/WebController.php
((32 lines not shown))
+ * )
+ * @Method({"DELETE"})
+ */
+ public function deletePackageVersionAction(Request $req, $versionId)
+ {
+ /** @var \Packagist\WebBundle\Entity\VersionRepository $repo */
+ $repo = $this->getDoctrine()->getRepository('PackagistWebBundle:Version');
+
+ /** @var Version $version */
+ $version = $repo->getFullVersion($versionId);
+ $package = $version->getPackage();
+
+ $is_maintainer = $package->getMaintainers()->contains($this->getUser());
+ $may_edit_package = $this->get('security.context')->isGranted('ROLE_EDIT_PACKAGES');
+
+ if (!$is_maintainer || !$$may_edit_package) {
@stof
stof added a note

duplicated $

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
src/Packagist/WebBundle/Controller/WebController.php
((13 lines not shown))
- $html = $this->renderView('PackagistWebBundle:Web:versionDetails.html.twig', array('version' => $version));
+ $html = $this->renderView(
+ 'PackagistWebBundle:Web:versionDetails.html.twig',
+ array(
+ 'version' => $version,
+ 'may_delete' => $is_maintainer || $may_edit_package,
@stof
stof added a note

why doing this in the controller instead of the template (which is where it is done for other places) ?

@mvriel
mvriel added a note

If that is preferred then I'll happily move it there. I generally prefer to keep business logic (and thus model handling) as much as possible in the controller and I consider the is_maintainer variable to be business logic (tbh: if I were religious about this I'd add a method isMaintainer to the User entity that receives a Package and use that.).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@mvriel

@stof thanks for reviewing the code; I have provided feedback on why I have chosen for the location of the model interactions. Please let me know if you'd like that changed

@stof

@mvriel The location of these checks should be consistent in the project IMO. Having one place doing it in the controller whereas all others are doing it in the template looks weird

@mvriel mvriel Refactor button visibility business logic to template
During a code review by @Stof he indicated that it is desirable to follow suit
with the rest of the application and have the business logic determining
whether the 'delete' button is visible in the template instead of the Controller.
28dd136
@mvriel

I have fixed the issues mentioned in the Code reviews. Thank you for reviewing the code and let me know if there are any other issues

@Seldaek
Owner

Finally found time to merge this, added a csrf token for safety and fixed the styling a bit. Thanks!

@Seldaek Seldaek merged commit 28dd136 into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Nov 29, 2012
  1. @mvriel

    Add delete button to versions

    mvriel authored
    @seldaek indicated on IRC that he would very much love to be able to delete
    versions using the web interface of packagist. Since I figured it shouldn't
    be much work and he just deleted a version for me I decided to throw some time
    against the issue and behold! A new button!
    
    The button only appears if the current user is maintainer or has the
    ROLE_EDIT_PACKAGES role; the action executing this code is also protected using
    same credentials.
    
    This button replicates the behaviour of the clearVersionsCommand as indicated
    by Seldaek.
    
    I have tested this in a local setup.
Commits on Dec 6, 2012
  1. @mvriel

    Fix comments from code review

    mvriel authored
Commits on Dec 22, 2012
  1. @mvriel

    Refactor button visibility business logic to template

    mvriel authored
    During a code review by @Stof he indicated that it is desirable to follow suit
    with the rest of the application and have the business logic determining
    whether the 'delete' button is visible in the template instead of the Controller.
This page is out of date. Refresh to see the latest.
View
36 src/Packagist/WebBundle/Controller/WebController.php
@@ -393,16 +393,48 @@ public function viewPackageAction(Request $req, $name)
*/
public function viewPackageVersionAction(Request $req, $versionId)
{
+ /** @var \Packagist\WebBundle\Entity\VersionRepository $repo */
$repo = $this->getDoctrine()->getRepository('PackagistWebBundle:Version');
- $version = $repo->getFullVersion($versionId);
- $html = $this->renderView('PackagistWebBundle:Web:versionDetails.html.twig', array('version' => $version));
+ $html = $this->renderView(
+ 'PackagistWebBundle:Web:versionDetails.html.twig',
+ array('version' => $repo->getFullVersion($versionId))
+ );
return new JsonResponse(array('content' => $html));
}
/**
* @Template()
+ * @Route(
+ * "/versions/{versionId}/delete",
+ * name="delete_version",
+ * requirements={"name"="[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+?", "versionId"="[0-9]+"}
+ * )
+ * @Method({"DELETE"})
+ */
+ public function deletePackageVersionAction(Request $req, $versionId)
+ {
+ /** @var \Packagist\WebBundle\Entity\VersionRepository $repo */
+ $repo = $this->getDoctrine()->getRepository('PackagistWebBundle:Version');
+
+ /** @var Version $version */
+ $version = $repo->getFullVersion($versionId);
+ $package = $version->getPackage();
+
+ if (!$package->getMaintainers()->contains($this->getUser()) && !$this->get('security.context')->isGranted('ROLE_EDIT_PACKAGES')) {
+ throw new AccessDeniedException;
+ }
+
+ $repo->remove($version);
+ $this->getDoctrine()->getManager()->flush();
+ $this->getDoctrine()->getManager()->clear();
+
+ return new RedirectResponse($this->generateUrl('view_package', array('name' => $package->getName())));
+ }
+
+ /**
+ * @Template()
* @Route("/packages/{name}", name="update_package", requirements={"name"="[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+"}, defaults={"_format" = "json"})
* @Method({"PUT"})
*/
View
7 src/Packagist/WebBundle/Resources/views/Web/versionDetails.html.twig
@@ -1,5 +1,12 @@
{% import "PackagistWebBundle::macros.html.twig" as packagist %}
+{% if is_granted('ROLE_EDIT_PACKAGES') or version.package.maintainers.contains(app.user) %}
+<form class="action" action="{{ path("delete_version", {"versionId": version.id}) }}" method="post">
+ <input type="hidden" name="_method" value="DELETE" />
+ <input type="submit" value="Delete">
+</form>
+{% endif %}
+
<p class="requireme">require: <input type="text" readonly="readonly" value="{{ "\"#{version.package.vendor}/#{version.package.packageName}\": \"#{version.hasVersionAlias() ? version.versionAlias : version.version}\"" }}" /></p>
<h2 class="authors">Author{{ version.authors|length > 1 ? 's' : '' }}</h2>
Something went wrong with that request. Please try again.