/
group.php
101 lines (92 loc) · 2.92 KB
/
group.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php
namespace Concrete\Controller\Backend;
use Concrete\Core\Controller\Controller;
use Concrete\Core\Error\ErrorList\ErrorList;
use Concrete\Core\Error\UserMessageException;
use Concrete\Core\Http\ResponseFactoryInterface;
use Concrete\Core\Permission\Checker;
use Concrete\Core\User\Group\EditResponse;
use Concrete\Core\User\Group\GroupRepository;
use Concrete\Core\Validation\CSRF\Token;
use Symfony\Component\HttpFoundation\JsonResponse;
class Group extends Controller
{
public function getJSON(): JsonResponse
{
$response = new EditResponse();
try {
$this->checkAccess(false);
$response->setGroups($this->getRequestGroups($response->getError()));
} catch (UserMessageException $x) {
$response->getError()->addError($x);
}
return $this->app->make(ResponseFactoryInterface::class)->json($response);
}
/**
* @throws \Concrete\Core\Error\UserMessageException
*/
protected function checkAccess(bool $checkToken): void
{
if ($checkToken) {
$token = $this->app->make(Token::class);
if (!$token->validate()) {
throw new UserMessageException($token->getErrorMessage());
}
}
$permissions = new Checker();
if (!$permissions->canAccessGroupSearch()) {
throw new UserMessageException(t('Access Denied.'));
}
}
/**
* @return int[]
*/
protected function getRequestGroupsIDs(): array
{
$all = $this->request->request->all();
$groupIDs = $all['gID'] ?? null;
if ($groupIDs === null) {
$all = $this->request->query->all();
$groupIDs = $all['gID'] ?? [];
}
if (!is_array($groupIDs)) {
$groupIDs = [$groupIDs];
}
$groupIDs = array_map(
static function ($groupID): int {
return is_numeric($groupID) ? (int) $groupID : 0;
},
$groupIDs
);
$groupIDs = array_filter(
$groupIDs,
static function (int $groupID): bool {
return $groupID > 0;
}
);
return array_values(array_unique($groupIDs));
}
/**
* @return \Concrete\Core\User\Group\Group[]
*/
protected function getRequestGroups(?ErrorList $errors = null): array
{
$groupIDs = $this->getRequestGroupsIDs();
if ($groupIDs === []) {
return [];
}
$groups = [];
$repository = $this->app->make(GroupRepository::class);
foreach ($groupIDs as $groupID) {
$group = $repository->getGroupById($groupID);
if ($group === null) {
if ($errors !== null) {
$errors->add(t('Unable to find the group with ID %s', $groupID));
}
} else {
$groups[] = $group;
}
}
return $groups;
}
}