/
calendar_event.php
68 lines (59 loc) · 2.42 KB
/
calendar_event.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php
namespace Concrete\Controller\Workflow\Categories;
use Concrete\Core\Controller\AbstractController;
use Concrete\Core\Error\UserMessageException;
use Concrete\Core\Http\ResponseFactoryInterface;
use Concrete\Core\Utility\Service\Validation\Numbers;
use Concrete\Core\Validation\CSRF\Token;
use Concrete\Core\Workflow\Progress\CalendarEventProgress;
use Concrete\Core\Workflow\Progress\Response as WorkflowProgressResponse;
use Symfony\Component\HttpFoundation\Response as HttpResponse;
defined('C5_EXECUTE') or die('Access Denied.');
class CalendarEvent extends AbstractController
{
public function saveProgress(): HttpResponse
{
$this->checkCSRF('save_workflow_progress');
$wp = $this->getWorkflowProgress();
$task = $this->getWorkflowProgressTask($wp);
if ($task === '') {
throw new UserMessageException(t('Task not specified'));
}
$workflowResponse = $wp->runTask($task, $this->request->request->all());
$responseData = [
'wpID' => $wp->getWorkflowProgressID(),
'redirect' => $workflowResponse instanceof WorkflowProgressResponse ? (string) $workflowResponse->getWorkflowProgressResponseURL() : '',
];
return $this->app->make(ResponseFactoryInterface::class)->json($responseData);
}
/**
* @throws \Concrete\Core\Error\UserMessageException
*/
protected function checkCSRF(string $action): void
{
$valt = $this->app->make(Token::class);
if (!$valt->validate($action)) {
throw new UserMessageException($valt->getErrorMessage());
}
}
/**
* @throws \Concrete\Core\Error\UserMessageException
*/
protected function getWorkflowProgress(): CalendarEventProgress
{
$wpID = $this->request->request->get('wpID', $this->request->query->get('wpID'));
$wp = $this->app->make(Numbers::class)->integer($wpID, 1) ? CalendarEventProgress::getByID((int) $wpID) : null;
if (!($wp instanceof CalendarEventProgress)) {
throw new UserMessageException(t('Workflow progress not found'));
}
$wf = $wp->getWorkflowObject();
if (!$wf->canApproveWorkflowProgressObject($wp)) {
throw new UserMessageException(t('Access Denied.'));
}
return $wp;
}
protected function getWorkflowProgressTask(CalendarEventProgress $wp): string
{
return (string) $wp->getRequestedTask();
}
}