From 5cd11b4d34911a8477fb0a975bf151f9cbc75e26 Mon Sep 17 00:00:00 2001 From: Arman <407448+armanist@users.noreply.github.com> Date: Fri, 5 Dec 2025 18:05:10 +0400 Subject: [PATCH 1/2] API module returns only status and message on post create or update instead of the full object --- .../DemoApi/src/Middlewares/CommentOwner.php | 73 +++++++++++++++++++ .../{Owner.php.tpl => PostOwner.php.tpl} | 6 +- .../DemoApi/src/Services/PostService.php.tpl | 11 ++- .../DemoWeb/src/Middlewares/CommentOwner.php | 73 +++++++++++++++++++ .../{Owner.php.tpl => PostOwner.php.tpl} | 6 +- .../DemoWeb/src/Services/PostService.php.tpl | 11 ++- .../DemoWeb/src/routes/routes.php.tpl | 9 ++- 7 files changed, 171 insertions(+), 18 deletions(-) create mode 100644 src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php rename src/Module/Templates/DemoApi/src/Middlewares/{Owner.php.tpl => PostOwner.php.tpl} (95%) create mode 100644 src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php rename src/Module/Templates/DemoWeb/src/Middlewares/{Owner.php.tpl => PostOwner.php.tpl} (96%) diff --git a/src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php b/src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php new file mode 100644 index 00000000..83732aa8 --- /dev/null +++ b/src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php @@ -0,0 +1,73 @@ + + * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org) + * @link http://quantum.softberg.org/ + * @since 2.9.9 + */ + +namespace {{MODULE_NAMESPACE}}\Middlewares; + +use Quantum\Service\Factories\ServiceFactory; +use {{MODULE_NAMESPACE}}\Services\CommentService; +use Quantum\Libraries\Validation\Rule; +use Quantum\Http\Response; +use Quantum\Http\Request; +use Closure; + +/** + * Class CommentOwner + * @package Modules\{{MODULE_NAME}} + */ +class CommentOwner extends BaseMiddleware +{ + + /** + * @param Request $request + * @param Response $response + * @param Closure $next + * @return mixed + */ + public function apply(Request $request, Response $response, Closure $next) + { + $uuid = (string)route_param('uuid'); + + $request->set('uuid', $uuid); + + $this->validateRequest($request, $response); + + return $next($request, $response); + } + + /** + * @inheritDoc + */ + protected function defineValidationRules(Request $request): void + { + $this->registerCustomRules(); + + $this->validator->setRules([ + 'uuid' => [ + Rule::required(), + Rule::commentOwner(), + ], + ]); + } + + /** + * Registers custom validation rules + */ + private function registerCustomRules(): void + { + $this->validator->addRule('commentOwner', function ($commentUuid) { + $comment = ServiceFactory::get(CommentService::class)->getComment($commentUuid); + return !$comment->isEmpty() && $comment->user_uuid === auth()->user()->uuid; + }); + } +} \ No newline at end of file diff --git a/src/Module/Templates/DemoApi/src/Middlewares/Owner.php.tpl b/src/Module/Templates/DemoApi/src/Middlewares/PostOwner.php.tpl similarity index 95% rename from src/Module/Templates/DemoApi/src/Middlewares/Owner.php.tpl rename to src/Module/Templates/DemoApi/src/Middlewares/PostOwner.php.tpl index 13578787..ee08d22d 100644 --- a/src/Module/Templates/DemoApi/src/Middlewares/Owner.php.tpl +++ b/src/Module/Templates/DemoApi/src/Middlewares/PostOwner.php.tpl @@ -9,7 +9,7 @@ * @author Arman Ag. * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org) * @link http://quantum.softberg.org/ - * @since 2.9.8 + * @since 2.9.9 */ namespace {{MODULE_NAMESPACE}}\Middlewares; @@ -22,10 +22,10 @@ use Quantum\Http\Request; use Closure; /** - * Class Owner + * Class PostOwner * @package Modules\{{MODULE_NAME}} */ -class Owner extends BaseMiddleware +class PostOwner extends BaseMiddleware { /** diff --git a/src/Module/Templates/DemoApi/src/Services/PostService.php.tpl b/src/Module/Templates/DemoApi/src/Services/PostService.php.tpl index 363291eb..0f164f67 100644 --- a/src/Module/Templates/DemoApi/src/Services/PostService.php.tpl +++ b/src/Module/Templates/DemoApi/src/Services/PostService.php.tpl @@ -151,10 +151,10 @@ class PostService extends QtService /** * Add post * @param array $data - * @return array + * @return Post * @throws ModelException */ - public function addPost(array $data): array + public function addPost(array $data): Post { $data['uuid'] = $data['uuid'] ?? uuid_ordered(); $data['created_at'] = date('Y-m-d H:i:s'); @@ -163,22 +163,25 @@ class PostService extends QtService $post->fillObjectProps($data); $post->save(); - return $data; + return $this->getPost($post->uuid); } /** * Update post * @param string $uuid * @param array $data + * @return Post * @throws ModelException */ - public function updatePost(string $uuid, array $data) + public function updatePost(string $uuid, array $data): Post { $data['updated_at'] = date('Y-m-d H:i:s'); $post = $this->model->findOneBy('uuid', $uuid); $post->fillObjectProps($data); $post->save(); + + return $this->getPost($post->uuid); } /** diff --git a/src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php b/src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php new file mode 100644 index 00000000..83732aa8 --- /dev/null +++ b/src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php @@ -0,0 +1,73 @@ + + * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org) + * @link http://quantum.softberg.org/ + * @since 2.9.9 + */ + +namespace {{MODULE_NAMESPACE}}\Middlewares; + +use Quantum\Service\Factories\ServiceFactory; +use {{MODULE_NAMESPACE}}\Services\CommentService; +use Quantum\Libraries\Validation\Rule; +use Quantum\Http\Response; +use Quantum\Http\Request; +use Closure; + +/** + * Class CommentOwner + * @package Modules\{{MODULE_NAME}} + */ +class CommentOwner extends BaseMiddleware +{ + + /** + * @param Request $request + * @param Response $response + * @param Closure $next + * @return mixed + */ + public function apply(Request $request, Response $response, Closure $next) + { + $uuid = (string)route_param('uuid'); + + $request->set('uuid', $uuid); + + $this->validateRequest($request, $response); + + return $next($request, $response); + } + + /** + * @inheritDoc + */ + protected function defineValidationRules(Request $request): void + { + $this->registerCustomRules(); + + $this->validator->setRules([ + 'uuid' => [ + Rule::required(), + Rule::commentOwner(), + ], + ]); + } + + /** + * Registers custom validation rules + */ + private function registerCustomRules(): void + { + $this->validator->addRule('commentOwner', function ($commentUuid) { + $comment = ServiceFactory::get(CommentService::class)->getComment($commentUuid); + return !$comment->isEmpty() && $comment->user_uuid === auth()->user()->uuid; + }); + } +} \ No newline at end of file diff --git a/src/Module/Templates/DemoWeb/src/Middlewares/Owner.php.tpl b/src/Module/Templates/DemoWeb/src/Middlewares/PostOwner.php.tpl similarity index 96% rename from src/Module/Templates/DemoWeb/src/Middlewares/Owner.php.tpl rename to src/Module/Templates/DemoWeb/src/Middlewares/PostOwner.php.tpl index cbfae08b..b6dd70c6 100644 --- a/src/Module/Templates/DemoWeb/src/Middlewares/Owner.php.tpl +++ b/src/Module/Templates/DemoWeb/src/Middlewares/PostOwner.php.tpl @@ -9,7 +9,7 @@ * @author Arman Ag. * @copyright Copyright (c) 2018 Softberg LLC (https://softberg.org) * @link http://quantum.softberg.org/ - * @since 2.9.8 + * @since 2.9.9 */ namespace {{MODULE_NAMESPACE}}\Middlewares; @@ -23,10 +23,10 @@ use Quantum\Http\Request; use Closure; /** - * Class Editor + * Class PostOwner * @package Modules\{{MODULE_NAME}} */ -class Owner extends BaseMiddleware +class PostOwner extends BaseMiddleware { diff --git a/src/Module/Templates/DemoWeb/src/Services/PostService.php.tpl b/src/Module/Templates/DemoWeb/src/Services/PostService.php.tpl index 22c8658c..c02ab50c 100644 --- a/src/Module/Templates/DemoWeb/src/Services/PostService.php.tpl +++ b/src/Module/Templates/DemoWeb/src/Services/PostService.php.tpl @@ -150,10 +150,10 @@ class PostService extends QtService /** * Add post * @param array $data - * @return array + * @return Post * @throws ModelException */ - public function addPost(array $data): array + public function addPost(array $data): Post { $data['uuid'] = $data['uuid'] ?? uuid_ordered(); $data['created_at'] = date('Y-m-d H:i:s'); @@ -162,22 +162,25 @@ class PostService extends QtService $post->fillObjectProps($data); $post->save(); - return $data; + return $this->getPost($post->uuid); } /** * Update post * @param string $uuid * @param array $data + * @return Post * @throws ModelException */ - public function updatePost(string $uuid, array $data) + public function updatePost(string $uuid, array $data): Post { $data['updated_at'] = date('Y-m-d H:i:s'); $post = $this->model->findOneBy('uuid', $uuid); $post->fillObjectProps($data); $post->save(); + + return $this->getPost($post->uuid); } /** diff --git a/src/Module/Templates/DemoWeb/src/routes/routes.php.tpl b/src/Module/Templates/DemoWeb/src/routes/routes.php.tpl index 3439ad9f..942521ee 100644 --- a/src/Module/Templates/DemoWeb/src/routes/routes.php.tpl +++ b/src/Module/Templates/DemoWeb/src/routes/routes.php.tpl @@ -21,12 +21,13 @@ return function ($route) { $route->get('[:alpha:2]?/my-posts', 'PostManagementController', 'myPosts')->middlewares(['Editor']); $route->get('[:alpha:2]?/my-posts/create', 'PostManagementController', 'createFrom')->middlewares(['Editor']); $route->post('[:alpha:2]?/my-posts/create', 'PostManagementController', 'create')->middlewares(['Editor']); - $route->get('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amendForm')->middlewares(['Editor', 'Owner']); - $route->post('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'Owner']); - $route->get('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'Owner']); - $route->get('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'Owner']); + $route->get('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amendForm')->middlewares(['Editor', 'PostOwner']); + $route->post('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'PostOwner']); + $route->get('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'PostOwner']); + $route->get('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'PostOwner']); $route->post('[:alpha:2]?/comments/create/[uuid=:any]', 'CommentController', 'create')->middlewares(['Comment']); + $route->get('[:alpha:2]?/comments/delete/[uuid=:any]', 'CommentController', 'delete')->middlewares(['CommentOwner']); $route->get('[:alpha:2]?/account-settings', 'AccountController', 'form'); $route->post('[:alpha:2]?/account-settings/update', 'AccountController', 'update')->middlewares(['Update']); From 604603811590273643111bf3ca88b7894b852926 Mon Sep 17 00:00:00 2001 From: Arman <407448+armanist@users.noreply.github.com> Date: Fri, 5 Dec 2025 18:12:12 +0400 Subject: [PATCH 2/2] Correcting tpl files and pushing remaining changes --- .../src/Controllers/PostManagementController.php.tpl | 10 ++++++---- .../{CommentOwner.php => CommentOwner.php.tpl} | 0 src/Module/Templates/DemoApi/src/routes/routes.php.tpl | 7 ++++--- .../{CommentOwner.php => CommentOwner.php.tpl} | 0 4 files changed, 10 insertions(+), 7 deletions(-) rename src/Module/Templates/DemoApi/src/Middlewares/{CommentOwner.php => CommentOwner.php.tpl} (100%) rename src/Module/Templates/DemoWeb/src/Middlewares/{CommentOwner.php => CommentOwner.php.tpl} (100%) diff --git a/src/Module/Templates/DemoApi/src/Controllers/PostManagementController.php.tpl b/src/Module/Templates/DemoApi/src/Controllers/PostManagementController.php.tpl index e63bfb0e..4bf2d708 100644 --- a/src/Module/Templates/DemoApi/src/Controllers/PostManagementController.php.tpl +++ b/src/Module/Templates/DemoApi/src/Controllers/PostManagementController.php.tpl @@ -79,11 +79,12 @@ class PostManagementController extends BaseController $postData['image'] = $imageName; } - $this->postService->addPost($postData); + $post = $this->postService->addPost($postData); $response->json([ 'status' => 'success', - 'message' => t('common.created_successfully') + 'message' => t('common.created_successfully'), + 'data' => current($this->postService->transformData([$post])) ]); } @@ -118,11 +119,12 @@ class PostManagementController extends BaseController $postData['image'] = $imageName; } - $this->postService->updatePost($postUuid, $postData); + $post = $this->postService->updatePost($postUuid, $postData); $response->json([ 'status' => 'success', - 'message' => t('common.updated_successfully') + 'message' => t('common.updated_successfully'), + 'data' => current($this->postService->transformData([$post])) ]); } diff --git a/src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php b/src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php.tpl similarity index 100% rename from src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php rename to src/Module/Templates/DemoApi/src/Middlewares/CommentOwner.php.tpl diff --git a/src/Module/Templates/DemoApi/src/routes/routes.php.tpl b/src/Module/Templates/DemoApi/src/routes/routes.php.tpl index a7122171..1bab5af8 100644 --- a/src/Module/Templates/DemoApi/src/routes/routes.php.tpl +++ b/src/Module/Templates/DemoApi/src/routes/routes.php.tpl @@ -15,11 +15,12 @@ return function ($route) { $route->group('auth', function ($route) { $route->get('[:alpha:2]?/my-posts', 'PostManagementController', 'myPosts')->middlewares(['Editor']); $route->post('[:alpha:2]?/my-posts/create', 'PostManagementController', 'create')->middlewares(['Editor']); - $route->put('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'Owner']); - $route->delete('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'Owner']); - $route->delete('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'Owner']); + $route->put('[:alpha:2]?/my-posts/amend/[uuid=:any]', 'PostManagementController', 'amend')->middlewares(['Editor', 'PostOwner']); + $route->delete('[:alpha:2]?/my-posts/delete/[uuid=:any]', 'PostManagementController', 'delete')->middlewares(['Editor', 'PostOwner']); + $route->delete('[:alpha:2]?/my-posts/delete-image/[uuid=:any]', 'PostManagementController', 'deleteImage')->middlewares(['Editor', 'PostOwner']); $route->post('[:alpha:2]?/comments/create/[uuid=:any]', 'CommentController', 'create')->middlewares(['Comment']); + $route->delete('[:alpha:2]?/comments/delete/[uuid=:any]', 'CommentController', 'delete')->middlewares(['CommentOwner']); $route->put('[:alpha:2]?/account-settings/update', 'AccountController', 'update')->middlewares(['Update']); $route->put('[:alpha:2]?/account-settings/update-password', 'AccountController', 'updatePassword')->middlewares(['Password']); diff --git a/src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php b/src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php.tpl similarity index 100% rename from src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php rename to src/Module/Templates/DemoWeb/src/Middlewares/CommentOwner.php.tpl