From a2d073b7b944fbb4134aff78248fc88fb98ea4c5 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Tue, 10 Apr 2012 15:47:42 +0200 Subject: [PATCH] REST POST of event and signatures works (basics, no error-handling) --- app/Controller/AppController.php | 8 +++- app/Controller/AttributesController.php | 2 - app/Controller/EventsController.php | 49 ++++++++++++--------- app/Model/Attribute.php | 57 ++++++++++++++++--------- app/Model/Event.php | 6 +++ 5 files changed, 79 insertions(+), 43 deletions(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index dd4e4689f..57bfc916c 100644 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -59,12 +59,12 @@ class AppController extends Controller { function beforeFilter() { // REST things - if (isset($this->RequestHandler) && $this->RequestHandler->isXml()) { + if ($this->_isRest()) { // disable CSRF for REST access $this->Security->csrfCheck = false; // Authenticate user with authkey in Authorization HTTP header - if ($this->RequestHandler->isXml() && !empty($_SERVER['HTTP_AUTHORIZATION'])) { + if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { $authkey = $_SERVER['HTTP_AUTHORIZATION']; $this->loadModel('User'); $params = array( @@ -91,6 +91,10 @@ class AppController extends Controller { $this->set('isAdmin', $this->_isAdmin()); } + + protected function _isRest() { + return (isset($this->RequestHandler) && $this->RequestHandler->isXml()); + } /** * Convert an array to the same array but with the values also as index instead of an interface_exists diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index 46576bddb..a1cf49680 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -96,7 +96,6 @@ class AttributesController extends AppController { $this->Attribute->create(); $this->request->data['Attribute']['value'] = $attribute; // set the value as the content of the single line - $this->request->data['Attribute']['uuid'] = String::uuid(); if ($this->Attribute->save($this->request->data)) { $successes .= " ".($key+1); } else { @@ -124,7 +123,6 @@ class AttributesController extends AppController { // // create the attribute $this->Attribute->create(); - $this->request->data['Attribute']['uuid'] = String::uuid(); if ($this->Attribute->save($this->request->data)) { // inform the user and redirect diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 40728debc..dd84c0f3b 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -121,13 +121,30 @@ class EventsController extends AppController { // force check userid and orgname to be from yourself $this->request->data['Event']['user_id'] = $this->Auth->user('id'); $this->request->data['Event']['org'] = $this->Auth->user('org'); - $this->request->data['Event']['uuid'] = String::uuid(); $this->Event->create(); - if ($this->Event->save($this->request->data)) { - $this->Session->setFlash(__('The event has been saved')); - $this->redirect(array('action' => 'view', $this->Event->getId())); + + if ($this->_isRest()) { + // Workaround for different structure in XML than what CakePHP expects + $this->request->data['Attribute'] = $this->request->data['Event']['Attribute']; + unset($this->request->data['Event']['Attribute']); + // the event_id field is not set (normal) so make sure no validation errors are thrown + unset($this->Event->Attribute->validate['event_id']); + unset($this->Event->Attribute->validate['value']['unique']); // otherwise gives bugs because event_id is not set + } + + if ($this->Event->saveAssociated($this->request->data)) { + if ($this->_isRest()) { + // REST users want to see the newly created event + $this->view($this->Event->getId()); + $this->render('view'); + } else { + // redirect to the view of the newly created event + $this->Session->setFlash(__('The event has been saved')); + $this->redirect(array('action' => 'view', $this->Event->getId())); + } } else { $this->Session->setFlash(__('The event could not be saved. Please, try again.'), 'default', array(), 'error'); + // TODO return error if REST } } // combobox for risks @@ -181,6 +198,7 @@ class EventsController extends AppController { $this->set('risks',compact('risks')); } + /** * delete method * @@ -206,6 +224,7 @@ class EventsController extends AppController { } + /** * Publishes the event without sending an alert email */ @@ -231,6 +250,7 @@ class EventsController extends AppController { $this->redirect(array('action' => 'view', $id)); } } + /** * Send out an alert email to all the users that wanted to be notified. * Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted @@ -371,6 +391,7 @@ class EventsController extends AppController { } + /** * Send out an contact email to the person who posted the event. * Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted @@ -398,7 +419,8 @@ class EventsController extends AppController { if (empty($this->data)) { $this->data = $this->Event->read(null, $id); } - } + } + /** @@ -515,7 +537,8 @@ class EventsController extends AppController { unlink($tmpfname); return $result; - } + } + public function export() { @@ -852,21 +875,7 @@ class EventsController extends AppController { // and append |00| to terminate the name return $rawName; } - - - /** - * Shortcut so you can check in your Controllers wether - * REST Component is currently active. - * - * Use it in your ->flash() methods - * to forward errors to REST with e.g. $this->Rest->error() - * - * @return boolean - */ - protected function _isRest() { - return !empty($this->Rest) && is_object($this->Rest) && $this->Rest->isActive(); - } } diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index aaa6879b5..472806dbc 100644 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -99,6 +99,14 @@ class Attribute extends AppModel { //'last' => false, // Stop validation after this rule //'on' => 'create', // Limit validation to 'create' or 'update' operations ), + 'unique' => array( + 'rule' => array('valueIsUnique'), + 'message' => 'A similar attribute already exists for this event.', + //'allowEmpty' => false, + //'required' => true, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), ), 'to_ids' => array( 'boolean' => array( @@ -198,31 +206,42 @@ class Attribute extends AppModel { break; } + // generate UUID if it doesn't exist + if (empty($this->data['Attribute']['uuid'])) + $this->data['Attribute']['uuid']= String::uuid(); + // always return true, otherwise the object cannot be saved return true; } + function valueIsUnique ($fields) { + $value = $fields['value']; + $event_id = $this->data['Attribute']['event_id']; + $type = $this->data['Attribute']['type']; + $to_ids = $this->data['Attribute']['to_ids']; + $category = $this->data['Attribute']['category']; + + // check if the attribute already exists in the same event + $conditions = array('Attribute.event_id' => $event_id, + 'Attribute.type' => $type, + 'Attribute.category' => $category, + 'Attribute.value' => $value + ); + if (isset($this->data['Attribute']['id'])) + $conditions['Attribute.id !='] = $this->data['Attribute']['id']; + + $params = array('recursive' => 0, + 'conditions' => $conditions, + ); + if (0 != $this->find('count', $params) ) + return false; + + // Say everything is fine + return true; + } + function validateAttributeValue ($fields) { $value = $fields['value']; - $event_id = $this->data['Attribute']['event_id']; - $type = $this->data['Attribute']['type']; - $to_ids = $this->data['Attribute']['to_ids']; - $category = $this->data['Attribute']['category']; - - // check if the attribute already exists in the same event - $conditions = array('Attribute.event_id' => $event_id, - 'Attribute.type' => $type, - 'Attribute.category' => $category, - 'Attribute.value' => $value - ); - if (isset($this->data['Attribute']['id'])) - $conditions['Attribute.id !='] = $this->data['Attribute']['id']; - - $params = array('recursive' => 0, - 'conditions' => $conditions, - ); - if (0 != $this->find('count', $params) ) - return 'Attribute already exists for this event.'; // check data validation switch($this->data['Attribute']['type']) { diff --git a/app/Model/Event.php b/app/Model/Event.php index 123527495..7075876fe 100644 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -138,6 +138,12 @@ class Event extends AppModel { ); + function beforeValidate() { + // generate UUID if it doesn't exist + if (empty($this->data['Event']['uuid'])) + $this->data['Event']['uuid']= String::uuid(); + } + public function isOwnedByOrg($eventid, $org) { return $this->field('id', array('id' => $eventid, 'org' => $org)) === $eventid; }