castopod/app/Controllers/Admin/Contributor.php

<?php
/**
 * @copyright  2020 Podlibre
 * @license    https://www.gnu.org/licenses/agpl-3.0.en.html AGPL3
 * @link       https://castopod.org/
 */

namespace App\Controllers\Admin;

use App\Models\PodcastModel;
use Myth\Auth\Authorization\GroupModel;
use Myth\Auth\Config\Services;
use Myth\Auth\Models\UserModel;

class Contributor extends BaseController
{
    protected \App\Entities\Podcast $podcast;
    protected ?\Myth\Auth\Entities\User $user;

    public function _remap($method, ...$params)
    {
        if (
            !has_permission('podcasts-manage_contributors') ||
            !has_permission("podcasts:$params[0]-manage_contributors")
        ) {
            throw new \RuntimeException(lang('Auth.notEnoughPrivilege'));
        }

        $podcast_model = new PodcastModel();

        $this->podcast = $podcast_model->find($params[0]);

        if (count($params) > 1) {
            $user_model = new UserModel();
            if (
                !($this->user = $user_model
                    ->select('users.*')
                    ->join(
                        'users_podcasts',
                        'users_podcasts.user_id = users.id'
                    )
                    ->where([
                        'users.id' => $params[1],
                        'podcast_id' => $params[0],
                    ])
                    ->first())
            ) {
                throw \CodeIgniter\Exceptions\PageNotFoundException::forPageNotFound();
            }
        }

        return $this->$method();
    }

    public function list()
    {
        $data = [
            'podcast' => $this->podcast,
        ];

        echo view('admin/contributor/list', $data);
    }

    public function add()
    {
        $user_model = new UserModel();
        $group_model = new GroupModel();

        $roles = $group_model
            ->select('auth_groups.*')
            ->like('name', 'podcasts:' . $this->podcast->id, 'after')
            ->findAll();

        $data = [
            'podcast' => $this->podcast,
            'users' => $user_model->findAll(),
            'roles' => $roles,
        ];

        echo view('admin/contributor/add', $data);
    }

    public function attemptAdd()
    {
        $authorize = Services::authorization();

        $user_id = (int) $this->request->getPost('user');
        $group_id = (int) $this->request->getPost('role');

        // Add user to chosen group
        $authorize->addUserToGroup($user_id, $group_id);

        (new PodcastModel())->addContributorToPodcast(
            $user_id,
            $this->podcast->id
        );

        return redirect()->route('contributor_list', [$this->podcast->id]);
    }

    public function edit()
    {
        $group_model = new GroupModel();

        $roles = $group_model
            ->select('auth_groups.*')
            ->like('name', 'podcasts:' . $this->podcast->id, 'after')
            ->findAll();

        $user_role = $group_model
            ->select('auth_groups.*')
            ->join(
                'auth_groups_users',
                'auth_groups_users.group_id = auth_groups.id'
            )
            ->where('auth_groups_users.user_id', $this->user->id)
            ->like('name', 'podcasts:' . $this->podcast->id, 'after')
            ->first();

        $data = [
            'podcast' => $this->podcast,
            'user' => $this->user,
            'user_role' => $user_role,
            'roles' => $roles,
        ];

        echo view('admin/contributor/edit', $data);
    }

    public function attemptEdit()
    {
        $authorize = Services::authorization();

        $group_model = new GroupModel();

        $group = $group_model
            ->select('auth_groups.*')
            ->join(
                'auth_groups_users',
                'auth_groups_users.group_id = auth_groups.id'
            )
            ->where('user_id', $this->user->id)
            ->like('name', 'podcasts:' . $this->podcast->id, 'after')
            ->first();

        $authorize->removeUserFromGroup(
            (int) $this->user->id,
            (int) $group->id
        );

        $authorize->addUserToGroup(
            (int) $this->user->id,
            (int) $this->request->getPost('role')
        );

        return redirect()->route('contributor_list', [$this->podcast->id]);
    }

    public function remove()
    {
        $authorize = Services::authorization();

        $group_model = new GroupModel();

        $group = $group_model
            ->select('auth_groups.*')
            ->join(
                'auth_groups_users',
                'auth_groups_users.group_id = auth_groups.id'
            )
            ->like('name', 'podcasts:' . $this->podcast->id, 'after')
            ->where('user_id', $this->user->id)
            ->first();

        $authorize->removeUserFromGroup(
            (int) $this->user->id,
            (int) $group->id
        );

        (new PodcastModel())->removeContributorFromPodcast(
            $this->user->id,
            $this->podcast->id
        );

        return redirect()->route('contributor_list', [$this->podcast->id]);
    }
}
feat: add user permissions and basic groups to handle authorizations - add AuthSeeder to bootstrap authorization data and remove UserSeeder - create a superadmin group having all authorizations - refactor routes and controller methods to separate get and post requests - refactor admin views with a title section in layout - add contributors section to podcasts to manage contributions (add, edit roles and remove) closes #3, #18 2020-07-16 10:08:23 +00:00			`<?php`
			`/**`
			`* @copyright 2020 Podlibre`
			`* @license https://www.gnu.org/licenses/agpl-3.0.en.html AGPL3`
			`* @link https://castopod.org/`
			`*/`

			`namespace App\Controllers\Admin;`

			`use App\Models\PodcastModel;`
			`use Myth\Auth\Authorization\GroupModel;`
			`use Myth\Auth\Config\Services;`
			`use Myth\Auth\Models\UserModel;`

			`class Contributor extends BaseController`
			`{`
			`protected \App\Entities\Podcast $podcast;`
			`protected ?\Myth\Auth\Entities\User $user;`

			`public function _remap($method, ...$params)`
			`{`
			`if (`
			`!has_permission('podcasts-manage_contributors') \|\|`
			`!has_permission("podcasts:$params[0]-manage_contributors")`
			`) {`
			`throw new \RuntimeException(lang('Auth.notEnoughPrivilege'));`
			`}`

			`$podcast_model = new PodcastModel();`

			`$this->podcast = $podcast_model->find($params[0]);`

			`if (count($params) > 1) {`
			`$user_model = new UserModel();`
			`if (`
			`!($this->user = $user_model`
			`->select('users.*')`
			`->join(`
			`'users_podcasts',`
			`'users_podcasts.user_id = users.id'`
			`)`
			`->where([`
			`'users.id' => $params[1],`
			`'podcast_id' => $params[0],`
			`])`
			`->first())`
			`) {`
			`throw \CodeIgniter\Exceptions\PageNotFoundException::forPageNotFound();`
			`}`
			`}`

			`return $this->$method();`
			`}`

			`public function list()`
			`{`
			`$data = [`
			`'podcast' => $this->podcast,`
			`];`

			`echo view('admin/contributor/list', $data);`
			`}`

			`public function add()`
			`{`
			`$user_model = new UserModel();`
			`$group_model = new GroupModel();`

			`$roles = $group_model`
			`->select('auth_groups.*')`
			`->like('name', 'podcasts:' . $this->podcast->id, 'after')`
			`->findAll();`

			`$data = [`
			`'podcast' => $this->podcast,`
			`'users' => $user_model->findAll(),`
			`'roles' => $roles,`
			`];`

			`echo view('admin/contributor/add', $data);`
			`}`

			`public function attemptAdd()`
			`{`
			`$authorize = Services::authorization();`

			`$user_id = (int) $this->request->getPost('user');`
			`$group_id = (int) $this->request->getPost('role');`

			`// Add user to chosen group`
			`$authorize->addUserToGroup($user_id, $group_id);`

			`(new PodcastModel())->addContributorToPodcast(`
			`$user_id,`
			`$this->podcast->id`
			`);`

			`return redirect()->route('contributor_list', [$this->podcast->id]);`
			`}`

			`public function edit()`
			`{`
			`$group_model = new GroupModel();`

			`$roles = $group_model`
			`->select('auth_groups.*')`
			`->like('name', 'podcasts:' . $this->podcast->id, 'after')`
			`->findAll();`

			`$user_role = $group_model`
			`->select('auth_groups.*')`
			`->join(`
			`'auth_groups_users',`
			`'auth_groups_users.group_id = auth_groups.id'`
			`)`
			`->where('auth_groups_users.user_id', $this->user->id)`
			`->like('name', 'podcasts:' . $this->podcast->id, 'after')`
			`->first();`

			`$data = [`
			`'podcast' => $this->podcast,`
			`'user' => $this->user,`
			`'user_role' => $user_role,`
			`'roles' => $roles,`
			`];`

			`echo view('admin/contributor/edit', $data);`
			`}`

			`public function attemptEdit()`
			`{`
			`$authorize = Services::authorization();`

			`$group_model = new GroupModel();`

			`$group = $group_model`
			`->select('auth_groups.*')`
			`->join(`
			`'auth_groups_users',`
			`'auth_groups_users.group_id = auth_groups.id'`
			`)`
			`->where('user_id', $this->user->id)`
			`->like('name', 'podcasts:' . $this->podcast->id, 'after')`
			`->first();`

			`$authorize->removeUserFromGroup(`
			`(int) $this->user->id,`
			`(int) $group->id`
			`);`

			`$authorize->addUserToGroup(`
			`(int) $this->user->id,`
			`(int) $this->request->getPost('role')`
			`);`

			`return redirect()->route('contributor_list', [$this->podcast->id]);`
			`}`

			`public function remove()`
			`{`
			`$authorize = Services::authorization();`

			`$group_model = new GroupModel();`

			`$group = $group_model`
			`->select('auth_groups.*')`
			`->join(`
			`'auth_groups_users',`
			`'auth_groups_users.group_id = auth_groups.id'`
			`)`
			`->like('name', 'podcasts:' . $this->podcast->id, 'after')`
			`->where('user_id', $this->user->id)`
			`->first();`

			`$authorize->removeUserFromGroup(`
			`(int) $this->user->id,`
			`(int) $group->id`
			`);`

			`(new PodcastModel())->removeContributorFromPodcast(`
			`$this->user->id,`
			`$this->podcast->id`
			`);`

			`return redirect()->route('contributor_list', [$this->podcast->id]);`
			`}`
			`}`