From eca4d9ce1f4de55adfd0bd51fcc0bb9e9af11d06 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 17 Jan 2023 17:02:31 -0500 Subject: [PATCH 01/41] Add user to factory --- src/Service/ControllerPlugin/TeamAuthFactory.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/Service/ControllerPlugin/TeamAuthFactory.php b/src/Service/ControllerPlugin/TeamAuthFactory.php index 09341ed..b168094 100644 --- a/src/Service/ControllerPlugin/TeamAuthFactory.php +++ b/src/Service/ControllerPlugin/TeamAuthFactory.php @@ -4,6 +4,7 @@ use Interop\Container\ContainerInterface; use Teams\Mvc\Controller\Plugin\TeamAuth; use Laminas\ServiceManager\Factory\FactoryInterface; +use \Omeka\Entity\User; class TeamAuthFactory implements FactoryInterface { @@ -16,6 +17,7 @@ class TeamAuthFactory implements FactoryInterface */ public function __invoke(ContainerInterface $services, $requestedName, array $options = null) { - return new TeamAuth($services->get('Omeka\EntityManager')); + $user = new User(); + return new TeamAuth($services->get('Omeka\EntityManager'), $user); } } From 150156803df421cadb4e2cf9070b9b8f29152423 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 17 Jan 2023 17:41:55 -0500 Subject: [PATCH 02/41] Pass the user to the helper --- src/Controller/UpdateController.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 42da353..e57e4a8 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -381,7 +381,7 @@ public function teamUpdateAction() if ($request->isPost()) { $post_data = $request->getPost(); - if ($this->teamAuth()->teamAuthorized('update', 'team_user')) { + if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user')) { //first update the team name and description $qb = $this->entityManager->createQueryBuilder(); $qb->update('Teams\Entity\Team', 'team') @@ -403,7 +403,7 @@ public function teamUpdateAction() //TODO: return the form as filled out with whatever changes they made or use Ajax //if they actually click on the add user button - if ($this->teamAuth()->teamAuthorized('update', 'team_user')) { + if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user')) { if ($post_data['addUser']) { $team_id = $id; $user_id = $post_data['add-member']; @@ -447,7 +447,7 @@ public function teamUpdateAction() } - if ($this->teamAuth()->teamAuthorized('update', 'team')){ + if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team')){ //first delete then add resources to team $this->processResources($request, $team, $existing_resources, $existing_resource_templates, true); $this->processResources($request, $team, $existing_resources, $existing_resource_templates, false); @@ -484,7 +484,7 @@ public function teamUpdateAction() $em->flush(); } - $successMessage = sprintf("Successfully updated the %s team", $team->getName()); +// $successMessage = sprintf("Successfully updated the %s team", $team->getName()); $this->messenger()->addSuccess($successMessage); return $this->redirect()->refresh(); From 854451a1578ccbfbe68d45336cbbd4147aea02ca Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 17 Jan 2023 17:43:34 -0500 Subject: [PATCH 03/41] Refactor user as parameter passed to helper --- src/Mvc/Controller/Plugin/TeamAuth.php | 33 +++++++++++--------------- 1 file changed, 14 insertions(+), 19 deletions(-) diff --git a/src/Mvc/Controller/Plugin/TeamAuth.php b/src/Mvc/Controller/Plugin/TeamAuth.php index a80f642..3ef2da8 100644 --- a/src/Mvc/Controller/Plugin/TeamAuth.php +++ b/src/Mvc/Controller/Plugin/TeamAuth.php @@ -5,6 +5,7 @@ use InvalidArgumentException; use Laminas\Mvc\Controller\Plugin\AbstractPlugin; use \Omeka\Entity\User; +use Omeka\Mvc\Controller\Plugin\Logger; /** * Controller plugin for authorize the current user. @@ -15,39 +16,38 @@ class TeamAuth extends AbstractPlugin public $domains = ['resource', 'team', 'site', 'team_user', 'role']; /** - * @var EntityManager + * @var Logger */ - protected $entityManager; + protected $logger; /** - * @var \Omeka\Entity\User + * @var EntityManager */ - protected $user; + protected $entityManager; /** * Construct the plugin. * * @param EntityManager $entityManager */ - public function __construct(EntityManager $entityManager, User $user) + public function __construct(EntityManager $entityManager, User $user, \Laminas\Log\Logger $logger) { $this->entityManager = $entityManager; $this->user = $user; + $this->logger = $logger; } - public function isGlobAdmin() + public function isGlobAdmin(User $user): bool { - return $this->user->getRole() === 'global_admin'; + return $user->getRole() === 'global_admin'; } - public function isSuper() - { - return ($this->isGlobAdmin() && $this->user->getId() === 1); - } - public function teamAuthorized(string $action, string $domain, int $context=0): bool + public function teamAuthorized(User $user, string $action, string $domain, int $context=0): bool { + + //validate inputs if (!in_array($action, $this->actions)) { throw new InvalidArgumentException( @@ -65,9 +65,9 @@ public function teamAuthorized(string $action, string $domain, int $context=0): ) ); } +// $this->logger->err(get_class($this->identity())); - //super admin should bypass team authority - if ($this->isSuper()) { + if ($this->isGlobAdmin($user)) { return true; } @@ -114,9 +114,4 @@ public function teamAuthorized(string $action, string $domain, int $context=0): } return $authorized; } - -// public function __invoke($resource = null, $privilege = null) -// { -// return $this->userIsAllowed($resource, $privilege); -// } } From 7bf6d29f591851852d6bdc895eb8d86c49cc6c10 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 17 Jan 2023 17:44:14 -0500 Subject: [PATCH 04/41] Remove user from factory --- src/Service/ControllerPlugin/TeamAuthFactory.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Service/ControllerPlugin/TeamAuthFactory.php b/src/Service/ControllerPlugin/TeamAuthFactory.php index b168094..9e9d4c3 100644 --- a/src/Service/ControllerPlugin/TeamAuthFactory.php +++ b/src/Service/ControllerPlugin/TeamAuthFactory.php @@ -17,7 +17,7 @@ class TeamAuthFactory implements FactoryInterface */ public function __invoke(ContainerInterface $services, $requestedName, array $options = null) { - $user = new User(); - return new TeamAuth($services->get('Omeka\EntityManager'), $user); + $logger = $services->get('Omeka\Logger'); + return new TeamAuth($services->get('Omeka\EntityManager'), $logger); } } From d7b70015947f796f71825689b285f2ac49566ce4 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 17 Jan 2023 17:47:19 -0500 Subject: [PATCH 05/41] Finish refactor user into parameter passed to helper --- src/Mvc/Controller/Plugin/TeamAuth.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Mvc/Controller/Plugin/TeamAuth.php b/src/Mvc/Controller/Plugin/TeamAuth.php index 3ef2da8..30cd7c9 100644 --- a/src/Mvc/Controller/Plugin/TeamAuth.php +++ b/src/Mvc/Controller/Plugin/TeamAuth.php @@ -30,10 +30,9 @@ class TeamAuth extends AbstractPlugin * * @param EntityManager $entityManager */ - public function __construct(EntityManager $entityManager, User $user, \Laminas\Log\Logger $logger) + public function __construct(EntityManager $entityManager, \Laminas\Log\Logger $logger) { $this->entityManager = $entityManager; - $this->user = $user; $this->logger = $logger; } From 22f2c3a6570c316fe6063c5575acd33b0ffd1650 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 17 Jan 2023 17:48:22 -0500 Subject: [PATCH 06/41] Cleanup unused imports --- src/Controller/UpdateController.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index e57e4a8..64b8a09 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -9,13 +9,9 @@ use Teams\Entity\TeamResourceTemplate; use Teams\Entity\TeamSite; use Teams\Entity\TeamUser; -use Teams\Form\Element\AllSiteSelect; -use Teams\Form\Element\AllSiteSelectOrdered; use Teams\Form\TeamItemsetAddRemoveForm; -use Teams\Form\TeamItemSetForm; use Teams\Form\TeamSitesAddRemoveForm; use Teams\Form\TeamUpdateForm; -use Teams\Form\TeamUserForm; use Laminas\EventManager\Event; use Laminas\Mvc\Controller\AbstractActionController; use Laminas\Stdlib\ArrayObject; From 042d5f42961de97c0e24c2dbdaa442c2511ffb95 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 10:47:01 -0500 Subject: [PATCH 07/41] Add authority check to role --- src/Controller/AddController.php | 37 +++++++++++++++++--------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/src/Controller/AddController.php b/src/Controller/AddController.php index 983261a..5e6590e 100644 --- a/src/Controller/AddController.php +++ b/src/Controller/AddController.php @@ -231,29 +231,32 @@ public function roleAddAction() return $view; } + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'add', 'role')){ + $this->messenger()->addError("You aren't authorized to add roles"); + } else { - //otherwise, set the data - $form->setData($request->getPost()); + //otherwise, set the data + $form->setData($request->getPost()); + //get the data from the post + $data = $request->getPost('role'); - //get the data from the post - $data = $request->getPost('role'); - - //if the form isn't valid, return it - if (! $form->isValid()) { - return $view; - } + //if the form isn't valid, return it + if (!$form->isValid()) { + return $view; + } - $newRole = $this->api($form)->create('team-role', $data); + $newRole = $this->api($form)->create('team-role', $data); - if ($newRole) { - // return new ViewModel(['data' => $data]); - $successMessage = sprintf("Successfully added the role: '%s'", $data['o:name']); - $this->messenger()->addSuccess($successMessage); - return $this->redirect()->toRoute('admin/teams/roles'); - } else { - return $view; + if ($newRole) { + // return new ViewModel(['data' => $data]); + $successMessage = sprintf("Successfully added the role: '%s'", $data['o:name']); + $this->messenger()->addSuccess($successMessage); + return $this->redirect()->toRoute('admin/teams/roles'); + } else { + return $view; + } } } } From 5f943a937ca41b0d9a258ab5a5916ebeede3b108 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 10:48:42 -0500 Subject: [PATCH 08/41] Cleanup diagnostic --- src/Controller/AddController.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/Controller/AddController.php b/src/Controller/AddController.php index 5e6590e..98ea337 100644 --- a/src/Controller/AddController.php +++ b/src/Controller/AddController.php @@ -99,10 +99,6 @@ public function teamAddAction() $newTeam = $this->api($form)->create('team', $data); if ($newTeam) { - //looks like this was a diagnostic i used to see what was in the data variable - $view->setVariable('post_data', $data); - $view->setVariable('team', $newTeam); - $team = $this->entityManager->getRepository('Teams\Entity\Team') ->findOneBy(['id' => (int)$newTeam->getContent()->id()]); if ($request->getPost('user_role')) { From 8a6a9ef0516db3bc76555f630dd8ec80e8bac811 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 10:59:48 -0500 Subject: [PATCH 09/41] Return form to the view on unauthorized --- src/Controller/AddController.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/Controller/AddController.php b/src/Controller/AddController.php index 98ea337..d605a4d 100644 --- a/src/Controller/AddController.php +++ b/src/Controller/AddController.php @@ -42,6 +42,7 @@ public function __construct(EntityManager $entityManager) public function teamAddAction() { + $all_u_array = array(); $all_u_collection = $this->api()->search('users')->getContent(); foreach ($all_u_collection as $u): @@ -229,6 +230,7 @@ public function roleAddAction() if (! $this->teamAuth()->teamAuthorized($this->identity(), 'add', 'role')){ $this->messenger()->addError("You aren't authorized to add roles"); + return $view; } else { From c2b13eb69c21366ca938d06cea64581aaaceadf2 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 11:03:49 -0500 Subject: [PATCH 10/41] Add authorization check for adding teams --- src/Controller/AddController.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Controller/AddController.php b/src/Controller/AddController.php index d605a4d..7092e8f 100644 --- a/src/Controller/AddController.php +++ b/src/Controller/AddController.php @@ -79,6 +79,11 @@ public function teamAddAction() return $view; } + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'add', 'team')){ + $this->messenger()->addError("You aren't authorized to add teams"); + return $view; + } + //otherwise, set the data //TODO: turn the section where user+role are added into a form so it can be populated below From 7a15d4db87da5e22e16778c02164808430d4e3d1 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 11:05:33 -0500 Subject: [PATCH 11/41] Remove else block to simplify. It isn't needed because the if returns the view --- src/Controller/AddController.php | 36 +++++++++++++++----------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/src/Controller/AddController.php b/src/Controller/AddController.php index 7092e8f..cf9f042 100644 --- a/src/Controller/AddController.php +++ b/src/Controller/AddController.php @@ -236,30 +236,28 @@ public function roleAddAction() if (! $this->teamAuth()->teamAuthorized($this->identity(), 'add', 'role')){ $this->messenger()->addError("You aren't authorized to add roles"); return $view; - } else { - + } - //otherwise, set the data - $form->setData($request->getPost()); + //otherwise, set the data + $form->setData($request->getPost()); - //get the data from the post - $data = $request->getPost('role'); + //get the data from the post + $data = $request->getPost('role'); - //if the form isn't valid, return it - if (!$form->isValid()) { - return $view; - } + //if the form isn't valid, return it + if (!$form->isValid()) { + return $view; + } - $newRole = $this->api($form)->create('team-role', $data); + $newRole = $this->api($form)->create('team-role', $data); - if ($newRole) { - // return new ViewModel(['data' => $data]); - $successMessage = sprintf("Successfully added the role: '%s'", $data['o:name']); - $this->messenger()->addSuccess($successMessage); - return $this->redirect()->toRoute('admin/teams/roles'); - } else { - return $view; - } + if ($newRole) { + // return new ViewModel(['data' => $data]); + $successMessage = sprintf("Successfully added the role: '%s'", $data['o:name']); + $this->messenger()->addSuccess($successMessage); + return $this->redirect()->toRoute('admin/teams/roles'); + } else { + return $view; } } } From 7f03e3e5ada60a19a707e8e873d72762cd4c1742 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 11:08:29 -0500 Subject: [PATCH 12/41] Catch cases where the controller doen't return the form --- view/teams/add/role-add.phtml | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/view/teams/add/role-add.phtml b/view/teams/add/role-add.phtml index b6fd42b..5d66b11 100644 --- a/view/teams/add/role-add.phtml +++ b/view/teams/add/role-add.phtml @@ -2,9 +2,14 @@ echo $this->pageTitle("Add New Role"); $form = $this->form; -$form->setAttribute('action', $this->url()); -$form->prepare(); +if ($form){ + $form->setAttribute('action', $this->url()); + $form->prepare(); + + echo $this->form()->openTag($form); + echo $this->formCollection($form); + echo $this->form()->closeTag(); +} +//TODO: add a generic error message in an else. +// You can get to this state if no form was returned from the controller because of an unexpected error. -echo $this->form()->openTag($form); -echo $this->formCollection($form); -echo $this->form()->closeTag(); From 8d7c054539ff9ec19dc7382607ffa8b4b148b978 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 11:10:05 -0500 Subject: [PATCH 13/41] Cleanup --- src/Controller/AddController.php | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/src/Controller/AddController.php b/src/Controller/AddController.php index cf9f042..f8df100 100644 --- a/src/Controller/AddController.php +++ b/src/Controller/AddController.php @@ -83,9 +83,6 @@ public function teamAddAction() $this->messenger()->addError("You aren't authorized to add teams"); return $view; } - - - //otherwise, set the data //TODO: turn the section where user+role are added into a form so it can be populated below $form->setData($request->getPost()); $userForm->setData($request->getPost()); @@ -93,17 +90,15 @@ public function teamAddAction() $userRoleForm->setData($request->getPost()); - //if the form isn't valid, return it - if (! $form->isValid()) { return $view; } - //get the data from the post $data = $request->getPost('team'); $newTeam = $this->api($form)->create('team', $data); + //add the users, resources and sites to the team if ($newTeam) { $team = $this->entityManager->getRepository('Teams\Entity\Team') ->findOneBy(['id' => (int)$newTeam->getContent()->id()]); @@ -207,10 +202,6 @@ public function teamAddAction() } $view = new ViewModel; -// $userForm->setData($request->getPost()); -// $itemsetForm->setData($request->getPost()); -// $userRoleForm->setData($request->getPost()); - $view->setVariable('form', $form); $view->setVariable('userForm', $userForm); $view->setVariable('itemsetForm', $itemsetForm); From 3a76fd8d076fca43af93e45ebd01c3449d236595 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 11:20:07 -0500 Subject: [PATCH 14/41] Remove unused event and redundant db query --- src/Controller/DeleteController.php | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) diff --git a/src/Controller/DeleteController.php b/src/Controller/DeleteController.php index e8a8cfc..9ee58c8 100644 --- a/src/Controller/DeleteController.php +++ b/src/Controller/DeleteController.php @@ -44,36 +44,11 @@ public function teamDeleteAction() //does a team have that id try { - $team = $this->api()->search('team', ['id'=>$id]); + $team = $this->api()->searchOne('team', ['id'=>$id]); } catch (InvalidArgumentException $exception) { return $this->redirect()->toRoute('admin'); } - $criteria = ['id' => $id]; - - $qb = $this->entityManager->createQueryBuilder(); - $entityClass = 'Teams\Entity\Team'; - - $qb->select('omeka_root')->from($entityClass, 'omeka_root'); - foreach ($criteria as $field => $value) { - $qb->andWhere($qb->expr()->eq( - "omeka_root.$field", - $this->createNamedParameter($qb, $value) - )); - } - $qb->setMaxResults(1); - - $entity = $qb->getQuery()->getOneOrNullResult(); - - - $request = new Request('delete', 'team'); - $event = new Event('api.hydrate.pre', $this, [ - 'entity' => $entity, - 'request' => $request, - ]); - $this->getEventManager()->triggerEvent($event); - - //is it a post request? $request = $this->getRequest(); if (! $request->isPost()) { From d9ca31576590210fb5e75019f422d04f45b5943a Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 11:30:21 -0500 Subject: [PATCH 15/41] Add authorization check to team delete and cleanup --- src/Controller/DeleteController.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/Controller/DeleteController.php b/src/Controller/DeleteController.php index 9ee58c8..c0e3101 100644 --- a/src/Controller/DeleteController.php +++ b/src/Controller/DeleteController.php @@ -39,14 +39,16 @@ public function teamDeleteAction() //is there an id? $id = $this->params()->fromRoute('id'); if (! $id) { - return $this->redirect()->toRoute('admin'); + $this->messenger()->addError("No team id found"); + return $this->redirect()->toRoute('admin/teams'); } //does a team have that id try { $team = $this->api()->searchOne('team', ['id'=>$id]); } catch (InvalidArgumentException $exception) { - return $this->redirect()->toRoute('admin'); + $this->messenger()->addError("Invalid team id"); + return $this->redirect()->toRoute('admin/teams'); } //is it a post request? @@ -55,12 +57,11 @@ public function teamDeleteAction() return new ViewModel(['team'=>$team]); } - //is it the right id and did they say confirm? -// if ($id != $request->getPost('id') -// || 'Delete' != $request->getPost('confirm') -// ) { -// return $this->redirect()->toRoute('admin/teams'); -// } + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'delete', 'team')){ + $this->messenger()->addError("You aren't authorized to delete teams"); + return $this->redirect()->toRoute('admin/teams'); + } + if ($request->getPost('confirm') == 'Delete') { $this->api()->delete('team', ['id'=>$id]); return $this->redirect()->toRoute('admin/teams'); From 6c4addf6f4c94ec33441b557c715f432e400064f Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 11:38:20 -0500 Subject: [PATCH 16/41] Remove test --- src/Controller/DeleteController.php | 1 - view/teams/delete/role-delete.phtml | 1 - 2 files changed, 2 deletions(-) diff --git a/src/Controller/DeleteController.php b/src/Controller/DeleteController.php index c0e3101..631c6ca 100644 --- a/src/Controller/DeleteController.php +++ b/src/Controller/DeleteController.php @@ -86,7 +86,6 @@ public function roleDeleteAction() if (! $request->isPost()) { return new ViewModel( [ - 'role'=>$role, 'role_users' => $role_users, 'user' => $user, ] diff --git a/view/teams/delete/role-delete.phtml b/view/teams/delete/role-delete.phtml index 5218d54..4587487 100644 --- a/view/teams/delete/role-delete.phtml +++ b/view/teams/delete/role-delete.phtml @@ -1,6 +1,5 @@ user; $translate = $this->plugin('translate'); $escape = $this->plugin('escapeHtml'); From 37a92c1d73d84ba6848b0abc85f4f5183a4ccaf3 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 15:39:27 -0500 Subject: [PATCH 17/41] Remove redundant check --- src/Controller/DeleteController.php | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/src/Controller/DeleteController.php b/src/Controller/DeleteController.php index 631c6ca..d03d196 100644 --- a/src/Controller/DeleteController.php +++ b/src/Controller/DeleteController.php @@ -80,7 +80,7 @@ public function roleDeleteAction() $request = $this->getRequest(); - //test to see if anyone has this role. If they do, can't delete. + //test to see if anyone has this role. If they do, don't delete it. $role_users = $this->entityManager->getRepository('Teams\Entity\TeamUser') ->findBy(['role'=>$id]); if (! $request->isPost()) { @@ -91,24 +91,23 @@ public function roleDeleteAction() ] ); } - if ($request->isPost()) { - if (! $role_users) { - if ($this->identity()->getRole() == 'global_admin') { - if ($request->getPost('confirm') == 'Delete') { - $this->entityManager->remove($role); - $this->entityManager->flush(); - $this->messenger()->addSuccess(sprintf('Successfully deleted role "%s"', $role->getName())); + if (! $role_users) { + if ($this->identity()->getRole() == 'global_admin') { + if ($request->getPost('confirm') == 'Delete') { + $this->entityManager->remove($role); + $this->entityManager->flush(); + $this->messenger()->addSuccess(sprintf('Successfully deleted role "%s"', $role->getName())); - return $this->redirect()->toRoute('admin/teams/roles'); - } else { - return $this->redirect()->toRoute('admin/teams/roles'); - } + return $this->redirect()->toRoute('admin/teams/roles'); } else { - $this->messenger()->addError('Only global admins can delete roles'); + return $this->redirect()->toRoute('admin/teams/roles'); } } else { - $this->messenger()->addError("Can't be deleted because teams are using the role"); + $this->messenger()->addError('Only global admins can delete roles'); } + } else { + $this->messenger()->addError("Can't be deleted because teams are using the role"); } + } } From 84d0a77878696d68d82876b04b5971f8debb8086 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 15:42:34 -0500 Subject: [PATCH 18/41] Refactor view --- src/Controller/DeleteController.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/Controller/DeleteController.php b/src/Controller/DeleteController.php index d03d196..4c8305d 100644 --- a/src/Controller/DeleteController.php +++ b/src/Controller/DeleteController.php @@ -77,19 +77,21 @@ public function roleDeleteAction() $id = $this->params()->fromRoute('id'); $role = $this->entityManager->getRepository('Teams\Entity\TeamRole') ->findOneBy(['id'=> $id]); - $request = $this->getRequest(); //test to see if anyone has this role. If they do, don't delete it. $role_users = $this->entityManager->getRepository('Teams\Entity\TeamUser') ->findBy(['role'=>$id]); + + $view = new ViewModel( + [ + 'role_users' => $role_users, + 'user' => $user, + ] + ); + if (! $request->isPost()) { - return new ViewModel( - [ - 'role_users' => $role_users, - 'user' => $user, - ] - ); + return $view; } if (! $role_users) { if ($this->identity()->getRole() == 'global_admin') { From 8ce7b924645ae4de44df3f8a31bee28bc55ffbf9 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 15:48:54 -0500 Subject: [PATCH 19/41] Refactor conditionals to be more legible with teamAuth helper --- src/Controller/DeleteController.php | 31 +++++++++++++---------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/src/Controller/DeleteController.php b/src/Controller/DeleteController.php index 4c8305d..dd7040d 100644 --- a/src/Controller/DeleteController.php +++ b/src/Controller/DeleteController.php @@ -82,7 +82,6 @@ public function roleDeleteAction() //test to see if anyone has this role. If they do, don't delete it. $role_users = $this->entityManager->getRepository('Teams\Entity\TeamUser') ->findBy(['role'=>$id]); - $view = new ViewModel( [ 'role_users' => $role_users, @@ -93,23 +92,21 @@ public function roleDeleteAction() if (! $request->isPost()) { return $view; } - if (! $role_users) { - if ($this->identity()->getRole() == 'global_admin') { - if ($request->getPost('confirm') == 'Delete') { - $this->entityManager->remove($role); - $this->entityManager->flush(); - $this->messenger()->addSuccess(sprintf('Successfully deleted role "%s"', $role->getName())); - - return $this->redirect()->toRoute('admin/teams/roles'); - } else { - return $this->redirect()->toRoute('admin/teams/roles'); - } - } else { - $this->messenger()->addError('Only global admins can delete roles'); - } - } else { - $this->messenger()->addError("Can't be deleted because teams are using the role"); + if (! $this->teamAuth($user, 'delete', 'role')){ + $this->messenger()->addError('You are not authorized to delete roles'); + return $view; + } + if ($role_users){ + $this->messenger()->addError('This role can not be deleted while users are assigned to it'); + return $view; + } + if ($request->getPost('confirm') == 'Delete') { + $this->entityManager->remove($role); + $this->entityManager->flush(); + $this->messenger()->addSuccess(sprintf('Successfully deleted role "%s"', $role->getName())); } + return $this->redirect()->toRoute('admin/teams/roles'); + } } From 3cd459791bee9f0125f3fb7c6f04363c547b0238 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 15:53:49 -0500 Subject: [PATCH 20/41] Cleanup --- view/teams/delete/role-delete.phtml | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/view/teams/delete/role-delete.phtml b/view/teams/delete/role-delete.phtml index 4587487..d0386af 100644 --- a/view/teams/delete/role-delete.phtml +++ b/view/teams/delete/role-delete.phtml @@ -1,4 +1,3 @@ - plugin('translate'); $escape = $this->plugin('escapeHtml'); @@ -6,22 +5,18 @@ $escape = $this->plugin('escapeHtml'); echo $this->pageTitle($translate('Delete role')); ?> -role_users) { - ?> You can't delete this role because it is being used by the following teams +role_users) { ?> + You can't delete this role because it is being used by the following teams
    - +
  • getTeam()->getName() ?>
- - -

- Are you sure you want to delete the this role ? -

+ +

+ Are you sure you want to delete this role ? +

role_users as $user): echo $user->getId(); @@ -35,5 +30,4 @@ foreach ($this->role_users as $user): - From 844239854429256d807a8c7436c440640ad4621e Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 15:55:01 -0500 Subject: [PATCH 21/41] Imporove semantics of error message --- view/teams/delete/role-delete.phtml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/view/teams/delete/role-delete.phtml b/view/teams/delete/role-delete.phtml index d0386af..a072174 100644 --- a/view/teams/delete/role-delete.phtml +++ b/view/teams/delete/role-delete.phtml @@ -9,7 +9,7 @@ echo $this->pageTitle($translate('Delete role')); You can't delete this role because it is being used by the following teams
    -
  • getTeam()->getName() ?>
    • +
  • getTeam()->getName() ?> (getUser()->getName() ?>)
From 31f9ece6882617cb1efa98bb0659aa862312e877 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 15:56:42 -0500 Subject: [PATCH 22/41] Use endif for better readability --- view/teams/delete/role-delete.phtml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/view/teams/delete/role-delete.phtml b/view/teams/delete/role-delete.phtml index a072174..e63f10b 100644 --- a/view/teams/delete/role-delete.phtml +++ b/view/teams/delete/role-delete.phtml @@ -5,7 +5,7 @@ $escape = $this->plugin('escapeHtml'); echo $this->pageTitle($translate('Delete role')); ?> -role_users) { ?> +role_users): ?> You can't delete this role because it is being used by the following teams
    @@ -13,7 +13,7 @@ echo $this->pageTitle($translate('Delete role'));
- +

Are you sure you want to delete this role ?

@@ -30,4 +30,4 @@ foreach ($this->role_users as $user): - + From e8d1f237b20913209fb43c5a8951a475180bb563 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 18 Jan 2023 15:59:35 -0500 Subject: [PATCH 23/41] Add button for better error recovery --- view/teams/delete/role-delete.phtml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/view/teams/delete/role-delete.phtml b/view/teams/delete/role-delete.phtml index e63f10b..997aff3 100644 --- a/view/teams/delete/role-delete.phtml +++ b/view/teams/delete/role-delete.phtml @@ -6,7 +6,10 @@ echo $this->pageTitle($translate('Delete role')); ?> role_users): ?> - You can't delete this role because it is being used by the following teams +
+ hyperlink($translate('Return to Roles'), $this->url('admin/teams/roles'), ['class' => 'button']); ?> +
+

You can't delete this role because it is being used by the following teams

  • getTeam()->getName() ?> (getUser()->getName() ?>)
    • From e212f44204223520e91982bb20ca8c8a95807d41 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Thu, 19 Jan 2023 16:19:22 -0500 Subject: [PATCH 24/41] Cleanup --- src/Controller/IndexController.php | 76 ++++-------------------------- 1 file changed, 9 insertions(+), 67 deletions(-) diff --git a/src/Controller/IndexController.php b/src/Controller/IndexController.php index 991a735..ed404f0 100644 --- a/src/Controller/IndexController.php +++ b/src/Controller/IndexController.php @@ -147,8 +147,6 @@ public function allAction() $super_admin = $this->entityManager->getRepository('Omeka\Entity\User') ->findOneBy(['role' => 'global_admin']); $user = $this->identity(); - - $view->setVariable('teams', $teams); $view->setVariable('super_admin', $super_admin); $view->setVariable('user', $user); @@ -204,17 +202,10 @@ public function deleteAction() } endforeach; $entityManager->flush(); - $this->messenger()->addSuccess('Item successfully removed from your team.'); // @translate - $this->messenger()->addSuccess('Item remains available to other teams if they are linked to it.'); // @translate - $this->messenger()->addSuccess('Item will be deleted after x days '); // @translate + $this->messenger()->addSuccess('Item successfully removed from your team. Item remains available to other teams if they are linked to it.'); // @translate } else { $this->messenger()->addError('something went wrong'); // @translate } - -// $response = $this->api($form)->delete('items', $this->params('id')); -// if ($response) { -// $this->messenger()->addSuccess('Item successfully deleted'); // @translate -// } } else { $this->messenger()->addFormErrors($form); } @@ -314,44 +305,6 @@ public function indexAction() return $view; } - public function teamResources($resource_type, $query, $user_id, $active = true, $team_id = null) - { - if ($team_id) { - $team_entity = $this->entityManager->getRepository('Teams\Entity\Team')->findOneBy(['id' => $team_id]); - - - - - $q = $this->entityManager->createQuery("SELECT resource FROM Omeka\Entity\Resource resource WHERE resource INSTANCE OF Omeka\Entity\Item"); - $item_sets = $q->getArrayResult(); - $team_resources = array(); - foreach ($team_entity->getTeamResources() as $team_resource): - //obv here would be a place where you could just use the discriminator to see if it is an item - if (array_search($team_resource->getResource()->getId(), array_column($item_sets, 'id'))) { - $team_resources[] = $team_resource; - } - endforeach; - $per_page = 10; - $page = $query['page']; - $start_i = ($per_page * $page) - $per_page; -// $tr = $team_entity->getTeamResources(); - $max_i = count($team_resources); - if ($max_i < $start_i + $per_page) { - $end_i = $max_i; - } else { - $end_i = $start_i + $per_page; - } -// $tr = $team_entity->getTeamResources(); - for ($i = $start_i; $i < $end_i; $i++) { - $resources[] = $this->api()->read($resource_type, $team_resources[$i]->getResource()->getId())->getContent(); - } - } else { - $team_resources=null; - } - - return array('page_resources'=>$resources, 'team_resources'=>$team_resources); - } - public function teamDetailAction() { $view = new ViewModel; @@ -371,22 +324,20 @@ public function teamDetailAction() foreach ($resources as $key => $resource): //I imagine this as like a subquery that gets the list of item ids $sub_query = $em->createQueryBuilder(); - $sub_query->select('r.id') + $sub_query->select('r.id') ->from('Omeka\Entity\\' . $resource['entity'], 'r'); - $ids = $sub_query->getQuery()->getArrayResult(); + $ids = $sub_query->getQuery()->getArrayResult(); - //get the count of the total number of team items - $qb = $em->createQueryBuilder(); - - $qb->select('count(tr.' . $resource['fk'] . ')') + //get the count of the total number of team items + $qb = $em->createQueryBuilder(); + $qb->select('count(tr.' . $resource['fk'] . ')') ->from('Teams\Entity\\' . $resource['team_entity'], 'tr') ->where('tr.team = ?1') ->andWhere('tr.' . $resource['fk'] . ' in (:ids)') - ->setParameter('ids', $ids) - ; - $qb->setParameter(1, $this->params('id')); - $resources[$key]['count'] += $qb->getQuery()->getSingleScalarResult(); + ->setParameter('ids', $ids); + $qb->setParameter(1, $this->params('id')); + $resources[$key]['count'] += $qb->getQuery()->getSingleScalarResult(); endforeach; $view->setVariable('resources', $resources); @@ -440,13 +391,4 @@ public function roleIndexAction() return $view; } - - public function usersAction() - { - $team_users = $this->api()->search('team-user'); - $users = $this->api()->search('users'); - $view = new ViewModel(['users'=> $users, 'team_users'=>$team_users]); - return $view; -// $view->setVariable('response', $response); - } } From cf9cc34083e69ee13349543ab037037109d81dcc Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Thu, 19 Jan 2023 16:25:35 -0500 Subject: [PATCH 25/41] Remove os generated files --- .DS_Store | Bin 6148 -> 0 bytes src/Controller/.DS_Store | Bin 6148 -> 0 bytes view/.DS_Store | Bin 6148 -> 0 bytes 3 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .DS_Store delete mode 100644 src/Controller/.DS_Store delete mode 100644 view/.DS_Store diff --git a/.DS_Store b/.DS_Store deleted file mode 100644 index ecf6496e6be8ce30debe245846fac19a11e7abe0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHKJ5Iwu5S`5jjG#zKg|?+Z$_0>#%mqk|1aUqfIc!7%v_1k21vQF9!zthZR7i-+ z@Md=sY$Z@e5t@l+-+Dgw?6b9-AtKYd={AWPL=-_8D_aV$Vq#~9bpy7LDgJwH* z!_h*d8rGEoes?uGpaEUdr1btyHcyMbp-YlZ<~p!N`_t#g!|3g(?C<{RA6*o_jfZ=r zQk~9ej9-r?{q8vJIG5owq76#P(G~Sk(qQJ`_$p$rDJ`1nG(oJRjK-znTc1z<0dsG$ z{OR7y$JhHSmtV*qx}OCsk0>pnZ;=k_Zc$~A?q)^t0#uX%Wk4BNcLrpyiniCiP_0iH zPzF}c0PhbL$`}jg0sYp2!M6aw8q8iW=U#$ytY9pd2ZRS=LMkw%8fh_1NQd1@Tr8Le z4C!Q~`7rWiBOQwIPsjbO4<{1`)KM8w2FeUn!)1fd|Ks2L|8kOEDFe#Dzhc1Dl6KO< zlH_b%SR9|V7J3F{;kZ2DJOvYf6eE_8;$5g0*ey?hv0xq$7Kr{4@HFV446KxaZvt6f ANdN!< diff --git a/src/Controller/.DS_Store b/src/Controller/.DS_Store deleted file mode 100644 index 26c41b250407371df70296c48b4ba056fc1b190f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHKyG{c^3>-s>AexjZ_ZRqsB?@1VA3)@Sgao93^jGm+d>Z425YZ(K5)B$l_U!sR zx7sPrX8^W33^%|6z?|-g4-ZrG=k61`sEiTme8(*YyxqJE6WqS@1W?DdYV zo8tBsfGzjiJ757|PItto4^#7f_laFp#L?o60q-x{-R5Z+UMJbV2b_D24FNi zF&xHu^b*A80b(y46B(gdQi(~mYB4P7jJL|`g=1pUVR19hshh1j6pPy#Z;=k`i5jJV z6gXDkGM5Xl|7-dm{r@pZD=8oa&PoBBt?pM#zEaiJ$;)}IZS)7a=X}xKI1dVkD96Mo i$6R Date: Mon, 23 Jan 2023 15:32:21 -0500 Subject: [PATCH 26/41] Cleanup --- .gitignore | 28 +++++++ .../TeamResourceFilterController.php | 77 ------------------- src/Controller/TrashController.php | 19 +---- 3 files changed, 29 insertions(+), 95 deletions(-) delete mode 100644 src/Controller/TeamResourceFilterController.php diff --git a/.gitignore b/.gitignore index 139597f..6ea88b6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,30 @@ +# OS generated files # +###################### +**/.DS_Store +**/.DS_Store? +._* +.Spotlight-V100 +.Trashes +ehthumbs.db +Thumbs.db +# Logs and databases # +###################### +*.log +*.sql +*.sqlite +*.dump + +# Packages # +############ +# it's better to unpack these files and commit the raw source +# git has its own built in compression methods +*.7z +*.dmg +*.gz +*.iso +*.jar +*.rar +*.tar +*.zip diff --git a/src/Controller/TeamResourceFilterController.php b/src/Controller/TeamResourceFilterController.php deleted file mode 100644 index 35f54b3..0000000 --- a/src/Controller/TeamResourceFilterController.php +++ /dev/null @@ -1,77 +0,0 @@ -mediaIngesters = $mediaIngesters; - $this->entityManager = $entityManager; - } - //end edits - - public function teamItems($resource_type, $query, $user_id, $active = true, $team_id = null) - { - $api = $this->getServiceLocator()->get('Omeka\ApiManager'); - - if ($active) { - $team_user = $this->entityManager->getRepository('Teams\Entity\TeamUser')->findOneBy(['user' => $user_id, 'is_current' => 1 ]); - } else { - $team_user = $this->entityManager->getRepository('Teams\Entity\TeamUser')->findOneBy(['user' => $user_id, 'team' => $team_id ]); - } - - $resources = array(); - if ($team_user) { - $active_team_id = $team_user->getTeam()->getId(); - - $team_entity = $this->entityManager->getRepository('Teams\Entity\Team')->findOneBy(['id' => $active_team_id]); - - - $per_page = 10; - $page = $query['page']; - $start_i = ($per_page * $page) - $per_page; - $tr = $team_entity->getTeamResources(); - $max_i = count($tr); - if ($max_i < $start_i + $per_page) { - $end_i = $max_i; - } else { - $end_i = $start_i + $per_page; - } - - $tr = $team_entity->getTeamResources(); - for ($i = $start_i; $i < $end_i; $i++) { - $resources[] = $this->api()->read($resource_type, $tr[$i]->getResource()->getId())->getContent(); - } - } else { - $tr=null; - } - - return array('page_resource'=>$resources, 'team_resources'=>$tr); - } -} diff --git a/src/Controller/TrashController.php b/src/Controller/TrashController.php index f987105..0bf5294 100644 --- a/src/Controller/TrashController.php +++ b/src/Controller/TrashController.php @@ -39,15 +39,6 @@ public function createNamedParameter( return ":$placeholder"; } -// public function batchDeleteAllAction(){ -// echo "batch delete all"; -// return $this->redirect()->toRoute(null, ['action' => 'browse'], true); -// } -// -// public function batchDeleteAction(){ -// echo "you made it"; -// } - public function indexAction() { $qb = $this->entityManager->createQueryBuilder(); @@ -98,8 +89,6 @@ public function indexAction() $sort = 'created'; } - - $qb->select('r_trash') ->from('Omeka\Entity\Item ', 'r_trash') ->leftJoin( @@ -112,8 +101,6 @@ public function indexAction() ->orderBy('r_trash.' . $sort, $order); $orphans = $qb->getQuery()->getResult(); - - $this->paginator(count($orphans)); $page = $this->params()->fromQuery('page'); @@ -126,16 +113,12 @@ public function indexAction() $formDeleteAll = $this->getForm(DeleteAllForm::class); $formDeleteAll->setAttribute('action', $this->url()->fromRoute(null, ['action' => 'batch-delete-all'], true)); - $formDeleteAll->setButtonLabel('Delete All'); // @translate + $formDeleteAll->setButtonLabel('Delete All'); $formDeleteAll->setAttribute('id', 'confirm-delete-all'); $formDeleteAll->get('submit')->setAttribute('disabled', true); - $view = new ViewModel; $view->setVariable('orphan', $orphans); - - - $view->setVariable('formDeleteSelected', $formDeleteSelected); $view->setVariable('formDeleteAll', $formDeleteAll); From 594e614d548ce9918f8ea7751f6b08c4ac5cf660 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 24 Jan 2023 11:53:02 -0500 Subject: [PATCH 27/41] Update parameters for TeamAuth plugin and add logger --- Module.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Module.php b/Module.php index 6e8513a..960b9f8 100644 --- a/Module.php +++ b/Module.php @@ -1812,7 +1812,8 @@ public function itemUpdate(Event $event) $entity = $event->getParam('entity'); $request = $event->getParam('request'); $operation = $request->getOperation(); - $teamAuth = new TeamAuth($em, $this->getUser()); + $logger = $this->getServiceLocator()->get('Omeka\Logger'); + $teamAuth = new TeamAuth($em, $logger); if ($operation == 'update') { if (array_key_exists('remove_team', $request->getContent()) || From caa1937eacb4c95c755c5014d6eeaac715578104 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 24 Jan 2023 12:04:26 -0500 Subject: [PATCH 28/41] Restore success message --- src/Controller/UpdateController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 64b8a09..4900b85 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -480,7 +480,7 @@ public function teamUpdateAction() $em->flush(); } -// $successMessage = sprintf("Successfully updated the %s team", $team->getName()); + $successMessage = sprintf("Successfully updated the %s team", $team->getName()); $this->messenger()->addSuccess($successMessage); return $this->redirect()->refresh(); From 9fac3d66d9ca269bb04245f2697c0ebd63c6ff6f Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 24 Jan 2023 13:26:10 -0500 Subject: [PATCH 29/41] Change scope of viewmodel for reuse --- src/Controller/UpdateController.php | 59 ++++++++++++++++------------- 1 file changed, 33 insertions(+), 26 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 4900b85..2c64e8b 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -46,6 +46,9 @@ public function createNamedParameter( public function addTeamUser(int $team_id, int $user_id, int $role_id) { + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team_id)){ + + } $team = $this->entityManager->find('Teams\Entity\Team', $team_id); $user = $this->entityManager->find('Omeka\Entity\User', $user_id); $role = $this->entityManager->find('Teams\Entity\TeamRole', $role_id); @@ -342,20 +345,21 @@ public function teamUpdateAction() //is it a post request? //TODO (refactor) clean up this, only send what is needed $request = $this->getRequest(); + $view = new ViewModel(['team'=>$team, + 'form' => $form, + 'id'=>$id, + 'roles'=> $roles, + 'roles_array' => $roles_array, + 'all_u_collection' => $all_u_collection, + 'team_u_collection' => $team_u_collection, + 'team_u_array'=>$team_u_array, + 'available_u_array'=>$available_u_array, + 'ident' => $userId, + 'itemsetForm' => $itemsetForm, + 'sitesForm' => $sitesForm, + ]); if (! $request->isPost()) { - return new ViewModel(['team'=>$team, - 'form' => $form, - 'id'=>$id, - 'roles'=> $roles, - 'roles_array' => $roles_array, - 'all_u_collection' => $all_u_collection, - 'team_u_collection' => $team_u_collection, - 'team_u_array'=>$team_u_array, - 'available_u_array'=>$available_u_array, - 'ident' => $userId, - 'itemsetForm' => $itemsetForm, - 'sitesForm' => $sitesForm, - ]); + return $view; } @@ -399,7 +403,10 @@ public function teamUpdateAction() //TODO: return the form as filled out with whatever changes they made or use Ajax //if they actually click on the add user button - if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user')) { + if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $id)) { + $this->messenger()->addError("You aren't authorized to change this team"); + return new ViewModel(); + } else { if ($post_data['addUser']) { $team_id = $id; $user_id = $post_data['add-member']; @@ -425,18 +432,18 @@ public function teamUpdateAction() if ($post_data['UserRole']) { foreach ($post_data['UserRole'] as $user_id => $role_id): $user_id = (int) $user_id; - $role_id = (int) $role_id; - if ($post_data['UserCurrent'][$user_id] == 1) { - $current = 1; - } else { - $current = null; - } - $user = $em->getRepository('Omeka\Entity\User')->findOneBy(['id'=>$user_id]); - $role = $em->getRepository('Teams\Entity\TeamRole')->findOneBy(['id'=>$role_id]); - - $new_tu = new TeamUser($team, $user, $role); - $new_tu->setCurrent($current); - $em->persist($new_tu); + $role_id = (int) $role_id; + if ($post_data['UserCurrent'][$user_id] == 1) { + $current = 1; + } else { + $current = null; + } + $user = $em->getRepository('Omeka\Entity\User')->findOneBy(['id'=>$user_id]); + $role = $em->getRepository('Teams\Entity\TeamRole')->findOneBy(['id'=>$role_id]); + + $new_tu = new TeamUser($team, $user, $role); + $new_tu->setCurrent($current); + $em->persist($new_tu); endforeach; $em->flush(); } From b116748482bb20889d93be15032626f27327e323 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 24 Jan 2023 13:33:30 -0500 Subject: [PATCH 30/41] Improve readability --- src/Controller/UpdateController.php | 48 +++++++---------------------- 1 file changed, 11 insertions(+), 37 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 2c64e8b..26a8843 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -362,7 +362,6 @@ public function teamUpdateAction() return $view; } - $em = $this->entityManager; $qb = $em->createQueryBuilder(); $existing_resources = $qb->select('tr') @@ -381,7 +380,10 @@ public function teamUpdateAction() if ($request->isPost()) { $post_data = $request->getPost(); - if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user')) { + if (!$this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user')) { + $this->messenger()->addError("You aren't authorized to change the team details"); + return $view; + } else { //first update the team name and description $qb = $this->entityManager->createQueryBuilder(); $qb->update('Teams\Entity\Team', 'team') @@ -393,19 +395,15 @@ public function teamUpdateAction() ->setParameter(3, $id) ->getQuery() ->execute(); - - } else { - $this->messenger()->addError("You aren't authorized to change the team details"); } - //if they clicked the add user button, just add a member and refresh //TODO: return the form as filled out with whatever changes they made or use Ajax //if they actually click on the add user button if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $id)) { $this->messenger()->addError("You aren't authorized to change this team"); - return new ViewModel(); + return $view; } else { if ($post_data['addUser']) { $team_id = $id; @@ -450,7 +448,11 @@ public function teamUpdateAction() } - if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team')){ + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team')){ + $this->messenger()->addError("You aren't authorized to change this team"); + return $view; + } else { + //first delete then add resources to team $this->processResources($request, $team, $existing_resources, $existing_resource_templates, true); $this->processResources($request, $team, $existing_resources, $existing_resource_templates, false); @@ -492,35 +494,7 @@ public function teamUpdateAction() return $this->redirect()->refresh(); } - - -// array_search($post_data['add-member-role'], $roles_array); - - return - new ViewModel(['team'=>$team, - 'form' => $form, - 'id'=>$id, - 'roles'=> $roles, - 'roles_array' => $roles_array, - 'all_u_collection' => $all_u_collection, - 'team_u_collection' => $team_u_collection, - 'team_u_array'=>$team_u_array, - 'available_u_array'=>$available_u_array, - 'ident' => $userId, - 'post_data'=>$post_data, - 'userForm' => $userForm, - 'itemsetForm' => $itemsetForm, - ]); - - -// $this->redirect()->toRoute('admin/teams/detail/update', ['id'=>$id]); - -// if (!empty($post_data['o:user_add'])){ -// $this->api()->create('team-user', ['o:user' => $post_data['o:user_add'], 'o:team'=> $id, 'o:role'=>1] ); -// } -// if (!empty($post_data['o:user_remove'])){ -// $this->api()->delete('team-user', ['user_id' => $post_data['o:user_remove'], 'team_id'=> $id] ); -// } + return $view; } public function roleUpdateAction() From ea1da3815e02fcf3fa0132ac01dcb5dd6aa18aa3 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Tue, 24 Jan 2023 13:34:43 -0500 Subject: [PATCH 31/41] Remove redundant post check --- src/Controller/UpdateController.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 26a8843..c082e46 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -378,7 +378,7 @@ public function teamUpdateAction() ->getQuery() ->getResult(); - if ($request->isPost()) { + $post_data = $request->getPost(); if (!$this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user')) { $this->messenger()->addError("You aren't authorized to change the team details"); @@ -493,8 +493,6 @@ public function teamUpdateAction() $this->messenger()->addSuccess($successMessage); return $this->redirect()->refresh(); - } - return $view; } public function roleUpdateAction() From b420421e8e280267fca3c45d9d0b61ecc43886f7 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 09:57:16 -0500 Subject: [PATCH 32/41] Fix auth check --- src/Controller/UpdateController.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index c082e46..aa370ce 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -227,7 +227,8 @@ public function teamUpdateAction() { $id = $this->params()->fromRoute('id'); $team_sites = $this->entityManager - ->getRepository('Teams\Entity\TeamSite')->findBy(['team'=>$id]); + ->getRepository('Teams\Entity\TeamSite') + ->findBy(['team'=>$id]); $current_sites = []; $valueOptions = []; @@ -401,7 +402,7 @@ public function teamUpdateAction() //TODO: return the form as filled out with whatever changes they made or use Ajax //if they actually click on the add user button - if ($this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $id)) { + if (!$this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $id)) { $this->messenger()->addError("You aren't authorized to change this team"); return $view; } else { From c624aec5ba197d35b001b95efd1226eeb8ba74ad Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 09:59:39 -0500 Subject: [PATCH 33/41] Add team id parameter to auth check --- src/Controller/UpdateController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index aa370ce..512c0c5 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -449,7 +449,7 @@ public function teamUpdateAction() } - if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team')){ + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team_id)){ $this->messenger()->addError("You aren't authorized to change this team"); return $view; } else { From c0bb4cecd30ea6b24ae711fa3882907edb6dd62e Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:04:04 -0500 Subject: [PATCH 34/41] Add auth check --- src/Controller/UpdateController.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 512c0c5..8a13a10 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -74,14 +74,16 @@ public function removeTeamUser(int $team, int $user) public function updateRole(int $team_id, int $user_id, int $role_id) { - $em = $this->entityManager; - - $team_user = $em->find('Teams\Entity\TeamUser', ['team' => $team_id, 'user'=>$user_id]); - $user_role = $em->find('Teams\Entity\TeamRole', $role_id); - $team_user->setRole($user_role); - + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team_id)){ + $this->messenger()->addError("You aren't authorized to change this team"); + } else { + $em = $this->entityManager; + $team_user = $em->find('Teams\Entity\TeamUser', ['team' => $team_id, 'user'=>$user_id]); + $user_role = $em->find('Teams\Entity\TeamRole', $role_id); + $team_user->setRole($user_role); + $em->flush(); + } - $em->flush(); } public function processItemSets(int $item_set_id) From 1d1f41c48b78c3e365716a390adf426a4202df23 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:09:46 -0500 Subject: [PATCH 35/41] Add auth check to helper function, retun null on failed check --- src/Controller/UpdateController.php | 48 +++++++++++++++++------------ 1 file changed, 29 insertions(+), 19 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 8a13a10..28c8b96 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -47,29 +47,37 @@ public function createNamedParameter( public function addTeamUser(int $team_id, int $user_id, int $role_id) { if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team_id)){ + $this->messenger()->addError("You aren't authorized to change this team"); + return null; + } else { + $team = $this->entityManager->find('Teams\Entity\Team', $team_id); + $user = $this->entityManager->find('Omeka\Entity\User', $user_id); + $role = $this->entityManager->find('Teams\Entity\TeamRole', $role_id); + $team_user = new TeamUser($team, $user, $role); + $this->entityManager->persist($team_user); + //flushing here because this is a mini-form and we want to see the name pop up + //more efficient solution would be to have JS handle the popping and batch update + $this->entityManager->flush(); + return $team_user; } - $team = $this->entityManager->find('Teams\Entity\Team', $team_id); - $user = $this->entityManager->find('Omeka\Entity\User', $user_id); - $role = $this->entityManager->find('Teams\Entity\TeamRole', $role_id); - $team_user = new TeamUser($team, $user, $role); - $this->entityManager->persist($team_user); - - //flushing here because this is a mini-form and we want to see the name pop up - //more efficient solution would be to have JS handle the popping and batch update - $this->entityManager->flush(); - return $team_user; } public function removeTeamUser(int $team, int $user) { - $em = $this->entityManager; - $team_user = $em->find('Teams\Entity\TeamUser', ['team' => $team, 'user' => $user]); - $em->remove($team_user); + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team_id)){ + $this->messenger()->addError("You aren't authorized to change this team"); + } else { + $this->messenger()->addError("removed user"); + + $em = $this->entityManager; + $team_user = $em->find('Teams\Entity\TeamUser', ['team' => $team, 'user' => $user]); + $em->remove($team_user); - //flushing here because this is a mini-form and we want to see the name pop up - //more efficient solution would be to have JS handle the popping and batch update - $em->flush(); + //flushing here because this is a mini-form and we want to see the name pop up + //more efficient solution would be to have JS handle the popping and batch update + $em->flush(); + } } public function updateRole(int $team_id, int $user_id, int $role_id) @@ -414,10 +422,12 @@ public function teamUpdateAction() $role_id = $post_data['member-role']; $newMember = $this->addTeamUser($team_id, $user_id, $role_id); - $successMessage = sprintf("Successfully added %s as a %s", $newMember->getUser()->getName(), $newMember->getRole()->getName()); - $this->messenger()->addSuccess($successMessage); + if ($newMember){ + $successMessage = sprintf("Successfully added %s as a %s", $newMember->getUser()->getName(), $newMember->getRole()->getName()); + $this->messenger()->addSuccess($successMessage); + return $this->redirect()->refresh(); + } - return $this->redirect()->refresh(); } //remove all team users and add the ones that are active in the form From 6fca83616c011f99893cf114a913e17f83aeaa56 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:12:02 -0500 Subject: [PATCH 36/41] Correct variable name --- src/Controller/UpdateController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 28c8b96..f21bc65 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -65,7 +65,7 @@ public function addTeamUser(int $team_id, int $user_id, int $role_id) public function removeTeamUser(int $team, int $user) { - if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team_id)){ + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team)){ $this->messenger()->addError("You aren't authorized to change this team"); } else { $this->messenger()->addError("removed user"); @@ -412,7 +412,7 @@ public function teamUpdateAction() //TODO: return the form as filled out with whatever changes they made or use Ajax //if they actually click on the add user button - if (!$this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $id)) { + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $id)) { $this->messenger()->addError("You aren't authorized to change this team"); return $view; } else { From 3c0e75a9137702302846794bdb28c9c12e9c2332 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:18:09 -0500 Subject: [PATCH 37/41] Refactor variable name --- src/Controller/UpdateController.php | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index f21bc65..b7d2392 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -235,10 +235,10 @@ public function tempteamUpdateAction() public function teamUpdateAction() { - $id = $this->params()->fromRoute('id'); + $team_id = $this->params()->fromRoute('id'); $team_sites = $this->entityManager ->getRepository('Teams\Entity\TeamSite') - ->findBy(['team'=>$id]); + ->findBy(['team'=>$team_id]); $current_sites = []; $valueOptions = []; @@ -289,14 +289,14 @@ public function teamUpdateAction() //is a team associated with the id from the route //TODO I'm not sure this is a realist issue try { - $team = $this->api()->read('team', ['id'=>$id]); + $team = $this->api()->read('team', ['id'=>$team_id]); } catch (InvalidArgumentException $exception) { //TODO: (error_msg) this should return an error message not silently return to teams page return $this->redirect()->toRoute('admin/teams'); } //TODO: get team with a one line entity manager call - $criteria = ['id' => $id]; + $criteria = ['id' => $team_id]; $qb = $this->entityManager->createQueryBuilder(); $entityClass = 'Teams\Entity\Team'; @@ -313,7 +313,7 @@ public function teamUpdateAction() $entity = $qb->getQuery()->getOneOrNullResult(); - $data = $this->api()->read('team', ['id'=>$id])->getContent(); + $data = $this->api()->read('team', ['id'=>$team_id])->getContent(); $request = new Request('update', 'team'); $event = new Event('api.hydrate.pre', $this, [ 'entity' => $entity, @@ -333,7 +333,7 @@ public function teamUpdateAction() //get the team's users and put them in an associative array id:name $team_u_array = array(); - $team_u_collection = $this->api()->read('team', ['id'=>$id])->getContent()->users(); + $team_u_collection = $this->api()->read('team', ['id'=>$team_id])->getContent()->users(); foreach ($team_u_collection as $team_user): $team_u_array[$team_user->getUser()->getId()] = $team_user->getUser()->getName(); endforeach; @@ -358,7 +358,7 @@ public function teamUpdateAction() $request = $this->getRequest(); $view = new ViewModel(['team'=>$team, 'form' => $form, - 'id'=>$id, + 'id'=>$team_id, 'roles'=> $roles, 'roles_array' => $roles_array, 'all_u_collection' => $all_u_collection, @@ -378,14 +378,14 @@ public function teamUpdateAction() $existing_resources = $qb->select('tr') ->from('Teams\Entity\TeamResource', 'tr') ->where('tr.team = :team_id') - ->setParameter('team_id', $id) + ->setParameter('team_id', $team_id) ->getQuery() ->getResult(); $existing_resource_templates = $qb->select('trt') ->from('Teams\Entity\TeamResourceTemplate', 'trt') ->where('trt.team = :team_id') - ->setParameter('team_id', $id) + ->setParameter('team_id', $team_id) ->getQuery() ->getResult(); @@ -403,7 +403,7 @@ public function teamUpdateAction() ->where('team.id = ?3') ->setParameter(1, $post_data['o:name']) ->setParameter(2, $post_data['o:description']) - ->setParameter(3, $id) + ->setParameter(3, $team_id) ->getQuery() ->execute(); } @@ -412,12 +412,11 @@ public function teamUpdateAction() //TODO: return the form as filled out with whatever changes they made or use Ajax //if they actually click on the add user button - if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $id)) { + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $team_id)) { $this->messenger()->addError("You aren't authorized to change this team"); return $view; } else { if ($post_data['addUser']) { - $team_id = $id; $user_id = $post_data['add-member']; $role_id = $post_data['member-role']; $newMember = $this->addTeamUser($team_id, $user_id, $role_id); @@ -431,13 +430,12 @@ public function teamUpdateAction() } //remove all team users and add the ones that are active in the form - $team_users = $em->getRepository('Teams\Entity\TeamUser')->findBy(['team'=>$id]); + $team_users = $em->getRepository('Teams\Entity\TeamUser')->findBy(['team'=>$team_id]); foreach ($team_users as $tu): $em->remove($tu); endforeach; $em->flush(); - $team_id = $id; $team = $em->getRepository('Teams\Entity\Team')->findOneBy(['id'=>$team_id]); if ($post_data['UserRole']) { @@ -489,7 +487,7 @@ public function teamUpdateAction() //handle removed sites foreach ($current_sites as $site) { if (!in_array($site, $post_data['teamSites']['o:site'])) { - $ts = $em->getRepository('Teams\Entity\TeamSite')->findOneBy(['team'=>$id, 'site'=>$site]); + $ts = $em->getRepository('Teams\Entity\TeamSite')->findOneBy(['team'=>$team_id, 'site'=>$site]); $request = new Request('delete', 'team_site'); $event = new Event('api.hydrate.pre', $this, [ 'entity' => $ts, From 3c7341fc3889607ddcadd931d30f6d13bf48b7bf Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:19:15 -0500 Subject: [PATCH 38/41] Add team_id to authority check --- src/Controller/UpdateController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index b7d2392..2afa22d 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -391,7 +391,7 @@ public function teamUpdateAction() $post_data = $request->getPost(); - if (!$this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user')) { + if (!$this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team_user', $team_id)) { $this->messenger()->addError("You aren't authorized to change the team details"); return $view; } else { From 83dd3a3db609213a8e95db204dea0d8b31f9c7b9 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:20:00 -0500 Subject: [PATCH 39/41] Refactor variable name --- src/Controller/UpdateController.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 2afa22d..cb9de66 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -63,15 +63,15 @@ public function addTeamUser(int $team_id, int $user_id, int $role_id) } } - public function removeTeamUser(int $team, int $user) + public function removeTeamUser(int $team_id, int $user) { - if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team)){ + if (! $this->teamAuth()->teamAuthorized($this->identity(), 'update', 'team', $team_id)){ $this->messenger()->addError("You aren't authorized to change this team"); } else { $this->messenger()->addError("removed user"); $em = $this->entityManager; - $team_user = $em->find('Teams\Entity\TeamUser', ['team' => $team, 'user' => $user]); + $team_user = $em->find('Teams\Entity\TeamUser', ['team' => $team_id, 'user' => $user]); $em->remove($team_user); //flushing here because this is a mini-form and we want to see the name pop up From 14946eb0a381cd694a9fed01e111d48c6a70c860 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:24:49 -0500 Subject: [PATCH 40/41] Put failure condition first for consistancy --- src/Controller/UpdateController.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index cb9de66..041f54e 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -421,11 +421,13 @@ public function teamUpdateAction() $role_id = $post_data['member-role']; $newMember = $this->addTeamUser($team_id, $user_id, $role_id); - if ($newMember){ - $successMessage = sprintf("Successfully added %s as a %s", $newMember->getUser()->getName(), $newMember->getRole()->getName()); - $this->messenger()->addSuccess($successMessage); - return $this->redirect()->refresh(); + if (! $newMember){ + $this->messenger()->addError("Unable to update team members"); + return $view; } + $successMessage = sprintf("Successfully added %s as a %s", $newMember->getUser()->getName(), $newMember->getRole()->getName()); + $this->messenger()->addSuccess($successMessage); + return $this->redirect()->refresh(); } From d4dd49479b6053a53e5e6e572743491d72239d41 Mon Sep 17 00:00:00 2001 From: Alex Dryden Date: Wed, 25 Jan 2023 10:28:09 -0500 Subject: [PATCH 41/41] Cleanup --- src/Controller/UpdateController.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/Controller/UpdateController.php b/src/Controller/UpdateController.php index 041f54e..51177a9 100644 --- a/src/Controller/UpdateController.php +++ b/src/Controller/UpdateController.php @@ -250,9 +250,6 @@ public function teamUpdateAction() } $all_sites = $this->api()->search('sites', ['bypass_team_filter'=>true])->getContent(); - //this is set to display the teams for the current user. This works in many contexts for - //normal users, but not for admins doing maintenance or adding new users to a team - foreach ($all_sites as $site) { if ($site->owner()) { $owner = $site->owner()->name(); @@ -287,17 +284,16 @@ public function teamUpdateAction() $form = $this->getForm(TeamUpdateForm::class); //is a team associated with the id from the route - //TODO I'm not sure this is a realist issue + //TODO I'm not sure this is a realistic issue try { $team = $this->api()->read('team', ['id'=>$team_id]); } catch (InvalidArgumentException $exception) { - //TODO: (error_msg) this should return an error message not silently return to teams page + $this->messenger()->addError("There was a problem finding the team."); return $this->redirect()->toRoute('admin/teams'); } //TODO: get team with a one line entity manager call $criteria = ['id' => $team_id]; - $qb = $this->entityManager->createQueryBuilder(); $entityClass = 'Teams\Entity\Team';