Merge pull request #7811 from NateWr/i7799_attachers

#7799 Fix fileStages param in submission file API and use ActionPanel on admin page
pkp · Apr 5, 2022 · d76879c · d76879c
2 parents 33eda9b + 1f9608d
commit d76879c
Show file tree

Hide file tree

Showing 3 changed files with 140 additions and 66 deletions.
diff --git a/api/v1/submissions/PKPSubmissionFileHandler.inc.php b/api/v1/submissions/PKPSubmissionFileHandler.inc.php
@@ -172,49 +172,46 @@ public function getMany($slimRequest, $response, $args)
                 );
         }
 
-        if (empty($params['fileStages'])) {
-            $params['fileStages'] = $allowedFileStages;
-        } else {
-            foreach ($params['fileStages'] as $fileStage) {
-                if (!in_array($fileStage, $allowedFileStages)) {
-                    return $response->withStatus(403)->withJsonError('api.submissionFiles.403.unauthorizedFileStageId');
-                }
+        $fileStages = empty($params['fileStages'])
+            ? $allowedFileStages
+            : $params['fileStages'];
+        foreach ($fileStages as $fileStage) {
+            if (!in_array($fileStage, $allowedFileStages)) {
+                return $response->withStatus(403)->withJsonError('api.submissionFiles.403.unauthorizedFileStageId');
             }
         }
 
-        // Get the valid review round ids for allowed file stage ids
-        $allowedReviewRoundIds = null;
-        // Check if requested reviewRounds are valid
+        $collector = Repo::submissionFile()
+            ->getCollector()
+            ->filterBySubmissionIds([$submission->getId()])
+            ->filterByFileStages($fileStages);
+
+        // Filter by requested review round ids
         if (!empty($params['reviewRoundIds'])) {
+            $reviewRoundIds = $params['reviewRoundIds'];
             $allowedReviewRoundIds = [];
-            $reviewRoundDao = DAORegistry::getDAO('ReviewRoundDAO');
-            if (!empty(array_intersect([SubmissionFile::SUBMISSION_FILE_INTERNAL_REVIEW_FILE, SubmissionFile::SUBMISSION_FILE_INTERNAL_REVIEW_REVISION], $params['fileStages']))) {
+            $reviewRoundDao = DAORegistry::getDAO('ReviewRoundDAO'); /** @var ReviewRoundDAO  $reviewRoundDao*/
+            if (!empty(array_intersect([SubmissionFile::SUBMISSION_FILE_INTERNAL_REVIEW_FILE, SubmissionFile::SUBMISSION_FILE_INTERNAL_REVIEW_REVISION], $fileStages))) {
                 $result = $reviewRoundDao->getBySubmissionId($submission->getId(), WORKFLOW_STAGE_ID_INTERNAL_REVIEW);
                 while ($reviewRound = $result->next()) {
                     $allowedReviewRoundIds[] = $reviewRound->getId();
                 }
             }
-            if (!empty(array_intersect([SubmissionFile::SUBMISSION_FILE_REVIEW_FILE, SubmissionFile::SUBMISSION_FILE_REVIEW_REVISION], $params['fileStages']))) {
+            if (!empty(array_intersect([SubmissionFile::SUBMISSION_FILE_REVIEW_FILE, SubmissionFile::SUBMISSION_FILE_REVIEW_REVISION], $fileStages))) {
                 $result = $reviewRoundDao->getBySubmissionId($submission->getId(), WORKFLOW_STAGE_ID_EXTERNAL_REVIEW);
                 while ($reviewRound = $result->next()) {
                     $allowedReviewRoundIds[] = $reviewRound->getId();
                 }
             }
 
-            foreach ($params['reviewRoundIds'] as $reviewRoundId) {
+            foreach ($reviewRoundIds as $reviewRoundId) {
                 if (!in_array($reviewRoundId, $allowedReviewRoundIds)) {
                     return $response->withStatus(403)->withJsonError('api.submissionFiles.403.unauthorizedReviewRound');
                 }
             }
-        }
 
-        $collector = Repo::submissionFile()
-            ->getCollector()
-            ->filterBySubmissionIds(
-                [$submission->getId()]
-            )
-            ->filterByReviewRoundIds($allowedReviewRoundIds)
-            ->filterByFileStages($allowedFileStages);
+            $collector->filterByReviewRoundIds($reviewRoundIds);
+        }
 
         $files = Repo::submissionFile()->getMany($collector);
 

diff --git a/locale/en_US/admin.po b/locale/en_US/admin.po
@@ -32,11 +32,19 @@ msgstr "No authentication sources have been defined."
 msgid "admin.authSources"
 msgstr "Authentication Sources"
 
+msgid "admin.deleteCache"
+msgstr "Delete Caches"
+
+msgid "admin.deleteCache.description"
+msgstr "Delete cache files from the system. This should only be done in development environments."
+
+#, fuzzy
 msgid "admin.clearDataCache"
-msgstr "Clear Data Caches"
+msgstr "Delete Data Caches"
 
+#, fuzzy
 msgid "admin.clearTemplateCache"
-msgstr "Clear Template Cache"
+msgstr "Delete Template Cache"
 
 msgid "admin.configFileUpdatedInstructions"
 msgstr "Your configuration file has been successfully updated. Please note that if your site no longer functions correctly you may need to manually fix your configuration by editing <tt>config.inc.php</tt> directly."
@@ -68,6 +76,9 @@ msgstr "Display New Configuration"
 msgid "admin.expireSessions"
 msgstr "Expire User Sessions"
 
+msgid "admin.expireSessions.description"
+msgstr "All users will be immediately logged out of the application, including you, and will need to login again."
+
 msgid "admin.languages.cantDisable"
 msgstr "This locale is the primary language of the site. You can't disable it until you choose another primary locale."
 
@@ -131,8 +142,15 @@ msgstr "Your {$softwareName} installation automatically executed and finished th
 msgid "admin.scheduledTask.confirmClearLogs"
 msgstr "Are you sure you want to delete all scheduled task execution logs?"
 
+#, fuzzy
 msgid "admin.scheduledTask.clearLogs"
-msgstr "Clear Scheduled Task Execution Logs"
+msgstr "Clear Scheduled Task Logs"
+
+msgid "admin.scheduledTask.clearLogs.description"
+msgstr "Delete all logs of scheduled tasks processes that have been run."
+
+msgid "admin.scheduledTask.clearLogs.delete"
+msgstr "Delete Task Logs"
 
 msgid "admin.scheduledTask.publishSubmissions"
 msgstr "Publish submissions scheduled for publication"
@@ -238,6 +256,12 @@ msgstr "The configuration file <tt>config.inc.php</tt> does not exist, is not re
 msgid "admin.systemInformation"
 msgstr "System Information"
 
+msgid "admin.systemInformation.description"
+msgstr "View information about the version and configuration settings of the application and server."
+
+msgid "admin.systemInformation.view"
+msgstr "View System Information"
+
 msgid "admin.versionBuild"
 msgstr "Build"
 
@@ -429,6 +453,12 @@ msgstr "View queued jobs"
 msgid "navigation.tools.jobs"
 msgstr "Jobs"
 
+msgid "navigation.tools.jobs.description"
+msgstr "View all of the queued jobs in the system and track failed attempts."
+
+msgid "navigation.tools.jobs.view"
+msgstr "View Jobs"
+
 msgid "admin.jobs.list.id"
 msgstr "ID"
 

diff --git a/templates/admin/index.tpl b/templates/admin/index.tpl
@@ -21,46 +21,93 @@
 		</notification>
 	{/if}
 
-	<div class="app__contentPanel">
+	<action-panel>
 		<h2>{translate key="admin.siteManagement"}</h2>
-		<ul>
-			<li><a href="{url op="contexts"}">{translate key="admin.hostedContexts"}</a></li>
-			{call_hook name="Templates::Admin::Index::SiteManagement"}
-			<li><a href="{url op="settings"}">{translate key="admin.siteSettings"}</a></li>
-		</ul>
-		<h2>{translate key="admin.adminFunctions"}</h2>
-		<ul>
-			<li><a href="{url op="systemInfo"}">{translate key="admin.systemInformation"}</a></li>
-			<li>
-				<form type="post" action="{url op="expireSessions"}">
-					{csrf}
-					<button class="-linkButton" onclick="return confirm({translate|json_encode|escape key="admin.confirmExpireSessions"})">{translate key="admin.expireSessions"}</button>
-				</form>
-			</li>
-			<li>
-				<form type="post" action="{url op="clearDataCache"}">
-					{csrf}
-					<button class="-linkButton">{translate key="admin.clearDataCache"}</button>
-				</form>
-			</li>
-			<li>
-				<form type="post" action="{url op="clearTemplateCache"}">
-					{csrf}
-					<button class="-linkButton" onclick="return confirm({translate|json_encode|escape key="admin.confirmClearTemplateCache"})">{translate key="admin.clearTemplateCache"}</button>
-				</form>
-			</li>
-			<li>
-				<form type="post" action="{url op="clearScheduledTaskLogFiles"}">
-					{csrf}
-					<button class="-linkButton" onclick="return confirm({translate|json_encode|escape key="admin.scheduledTask.confirmClearLogs"})">{translate key="admin.scheduledTask.clearLogs"}</button>
-				</form>
-			</li>
-			<li>
-				<a href="{url op="jobs"}">
-					{translate key="navigation.tools.jobs"}
-				</a>
-			</li>
-			{call_hook name="Templates::Admin::Index::AdminFunctions"}
-		</ul>
-	</div>
+		<p>
+			{translate key="admin.siteManagement.description"}
+		</p>
+		<template slot="actions">
+			<pkp-button
+				element="a"
+				href="{url op="contexts"}"
+			>
+				{translate key="admin.hostedContexts"}
+			</pkp-button>
+			<pkp-button
+				element="a"
+				href="{url op="settings"}"
+			>
+				{translate key="admin.siteSettings"}
+			</pkp-button>
+		</template>
+	</action-panel>
+	<action-panel>
+		<h2>{translate key="admin.systemInformation"}</h2>
+		<p>
+			{translate key="admin.systemInformation.description"}
+		</p>
+		<template slot="actions">
+			<pkp-button
+				element="a"
+				href="{url op="systemInfo"}"
+			>
+				{translate key="admin.systemInformation.view"}
+			</pkp-button>
+		</template>
+	</action-panel>
+	<action-panel>
+		<h2>{translate key="admin.expireSessions"}</h2>
+		<p>
+			{translate key="admin.expireSessions.description"}
+		</p>
+		<template slot="actions">
+			<form type="post" action="{url op="expireSessions"}">
+				{csrf}
+				<button class="pkpButton pkpButton--isWarnable" onclick="return confirm({translate|json_encode|escape key="admin.confirmExpireSessions"})">{translate key="admin.expireSessions"}</button>
+			</form>
+		</template>
+	</action-panel>
+	<action-panel>
+		<h2>{translate key="admin.deleteCache"}</h2>
+		<p>
+			{translate key="admin.deleteCache.description"}
+		</p>
+		<template slot="actions">
+			<form type="post" action="{url op="clearDataCache"}">
+				{csrf}
+				<button class="pkpButton pkpButton--isWarnable">{translate key="admin.clearDataCache"}</button>
+			</form>
+			<form type="post" action="{url op="clearTemplateCache"}">
+				{csrf}
+				<button class="pkpButton pkpButton--isWarnable" onclick="return confirm({translate|json_encode|escape key="admin.confirmClearTemplateCache"})">{translate key="admin.clearTemplateCache"}</button>
+			</form>
+		</template>
+	</action-panel>
+	<action-panel>
+		<h2>{translate key="admin.scheduledTask.clearLogs"}</h2>
+		<p>
+			{translate key="admin.scheduledTask.clearLogs.description"}
+		</p>
+		<template slot="actions">
+			<form type="post" action="{url op="clearScheduledTaskLogFiles"}">
+				{csrf}
+				<button class="pkpButton pkpButton--isWarnable" onclick="return confirm({translate|json_encode|escape key="admin.scheduledTask.confirmClearLogs"})">{translate key="admin.scheduledTask.clearLogs.delete"}</button>
+			</form>
+		</template>
+	</action-panel>
+	<action-panel>
+		<h2>{translate key="navigation.tools.jobs"}</h2>
+		<p>
+			{translate key="navigation.tools.jobs.description"}
+		</p>
+		<template slot="actions">
+			<pkp-button
+				element="a"
+				href="{url op="jobs"}"
+			>
+				{translate key="navigation.tools.jobs.view"}
+			</pkp-button>
+		</template>
+	</action-panel>
+	{call_hook name="Templates::Admin::Index::AdminFunctions"}
 {/block}