DatasetListByInstanceAction.php 3 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?php

/*
 * This file is part of Anis Server.
 *
 * (c) Laboratoire d'Astrophysique de Marseille / CNRS
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */
declare(strict_types=1);

namespace App\Action;

use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use Slim\Exception\HttpNotFoundException;

final class DatasetListByInstanceAction extends AbstractAction
{
    /**
     * `GET`  Returns a list of all datasets for a given instance
     *
     * @param  ServerRequestInterface $request  PSR-7 This object represents the HTTP request
     * @param  ResponseInterface      $response PSR-7 This object represents the HTTP response
     * @param  string[]               $args     This table contains information transmitted in the URL (see routes.php)
     *
     * @return ResponseInterface
     */
    public function __invoke(Request $request, Response $response, array $args): Response
    {
        if ($request->getMethod() === OPTIONS) {
            return $response->withHeader('Access-Control-Allow-Methods', 'GET, OPTIONS');
        }

        $instance = $this->em->find('App\Entity\Instance', $args['name']);

        // Returns HTTP 404 if the dataset is not found
        if (is_null($instance)) {
            throw new HttpNotFoundException(
                $request,
                'Instance with name ' . $args['name'] . ' is not found'
            );
        }

        if ($request->getMethod() === GET) {
47
48
            $token = $request->getAttribute('token');

49
50
51
52
            $qb = $this->em->createQueryBuilder();
            $qb->select('d')
                ->from('App\Entity\Dataset', 'd')
                ->join('d.datasetFamily', 'f')
53
54
55
56
57
58
59
60
61
                ->where($qb->expr()->eq('IDENTITY(f.instance)', ':instanceName'));
            
            if (!$token) {
                // If user is not connected return public datasets
                $qb->andWhere($qb->expr()->eq('d.public', 'true'));
            } else {
                $roles = $token->getClaim('realm_access')->roles;
                if (!in_array('anis_admin', $roles)) {
                    // If user is not an admin return public datasets
62
                    // And returns datasets from user's groups
63
64
                    $qb->andWhere($qb->expr()->eq('d.public', 'true'));
                    $qb2 = $this->em->createQueryBuilder();
65
                    $qb2->select('d2.name')
66
                        ->from('App\Entity\Group', 'g')
67
68
69
                        ->join('g.datasets', 'd2')
                        ->where($qb2->expr()->in('g.role', $roles));
                    $qb->orWhere($qb->expr()->in('d.name', $qb2->getDQL()));
70
71
72
73
                }
            }
            
            $qb->setParameter('instanceName', $instance->getName());
74
75
76
77
78
79
80
81
            $datasets = $qb->getQuery()->getResult();
            $payload = json_encode($datasets);
        }

        $response->getBody()->write($payload);
        return $response;
    }
}