DatasetListByInstanceAction.php 3.67 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<?php

/*
 * This file is part of Anis Server.
 *
 * (c) Laboratoire d'Astrophysique de Marseille / CNRS
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */
declare(strict_types=1);

namespace App\Action;

use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
17
use Doctrine\ORM\EntityManagerInterface;
18
19
20
21
use Slim\Exception\HttpNotFoundException;

final class DatasetListByInstanceAction extends AbstractAction
{
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
    /**
     * Contains settings to handle Json Web Token
     *
     * @var array
     */
    private $settings;

    /**
     * Create the classe before call __invoke to execute the action
     *
     * @param EntityManagerInterface $em Doctrine Entity Manager Interface
     * @param array $settings Settings about token
     */
    public function __construct(EntityManagerInterface $em, array $settings)
    {
        parent::__construct($em);
        $this->settings = $settings;
    }

41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
    /**
     * `GET`  Returns a list of all datasets for a given instance
     *
     * @param  ServerRequestInterface $request  PSR-7 This object represents the HTTP request
     * @param  ResponseInterface      $response PSR-7 This object represents the HTTP response
     * @param  string[]               $args     This table contains information transmitted in the URL (see routes.php)
     *
     * @return ResponseInterface
     */
    public function __invoke(Request $request, Response $response, array $args): Response
    {
        if ($request->getMethod() === OPTIONS) {
            return $response->withHeader('Access-Control-Allow-Methods', 'GET, OPTIONS');
        }

        $instance = $this->em->find('App\Entity\Instance', $args['name']);

        // Returns HTTP 404 if the dataset is not found
        if (is_null($instance)) {
            throw new HttpNotFoundException(
                $request,
                'Instance with name ' . $args['name'] . ' is not found'
            );
        }

        if ($request->getMethod() === GET) {
67
68
            $token = $request->getAttribute('token');

69
70
71
72
            $qb = $this->em->createQueryBuilder();
            $qb->select('d')
                ->from('App\Entity\Dataset', 'd')
                ->join('d.datasetFamily', 'f')
73
74
                ->where($qb->expr()->eq('IDENTITY(f.instance)', ':instanceName'));
            
75
76
77
            if (boolval($this->settings['enabled'])) {
                if (!$token) {
                    // If user is not connected return public datasets
78
                    $qb->andWhere($qb->expr()->eq('d.public', 'true'));
79
80
81
82
83
84
85
86
87
88
89
90
91
                } else {
                    $roles = $token->getClaim('realm_access')->roles;
                    if (!in_array($this->settings['admin_role'], $roles)) {
                        // If user is not an admin return public datasets
                        // And returns datasets from user's groups
                        $qb->andWhere($qb->expr()->eq('d.public', 'true'));
                        $qb2 = $this->em->createQueryBuilder();
                        $qb2->select('d2.name')
                            ->from('App\Entity\Group', 'g')
                            ->join('g.datasets', 'd2')
                            ->where($qb2->expr()->in('g.role', $roles));
                        $qb->orWhere($qb->expr()->in('d.name', $qb2->getDQL()));
                    }
92
93
94
95
                }
            }
            
            $qb->setParameter('instanceName', $instance->getName());
96
97
98
99
100
101
102
103
            $datasets = $qb->getQuery()->getResult();
            $payload = json_encode($datasets);
        }

        $response->getBody()->write($payload);
        return $response;
    }
}