2018-04-11 19:49:35 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace Grocy\Controllers;
|
|
|
|
|
|
2020-08-29 12:05:32 +02:00
|
|
|
use Grocy\Controllers\Users\User;
|
2020-09-01 19:59:40 +02:00
|
|
|
use Slim\Exception\HttpBadRequestException;
|
2020-08-29 12:05:32 +02:00
|
|
|
|
2018-04-11 19:49:35 +02:00
|
|
|
class GenericEntityApiController extends BaseApiController
|
|
|
|
|
{
|
2020-02-11 17:42:03 +01:00
|
|
|
public function AddObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
2018-04-11 19:49:35 +02:00
|
|
|
{
|
2022-10-17 21:00:10 +02:00
|
|
|
if ($args['entity'] == 'shopping_list' || $args['entity'] == 'shopping_lists')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'recipes' || $args['entity'] == 'recipes_pos' || $args['entity'] == 'recipes_nestings')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_RECIPES);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'meal_plan')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_RECIPES_MEALPLAN);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'equipment')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_EQUIPMENT);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
|
|
|
|
}
|
2020-08-29 12:05:32 +02:00
|
|
|
|
2020-12-12 10:10:21 +01:00
|
|
|
if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoEdit($args['entity']))
|
2018-04-22 14:25:08 +02:00
|
|
|
{
|
2020-09-06 10:10:30 +02:00
|
|
|
if ($this->IsEntityWithEditRequiresAdmin($args['entity']))
|
|
|
|
|
{
|
2020-09-06 10:00:49 +02:00
|
|
|
User::checkPermission($request, User::PERMISSION_ADMIN);
|
2020-09-06 10:10:30 +02:00
|
|
|
}
|
2020-09-06 10:00:49 +02:00
|
|
|
|
2020-10-14 22:49:29 +02:00
|
|
|
$requestBody = $this->GetParsedAndFilteredRequestBody($request);
|
2019-01-05 20:39:22 +01:00
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
if ($requestBody === null)
|
|
|
|
|
{
|
|
|
|
|
throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-16 22:18:37 +01:00
|
|
|
$newRow = $this->getDatabase()->{$args['entity']}()->createRow($requestBody);
|
2019-01-05 20:39:22 +01:00
|
|
|
$newRow->save();
|
2023-01-04 22:54:12 +01:00
|
|
|
$newObjectId = $this->getDatabase()->lastInsertId();
|
|
|
|
|
|
|
|
|
|
// TODO: This should be better done somehow in StockService
|
|
|
|
|
if ($args['entity'] == 'products' && boolval($this->getUsersService()->GetUserSetting(GROCY_USER_ID, 'shopping_list_auto_add_below_min_stock_amount')))
|
|
|
|
|
{
|
2023-02-06 20:22:10 +01:00
|
|
|
$this->getStockService()->AddMissingProductsToShoppingList($this->getUsersService()->GetUserSetting(GROCY_USER_ID, 'shopping_list_auto_add_below_min_stock_amount_list_id'));
|
2023-01-04 22:54:12 +01:00
|
|
|
}
|
2020-11-16 22:18:37 +01:00
|
|
|
|
2020-08-31 20:40:31 +02:00
|
|
|
return $this->ApiResponse($response, [
|
2023-01-04 22:54:12 +01:00
|
|
|
'created_object_id' => $newObjectId
|
2020-08-31 20:40:31 +02:00
|
|
|
]);
|
2019-01-05 20:39:22 +01:00
|
|
|
}
|
|
|
|
|
catch (\Exception $ex)
|
|
|
|
|
{
|
2019-01-19 14:51:51 +01:00
|
|
|
return $this->GenericErrorResponse($response, $ex->getMessage());
|
2019-01-05 20:39:22 +01:00
|
|
|
}
|
2018-04-22 14:25:08 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2019-01-19 14:51:51 +01:00
|
|
|
return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
|
2018-04-22 14:25:08 +02:00
|
|
|
}
|
2020-08-31 20:40:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function DeleteObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
|
|
|
|
{
|
2022-10-17 21:00:10 +02:00
|
|
|
if ($args['entity'] == 'shopping_list' || $args['entity'] == 'shopping_lists')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_DELETE);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'recipes' || $args['entity'] == 'recipes_pos' || $args['entity'] == 'recipes_nestings')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_RECIPES);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'meal_plan')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_RECIPES_MEALPLAN);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'equipment')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_EQUIPMENT);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
|
|
|
|
}
|
2020-08-31 20:40:31 +02:00
|
|
|
|
2020-12-21 16:20:12 +01:00
|
|
|
if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoDelete($args['entity']))
|
2020-08-31 20:40:31 +02:00
|
|
|
{
|
2020-09-06 10:10:30 +02:00
|
|
|
if ($this->IsEntityWithEditRequiresAdmin($args['entity']))
|
|
|
|
|
{
|
2020-09-06 10:00:49 +02:00
|
|
|
User::checkPermission($request, User::PERMISSION_ADMIN);
|
2020-09-06 10:10:30 +02:00
|
|
|
}
|
2020-11-16 22:18:37 +01:00
|
|
|
|
|
|
|
|
$row = $this->getDatabase()->{$args['entity']}($args['objectId']);
|
2021-06-28 17:00:16 +02:00
|
|
|
if ($row == null)
|
|
|
|
|
{
|
|
|
|
|
return $this->GenericErrorResponse($response, 'Object not found', 400);
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-31 20:40:31 +02:00
|
|
|
$row->delete();
|
2020-11-16 22:18:37 +01:00
|
|
|
|
2020-08-31 20:40:31 +02:00
|
|
|
return $this->EmptyApiResponse($response);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2020-09-14 11:20:29 +02:00
|
|
|
return $this->GenericErrorResponse($response, 'Invalid entity');
|
2020-08-31 20:40:31 +02:00
|
|
|
}
|
2018-04-11 19:49:35 +02:00
|
|
|
}
|
|
|
|
|
|
2020-02-11 17:42:03 +01:00
|
|
|
public function EditObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
2018-04-11 19:49:35 +02:00
|
|
|
{
|
2022-10-17 21:00:10 +02:00
|
|
|
if ($args['entity'] == 'shopping_list' || $args['entity'] == 'shopping_lists')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_SHOPPINGLIST_ITEMS_ADD);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'recipes' || $args['entity'] == 'recipes_pos' || $args['entity'] == 'recipes_nestings')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_RECIPES);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'meal_plan')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_RECIPES_MEALPLAN);
|
|
|
|
|
}
|
|
|
|
|
elseif ($args['entity'] == 'equipment')
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_EQUIPMENT);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
|
|
|
|
}
|
2020-08-29 12:05:32 +02:00
|
|
|
|
2020-12-12 10:10:21 +01:00
|
|
|
if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoEdit($args['entity']))
|
2018-04-22 14:25:08 +02:00
|
|
|
{
|
2020-09-06 10:10:30 +02:00
|
|
|
if ($this->IsEntityWithEditRequiresAdmin($args['entity']))
|
|
|
|
|
{
|
2020-09-06 10:00:49 +02:00
|
|
|
User::checkPermission($request, User::PERMISSION_ADMIN);
|
2020-09-06 10:10:30 +02:00
|
|
|
}
|
2020-10-14 22:49:29 +02:00
|
|
|
|
|
|
|
|
$requestBody = $this->GetParsedAndFilteredRequestBody($request);
|
2019-01-05 20:39:22 +01:00
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
if ($requestBody === null)
|
|
|
|
|
{
|
|
|
|
|
throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-16 22:18:37 +01:00
|
|
|
$row = $this->getDatabase()->{$args['entity']}($args['objectId']);
|
2021-06-28 17:00:16 +02:00
|
|
|
if ($row == null)
|
|
|
|
|
{
|
|
|
|
|
return $this->GenericErrorResponse($response, 'Object not found', 400);
|
|
|
|
|
}
|
|
|
|
|
|
2019-01-05 20:39:22 +01:00
|
|
|
$row->update($requestBody);
|
2023-01-04 22:54:12 +01:00
|
|
|
|
|
|
|
|
// TODO: This should be better done somehow in StockService
|
|
|
|
|
if ($args['entity'] == 'products' && boolval($this->getUsersService()->GetUserSetting(GROCY_USER_ID, 'shopping_list_auto_add_below_min_stock_amount')))
|
|
|
|
|
{
|
2023-02-06 20:22:10 +01:00
|
|
|
$this->getStockService()->AddMissingProductsToShoppingList($this->getUsersService()->GetUserSetting(GROCY_USER_ID, 'shopping_list_auto_add_below_min_stock_amount_list_id'));
|
2023-01-04 22:54:12 +01:00
|
|
|
}
|
2020-11-16 22:18:37 +01:00
|
|
|
|
2019-01-19 14:51:51 +01:00
|
|
|
return $this->EmptyApiResponse($response);
|
2019-01-05 20:39:22 +01:00
|
|
|
}
|
|
|
|
|
catch (\Exception $ex)
|
|
|
|
|
{
|
2019-01-19 14:51:51 +01:00
|
|
|
return $this->GenericErrorResponse($response, $ex->getMessage());
|
2019-01-05 20:39:22 +01:00
|
|
|
}
|
2018-04-22 14:25:08 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2019-01-19 14:51:51 +01:00
|
|
|
return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
|
2018-04-22 14:25:08 +02:00
|
|
|
}
|
2018-04-11 19:49:35 +02:00
|
|
|
}
|
|
|
|
|
|
2020-08-31 20:40:31 +02:00
|
|
|
public function GetObject(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
2018-04-11 19:49:35 +02:00
|
|
|
{
|
2020-12-12 10:10:21 +01:00
|
|
|
if ($this->IsValidExposedEntity($args['entity']) && !$this->IsEntityWithNoListing($args['entity']))
|
2018-04-22 14:25:08 +02:00
|
|
|
{
|
2020-08-31 20:40:31 +02:00
|
|
|
$userfields = $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']);
|
|
|
|
|
if (count($userfields) === 0)
|
|
|
|
|
{
|
|
|
|
|
$userfields = null;
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-10 18:11:33 +01:00
|
|
|
$object = $this->getDatabase()->{$args['entity']}($args['objectId']);
|
2020-08-31 20:40:31 +02:00
|
|
|
if ($object == null)
|
|
|
|
|
{
|
|
|
|
|
return $this->GenericErrorResponse($response, 'Object not found', 404);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$object['userfields'] = $userfields;
|
|
|
|
|
|
|
|
|
|
return $this->ApiResponse($response, $object);
|
2018-04-22 14:25:08 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2020-08-31 20:40:31 +02:00
|
|
|
return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
|
2018-04-22 14:25:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-31 20:40:31 +02:00
|
|
|
public function GetObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
2019-08-10 13:07:08 +02:00
|
|
|
{
|
2021-07-08 20:12:58 +02:00
|
|
|
if (!$this->IsValidExposedEntity($args['entity']) || $this->IsEntityWithNoListing($args['entity']))
|
|
|
|
|
{
|
|
|
|
|
return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-14 11:27:13 +01:00
|
|
|
$objects = $this->queryData($this->getDatabase()->{$args['entity']}(), $request->getQueryParams());
|
2021-07-08 20:12:58 +02:00
|
|
|
$userfields = $this->getUserfieldsService()->GetFields($args['entity']);
|
2020-08-29 12:05:32 +02:00
|
|
|
|
2021-07-08 20:12:58 +02:00
|
|
|
if (count($userfields) > 0)
|
2019-08-10 13:07:08 +02:00
|
|
|
{
|
2021-07-08 20:12:58 +02:00
|
|
|
$allUserfieldValues = $this->getUserfieldsService()->GetAllValues($args['entity']);
|
2020-08-31 20:40:31 +02:00
|
|
|
|
2021-07-08 20:12:58 +02:00
|
|
|
foreach ($objects as $object)
|
2019-08-10 13:07:08 +02:00
|
|
|
{
|
2021-07-08 20:12:58 +02:00
|
|
|
$userfieldKeyValuePairs = null;
|
2020-08-31 20:40:31 +02:00
|
|
|
foreach ($userfields as $userfield)
|
|
|
|
|
{
|
2021-08-17 18:23:06 +02:00
|
|
|
$value = FindObjectInArrayByPropertyValue(FindAllObjectsInArrayByPropertyValue($allUserfieldValues, 'object_id', $object->id), 'name', $userfield->name);
|
2021-07-08 20:12:58 +02:00
|
|
|
if ($value)
|
|
|
|
|
{
|
|
|
|
|
$userfieldKeyValuePairs[$userfield->name] = $value->value;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$userfieldKeyValuePairs[$userfield->name] = null;
|
|
|
|
|
}
|
2020-08-31 20:40:31 +02:00
|
|
|
}
|
|
|
|
|
|
2021-07-08 20:12:58 +02:00
|
|
|
$object->userfields = $userfieldKeyValuePairs;
|
|
|
|
|
}
|
2020-08-31 20:40:31 +02:00
|
|
|
}
|
|
|
|
|
|
2021-07-08 20:12:58 +02:00
|
|
|
return $this->ApiResponse($response, $objects);
|
2019-08-10 13:07:08 +02:00
|
|
|
}
|
|
|
|
|
|
2020-02-11 17:42:03 +01:00
|
|
|
public function GetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
2019-04-22 22:16:35 +02:00
|
|
|
{
|
2020-08-29 16:41:27 +02:00
|
|
|
try
|
2019-04-22 22:16:35 +02:00
|
|
|
{
|
2020-03-01 23:47:47 +07:00
|
|
|
return $this->ApiResponse($response, $this->getUserfieldsService()->GetValues($args['entity'], $args['objectId']));
|
2019-04-22 22:16:35 +02:00
|
|
|
}
|
|
|
|
|
catch (\Exception $ex)
|
|
|
|
|
{
|
|
|
|
|
return $this->GenericErrorResponse($response, $ex->getMessage());
|
|
|
|
|
}
|
2020-08-31 20:40:31 +02:00
|
|
|
}
|
|
|
|
|
|
2020-02-11 17:42:03 +01:00
|
|
|
public function SetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
|
2019-04-22 22:16:35 +02:00
|
|
|
{
|
2020-08-29 16:41:27 +02:00
|
|
|
User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
|
2020-08-29 12:05:32 +02:00
|
|
|
|
2020-10-14 22:49:29 +02:00
|
|
|
$requestBody = $this->GetParsedAndFilteredRequestBody($request);
|
2019-04-22 22:16:35 +02:00
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
if ($requestBody === null)
|
|
|
|
|
{
|
|
|
|
|
throw new \Exception('Request body could not be parsed (probably invalid JSON format or missing/wrong Content-Type header)');
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-01 23:47:47 +07:00
|
|
|
$this->getUserfieldsService()->SetValues($args['entity'], $args['objectId'], $requestBody);
|
2019-04-22 22:16:35 +02:00
|
|
|
return $this->EmptyApiResponse($response);
|
|
|
|
|
}
|
|
|
|
|
catch (\Exception $ex)
|
|
|
|
|
{
|
|
|
|
|
return $this->GenericErrorResponse($response, $ex->getMessage());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-06 10:00:49 +02:00
|
|
|
private function IsEntityWithEditRequiresAdmin($entity)
|
|
|
|
|
{
|
2021-07-05 23:23:59 +02:00
|
|
|
return in_array($entity, $this->getOpenApiSpec()->components->schemas->ExposedEntityEditRequiresAdmin->enum);
|
2020-09-06 10:00:49 +02:00
|
|
|
}
|
2018-10-26 20:12:48 +02:00
|
|
|
|
2020-12-12 10:10:21 +01:00
|
|
|
private function IsEntityWithNoListing($entity)
|
2018-10-26 20:12:48 +02:00
|
|
|
{
|
2021-07-05 23:23:59 +02:00
|
|
|
return in_array($entity, $this->getOpenApiSpec()->components->schemas->ExposedEntityNoListing->enum);
|
2018-10-26 20:12:48 +02:00
|
|
|
}
|
2020-08-31 20:40:31 +02:00
|
|
|
|
2020-11-16 22:18:37 +01:00
|
|
|
private function IsEntityWithNoEdit($entity)
|
|
|
|
|
{
|
2021-07-05 23:23:59 +02:00
|
|
|
return in_array($entity, $this->getOpenApiSpec()->components->schemas->ExposedEntityNoEdit->enum);
|
2020-11-16 22:18:37 +01:00
|
|
|
}
|
|
|
|
|
|
2020-12-21 16:20:12 +01:00
|
|
|
private function IsEntityWithNoDelete($entity)
|
|
|
|
|
{
|
2021-07-05 23:23:59 +02:00
|
|
|
return in_array($entity, $this->getOpenApiSpec()->components->schemas->ExposedEntityNoDelete->enum);
|
2020-12-21 16:20:12 +01:00
|
|
|
}
|
|
|
|
|
|
2020-12-12 10:10:21 +01:00
|
|
|
private function IsValidExposedEntity($entity)
|
2020-08-31 20:40:31 +02:00
|
|
|
{
|
2021-07-05 23:23:59 +02:00
|
|
|
return in_array($entity, $this->getOpenApiSpec()->components->schemas->ExposedEntity->enum);
|
2020-08-31 20:40:31 +02:00
|
|
|
}
|
2018-04-11 19:49:35 +02:00
|
|
|
}
|
