Skip to content

Commit

Permalink
#47: Pull the term visibility administration code into its own contro…
Browse files Browse the repository at this point in the history 
…ller.
  • Loading branch information
@adamfranco
adamfranco committed Dec 3, 2024
1 parent 527b9b6 commit 3988358
Show file tree
Hide file tree
Showing 4 changed files with 187 additions and 133 deletions.
120 changes: 0 additions & 120 deletions src/Controller/Admin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,14 @@

namespace App\Controller;

use App\Service\Osid\IdMap;
use App\Service\Osid\TermHelper;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

class Admin extends AbstractController
{
public function __construct(
private EntityManagerInterface $entityManager,
private IdMap $osidIdMap,
private TermHelper $osidTermHelper,
) {
}

Expand All @@ -28,120 +22,6 @@ public function indexAction()
return $this->render('admin/index.html.twig');
}

/**
* Manage term visibility.
*/
#[Route('/admin/terms', name: 'admin_terms_list', methods: ['GET'])]
public function termsAction(Request $request)
{
$data = [];
$db = $this->entityManager->getConnection();

$searches = $db->executeQuery('SELECT * FROM catalog_term_match')->fetchAllAssociative();
$catalogs = [];
$queries = [];
foreach ($searches as $search) {
$catalogs[] = $search['catalog_id'];
$queries[] =
" SELECT
'".$search['catalog_id']."' AS catalog,
STVTERM_CODE,
STVTERM_DESC
FROM
STVTERM
WHERE
STVTERM_CODE LIKE ('".$search['term_code_match']."')";
}
$union = implode("\n\tUNION\n", $queries);

$query =
"SELECT
t.*,
IF(i.term_code, 1, 0) AS manually_disabled,
count(SSBSECT_CRN) AS num_sections
FROM
(\n".$union."\n\t) AS t
LEFT JOIN catalog_term_inactive i ON (STVTERM_CODE = i.term_code AND i.catalog_id = ?)
LEFT JOIN course_catalog c ON i.catalog_id = c.catalog_id
LEFT JOIN ssbsect_scbcrse s ON (STVTERM_CODE = SSBSECT_TERM_CODE
AND SCBCRSE_COLL_CODE IN (
SELECT coll_code
FROM course_catalog_college
WHERE catalog_id = ?
)
AND SSBSECT_SSTS_CODE = 'A'
AND (c.prnt_ind_to_exclude IS NULL OR SSBSECT_PRNT_IND != c.prnt_ind_to_exclude)
)
WHERE
catalog = ?
GROUP BY
STVTERM_CODE
ORDER BY
catalog ASC, STVTERM_CODE DESC";
$stmt = $db->prepare($query);

$data['catalogs'] = array_unique($catalogs);

if ($request->get('catalog') && in_array($request->get('catalog'), $data['catalogs'])) {
$catalog = $request->get('catalog');
} else {
$catalog = $data['catalogs'][0];
}
$stmt->bindValue(1, $catalog);
$stmt->bindValue(2, $catalog);
$stmt->bindValue(3, $catalog);
$result = $stmt->executeQuery();
$data['selectedCatalog'] = $catalog;
$data['terms'] = $result->fetchAllAssociative();
foreach ($data['terms'] as &$term) {
$term['active'] = intval($term['num_sections']) && !intval($term['manually_disabled']);
}

return $this->render('admin/terms.html.twig', $data);
}

/**
* Manage term visibility.
*/
#[Route('/admin/terms', name: 'admin_terms_update', methods: ['POST'])]
public function termUpdateAction(Request $request)
{
$db = $this->entityManager->getConnection();

if ($request->get('change_visibility')) {
// Verify our CSRF key
if (!$this->isCsrfTokenValid('admin-terms-update', $request->get('csrf_key'))) {
throw new AccessDeniedException('Invalid CSRF key.');
}

// Verify that this is a valid term.
$catalog = $request->get('catalog');
$term = $request->get('term');
$verifyStmt = $db->prepare('SELECT COUNT(*) FROM STVTERM WHERE STVTERM_CODE = ?');
$verifyStmt->bindValue(1, $term);
$result = $verifyStmt->executeQuery();
$valid = (int) $result->fetchOne();
$result->free();
if (!$valid) {
throw new \InvalidArgumentException('Invalid term-code: '.$term);
}

// Disable the term
if ('true' == $request->get('disabled')) {
$visibilityStmt = $db->prepare('INSERT INTO catalog_term_inactive (catalog_id, term_code) VALUES (?, ?);');
}
// Enable the term
else {
$visibilityStmt = $db->prepare('DELETE FROM catalog_term_inactive WHERE catalog_id = ? AND term_code = ?;');
}
$visibilityStmt->bindValue(1, $catalog);
$visibilityStmt->bindValue(2, $term);
$visibilityStmt->executeQuery();
}

return $this->redirect($this->generateUrl('admin_terms_list', ['catalog' => $catalog]));
}

#[Route('/admin/markup', name: 'markup')]
public function markupAction()
{
Expand Down
131 changes: 131 additions & 0 deletions src/Controller/AdminTerms.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
<?php

namespace App\Controller;

use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

class AdminTerms extends AbstractController
{
public function __construct(
private EntityManagerInterface $entityManager,
) {
}

/**
* Manage term visibility.
*/
#[Route('/admin/terms', name: 'admin_terms_list', methods: ['GET'])]
public function termsAction(Request $request)
{
$data = [];
$db = $this->entityManager->getConnection();

$searches = $db->executeQuery('SELECT * FROM catalog_term_match')->fetchAllAssociative();
$catalogs = [];
$queries = [];
foreach ($searches as $search) {
$catalogs[] = $search['catalog_id'];
$queries[] =
" SELECT
'".$search['catalog_id']."' AS catalog,
STVTERM_CODE,
STVTERM_DESC
FROM
STVTERM
WHERE
STVTERM_CODE LIKE ('".$search['term_code_match']."')";
}
$union = implode("\n\tUNION\n", $queries);

$query =
"SELECT
t.*,
IF(i.term_code, 1, 0) AS manually_disabled,
count(SSBSECT_CRN) AS num_sections
FROM
(\n".$union."\n\t) AS t
LEFT JOIN catalog_term_inactive i ON (STVTERM_CODE = i.term_code AND i.catalog_id = ?)
LEFT JOIN course_catalog c ON i.catalog_id = c.catalog_id
LEFT JOIN ssbsect_scbcrse s ON (STVTERM_CODE = SSBSECT_TERM_CODE
AND SCBCRSE_COLL_CODE IN (
SELECT coll_code
FROM course_catalog_college
WHERE catalog_id = ?
)
AND SSBSECT_SSTS_CODE = 'A'
AND (c.prnt_ind_to_exclude IS NULL OR SSBSECT_PRNT_IND != c.prnt_ind_to_exclude)
)
WHERE
catalog = ?
GROUP BY
STVTERM_CODE
ORDER BY
catalog ASC, STVTERM_CODE DESC";
$stmt = $db->prepare($query);

$data['catalogs'] = array_unique($catalogs);

if ($request->get('catalog') && in_array($request->get('catalog'), $data['catalogs'])) {
$catalog = $request->get('catalog');
} else {
$catalog = $data['catalogs'][0];
}
$stmt->bindValue(1, $catalog);
$stmt->bindValue(2, $catalog);
$stmt->bindValue(3, $catalog);
$result = $stmt->executeQuery();
$data['selectedCatalog'] = $catalog;
$data['terms'] = $result->fetchAllAssociative();
foreach ($data['terms'] as &$term) {
$term['active'] = intval($term['num_sections']) && !intval($term['manually_disabled']);
}

return $this->render('admin/terms.html.twig', $data);
}

/**
* Manage term visibility.
*/
#[Route('/admin/terms', name: 'admin_terms_update', methods: ['POST'])]
public function termUpdateAction(Request $request)
{
$db = $this->entityManager->getConnection();

if ($request->get('change_visibility')) {
// Verify our CSRF key
if (!$this->isCsrfTokenValid('admin-terms-update', $request->get('csrf_key'))) {
throw new AccessDeniedException('Invalid CSRF key.');
}

// Verify that this is a valid term.
$catalog = $request->get('catalog');
$term = $request->get('term');
$verifyStmt = $db->prepare('SELECT COUNT(*) FROM STVTERM WHERE STVTERM_CODE = ?');
$verifyStmt->bindValue(1, $term);
$result = $verifyStmt->executeQuery();
$valid = (int) $result->fetchOne();
$result->free();
if (!$valid) {
throw new \InvalidArgumentException('Invalid term-code: '.$term);
}

// Disable the term
if ('true' == $request->get('disabled')) {
$visibilityStmt = $db->prepare('INSERT INTO catalog_term_inactive (catalog_id, term_code) VALUES (?, ?);');
}
// Enable the term
else {
$visibilityStmt = $db->prepare('DELETE FROM catalog_term_inactive WHERE catalog_id = ? AND term_code = ?;');
}
$visibilityStmt->bindValue(1, $catalog);
$visibilityStmt->bindValue(2, $term);
$visibilityStmt->executeQuery();
}

return $this->redirect($this->generateUrl('admin_terms_list', ['catalog' => $catalog]));
}
}
56 changes: 56 additions & 0 deletions tests/Controller/AdminTermsTest.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
<?php

namespace App\Tests\Controller;

use App\Security\SamlUser;
use App\Tests\AppDatabaseTestTrait;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;

class AdminTermsTest extends WebTestCase
{
use AppDatabaseTestTrait;

private function setUpUser(): SamlUser
{
$user = new SamlUser('WEBID99999990');
$user->setSamlAttributes([
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress' => ['[email protected]'],
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname' => ['Winnie'],
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname' => ['The-Pooh'],
'AssignedRoles' => ['App.EmailSendAllowed', 'App.Manager'],
]);

return $user;
}

public function testTermVisibilityList(): void
{
$client = static::createClient();
$client->loginUser($this->setUpUser());

$crawler = $client->request('GET', '/admin/terms');
$this->assertResponseIsSuccessful();

$crawler = $client->request('GET', '/admin/terms?catalog=MCUG');
$this->assertResponseIsSuccessful();
$this->assertSelectorTextContains('.section_admin', '200990');
}

public function testTermVisibilityListNonManager(): void
{
$client = static::createClient();

$user = new SamlUser('WEBID99999990');
$user->setSamlAttributes([
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress' => ['[email protected]'],
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname' => ['Winnie'],
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname' => ['The-Pooh'],
'AssignedRoles' => ['App.EmailSendAllowed'],
]);
$client->loginUser($user);

$client->request('GET', '/admin/terms');

$this->assertEquals(403, $client->getResponse()->getStatusCode());
}
}
13 changes: 0 additions & 13 deletions tests/Controller/AdminTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,17 +59,4 @@ public function testIndexNonManager(): void

$this->assertEquals(403, $client->getResponse()->getStatusCode());
}

public function testTermVisibilityList(): void
{
$client = static::createClient();
$client->loginUser($this->setUpUser());

$crawler = $client->request('GET', '/admin/terms');
$this->assertResponseIsSuccessful();

$crawler = $client->request('GET', '/admin/terms?catalog=MCUG');
$this->assertResponseIsSuccessful();
$this->assertSelectorTextContains('.section_admin', '200990');
}
}

0 comments on commit 3988358

Please sign in to comment.