partkeepr

fork of partkeepr
git clone https://git.e1e0.net/partkeepr.git
Log | Files | Refs | Submodules | README | LICENSE
commit 975250a0ed9a9e61bc6e6ca6b442f7e086daa6c8
parent 2ddee3dfd8255e4c89f8b57c190a97f0275ec9d9
Author: Felicitus <felicitus@felicitus.org>
Date:   Wed,  9 Dec 2015 17:35:32 +0100

Implemented user deletion prevention if the user is protected

Diffstat:

Asrc/PartKeepr/AuthBundle/Action/DeleteUserAction.php | 56++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Msrc/PartKeepr/AuthBundle/Resources/config/actions.xml | 3+++


Msrc/PartKeepr/AuthBundle/Tests/UserTest.php | 7+++++++


3 files changed, 66 insertions(+), 0 deletions(-)

diff --git a/src/PartKeepr/AuthBundle/Action/DeleteUserAction.php b/src/PartKeepr/AuthBundle/Action/DeleteUserAction.php
@@ -0,0 +1,56 @@
+<?php
+namespace PartKeepr\AuthBundle\Action;
+
+use Dunglas\ApiBundle\Action\ActionUtilTrait;
+use Dunglas\ApiBundle\Exception\RuntimeException;
+use Dunglas\ApiBundle\Model\DataProviderInterface;
+use PartKeepr\AuthBundle\Entity\User;
+use PartKeepr\AuthBundle\Exceptions\UserProtectedException;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+
+/**
+ * Custom API action deleting an user
+ */
+class DeleteUserAction
+{
+    use ActionUtilTrait;
+
+    /**
+     * @var DataProviderInterface
+     */
+    private $dataProvider;
+
+    public function __construct(DataProviderInterface $dataProvider)
+    {
+        $this->dataProvider = $dataProvider;
+    }
+
+    /**
+     * Returns an item to delete.
+     *
+     * @param Request    $request
+     * @param string|int $id
+     *
+     * @return mixed
+     *
+     * @throws NotFoundHttpException
+     * @throws RuntimeException
+     * @throws UserProtectedException
+     */
+    public function __invoke(Request $request, $id)
+    {
+        list($resourceType) = $this->extractAttributes($request);
+
+        /**
+         * @var User $item
+         */
+        $item = $this->getItem($this->dataProvider, $resourceType, $id);
+
+        if ($item->isProtected()) {
+            throw new UserProtectedException();
+        }
+
+        return $item;
+    }
+}
diff --git a/src/PartKeepr/AuthBundle/Resources/config/actions.xml b/src/PartKeepr/AuthBundle/Resources/config/actions.xml
@@ -31,6 +31,9 @@
             <argument type="service" id="api.serializer"/>
             <argument type="service" id="partkeepr.userservice"/>
         </service>
+        <service id="partkeepr.user.delete" class="PartKeepr\AuthBundle\Action\DeleteUserAction">
+            <argument type="service" id="api.data_provider"/>
+        </service>
         <service id="partkeepr.auth.login" class="PartKeepr\AuthBundle\Action\LoginAction">
             <argument type="service" id="partkeepr.userservice"/>
             <argument type="service" id="api.serializer"/>
diff --git a/src/PartKeepr/AuthBundle/Tests/UserTest.php b/src/PartKeepr/AuthBundle/Tests/UserTest.php
@@ -167,6 +167,13 @@ class UserTest extends WebTestCase
         $this->assertEquals(500, $client->getResponse()->getStatusCode());
         $this->assertObjectHasAttribute("hydra:description", $response);
         $this->assertEquals($exception->getMessageKey(), $response->{"hydra:description"});
+
+        $client->request("DELETE", $iri);
+
+        $response = json_decode($client->getResponse()->getContent());
+        $this->assertEquals(500, $client->getResponse()->getStatusCode());
+        $this->assertObjectHasAttribute("hydra:description", $response);
+        $this->assertEquals($exception->getMessageKey(), $response->{"hydra:description"});
     }
 
     public function testUserUnprotect()