Skip to content

Commit

Permalink
[API] PUT and PATCH methods added to Candidates visit/instruments/fla…
Browse files Browse the repository at this point in the history 
…gs (aces#6780)

The methods handlePUT and handlePATCH were added to the endpoint /candidates/<candid>/<visit>/instruments/<instrument>.

    Resolves aces#6777
  • Loading branch information
@spell00 @AlexandraLivadas
spell00 authored and AlexandraLivadas committed Jun 29, 2021
1 parent f62dc04 commit 9ec7bed
Show file tree
Hide file tree
Showing 2 changed files with 124 additions and 6 deletions.
119 changes: 117 additions & 2 deletions modules/api/php/endpoints/candidate/visit/instrument/flags.class.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,9 +95,10 @@ class Flags extends Endpoint implements \LORIS\Middleware\ETagCalculator
return $this->_handleGET($request);

case 'PUT':
return $this->_handlePUT($request);

case 'PATCH':
// TODO :: I don`t think this was working in v0.0.3
return new \LORIS\Http\Response\JSON\NotImplemented();
return $this->_handlePATCH($request);

case 'OPTIONS':
return (new \LORIS\Http\Response())
Expand Down Expand Up @@ -127,6 +128,120 @@ class Flags extends Endpoint implements \LORIS\Middleware\ETagCalculator
);
}

/**
* Handles a PUT request.
* Creates or updates all statuses for a given instrument with new values.
*
* @param ServerRequestInterface $request The incoming PSR7 request
*
* @return ResponseInterface The outgoing PSR7 response
*/
private function _handlePUT(ServerRequestInterface $request) : ResponseInterface
{
$user = $request->getAttribute('user');
if (!$user->_hasPermission('data_entry')) {
return new \LORIS\Http\Response\JSON\Forbidden(
'This user does not have data_entry permission'
);
}

$this->_instrumentStatus = new \NDB_BVL_InstrumentStatus();
$this->_instrumentStatus->select($this->_instrument->commentID);

$data = json_decode((string) $request->getBody(), true);

try {

$requiredfields = [
'Data_entry',
'Administration',
'Validity',
];

$diff = array_diff($requiredfields, array_keys($data['Flags']));
if (!empty($diff)) {
return new \LORIS\Http\Response\JSON\BadRequest(
'Field(s) missing in Flags: ' . implode(', ', $diff)
);
}
$this->_instrumentStatus->setDataEntryStatus(
$data['Flags']['Data_entry']
);
$this->_instrumentStatus->setAdministrationStatus(
$data['Flags']['Administration']
);
$this->_instrumentStatus->setValidityStatus(
$data['Flags']['Validity']
);

} catch (\Throwable $e) {
error_log($e->getMessage());
return new \LORIS\Http\Response\JSON\InternalServerError();
}
return (new \LORIS\Http\Response())
->withStatus(204);
}

/**
* Handles a PATCH request.
* Creates or updates some or all statuses for a given instrument. If all
* statuses are requested to be changed, this method is equivalent to handlePUT.
*
* @param ServerRequestInterface $request The incoming PSR7 request
*
* @return ResponseInterface The outgoing PSR7 response
*/
private function _handlePATCH(ServerRequestInterface $request): ResponseInterface
{
$user = $request->getAttribute('user');
if (!$this->_instrument->_hasAccess($user)) {
return new \LORIS\Http\Response\JSON\Forbidden(
'This user can not update this instrument'
);
}

$this->_instrumentStatus = new \NDB_BVL_InstrumentStatus();
$this->_instrumentStatus->select($this->_instrument->commentID);

if (!$this->_instrument->determineDataEntryAllowed()) {
return new \LORIS\Http\Response\JSON\Forbidden(
'Can not update instruments that are flagged as complete.'
);
}

$data = json_decode((string) $request->getBody(), true);

if (!$this->_instrument->validate($data)) {
return new \LORIS\Http\Response\JSON\Forbidden(
'Could not update.'
);
}

try {
if (array_key_exists('Data_entry', $data['Flags'])) {
$this->_instrumentStatus->setDataEntryStatus(
$data['Flags']['Data_entry']
);
}
if (array_key_exists('Administration', $data['Flags'])) {
$this->_instrumentStatus->setAdministrationStatus(
$data['Flags']['Administration']
);
}
if (array_key_exists('Validity', $data['Flags'])) {
$this->_instrumentStatus->setValidityStatus(
$data['Flags']['Validity']
);
}
} catch (\Throwable $e) {
error_log($e->getMessage());
return new \LORIS\Http\Response\JSON\InternalServerError();
}
return (new \LORIS\Http\Response())
->withStatus(204);
}


/**
* Implements the ETagCalculator interface
*
Expand Down
11 changes: 7 additions & 4 deletions modules/api/php/endpoints/candidate/visit/instrument/instrument.class.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,13 @@ class Instrument extends Endpoint implements \LORIS\Middleware\ETagCalculator
{
$pathparts = $request->getAttribute('pathparts');
$flags = array_search('flags', $pathparts) !== false;
$user = $request->getAttribute('user');

if (!$this->_instrument->_hasAccess($user)) {
return new \LORIS\Http\Response\JSON\Forbidden(
'This user can not update this instrument'
);
}

if ($flags) {
// Delegate to sub-endpoints
Expand Down Expand Up @@ -150,8 +157,6 @@ class Instrument extends Endpoint implements \LORIS\Middleware\ETagCalculator
*/
private function _handlePUT(ServerRequestInterface $request) : ResponseInterface
{
// TODO :: Check permissions. How??

if (!$this->_instrument->determineDataEntryAllowed()) {
return new \LORIS\Http\Response\JSON\Forbidden(
'Can not update instruments that are flagged as complete.'
Expand Down Expand Up @@ -190,8 +195,6 @@ class Instrument extends Endpoint implements \LORIS\Middleware\ETagCalculator
*/
private function _handlePATCH(ServerRequestInterface $request): ResponseInterface
{
// TODO :: Check permissions. How??

if (!$this->_instrument->determineDataEntryAllowed()) {
return new \LORIS\Http\Response\JSON\Forbidden(
'Can not update instruments that are flagged as complete.'
Expand Down

0 comments on commit 9ec7bed

Please sign in to comment.