Updates to allow for PO usage (#74)

ryanrath · web-flow · commit c576f8df37af · 2019-12-16T10:28:40.000-05:00
* Updates to allow for PO usage This functionality was originally added for OpenXDMoD and as such did not take into account that PO would also be utilizing this endpoint. Logic has been added to the options building that defaults to not restricting the resources returned, but if the user does not have then they are restricted to seeing only the resources they have access to. * Updates per code review comments by @jpwhite4
diff --git a/classes/Rest/Controllers/AppKernelControllerProvider.php b/classes/Rest/Controllers/AppKernelControllerProvider.php
@@ -1585,9 +1585,6 @@ public function getAppKernelSuccessRate(Request $req, Application $app)
      * Retrieves the raw numeric values for the AppKernel Performance Map. This endpoint provides
      * the data for `CenterReportCardPortlet.js`
      *
-     * **NOTE:** This function will throw an UnauthorizedException if the user making the request
-     * does not have the Center Director or Center Staff acl.
-     *
      * @param Request     $request
      * @param Application $app
      * @return JsonResponse
@@ -1598,14 +1595,6 @@ public function getRawPerformanceMap(Request $request, Application $app)
     {
         $user = $this->authorize($request);
 
-        // We need to ensure that only Center Director / Center Staff users are authorized to
-        // utilize this endpoint. Note, we do not utilize the `requirements` parameter of the above
-        // `authorize` call because it utilizes `XDUser::hasAcls` which only checks if the user has
-        // *all* of the supplied acls, not any of the supplied acls.
-        if ( ! ( $user->hasAcl(ROLE_ID_CENTER_DIRECTOR) ||  $user->hasAcl(ROLE_ID_CENTER_STAFF) ) ) {
-            throw  new UnauthorizedHttpException('xdmod', "Unable to complete action. User is not authorized.");
-        }
-
         $startDate = $this->getStringParam($request, 'start_date', true);
         if ($startDate !== null) {
             $startDate = new \DateTime($startDate);
@@ -1628,13 +1617,16 @@ public function getRawPerformanceMap(Request $request, Application $app)
 
         $data = array();
         try {
-            $perfMap = new \AppKernel\PerformanceMap(array(
-                'start_date' => $startDate,
-                'end_date' => $endDate,
-                'resource' => array('data' => $user->getResources()),
-                'appKer' => $appKernels,
-                'problemSize' => $problemSizes
-            ));
+            $options = array(
+                    'start_date' => $startDate,
+                    'end_date' => $endDate,
+                    'appKer' => $appKernels,
+                    'problemSize' => $problemSizes
+            );
+            if (!$user->hasAcl(ROLE_ID_PROGRAM_OFFICER)) {
+                $options['resource'] = array('data' => $user->getResources());
+            }
+            $perfMap = new \AppKernel\PerformanceMap($options);
 
             // The columns that we're going to be retrieving from the PerformanceMap and ultimately
             // returning to the requester.
