Merge pull request #569 from bakaphp/hotfix-0.3-company-group

rwhite27 · web-flow · commit b1d5fd6f24b1 · 2021-01-06T10:18:32.000-04:00
[0.3] Hotfix Company Group
diff --git a/composer.json b/composer.json
@@ -9,7 +9,7 @@
     "require": {
         "php": ">=7.4",
         "ext-phalcon": ">=4",
-        "baka/baka": "^0.6",
+        "baka/baka": "^0.7@dev",
         "dariuszp/cli-progress-bar": "^1.0",
         "elasticsearch/elasticsearch": "^7.5",
         "firebase/php-jwt": "^5.0",
diff --git a/src/Api/Controllers/RolesController.php b/src/Api/Controllers/RolesController.php
@@ -4,8 +4,10 @@
 
 namespace Canvas\Api\Controllers;
 
-use Canvas\Models\Roles;
+use Baka\Http\Exception\ForbiddenException;
 use Canvas\Models\Apps;
+use Canvas\Models\Roles;
+use Phalcon\Http\Response;
 
 class RolesController extends BaseController
 {
@@ -33,10 +35,55 @@ public function onConstruct()
         $this->model = new Roles();
 
         //get the list of roes for the systems + my company
+        $companyTotalRoles = Roles::count([
+            'conditions' => 'apps_id = :apps_id: AND companies_id = :companies_id:',
+            'bind' => [
+                'apps_id' => $this->acl->getApp()->getId(),
+                'companies_id' => $this->userData->currentCompanyId(),
+            ]
+        ]);
+
         $this->additionalSearchFields = [
             ['is_deleted', ':', '0'],
-            ['apps_id', ':', Apps::CANVAS_DEFAULT_APP_ID . '|' . $this->acl->getApp()->getId()],
-            ['companies_id', ':', '1|' . $this->userData->currentCompanyId()],
+            ['apps_id', ':',  $this->acl->getApp()->getId()],
+            ['companies_id', ':',  $this->userData->currentCompanyId()],
         ];
+
+        if ($companyTotalRoles === 0) {
+            $this->additionalSearchFields = [
+                ['is_deleted', ':', '0'],
+                ['apps_id', ':', Apps::CANVAS_DEFAULT_APP_ID],
+                ['companies_id', ':', 1],
+                ['is_default', ':', 1],
+            ];
+        }
+    }
+
+    /**
+     * Delete a Record.
+     *
+     * @throws Exception
+     *
+     * @return Response
+     */
+    public function delete($id) : Response
+    {
+        $role = $this->getRecordById($id);
+
+        if ($role->companies_id === Apps::CANVAS_DEFAULT_APP_ID) {
+            throw new ForbiddenException('Cant delete a Global App Role');
+        }
+
+        if ($role->getUsers()->count() > 0) {
+            throw new ForbiddenException('Cant delete a Role in use');
+        }
+
+        if ($this->softDelete) {
+            $role->softDelete();
+        } else {
+            $role->delete();
+        }
+
+        return $this->response(['Delete Successfully']);
     }
 }
diff --git a/src/Api/Controllers/UsersInviteController.php b/src/Api/Controllers/UsersInviteController.php
@@ -8,11 +8,11 @@
 use Baka\Http\Exception\UnprocessableEntityException;
 use Baka\Validation as CanvasValidation;
 use Canvas\Auth\Auth;
+use Canvas\Contracts\AuthTrait;
 use Canvas\Models\Roles;
 use Canvas\Models\Users;
 use Canvas\Models\UsersInvite;
 use Canvas\Notifications\Invitation;
-use Canvas\Contracts\AuthTrait;
 use Exception;
 use Phalcon\Http\Response;
 use Phalcon\Security\Random;
@@ -107,15 +107,6 @@ public function insertInvite() : Response
         //validate this form for password
         $validation->validate($request);
 
-        if (!defined('API_TESTS')) {
-            //Check if role is not a default one.
-            if (!Roles::existsById((int)$request['role_id'])->isDefault()) {
-                throw new UnprocessableEntityException(
-                    "Can't create a new user with a default role."
-                );
-            }
-        }
-
         //Check if user was already was invited to current company and return message
         UsersInvite::isValid($request['email'], (int) $request['role_id']);
 
@@ -204,15 +195,11 @@ public function processUserInvite(string $hash) : Response
         //move to DTO
         $newUser->password = null;
 
-        if (!defined('API_TESTS')) {
-            $usersInvite->softDelete();
-
-            return $this->response([
-                'user' => $newUser,
-                'session' => $authInfo
-            ]);
-        }
+        $usersInvite->softDelete();
 
-        return $this->response($newUser);
+        return $this->response([
+            'user' => $newUser,
+            'session' => $authInfo
+        ]);
     }
 }
diff --git a/src/Contracts/AuthTrait.php b/src/Contracts/AuthTrait.php
@@ -7,6 +7,7 @@
 use Canvas\Auth\Auth;
 use Canvas\Models\Sessions;
 use Canvas\Models\Users;
+use Phalcon\Http\Response;
 
 trait AuthTrait
 {
diff --git a/src/Models/Companies.php b/src/Models/Companies.php
@@ -228,10 +228,7 @@ public function getSubscription() : Subscription
     public function getDefaultCompanyGroup() : CompaniesGroups
     {
         $companyGroup = $this->getCompanyGroups([
-            'conditions' => 'Canvas\Models\CompaniesGroups.apps_id = :apps_id: AND Canvas\Models\CompaniesGroups.is_default = 1',
-            'bind' => [
-                'apps_id' => Di::getDefault()->get('app')->getId()
-            ],
+            'conditions' => 'Canvas\Models\CompaniesGroups.is_default = 1',
             'limit' => 1
         ])->getFirst();
 
diff --git a/src/Models/Roles.php b/src/Models/Roles.php
@@ -16,7 +16,7 @@
 class Roles extends AbstractModel
 {
     public string $name;
-    public ?string$description;
+    public ?string $description;
     public ?int $scope;
     public int $companies_id;
     public int $apps_id;
@@ -51,6 +51,16 @@ public function initialize()
             'roles_id',
             ['alias' => 'accessList']
         );
+
+        $this->hasMany(
+            'id',
+            UserRoles::class,
+            'roles_id',
+            [
+                'alias' => 'users',
+                'conditions' => 'is_delete = 0'
+            ]
+        );
     }
 
     /**
@@ -310,7 +320,7 @@ public function afterUpdate()
         //if we deleted the role
         if ($this->is_deleted) {
             //delete
-            foreach ($this->accesList as $access) {
+            foreach ($this->accessList as $access) {
                 $access->softDelete();
             }
         }
diff --git a/src/Models/UsersInvite.php b/src/Models/UsersInvite.php
@@ -113,7 +113,7 @@ public static function isValid(string $email, int $roleId = 1) : bool
     /**
      * Given the form request return a new user invite.
      *
-     * @param array $requets
+     * @param array $request
      *
      * @return Users
      */
diff --git a/storage/db/seeds/InitGewaer.php b/storage/db/seeds/InitGewaer.php
@@ -200,6 +200,8 @@ public function run()
                 'scope' => 0,
                 'companies_id' => 1,
                 'apps_id' => 1,
+                'is_default' => 1,
+                'is_active' => 1,
                 'created_at' => date('Y-m-d H:i:s'),
                 'is_deleted' => 0
             ], [
@@ -208,6 +210,8 @@ public function run()
                 'scope' => 0,
                 'companies_id' => 1,
                 'apps_id' => 1,
+                'is_default' => 1,
+                'is_active' => 1,
                 'created_at' => date('Y-m-d H:i:s'),
                 'is_deleted' => 0
             ], [
@@ -216,6 +220,8 @@ public function run()
                 'scope' => 0,
                 'companies_id' => 1,
                 'apps_id' => 1,
+                'is_default' => 1,
+                'is_active' => 1,
                 'created_at' => date('Y-m-d H:i:s'),
                 'is_deleted' => 0
             ]
diff --git a/tests/api/UsersInviteCest.php b/tests/api/UsersInviteCest.php
@@ -52,7 +52,7 @@ public function insertInvite(ApiTester $I) : void
         $response = $I->grabResponse();
         $dataInvite = json_decode($response, true);
 
-        $I->assertTrue($dataInvite['email'] == $testEmail);
+        $I->assertTrue($dataInvite['user']['email'] == $testEmail);
     }
 
     /**

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@`
`7`	`7`	`use Canvas\Auth\Auth;`
`8`	`8`	`use Canvas\Models\Sessions;`
`9`	`9`	`use Canvas\Models\Users;`
	`10`	`+use Phalcon\Http\Response;`
`10`	`11`
`11`	`12`	`trait AuthTrait`
`12`	`13`	`{`
Original file line number	Diff line number	Diff line change
`@@ -113,7 +113,7 @@ public static function isValid(string $email, int $roleId = 1) : bool`
`113`	`113`	`/**`
`114`	`114`	`* Given the form request return a new user invite.`
`115`	`115`	`*`
`116`		`- * @param array $requets`
	`116`	`+ * @param array $request`
`117`	`117`	`*`
`118`	`118`	`* @return Users`
`119`	`119`	`*/`
Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@ public function insertInvite(ApiTester $I) : void`
`52`	`52`	`$response = $I->grabResponse();`
`53`	`53`	`$dataInvite = json_decode($response, true);`
`54`	`54`
`55`		`- $I->assertTrue($dataInvite['email'] == $testEmail);`
	`55`	`+ $I->assertTrue($dataInvite['user']['email'] == $testEmail);`
`56`	`56`	`}`
`57`	`57`
`58`	`58`	`/**`