<?php
/**
* @file api/v1/_dois/BackendDoiHandler.php
*
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPBackendDoiHandler
*
* @ingroup api_v1_backend
*
* @brief Handle API requests for backend operations.
*
*/
namespace PKP\API\v1\_dois;
use APP\facades\Repo;
use APP\core\Request;
use PKP\core\APIResponse;
use PKP\db\DAORegistry;
use PKP\handler\APIHandler;
use PKP\security\authorization\ContextAccessPolicy;
use PKP\security\authorization\DoisEnabledPolicy;
use PKP\security\authorization\PolicySet;
use PKP\security\authorization\RoleBasedHandlerOperationPolicy;
use PKP\security\authorization\UserRolesRequiredPolicy;
use PKP\security\Role;
use PKP\submission\GenreDAO;
use Slim\Http\Request as SlimRequest;
class PKPBackendDoiHandler extends APIHandler
{
/**
* Constructor
*/
public function __construct()
{
$this->_endpoints = array_merge_recursive($this->_endpoints, [
'PUT' => [
[
'pattern' => $this->getEndpointPattern() . "/publications/{publicationId:\d+}",
'handler' => [$this, 'editPublication'],
'roles' => [Role::ROLE_ID_MANAGER, Role::ROLE_ID_SITE_ADMIN],
]
]
]);
parent::__construct();
}
/**
* @param Request $request
* @param array $args
* @param array $roleAssignments
*
* @return bool
*/
public function authorize($request, &$args, $roleAssignments)
{
$this->addPolicy(new UserRolesRequiredPolicy($request), true);
// This endpoint is not available at the site-wide level
$this->addPolicy(new ContextAccessPolicy($request, $roleAssignments));
$this->addPolicy(new DoisEnabledPolicy($request->getContext()));
$rolePolicy = new PolicySet(PolicySet::COMBINING_PERMIT_OVERRIDES);
foreach ($roleAssignments as $role => $operations) {
$rolePolicy->addPolicy(new RoleBasedHandlerOperationPolicy($request, $role, $operations));
}
$this->addPolicy($rolePolicy);
return parent::authorize($request, $args, $roleAssignments);
}
/**
* @throws \Exception
*/
public function editPublication(SlimRequest $slimRequest, APIResponse $response, array $args): \Slim\Http\Response
{
$context = $this->getRequest()->getContext();
$publication = Repo::publication()->get($args['publicationId']);
if (!$publication) {
return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
}
$submission = Repo::submission()->get($publication->getData('submissionId'));
if ($submission->getData('contextId') !== $context->getId()) {
return $response->withStatus(403)->withJsonError('api.dois.403.editItemOutOfContext');
}
$params = $this->convertStringsToSchema(\PKP\services\PKPSchemaService::SCHEMA_PUBLICATION, $slimRequest->getParsedBody());
$doi = Repo::doi()->get((int) $params['doiId']);
if (!$doi) {
return $response->withStatus(404)->withJsonError('api.dois.404.doiNotFound');
}
Repo::publication()->edit($publication, ['doiId' => $doi->getId()]);
$publication = Repo::publication()->get($publication->getId());
$submission = Repo::submission()->get($publication->getData('submissionId'));
$userGroups = Repo::userGroup()->getCollector()
->filterByContextIds([$submission->getData('contextId')])
->getMany();
/** @var GenreDAO $genreDao */
$genreDao = DAORegistry::getDAO('GenreDAO');
$genres = $genreDao->getByContextId($submission->getData('contextId'))->toArray();
return $response->withJson(Repo::publication()->getSchemaMap($submission, $userGroups, $genres)->map($publication), 200);
}
}
|