Merge pull request #1884 from aztech-dev/feature/api-databox-rights

PHRAS-572 List user rights by databox in /me route
2025-10-23 18:03:17 +00:00 · 2016-05-25 13:22:10 +02:00
parent ac8f0001e3 bf08667d0d
commit 156f480972
2 changed files with 47 additions and 6 deletions
--- a/lib/Alchemy/Phrasea/Controller/Api/V1Controller.php
+++ b/lib/Alchemy/Phrasea/Controller/Api/V1Controller.php
@@ -770,6 +770,32 @@ class V1Controller extends Controller
        return $grants;
    }

+    private function listUserDataboxes(User $user)
+    {
+        $acl = $this->getAclForUser($user);
+        $rightsByDatabox = $acl->get_sbas_rights();
+        $grants = [];
+
+        foreach ($rightsByDatabox as $databoxId => $databoxRights) {
+            $rights = [];
+
+            foreach ($databoxRights as $name => $allowedFlag) {
+                if (! $allowedFlag) {
+                    continue;
+                }
+
+                $rights[] = $name;
+            }
+
+            $grants[] = [
+                'databox_id' => $databoxId,
+                'rights' => $rights
+            ];
+        }
+
+        return $grants;
+    }
+
    private function listUserDemands(User $user)
    {
        return (new CollectionRequestMapper($this->app, $this->app['registration.manager']))->getUserRequests($user);
@@ -2560,6 +2586,7 @@ class V1Controller extends Controller
        $ret = [
            "user" => $this->listUser($this->getAuthenticatedUser()),
            "collections" => $this->listUserCollections($this->getAuthenticatedUser()),
+            "databoxes" => $this->listUserDataboxes($this->getAuthenticatedUser())
        ];

        if (defined('API_SKIP_USER_REGISTRATIONS') && ! constant('API_SKIP_USER_REGISTRATIONS')) {
--- a/lib/classes/ACL.php
+++ b/lib/classes/ACL.php
@@ -147,6 +147,18 @@ class ACL implements cache_cacheableInterface
        return self::$bas_rights;
    }

+    /**
+     * Returns the list of available rights by databox for the current user
+     *
+     * @return array
+     */
+    public function get_sbas_rights()
+    {
+        $this->load_rights_sbas();
+
+        return $this->_rights_sbas;
+    }
+
    /**
     * Check if a hd grant has been received for a record
     *
@@ -580,10 +592,11 @@ class ACL implements cache_cacheableInterface
    }

    /**
-     * Check if the user has the right, at least on one collection
+     * Check if the user has the right, on at least one collection
     *
-     * @param  string  $right
-     * @return boolean
+     * @param  string $right
+     * @return bool
+     * @throws Exception
     */
    public function has_right($right)
    {
@@ -598,9 +611,10 @@ class ACL implements cache_cacheableInterface
    /**
     * Check if the user has the required right on a database
     *
-     * @param  <type> $sbas_id
-     * @param  <type> $right
-     * @return <type>
+     * @param  int $sbas_id
+     * @param  string $right
+     * @return bool
+     * @throws Exception
     */
    public function has_right_on_sbas($sbas_id, $right)
    {