fix errors in jsonapi code, fixes #1228

Closes #1228 Merge request studip/studip!740

fix errors in jsonapi code, fixes #1228
5e8d267f · Jan-Hendrik Willms · 9a21789a · 5e8d267f · 5e8d267f · 5e8d267f
Commit 5e8d267f authored 2 years ago by Jan-Hendrik Willms
--- a/lib/classes/JsonApi/Routes/Blubber/FilterTrait.php
+++ b/lib/classes/JsonApi/Routes/Blubber/FilterTrait.php
@@ -2,7 +2,7 @@
 namespace JsonApi\Routes\Blubber;
-use Psr\Http\Message\ServerRequestInterface as Request;
+use JsonApi\Errors\BadRequestException;
 trait FilterTrait
 {

--- a/lib/classes/JsonApi/Routes/CourseMemberships/CourseMembershipsUpdate.php
+++ b/lib/classes/JsonApi/Routes/CourseMemberships/CourseMembershipsUpdate.php
@@ -4,6 +4,7 @@ namespace JsonApi\Routes\CourseMemberships;
 use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\BadRequestException;
+use JsonApi\Errors\InternalServerError;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;
 use JsonApi\Routes\ValidationTrait;

--- a/lib/classes/JsonApi/Routes/Courses/CoursesMembershipsIndex.php
+++ b/lib/classes/JsonApi/Routes/Courses/CoursesMembershipsIndex.php
@@ -5,6 +5,7 @@ namespace JsonApi\Routes\Courses;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
 use JsonApi\Errors\AuthorizationFailedException;
+use JsonApi\Errors\BadRequestException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;
 use JsonApi\Schemas\CourseMember;

--- a/lib/classes/JsonApi/Routes/Courses/Rel/Memberships.php
+++ b/lib/classes/JsonApi/Routes/Courses/Rel/Memberships.php
@@ -3,6 +3,7 @@
 namespace JsonApi\Routes\Courses\Rel;
 use Psr\Http\Message\ServerRequestInterface as Request;
+use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\Routes\Courses\Authority;
 use JsonApi\Routes\RelationshipsController;

--- a/lib/classes/JsonApi/Routes/Courseware/Authority.php
+++ b/lib/classes/JsonApi/Routes/Courseware/Authority.php
@@ -8,6 +8,8 @@ use Courseware\BlockFeedback;
 use Courseware\Container;
 use Courseware\Instance;
 use Courseware\StructuralElement;
+use Courseware\StructuralElementComment;
+use Courseware\StructuralElementFeedback;
 use Courseware\Task;
 use Courseware\TaskFeedback;
 use Courseware\TaskGroup;
@@ -81,7 +83,7 @@ class Authority
    }
    public static function canUpdateEditBlocker(User $user, $resource)
-    { 
+    {
        $structural_element = null;
        if ($resource instanceof Block) {
            $structural_element = $resource->container->structural_element;
@@ -268,6 +270,16 @@ class Authority
        return $resource->user_id === $user->id || self::canUpdateBlock($user, $resource->block);
    }
+    public static function canUpdateBlockFeedback(User $user, BlockFeedback $resource)
+    {
+        return self::canShowBlockFeedback($user, $resource);
+    }
+    public static function canDeleteBlockFeedback(User $user, BlockFeedback $resource)
+    {
+        return self::canUpdateBlockFeedback($user, $resource);
+    }
    public static function canUploadStructuralElementsImage(User $user, StructuralElement $resource)
    {
        return self::canUpdateStructuralElement($user, $resource);
@@ -306,12 +318,12 @@ class Authority
    public static function canDeleteTask(User $user, Task $resource): bool
    {
-        return self::canCreateTasks($user, $resource['structural_element']);
+        return self::canCreateTasks($user, $resource->structural_element);
    }
    public static function canCreateTaskFeedback(User $user, Task $resource): bool
    {
-        return self::canCreateTasks($user, $resource['structural_element']);
+        return self::canCreateTasks($user, $resource->structural_element);
    }
    public static function canShowTaskFeedback(User $user, Task $resource): bool
@@ -337,7 +349,7 @@ class Authority
    public static function canShowStructuralElementComment(User $user, StructuralElementComment $resource)
    {
-        return self::canShowStructuralElement($user, $resource);
+        return self::canShowStructuralElement($user, $resource->structural_element);
    }
    public static function canCreateStructuralElementComment(User $user, StructuralElement $resource)
@@ -392,7 +404,7 @@ class Authority
    public static function canShowStructuralElementFeedback(User $user, StructuralElementFeedback $resource)
    {
-        return $resource->user_id === $user->id || self::canUpdateStructuralElement($resource->structural_element);
+        return $resource->user_id === $user->id || self::canUpdateStructuralElement($user, $resource->structural_element);
    }
    public static function canDeleteStructuralElementFeedback(User $user, StructuralElementComment $resource)

--- a/lib/classes/JsonApi/Routes/Courseware/ContainersUpdate.php
+++ b/lib/classes/JsonApi/Routes/Courseware/ContainersUpdate.php
@@ -5,6 +5,7 @@ namespace JsonApi\Routes\Courseware;
 use Courseware\Container;
 use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\RecordNotFoundException;
+use JsonApi\Errors\UnprocessableEntityException;
 use JsonApi\JsonApiController;
 use JsonApi\Routes\ValidationTrait;
 use JsonApi\Schemas\Courseware\Container as ContainerSchema;

--- a/lib/classes/JsonApi/Routes/Courseware/Rel/UsersBookmarkedStructuralElements.php
+++ b/lib/classes/JsonApi/Routes/Courseware/Rel/UsersBookmarkedStructuralElements.php
@@ -3,11 +3,8 @@
 namespace JsonApi\Routes\Courseware\Rel;
 use Courseware\Bookmark;
-use Courseware\Instance;
 use Courseware\StructuralElement;
 use JsonApi\Errors\AuthorizationFailedException;
-use JsonApi\Errors\BadRequestException;
-use JsonApi\Errors\ConflictException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\Routes\Courseware\Authority;
 use JsonApi\Routes\Courseware\CoursewareInstancesHelper;

--- a/lib/classes/JsonApi/Routes/Courseware/StructuralElementsImageUpload.php
+++ b/lib/classes/JsonApi/Routes/Courseware/StructuralElementsImageUpload.php
@@ -6,6 +6,7 @@ use Courseware\Filesystem\PublicFolder;
 use Courseware\StructuralElement;
 use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\BadRequestException;
+use JsonApi\Errors\InternalServerError;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\NonJsonApiController;
 use JsonApi\Routes\Files\RoutesHelperTrait as FilesRoutesHelper;

--- a/lib/classes/JsonApi/Routes/Courseware/TemplatesIndex.php
+++ b/lib/classes/JsonApi/Routes/Courseware/TemplatesIndex.php
@@ -3,7 +3,7 @@
 namespace JsonApi\Routes\Courseware;
 use Courseware\Template;
-use JsonApi\Errors\RecordNotFoundException;
+use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\JsonApiController;
 use Psr\Http\Message\ResponseInterface as Response;
 use Psr\Http\Message\ServerRequestInterface as Request;
@@ -29,4 +29,4 @@ class TemplatesIndex extends JsonApiController
        return $this->getContentResponse($resources);
    }
 }
\ No newline at end of file
--- a/lib/classes/JsonApi/Routes/Events/UserEventsIcal.php
+++ b/lib/classes/JsonApi/Routes/Events/UserEventsIcal.php
@@ -23,8 +23,9 @@ class UserEventsIcal extends NonJsonApiController
            // damit unsichtbare Nutzer nicht ermittelt werden können
            throw new RecordNotFoundException();
        }
-        $calender_writer = new \CalendarWriterICalendar();
-        $export = new \CalendarExport($calender_writer);
+        $writer = new \CalendarWriterICalendar();
+        $export = new \CalendarExport($writer);
        $export->exportFromDatabase($observedUser->id, 0, 2114377200, ['CalendarEvent', 'CourseEvent', 'CourseCancelledEvent']);
        if ($GLOBALS['_calendar_error']->getMaxStatus(\ErrorHandler::ERROR_CRITICAL)) {
            throw new InternalServerError();

--- a/lib/classes/JsonApi/Routes/Files/FileRefsUpdate.php
+++ b/lib/classes/JsonApi/Routes/Files/FileRefsUpdate.php
@@ -6,8 +6,8 @@ use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;
 use JsonApi\Routes\ValidationTrait;
-use Neomerx\JsonApi\Document\Error;
 use Neomerx\JsonApi\Exceptions\JsonApiException;
+use Neomerx\JsonApi\Schema\Error;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
@@ -61,7 +61,7 @@ class FileRefsUpdate extends JsonApiController
        if (!$result instanceof \FileRef) {
            throw new JsonApiException(array_map(function ($error) {
-                return new Error('Bad Request Error', null, 400, null, null, $error);
+                return new Error('Bad Request Error', null, null, null, 400, $error);
            }, $result), 400);
        }
    }

--- a/lib/classes/JsonApi/Routes/Files/FoldersDelete.php
+++ b/lib/classes/JsonApi/Routes/Files/FoldersDelete.php
@@ -5,6 +5,7 @@ namespace JsonApi\Routes\Files;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
 use JsonApi\Errors\AuthorizationFailedException;
+use JsonApi\Errors\InternalServerError;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;

--- a/lib/classes/JsonApi/Routes/Files/RoutesHelperTrait.php
+++ b/lib/classes/JsonApi/Routes/Files/RoutesHelperTrait.php
@@ -4,6 +4,7 @@ namespace JsonApi\Routes\Files;
 use JsonApi\Errors\BadRequestException;
 use JsonApi\Errors\InternalServerError;
+use JsonApi\Routes\ArrayHelperTrait;
 use JsonApi\Schemas\FileRef as FileRefSchema;
 use JsonApi\Schemas\Folder as FolderSchema;
 use JsonApi\Schemas\ContentTermsOfUse as ContentTermsOfUseSchema;
@@ -13,28 +14,33 @@ use Slim\Psr7\UploadedFile;
 trait RoutesHelperTrait
 {
+    use ArrayHelperTrait {
+        arrayHas as array_has;
+        arrayGet as array_get;
+    }
    protected function validateResourceIdentifier($json, $type, $newResource = true)
    {
-        if (!self::arrayHas($json, 'data')) {
+        if (!self::array_has($json, 'data')) {
            return 'Missing `data` member at document´s top level.';
        }
        // type
-        if (self::arrayGet($json, 'data.type')
+        if (self::array_get($json, 'data.type')
            !== $type
        ) {
            return 'Missing `type` member of document´s `data`.';
        }
        // id
-        if ($newResource && self::arrayHas($json, 'data.id')) {
+        if ($newResource && self::array_has($json, 'data.id')) {
            return 'New document must not have an `id`.';
        }
    }
    protected function validateFileRefResourceObject($json, \FileRef $fileRef = null)
    {
-        if (!self::arrayHas($json, 'data')) {
+        if (!self::array_has($json, 'data')) {
            return 'Missing `data` member at document´s top level.';
        }
@@ -49,12 +55,12 @@ trait RoutesHelperTrait
        }
        // Relationship: terms-of-use
-        if (self::arrayHas($json, 'data.relationships.terms-of-use')) {
+        if (self::array_has($json, 'data.relationships.terms-of-use')) {
-            $license = self::arrayGet($json, 'data.relationships.terms-of-use');
+            $license = self::array_get($json, 'data.relationships.terms-of-use');
            if ($err = $this->validateResourceIdentifier($license, ContentTermsOfUseSchema::TYPE, false)) {
                return $err;
            }
-            $termsId = self::arrayGet($license, 'data.id');
+            $termsId = self::array_get($license, 'data.id');
            if (!\ContentTermsOfUse::find($termsId)) {
                return 'Invalid `terms-of-use` specified.';
            }
@@ -66,12 +72,12 @@ trait RoutesHelperTrait
    private function validateFileRefAttributes($json)
    {
        // Attributes
-        if (!self::arrayHas($json, 'data.attributes')) {
+        if (!self::array_has($json, 'data.attributes')) {
            return 'Missing `attributes` member of document´s `data`.';
        }
        // Attribute: name
-        $name = self::arrayGet($json, 'data.attributes.name');
+        $name = self::array_get($json, 'data.attributes.name');
        if (!$name || 0 === mb_strlen(trim($name))) {
            return '`name` must not be empty.';
        }
@@ -81,24 +87,24 @@ trait RoutesHelperTrait
    {
        // Attributes needed to create a new folder
        if (!$folder) {
-            if (!self::arrayHas($json, 'data.attributes')) {
+            if (!self::array_has($json, 'data.attributes')) {
                return 'Missing `attributes` member of document´s `data`.';
            }
-            if (!self::arrayHas($json, 'data.attributes.name')) {
+            if (!self::array_has($json, 'data.attributes.name')) {
                return 'Missing `data.name`.';
            }
        }
        // Attribute: name must not be empty if present
-        if (self::arrayHas($json, 'data.attributes.name')
+        if (self::array_has($json, 'data.attributes.name')
-            && !mb_strlen(trim(self::arrayGet($json, 'data.attributes.name', '')))) {
+            && !mb_strlen(trim(self::array_get($json, 'data.attributes.name', '')))) {
            return '`name` must not be empty.';
        }
        // Relationship: parent
-        if (self::arrayHas($json, 'data.relationships.parent')) {
+        if (self::array_has($json, 'data.relationships.parent')) {
-            $parent = self::arrayGet($json, 'data.relationships.parent');
+            $parent = self::array_get($json, 'data.relationships.parent');
            if ($err = $this->validateResourceIdentifier($parent, FolderSchema::TYPE, false)) {
                return $err;
            }

--- a/lib/classes/JsonApi/Routes/Forum/ForumCategoriesDelete.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumCategoriesDelete.php
@@ -2,6 +2,7 @@
 namespace JsonApi\Routes\Forum;
+use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;
 use JsonApi\Models\ForumCat;

--- a/lib/classes/JsonApi/Routes/Forum/ForumEntriesDelete.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumEntriesDelete.php
@@ -4,6 +4,7 @@ namespace JsonApi\Routes\Forum;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
+use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;
 use JsonApi\Models\ForumEntry;

--- a/lib/classes/JsonApi/Routes/News/ByCurrentUser.php
+++ b/lib/classes/JsonApi/Routes/News/ByCurrentUser.php
@@ -4,6 +4,7 @@ namespace JsonApi\Routes\News;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
+use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;

--- a/lib/classes/JsonApi/Routes/News/ByUserIndex.php
+++ b/lib/classes/JsonApi/Routes/News/ByUserIndex.php
@@ -4,6 +4,7 @@ namespace JsonApi\Routes\News;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
+use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;

--- a/lib/classes/JsonApi/Routes/News/CommentsIndex.php
+++ b/lib/classes/JsonApi/Routes/News/CommentsIndex.php
@@ -4,6 +4,7 @@ namespace JsonApi\Routes\News;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
+use JsonApi\Errors\AuthorizationFailedException;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;

--- a/lib/classes/JsonApi/Routes/News/NewsUpdate.php
+++ b/lib/classes/JsonApi/Routes/News/NewsUpdate.php
@@ -3,6 +3,7 @@
 namespace JsonApi\Routes\News;
 use JsonApi\Errors\AuthorizationFailedException;
+use JsonApi\Errors\InternalServerError;
 use JsonApi\Errors\RecordNotFoundException;
 use JsonApi\JsonApiController;
 use JsonApi\Routes\ValidationTrait;

--- a/lib/classes/JsonApi/Routes/News/Rel/Ranges.php
+++ b/lib/classes/JsonApi/Routes/News/Rel/Ranges.php
@@ -189,7 +189,7 @@ class Ranges extends RelationshipsController
    private function getGlobalRange()
    {
-        return new \JsonApi\Model\Studip();
+        return new \JsonApi\Models\Studip();
    }
    private function addRanges(\StudipNews $news, array $ranges)