Commit bf65174

committed

Fix user add and update endpoint logic. The following problems were

fixed. - Server did not accept the data in the format of the api spec. fixed by changing to json. - Updating using required username and name always to be set, even if when not changing one of them. - When updating a user (with the mandatory username), the server would return a 404 saying this username is already in use.

1 parent af92629 commit bf65174Copy full SHA for bf65174

File tree

5 files changed

+136

-86

lines changed

webapp/src
- Controller/API
  - UserController.php
- DataTransferObject
  - AddUser.php
  - UpdateUser.php
- Entity
  - User.php
- EventListener
  - ValidationExceptionListener.php

5 files changed

+136

-86

lines changed

`‎webapp/src/Controller/API/UserController.php‎`

Lines changed: 57 additions & 49 deletions

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,10 @@`
`23`	`23`	`use Symfony\Component\HttpFoundation\Response;`
`24`	`24`	`use Symfony\Component\HttpKernel\Attribute\MapRequestPayload;`
`25`	`25`	`use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;`
	`26`	`+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;`
`26`	`27`	`use Symfony\Component\Security\Http\Attribute\IsGranted;`
	`28`	`+use Symfony\Component\Validator\Exception\ValidationFailedException;`
	`29`	`+use Symfony\Component\Validator\Validator\ValidatorInterface;`
`27`	`30`
`28`	`31`	`/**`
`29`	`32`	`* @extends AbstractRestController<User, User>`
`@@ -41,7 +44,8 @@ public function __construct(`
`41`	`44`	`DOMJudgeService $dj,`
`42`	`45`	`ConfigurationService $config,`
`43`	`46`	`EventLogService $eventLogService,`
`44`		`- protected readonly ImportExportService $importExportService`
	`47`	`+ protected readonly ImportExportService $importExportService,`
	`48`	`+ protected readonly ValidatorInterface $validator,`
`45`	`49`	`) {`
`46`	`50`	`parent::__construct($entityManager, $dj, $config, $eventLogService);`
`47`	`51`	`}`
`@@ -86,9 +90,9 @@ public function addGroupsAction(Request $request): string`
`86`	`90`	`$message = null;`
`87`	`91`	`$result = -1;`
`88`	`92`	`if ((($tsvFile && ($result = $this->importExportService->importTsv('groups', $tsvFile, $message))) \|\|`
`89`		`- ($jsonFile && ($result = $this->importExportService->importJson('groups', $jsonFile, $message)))) &&`
	`93`	`+ ($jsonFile && ($result = $this->importExportService->importJson('groups', $jsonFile, $message)))) &&`
`90`	`94`	`$result >= 0) {`
`91`		`- return "$result new group(s) successfully added.";`
	`95`	`+ return "$result new group(s) successfully added.";`
`92`	`96`	`} else {`
`93`	`97`	`throw new BadRequestHttpException("Error while adding groups: $message");`
`94`	`98`	`}`
`@@ -171,7 +175,7 @@ public function addTeamsAction(Request $request): string`
`171`	`175`	`}`
`172`	`176`	`$message = null;`
`173`	`177`	`if ((($tsvFile && ($result = $this->importExportService->importTsv('teams', $tsvFile, $message))) \|\|`
`174`		`- ($jsonFile && ($result = $this->importExportService->importJson('teams', $jsonFile, $message)))) &&`
	`178`	`+ ($jsonFile && ($result = $this->importExportService->importJson('teams', $jsonFile, $message)))) &&`
`175`	`179`	`$result >= 0) {`
`176`	`180`	`// TODO: better return all teams here?`
`177`	`181`	`return "$result new team(s) successfully added.";`
`@@ -235,7 +239,7 @@ public function addAccountsAction(Request $request): string`
`235`	`239`
`236`	`240`	`$message = null;`
`237`	`241`	`if ((($tsvFile && ($result = $this->importExportService->importTsv('accounts', $tsvFile, $message))) \|\|`
`238`		`- ($jsonFile && ($result = $this->importExportService->importJson('accounts', $jsonFile, $message)))) &&`
	`242`	`+ ($jsonFile && ($result = $this->importExportService->importJson('accounts', $jsonFile, $message)))) &&`
`239`	`243`	`$result >= 0) {`
`240`	`244`	`// TODO: better return all accounts here?`
`241`	`245`	`return "$result new account(s) successfully added.";`
`@@ -291,13 +295,12 @@ public function singleAction(Request $request, string $id): Response`
`291`	`295`	`* Add a new user.`
`292`	`296`	`*/`
`293`	`297`	`#[IsGranted('ROLE_API_WRITER')]`
`294`		`- #[Rest\Post]`
	`298`	`+ #[Rest\Post()]`
`295`	`299`	`#[OA\RequestBody(`
`296`	`300`	`required: true,`
`297`	`301`	`content: [`
`298`		`- new OA\MediaType(`
`299`		`- mediaType: 'multipart/form-data',`
`300`		`- schema: new OA\Schema(ref: new Model(type: AddUser::class))`
	`302`	`+ new OA\JsonContent(`
	`303`	`+ ref: new Model(type: AddUser::class)`
`301`	`304`	`),`
`302`	`305`	`]`
`303`	`306`	`)]`
`@@ -307,86 +310,86 @@ public function singleAction(Request $request, string $id): Response`
`307`	`310`	`content: new Model(type: User::class)`
`308`	`311`	`)]`
`309`	`312`	`public function addAction(`
`310`		`- #[MapRequestPayload(validationFailedStatusCode: Response::HTTP_BAD_REQUEST)]`
	`313`	`+ #[MapRequestPayload(validationFailedStatusCode: Response::HTTP_BAD_REQUEST, validationGroups: ['add'])]`
`311`	`314`	`AddUser $addUser,`
`312`	`315`	`Request $request`
`313`	`316`	`): Response {`
`314`	`317`	`return $this->addOrUpdateUser($addUser, $request);`
`315`	`318`	`}`
`316`	`319`
`317`	`320`	`/**`
`318`		`- * Update an existing User or create one with the given ID`
	`321`	`+ * Update an existing User`
`319`	`322`	`*/`
`320`	`323`	`#[IsGranted('ROLE_API_WRITER')]`
`321`		`- #[Rest\Put('/{id}')]`
	`324`	`+ #[Rest\Patch('/{id}')]`
`322`	`325`	`#[OA\RequestBody(`
`323`	`326`	`required: true,`
`324`	`327`	`content: [`
`325`		`- new OA\MediaType(`
`326`		`- mediaType: 'multipart/form-data',`
`327`		`- schema: new OA\Schema(ref: new Model(type: UpdateUser::class))`
	`328`	`+ new OA\JsonContent(`
	`329`	`+ ref: new Model(type: UpdateUser::class)`
`328`	`330`	`),`
`329`	`331`	`]`
`330`	`332`	`)]`
`331`	`333`	`#[OA\Response(`
`332`	`334`	`response: 201,`
`333`		`- description: 'Returns the added user',`
	`335`	`+ description: 'Returns the updated user',`
`334`	`336`	`content: new Model(type: User::class)`
`335`	`337`	`)]`
`336`	`338`	`public function updateAction(`
`337`	`339`	`#[MapRequestPayload(validationFailedStatusCode: Response::HTTP_BAD_REQUEST)]`
`338`		`- UpdateUser $updateUser,`
	`340`	`+ UpdateUser $mutateUser,`
	`341`	`+ string $id,`
`339`	`342`	`Request $request`
`340`	`343`	`): Response {`
`341`		`- return $this->addOrUpdateUser($updateUser, $request);`
	`344`	`+ /** @var User\|null $user */`
	`345`	`+ $user = $this->em->getRepository(User::class)->findOneBy(['externalid' => $id]);`
	`346`	`+ if ($user === null) {`
	`347`	`+ throw new NotFoundHttpException(sprintf("User with id %s not found", $id));`
	`348`	`+ }`
	`349`	`+ return $this->addOrUpdateUser($mutateUser, $request, $user);`
`342`	`350`	`}`
`343`	`351`
`344`		`- protected function addOrUpdateUser(AddUser$addUser, Request $request): Response`
	`352`	`+ protected function addOrUpdateUser(AddUser\|UpdateUser$mutateUser, Request $request, ?User$user = null): Response`
`345`	`353`	`{`
`346`		`- if ($addUser instanceof UpdateUser && !$addUser->id) {`
`347`		- throw new BadRequestHttpException('`id` field is required');
	`354`	`+ // if the user to update is not set, create a new user`
	`355`	`+ if (!$user) {`
	`356`	`+ $user = new User();`
`348`	`357`	`}`
`349`		`-`
`350`		`- if ($this->em->getRepository(User::class)->findOneBy(['username' => $addUser->username])) {`
`351`		`- throw new BadRequestHttpException(sprintf("User %s already exists", $addUser->username));`
	`358`	`+ if ($mutateUser->username !== null) {`
	`359`	`+ $user->setUsername($mutateUser->username);`
`352`	`360`	`}`
`353`		`-`
`354`		`- $user = new User();`
`355`		`- if ($addUser instanceof UpdateUser) {`
`356`		`- $existingUser = $this->em->getRepository(User::class)->findOneBy(['externalid' => $addUser->id]);`
`357`		`- if ($existingUser) {`
`358`		`- $user = $existingUser;`
`359`		`- }`
	`361`	`+ if ($mutateUser->name !== null) {`
	`362`	`+ $user->setName($mutateUser->name);`
`360`	`363`	`}`
`361`		`- $user`
`362`		`- ->setUsername($addUser->username)`
`363`		`- ->setName($addUser->name)`
`364`		`- ->setEmail($addUser->email)`
`365`		`- ->setIpAddress($addUser->ip)`
`366`		`- ->setPlainPassword($addUser->password)`
`367`		`- ->setEnabled($addUser->enabled ?? true);`
`368`		`-`
`369`		`- if ($addUser instanceof UpdateUser) {`
`370`		`- $user->setExternalid($addUser->id);`
	`364`	`+ if ($mutateUser->email !== null) {`
	`365`	`+ $user->setEmail($mutateUser->email);`
`371`	`366`	`}`
`372`		`-`
`373`		`- if ($addUser->teamId) {`
	`367`	`+ if ($mutateUser->ip !== null) {`
	`368`	`+ $user->setIpAddress($mutateUser->ip);`
	`369`	`+ }`
	`370`	`+ if ($mutateUser->password !== null) {`
	`371`	`+ $user->setPlainPassword($mutateUser->password);`
	`372`	`+ }`
	`373`	`+ if ($mutateUser->enabled !== null) {`
	`374`	`+ $user->setEnabled($mutateUser->enabled);`
	`375`	`+ }`
	`376`	`+ if ($mutateUser->teamId) {`
`374`	`377`	`/** @var Team\|null $team */`
`375`	`378`	`$team = $this->em->createQueryBuilder()`
`376`	`379`	`->from(Team::class, 't')`
`377`	`380`	`->select('t')`
`378`	`381`	`->andWhere('t.externalid = :team')`
`379`		`- ->setParameter('team', $addUser->teamId)`
	`382`	`+ ->setParameter('team', $mutateUser->teamId)`
`380`	`383`	`->getQuery()`
`381`	`384`	`->getOneOrNullResult();`
`382`	`385`
`383`	`386`	`if ($team === null) {`
`384`		`- throw new BadRequestHttpException(sprintf("Team %s not found", $addUser->teamId));`
	`387`	`+ throw new BadRequestHttpException(sprintf("Team %s not found", $mutateUser->teamId));`
`385`	`388`	`}`
`386`	`389`	`$user->setTeam($team);`
`387`	`390`	`}`
`388`	`391`
`389`		`- $roles = $addUser->roles;`
	`392`	`+ $roles = $mutateUser->roles;`
`390`	`393`	`// For the file import we change a CDS user to the roles needed for ICPC CDS.`
`391`	`394`	`if ($user->getUsername() === 'cds') {`
`392`	`395`	`$roles = ['cds'];`
`@@ -408,18 +411,23 @@ protected function addOrUpdateUser(AddUser $addUser, Request $request): Response`
`408`	`411`	`$user->addUserRole($role);`
`409`	`412`	`}`
`410`	`413`
	`414`	`+ $validation = $this->validator->validate($user);`
	`415`	`+ if (count($validation) > 0) {`
	`416`	`+ throw new ValidationFailedException($user, $validation);`
	`417`	`+ }`
	`418`	`+`
`411`	`419`	`$this->em->persist($user);`
`412`	`420`	`$this->em->flush();`
`413`		`- $this->dj->auditlog('user', $user->getUserid(), 'added');`
	`421`	`+ $this->dj->auditlog('user', $user->getUserid(), 'updated');`
`414`	`422`
`415`	`423`	`return $this->renderCreateData($request, $user, 'user', $user->getUserid());`
`416`	`424`	`}`
`417`	`425`
`418`	`426`	`protected function getQueryBuilder(Request $request): QueryBuilder`
`419`	`427`	`{`
`420`	`428`	`$queryBuilder = $this->em->createQueryBuilder()`
`421`		`- ->from(User::class, 'u')`
`422`		`- ->select('u');`
	`429`	`+ ->from(User::class, 'u')`
	`430`	`+ ->select('u');`
`423`	`431`
`424`	`432`	`if ($request->query->has('team')) {`
`425`	`433`	`$queryBuilder`

`‎webapp/src/DataTransferObject/AddUser.php‎`

Lines changed: 15 additions & 18 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,27 +4,24 @@`
`4`	`4`
`5`	`5`	`use JMS\Serializer\Annotation as Serializer;`
`6`	`6`	`use OpenApi\Attributes as OA;`
	`7`	`+use Symfony\Component\Validator\Constraints as Assert;`
`7`	`8`
`8`		`-#[OA\Schema(required: ['username', 'name', 'roles'])]`
`9`	`9`	`class AddUser`
`10`	`10`	`{`
	`11`	`+ #[Assert\NotBlank]`
	`12`	`+ public string $username;`
	`13`	`+ #[Assert\NotBlank]`
	`14`	`+ public string $name;`
	`15`	`+ public ?string $id = null;`
	`16`	`+ public ?string $email = null;`
	`17`	`+ public ?string $ip = null;`
	`18`	`+ #[OA\Property(format: 'password')]`
	`19`	`+ public ?string $password = null;`
	`20`	`+ public ?bool $enabled = null;`
	`21`	`+ public ?string $teamId = null;`
`11`	`22`	`/**`
`12`		`- * @param array<string> $roles`
	`23`	`+ * @var array<string>`
`13`	`24`	`*/`
`14`		`- public function __construct(`
`15`		`- public readonly string $username,`
`16`		`- public readonly string $name,`
`17`		`- #[OA\Property(format: 'email', nullable: true)]`
`18`		`- public readonly ?string $email,`
`19`		`- #[OA\Property(nullable: true)]`
`20`		`- public readonly ?string $ip,`
`21`		`- #[OA\Property(format: 'password', nullable: true)]`
`22`		`- public readonly ?string $password,`
`23`		`- #[OA\Property(nullable: true)]`
`24`		`- public readonly ?bool $enabled,`
`25`		`- #[OA\Property(nullable: true)]`
`26`		`- public readonly ?string $teamId,`
`27`		`- #[Serializer\Type('array<string>')]`
`28`		`- public readonly array $roles,`
`29`		`- ) {}`
	`25`	`+ #[Serializer\Type('array<string>')]`
	`26`	`+ public array $roles = [];`
`30`	`27`	`}`

`‎webapp/src/DataTransferObject/UpdateUser.php‎`

Lines changed: 16 additions & 15 deletions

Original file line number	Diff line number	Diff line change
`@@ -2,22 +2,23 @@`
`2`	`2`
`3`	`3`	`namespace App\DataTransferObject;`
`4`	`4`
	`5`	`+use JMS\Serializer\Annotation as Serializer;`
`5`	`6`	`use OpenApi\Attributes as OA;`
`6`	`7`
`7`		`-#[OA\Schema(required: ['id', 'username', 'name', 'roles'])]`
`8`		`-class UpdateUser extends AddUser`
	`8`	`+class UpdateUser`
`9`	`9`	`{`
`10`		`- public function __construct(`
`11`		`- public readonly string $id,`
`12`		`- string $username,`
`13`		`- string $name,`
`14`		`- ?string $email,`
`15`		`- ?string $ip,`
`16`		`- ?string $password,`
`17`		`- ?bool $enabled,`
`18`		`- ?string $teamId,`
`19`		`- array $roles`
`20`		`- ) {`
`21`		`- parent::__construct($username, $name, $email, $ip, $password, $enabled, $teamId, $roles);`
`22`		`- }`
	`10`	`+ public ?string $id = null;`
	`11`	`+ public ?string $username = null;`
	`12`	`+ public ?string $name = null;`
	`13`	`+ public ?string $email = null;`
	`14`	`+ public ?string $ip = null;`
	`15`	`+ #[OA\Property(format: 'password')]`
	`16`	`+ public ?string $password = null;`
	`17`	`+ public ?bool $enabled = null;`
	`18`	`+ public ?string $teamId = null;`
	`19`	`+ /**`
	`20`	`+ * @var array<string>`
	`21`	`+ */`
	`22`	`+ #[Serializer\Type('array<string>')]`
	`23`	`+ public array $roles = [];`
`23`	`24`	`}`

`‎webapp/src/Entity/User.php‎`

Lines changed: 10 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`<?php declare(strict_types=1);`
	`2`	`+`
`2`	`3`	`namespace App\Entity;`
`3`	`4`
`4`	`5`	`use App\Controller\API\AbstractRestController as ARC;`
`@@ -132,7 +133,7 @@ class User extends BaseApiEntity implements`
`132`	`133`	`#[ORM\JoinTable(name: 'userrole')]`
`133`	`134`	`#[ORM\JoinColumn(name: 'userid', referencedColumnName: 'userid', onDelete: 'CASCADE')]`
`134`	`135`	`#[ORM\InverseJoinColumn(name: 'roleid', referencedColumnName: 'roleid', onDelete: 'CASCADE')]`
`135`		`- #[Assert\Count(min: 1)]`
	`136`	`+ #[Assert\Count(min: 1, minMessage: 'User should have at least {{ limit }} role')]`
`136`	`137`	`#[Serializer\Exclude]`
`137`	`138`	`private Collection $user_roles;`
`138`	`139`
`@@ -439,9 +440,14 @@ public function getType(): ?string`
`439`	`440`	`// Types allowed by the CCS Specs Contest API in order of most permissions to least.`
`440`	`441`	`// Either key=>value where key is the DOMjudge role and value is the API account type or`
`441`	`442`	`// only value, where both the DOMjudge role and API type are the same.`
`442`		`- $allowedTypes = ['admin', 'api_writer' => 'admin', 'api_reader' => 'admin',`
`443`		`- 'jury' => 'judge', 'api_source_reader' => 'judge',`
`444`		`- 'team'];`
	`443`	`+ $allowedTypes = [`
	`444`	`+ 'admin',`
	`445`	`+ 'api_writer' => 'admin',`
	`446`	`+ 'api_reader' => 'admin',`
	`447`	`+ 'jury' => 'judge',`
	`448`	`+ 'api_source_reader' => 'judge',`
	`449`	`+ 'team'`
	`450`	`+ ];`
`445`	`451`	`foreach ($allowedTypes as $role => $allowedType) {`
`446`	`452`	`if (is_numeric($role)) {`
`447`	`453`	`$role = $allowedType;`

`‎webapp/src/EventListener/ValidationExceptionListener.php‎`

Lines changed: 38 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,38 @@`
	`1`	`+<?php declare(strict_types=1);`
	`2`	`+`
	`3`	`+namespace App\EventListener;`
	`4`	`+`
	`5`	`+use Symfony\Component\EventDispatcher\Attribute\AsEventListener;`
	`6`	`+use Symfony\Component\HttpKernel\Event\ExceptionEvent;`
	`7`	`+use Symfony\Component\Validator\Exception\ValidationFailedException;`
	`8`	`+use Symfony\Component\HttpFoundation\JsonResponse;`
	`9`	`+`
	`10`	`+#[AsEventListener(event: 'kernel.exception', priority: 0)]`
	`11`	`+class ValidationExceptionListener`
	`12`	`+{`
	`13`	`+ public function __invoke(ExceptionEvent $event): void`
	`14`	`+ {`
	`15`	`+ $e = $event->getThrowable();`
	`16`	`+`
	`17`	`+ if (!$e instanceof ValidationFailedException) {`
	`18`	`+ return;`
	`19`	`+ }`
	`20`	`+`
	`21`	`+ $errors = [];`
	`22`	`+ foreach ($e->getViolations() as $violation) {`
	`23`	`+ $errors[] = [`
	`24`	`+ 'property' => $violation->getPropertyPath(),`
	`25`	`+ 'message' => $violation->getMessage(),`
	`26`	`+ 'code' => $violation->getCode(),`
	`27`	`+ ];`
	`28`	`+ }`
	`29`	`+`
	`30`	`+ $response = new JsonResponse([`
	`31`	`+ 'title' => 'Bad Request',`
	`32`	`+ 'status' => 400,`
	`33`	`+ 'errors' => $errors,`
	`34`	`+ ], 400);`
	`35`	`+`
	`36`	`+ $event->setResponse($response);`
	`37`	`+ }`
	`38`	`+}`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit bf65174

File tree

5 files changed

5 files changed

`‎webapp/src/Controller/API/UserController.php‎`

`‎webapp/src/DataTransferObject/AddUser.php‎`

`‎webapp/src/DataTransferObject/UpdateUser.php‎`

`‎webapp/src/Entity/User.php‎`

`‎webapp/src/EventListener/ValidationExceptionListener.php‎`

0 commit comments