OS2UOL-788 permissions changes and refactor

madsnorgaard · madsnorgaard · commit 5d5ffa9880d3 · 2024-10-08T15:41:00.000+02:00
diff --git a/webroot/modules/custom/os2uol_pretix/os2uol_pretix.permissions.yml b/webroot/modules/custom/os2uol_pretix/os2uol_pretix.permissions.yml
@@ -7,15 +7,16 @@ view own pretix events:
   title: 'View own Pretix events'
   description: 'Only allow viewing Pretix events owned by the user.'
 
+add own pretix events:
+  title: 'Add own Pretix events'
+  description: 'Allows users to add dates to their own Pretix events.'
+  restrict access: TRUE
+
 add all pretix events:
   title: 'Add to all Pretix events'
-  description: 'Allow adding to all Pretix events.'
+  description: 'Allows users to add dates to any Pretix events.'
   restrict access: TRUE
 
-add own pretix events:
-  title: 'Add to own Pretix events'
-  description: 'Only allow adding to Pretix events owned by the user.'
-
 edit all pretix events:
   title: 'Edit all Pretix events'
   description: 'Allow editing all Pretix events.'
@@ -24,3 +25,8 @@ edit all pretix events:
 edit own pretix events:
   title: 'Edit own Pretix events'
   description: 'Only allow editing Pretix events owned by the user.'
+
+remove pretix event connection:
+  title: 'Remove Pretix event connection'
+  description: 'Allows users to remove the connection between a Pretix event and a Drupal node.'
+  restrict access: TRUE
diff --git a/webroot/modules/custom/os2uol_pretix/os2uol_pretix.routing.yml b/webroot/modules/custom/os2uol_pretix/os2uol_pretix.routing.yml
@@ -23,11 +23,18 @@ os2uol_pretix.webhooks.order:
     _access: 'TRUE'
   methods: [POST]
 
+os2uol_pretix.add_date:
+  path: '/node/{node}/pretix/add'
+  defaults:
+    _title: 'Add Date'
+  requirements:
+    _permission: 'add own pretix events'
+    node: '\d+'
+
 os2uol_pretix.remove_event_connection:
-  path: '/admin/pretix/remove/{node}'
+  path: '/node/{node}/pretix/remove'
   defaults:
-    _controller: '\Drupal\os2uol_pretix\Controller\WebhooksController::unlinkEvent'
-    _title: 'Remove Pretix Event Connection'
+    _title: 'Remove Event Connection'
   requirements:
-    _permission: 'administer nodes'
-    node: \d+
+    _permission: 'add all pretix events'
+    node: '\d+'
diff --git a/webroot/modules/custom/os2uol_pretix/src/AbstractHelper.php b/webroot/modules/custom/os2uol_pretix/src/AbstractHelper.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace Drupal\ulf_pretix\Pretix;
+namespace Drupal\os2uol_pretix;
 
 /**
  * Abstract helper.
diff --git a/webroot/modules/custom/os2uol_pretix/src/Controller/WebhooksController.php b/webroot/modules/custom/os2uol_pretix/src/Controller/WebhooksController.php
@@ -45,59 +45,25 @@ public function order($organizer, Request $request) {
     $payload = json_decode($request->getContent(), TRUE);
 
     if (empty($payload)) {
-      throw new BadRequestHttpException('Invalid or empty payload');
+        throw new BadRequestHttpException('Invalid or empty payload');
     }
 
     $action = $payload['action'] ?? NULL;
     switch ($action) {
-      case PretixOrderManager::PRETIX_EVENT_ORDER_PLACED:
-      case PretixOrderManager::PRETIX_EVENT_ORDER_CANCELED:
-        return $this->orderManager->handleOrderUpdated($payload, $action);
+        case PretixOrderManager::PRETIX_EVENT_ORDER_PLACED:
+        case PretixOrderManager::PRETIX_EVENT_ORDER_CANCELED:
+            return new JsonResponse($this->orderManager->handleOrderUpdated($payload, $action));
 
-      case 'event.soldout':
-        return $this->handleSoldOutEvent($payload);
+        case 'event.soldout':
+            return new JsonResponse($this->orderManager->handleSoldOutEvent($payload));
 
-      case 'event.available':
-        return $this->handleAvailableEvent($payload);
+        case 'event.available':
+            return new JsonResponse($this->orderManager->handleAvailableEvent($payload));
     }
 
     return new JsonResponse(['status' => 'unhandled action']);
   }
 
-  /**
-   * Handle the sold-out event.
-   */
-  public function handleSoldOutEvent(array $payload) {
-    $eventId = $payload['event']['id'];
-    $nodeId = $this->getNodeIdFromPretixEventId($eventId);
-    $node = \Drupal::entityTypeManager()->getStorage('node')->load($nodeId);
-
-    if ($node) {
-      // Set the Boolean field for "Sold Out" to TRUE.
-      $node->set('field_sold_out', TRUE);
-      $node->save();
-    }
-
-    return new JsonResponse(['status' => 'event marked as sold out']);
-  }
-
-  /**
-   * Handle the available event (when tickets become available again).
-   */
-  public function handleAvailableEvent(array $payload) {
-    $eventId = $payload['event']['id'];
-    $nodeId = $this->getNodeIdFromPretixEventId($eventId);
-    $node = \Drupal::entityTypeManager()->getStorage('node')->load($nodeId);
-
-    if ($node) {
-      // Set the Boolean field for "Sold Out" to FALSE.
-      $node->set('field_sold_out', FALSE);
-      $node->save();
-    }
-
-    return new JsonResponse(['status' => 'event marked as available']);
-  }
-
   /**
    * Unlinks the Pretix event from a Drupal node.
    *
diff --git a/webroot/modules/custom/os2uol_pretix/src/OrderHelper.php b/webroot/modules/custom/os2uol_pretix/src/OrderHelper.php
@@ -1,6 +1,8 @@
 <?php
 
-namespace Drupal\ulf_pretix\Pretix;
+namespace Drupal\os2uol_pretix;
+
+use Drupal\os2uol_pretix\AbstractHelper;
 
 /**
  * Pretix order helper.
diff --git a/webroot/modules/custom/os2uol_pretix/src/Plugin/Derivative/PretixLocalActions.php b/webroot/modules/custom/os2uol_pretix/src/Plugin/Derivative/PretixLocalActions.php
@@ -1,17 +1,14 @@
 <?php
 
-declare(strict_types = 1);
-
 namespace Drupal\os2uol_pretix\Plugin\Derivative;
 
 use Drupal\Component\Plugin\Derivative\DeriverBase;
 use Drupal\Component\Serialization\Json;
 use Drupal\Core\Entity\EntityTypeManagerInterface;
 use Drupal\Core\Plugin\Discovery\ContainerDeriverInterface;
 use Drupal\Core\StringTranslation\StringTranslationTrait;
-use Drupal\os2uol_pretix\Plugin\Menu\LocalAction\PretixLocalAction;
-use Drupal\os2uol_pretix\Routing\PretixRouteProvider;
 use Symfony\Component\DependencyInjection\ContainerInterface;
+use Drupal\Core\Session\AccountInterface;
 
 /**
  * Pretix actions for entities.
@@ -22,18 +19,22 @@ class PretixLocalActions extends DeriverBase implements ContainerDeriverInterfac
 
   protected string $basePluginId;
   protected EntityTypeManagerInterface $entityTypeManager;
+  protected AccountInterface $currentUser;
 
   /**
-   * Creates a new ScheduledTransitionsLocalActions.
+   * Constructs a new PretixLocalActions object.
    *
    * @param string $base_plugin_id
    *   The base plugin ID.
    * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
    *   Entity type manager.
+   * @param \Drupal\Core\Session\AccountInterface $current_user
+   *   The current user.
    */
-  public function __construct(string $base_plugin_id, EntityTypeManagerInterface $entity_type_manager) {
+  public function __construct(string $base_plugin_id, EntityTypeManagerInterface $entity_type_manager, AccountInterface $current_user) {
     $this->basePluginId = $base_plugin_id;
     $this->entityTypeManager = $entity_type_manager;
+    $this->currentUser = $current_user;
   }
 
   /**
@@ -43,6 +44,7 @@ public static function create(ContainerInterface $container, $base_plugin_id) {
     return new static(
       $base_plugin_id,
       $container->get('entity_type.manager'),
+      $container->get('current_user')
     );
   }
 
@@ -53,44 +55,46 @@ public function getDerivativeDefinitions($base_plugin_definition) {
     $this->derivatives = [];
 
     foreach ($this->entityTypeManager->getDefinitions() as $entityType) {
-      if ($entityType->hasLinkTemplate(PretixRouteProvider::LINK_TEMPLATE)) {
+      if ($entityType->hasLinkTemplate('edit-form')) {
         $entityTypeId = $entityType->id();
 
-        // Add the "Add date" action
-        $this->derivatives["$entityTypeId.add_pretix"] = [
-          'route_name' => PretixRouteProvider::getPretixAddRouteName($entityType),
-          'appears_on' => [PretixRouteProvider::getPretixRouteName($entityType)],
-          'base_route' => "entity.$entityTypeId.canonical",
-          'class' => PretixLocalAction::class,
-          'title' => $this->t('Add date'),
-          'options' => [
-            'attributes' => [
-              'class' => ['use-ajax'],
-              'data-dialog-type' => 'modal',
-              'data-dialog-options' => Json::encode([
-                'width' => '80%',
-              ]),
+        // Add the "Add date" action only if the user has the required permission.
+        if ($this->currentUser->hasPermission('add own pretix events') || $this->currentUser->hasPermission('add all pretix events')) {
+          $this->derivatives["$entityTypeId.add_pretix"] = [
+            'route_name' => 'os2uol_pretix.add_date',
+            'appears_on' => ['entity.' . $entityTypeId . '.pretix'],
+            'base_route' => "entity.$entityTypeId.pretix",
+            'title' => $this->t('Add date'),
+            'options' => [
+              'attributes' => [
+                'class' => ['use-ajax'],
+                'data-dialog-type' => 'modal',
+                'data-dialog-options' => Json::encode([
+                  'width' => '80%',
+                ]),
+              ],
             ],
-          ],
-        ] + $base_plugin_definition;
+          ] + $base_plugin_definition;
+        }
 
-        // Add the "Remove event connection" action
-        $this->derivatives["$entityTypeId.remove_pretix"] = [
-          'route_name' => 'os2uol_pretix.remove_event_connection',
-          'appears_on' => [PretixRouteProvider::getPretixRouteName($entityType)],
-          'base_route' => "entity.$entityTypeId.canonical",
-          'class' => PretixLocalAction::class,
-          'title' => $this->t('Remove event connection'),
-          'options' => [
-            'attributes' => [
-              'class' => ['use-ajax'],
-              'data-dialog-type' => 'modal',
-              'data-dialog-options' => Json::encode([
-                'width' => '50%',
-              ]),
+        // Add the "Remove event connection" action only if the user has the required permission.
+        if ($this->currentUser->hasPermission('remove pretix event connection')) {
+          $this->derivatives["$entityTypeId.remove_pretix"] = [
+            'route_name' => 'os2uol_pretix.remove_event_connection',
+            'appears_on' => ['entity.' . $entityTypeId . '.pretix'],
+            'base_route' => "entity.$entityTypeId.pretix",
+            'title' => $this->t('Remove event connection'),
+            'options' => [
+              'attributes' => [
+                'class' => ['use-ajax'],
+                'data-dialog-type' => 'modal',
+                'data-dialog-options' => Json::encode([
+                  'width' => '50%',
+                ]),
+              ],
             ],
-          ],
-        ] + $base_plugin_definition;
+          ] + $base_plugin_definition;
+        }
       }
     }
 
diff --git a/webroot/modules/custom/os2uol_pretix/src/PretixOrderManager.php b/webroot/modules/custom/os2uol_pretix/src/PretixOrderManager.php
@@ -12,9 +12,9 @@
 use Drupal\Core\Mail\MailManagerInterface;
 use Drupal\Core\Messenger\MessengerInterface;
 use Drupal\Core\Url;
-use Drupal\ulf_pretix\Pretix\OrderHelper;
 use Drupal\user\EntityOwnerTrait;
 use Drupal\user\UserInterface;
+use Drupal\os2uol_pretix\OrderHelper;
 
 class PretixOrderManager extends PretixAbstractManager {
 
@@ -176,7 +176,7 @@ public function handleOrderUpdated(array $payload, string $action): array {
 
       $content = $this->renderOrder($order, $orderLines);
 
-      $to = $this->getMailRecipients($entity);
+      $to = implode(',', $this->getMailRecipients($entity));
       $langcode = $entity->language()->getId();
       /** @var EntityOwnerTrait $entity_owner */
       $entity_owner = $entity;
@@ -430,14 +430,57 @@ protected function getEntity($organizerSlug, $eventSlug): ?EditorialContentEntit
     catch (InvalidPluginDefinitionException|PluginNotFoundException $e) {
       return NULL;
     }
+
     $ids = $nodeStorage->getQuery()
       ->condition('field_pretix_event_short_form', $eventSlug)
+      ->accessCheck(TRUE)
       ->execute();
+
     if (!empty($ids)) {
       /** @var EditorialContentEntityBase $entity */
       $entity = $nodeStorage->load($ids[array_key_first($ids)]);
     }
+
     return $entity;
   }
 
+  public function handleSoldOutEvent(array $payload) {
+    $eventId = $payload['event']['id'];
+    $nodeId = $this->getNodeIdFromPretixEventId($eventId);
+    $node = \Drupal::entityTypeManager()->getStorage('node')->load($nodeId);
+
+    if ($node) {
+        // Set the Boolean field for "Sold Out" to TRUE.
+        $node->set('field_sold_out', TRUE);
+        $node->save();
+    }
+
+    return new JsonResponse(['status' => 'event marked as sold out']);
+  }
+
+  public function handleAvailableEvent(array $payload) {
+      $eventId = $payload['event']['id'];
+      $nodeId = $this->getNodeIdFromPretixEventId($eventId);
+      $node = \Drupal::entityTypeManager()->getStorage('node')->load($nodeId);
+
+      if ($node) {
+          // Set the Boolean field for "Sold Out" to FALSE.
+          $node->set('field_sold_out', FALSE);
+          $node->save();
+      }
+
+      return new JsonResponse(['status' => 'event marked as available']);
+  }
+
+  private function getNodeIdFromPretixEventId($eventId) {
+      // Your entityQuery to map eventId to Drupal node.
+      $query = \Drupal::entityQuery('node')
+          ->condition('type', ['internship', 'course_educators', 'course'], 'IN')
+          ->condition('field_pretix_event_id', $eventId)
+          ->range(0, 1);
+      $nids = $query->execute();
+      return !empty($nids) ? reset($nids) : NULL;
+  }
+
+
 }
