ChurchCRM · DawoudIO · Mar 6, 2026 · Mar 5, 2026 · Mar 5, 2026 · Mar 5, 2026
@@ -88,8 +88,8 @@ describe("API Private Family", () => {
         });
 
         it("Returns error for non-existent family", () => {
-            // API returns 412 Precondition Failed for non-existent family
-            cy.makePrivateAdminAPICall("GET", "/api/family/99999", null, 412);
+            // AbstractEntityMiddleware returns 404 Not Found for missing entity
+            cy.makePrivateAdminAPICall("GET", "/api/family/99999", null, 404);
         });
     });
 

@@ -22,8 +22,8 @@ describe("API Private Person", () => {
         });
 
         it("Returns error for non-existent person", () => {
-            // API returns 412 Precondition Failed for non-existent person
-            cy.makePrivateAdminAPICall("GET", "/api/person/99999", null, 412);
+            // AbstractEntityMiddleware returns 404 Not Found for missing entity
+            cy.makePrivateAdminAPICall("GET", "/api/person/99999", null, 404);
         });
     });
 

@@ -1,7 +1,5 @@
 <?php
 
-declare(strict_types=1);
-
 use Rector\CodeQuality\Rector\Class_\InlineConstructorDefaultToPropertyRector;
 use Rector\Config\RectorConfig;
 use Rector\Set\ValueObject\LevelSetList;

@@ -1,7 +1,5 @@
 <?php
 
-declare(strict_types=1);
-
 namespace ChurchCRM\Slim\Middleware\Api;
 
 use ChurchCRM\model\ChurchCRM\DepositQuery;

@@ -3,31 +3,26 @@
 namespace ChurchCRM\Slim\Middleware\Api;
 
 use ChurchCRM\model\ChurchCRM\FamilyQuery;
-use ChurchCRM\Slim\SlimUtils;
 
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use Psr\Http\Server\MiddlewareInterface;
-use Psr\Http\Message\ResponseInterface;
-use Laminas\Diactoros\Response;
-
-class FamilyMiddleware implements MiddlewareInterface
+class FamilyMiddleware extends AbstractEntityMiddleware
 {
-    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    protected function getRouteParamName(): string
     {
-        $response = new Response();
-        $familyId = SlimUtils::getRouteArgument($request, 'familyId');
-        if (empty(trim($familyId))) {
-            return $response->withStatus(412, gettext('Missing') . ' FamilyId');
-        }
+        return 'familyId';
+    }
 
-        $family = FamilyQuery::create()->findPk($familyId);
-        if (empty($family)) {
-            return $response->withStatus(412, 'FamilyId: ' . $familyId . ' ' . gettext('not found'));
-        }
+    protected function getAttributeName(): string
+    {
+        return 'family';
+    }
 
-        $request = $request->withAttribute('family', $family);
+    protected function loadEntity(string $id): mixed
+    {
+        return FamilyQuery::create()->findPk($id);
+    }
 
-        return $handler->handle($request);
+    protected function getNotFoundMessage(): string
+    {
+        return gettext('Family not found');
     }
 }
@@ -1,7 +1,5 @@
 <?php
 
-declare(strict_types=1);
-
 namespace ChurchCRM\Slim\Middleware\Api;
 
 use ChurchCRM\model\ChurchCRM\GroupQuery;

@@ -1,7 +1,5 @@
 <?php
 
-declare(strict_types=1);
-
 namespace ChurchCRM\Slim\Middleware\Api;
 
 use ChurchCRM\model\ChurchCRM\KioskDeviceQuery;

@@ -3,30 +3,28 @@
 namespace ChurchCRM\Slim\Middleware\Api;
 
 use ChurchCRM\model\ChurchCRM\PersonQuery;
-use ChurchCRM\Slim\SlimUtils;
-use Laminas\Diactoros\Response;
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use Psr\Http\Server\MiddlewareInterface;
-use Psr\Http\Message\ResponseInterface;
 
-class PersonMiddleware implements MiddlewareInterface
+class PersonMiddleware extends AbstractEntityMiddleware
 {
-    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    public function __construct(private readonly string $routeParamName = 'personId') {}
+
+    protected function getRouteParamName(): string
     {
-        $response = new Response();
-        $personId = SlimUtils::getRouteArgument($request, 'personId');
-        if (empty(trim($personId))) {
-            return $response->withStatus(412, gettext('Missing') . ' PersonId');
-        }
+        return $this->routeParamName;
+    }
 
-        $person = PersonQuery::create()->findPk($personId);
-        if (empty($person)) {
-            return $response->withStatus(412, 'PersonId : ' . $personId . ' ' . gettext('not found'));
-        }
+    protected function getAttributeName(): string
+    {
+        return 'person';
+    }
 
-        $request = $request->withAttribute('person', $person);
+    protected function loadEntity(string $id): mixed
+    {
+        return PersonQuery::create()->findPk($id);
+    }
 
-        return $handler->handle($request);
+    protected function getNotFoundMessage(): string
+    {
+        return gettext('Person not found');
     }
 }
@@ -1,46 +1,37 @@
 <?php
 
+declare(strict_types=1);
+
 namespace ChurchCRM\Slim\Middleware\Api;
 
 use ChurchCRM\model\ChurchCRM\PropertyQuery;
-use ChurchCRM\Slim\SlimUtils;
-use ChurchCRM\Utils\LoggerUtils;
-
-use Laminas\Diactoros\Response;
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use Psr\Http\Server\MiddlewareInterface;
-use Psr\Http\Message\ResponseInterface;
 
-class PropertyMiddleware implements MiddlewareInterface
+class PropertyMiddleware extends AbstractEntityMiddleware
 {
-    protected string $type;
+    public function __construct(private readonly string $type) {}
 
-    public function __construct(string $type)
+    protected function getRouteParamName(): string
     {
-        $this->type = $type;
+        return 'propertyId';
     }
 
-    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    protected function getAttributeName(): string
     {
-        $propertyId = SlimUtils::getRouteArgument($request, 'propertyId');
-        $response = new Response();
-        if (empty(trim($propertyId))) {
-            return $response->withStatus(412, gettext('Missing') . ' PropertyId');
-        }
-
-        $property = PropertyQuery::create()->findPk($propertyId);
-
-        if (empty($property)) {
-            LoggerUtils::getAppLogger()->debug('Pro Type is ' . $property->getPropertyType()->getPrtClass() . ' Looking for ' . $this->type);
+        return 'property';
+    }
 
-            return $response->withStatus(412, 'PropertyId : ' . $propertyId . ' ' . gettext('not found'));
-        } elseif ($property->getPropertyType()->getPrtClass() != $this->type) {
-            return $response->withStatus(500, 'PropertyId : ' . $propertyId . ' ' . gettext(' has a type mismatch'));
+    protected function loadEntity(string $id): mixed
+    {
+        $property = PropertyQuery::create()->findPk($id);
+        if ($property !== null && $property->getPropertyType()->getPrtClass() !== $this->type) {
+            return null;
         }
 
-        $request = $request->withAttribute('property', $property);
+        return $property;
+    }
 
-        return $handler->handle($request);
+    protected function getNotFoundMessage(): string
+    {
+        return gettext('Property not found');
     }
 }
@@ -5,37 +5,51 @@
 use ChurchCRM\Authentication\AuthenticationManager;
 use ChurchCRM\model\ChurchCRM\UserQuery;
 use ChurchCRM\Slim\SlimUtils;
-
 use Laminas\Diactoros\Response;
+use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\RequestHandlerInterface;
-use Psr\Http\Server\MiddlewareInterface;
-use Psr\Http\Message\ResponseInterface;
 
-class UserMiddleware implements MiddlewareInterface
+class UserMiddleware extends AbstractEntityMiddleware
 {
+    protected function getRouteParamName(): string
+    {
+        return 'userId';
+    }
+
+    protected function getAttributeName(): string
+    {
+        return 'user';
+    }
+
+    protected function loadEntity(string $id): mixed
+    {
+        return UserQuery::create()->findPk($id);
+    }
+
+    protected function getNotFoundMessage(): string
+    {
+        return gettext('User not found');
+    }
+
     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
     {
         $response = new Response();
-        $userId = SlimUtils::getRouteArgument($request, 'userId');
+        $userId = SlimUtils::getRouteArgument($request, $this->getRouteParamName());
+
         if (empty(trim($userId))) {
-            return $response->withStatus(412, gettext('Missing') . ' UserId');
+            return SlimUtils::renderErrorJSON($response, gettext('Missing') . ' ' . $this->getRouteParamName(), [], 412);
         }
 
         $loggedInUser = AuthenticationManager::getCurrentUser();
         if ($loggedInUser->getId() == $userId) {
-            $user = $loggedInUser;
-        } elseif ($loggedInUser->isAdmin()) {
-            $user = UserQuery::create()->findPk($userId);
-            if (empty($user)) {
-                return $response->withStatus(412, 'User : ' . $userId . ' ' . gettext('not found'));
-            }
-        } else {
-            return $response->withStatus(401);
+            return $handler->handle($request->withAttribute($this->getAttributeName(), $loggedInUser));
         }
 
-        $request = $request->withAttribute('user', $user);
+        if (!$loggedInUser->isAdmin()) {
+            return $response->withStatus(401);
+        }
 
-        return $handler->handle($request);
+        return parent::process($request, $handler);
     }
 }
@@ -3,31 +3,27 @@
 namespace ChurchCRM\Slim\Middleware;
 
 use ChurchCRM\model\ChurchCRM\EventQuery;
-use ChurchCRM\Slim\SlimUtils;
-use Laminas\Diactoros\Response;
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\MiddlewareInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use Psr\Http\Message\ResponseInterface;
+use ChurchCRM\Slim\Middleware\Api\AbstractEntityMiddleware;
 
-class EventsMiddleware implements MiddlewareInterface
+class EventsMiddleware extends AbstractEntityMiddleware
 {
-    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    protected function getRouteParamName(): string
     {
-        $eventId = SlimUtils::getRouteArgument($request, 'id');
-        if (empty(trim($eventId))) {
-            $response = new Response();
-            return SlimUtils::renderJSON($response, ['message' => gettext('Missing event id')], 400);
-        }
+        return 'id';
+    }
 
-        $event = EventQuery::create()->findPk($eventId);
+    protected function getAttributeName(): string
+    {
+        return 'event';
+    }
 
-        if (empty($event)) {
-            $response = new Response();
-            return SlimUtils::renderJSON($response, ['message' => gettext('Event not found')], 404);
-        }
-        $request = $request->withAttribute('event', $event);
+    protected function loadEntity(string $id): mixed
+    {
+        return EventQuery::create()->findPk($id);
+    }
 
-        return $handler->handle($request);
+    protected function getNotFoundMessage(): string
+    {
+        return gettext('Event not found');
     }
 }
@@ -5,7 +5,6 @@
 use ChurchCRM\Emails\users\ResetPasswordEmail;
 use ChurchCRM\Emails\users\UnlockedEmail;
 use ChurchCRM\model\ChurchCRM\UserConfigQuery;
-use ChurchCRM\model\ChurchCRM\UserQuery;
 use ChurchCRM\Slim\Middleware\Request\Auth\AdminRoleAuthMiddleware;
 use ChurchCRM\Slim\Middleware\Api\UserMiddleware;
 use ChurchCRM\Slim\SlimUtils;
@@ -131,8 +130,7 @@
      * )
      */
     $group->get('/permissions', function (Request $request, Response $response, array $args): Response {
-        $userId = $args['userId'];
-        $user = UserQuery::create()->findPk($userId);
+        $user = $request->getAttribute('user');
 
         return SlimUtils::renderJSON($response, ['user' => $user->getName(), 'userId' => $user->getId(), 'addEvent' => $user->isAddEvent()]);
     });