build for #434

mevdschee · mevdschee · commit a1375135064a · 2018-09-26T20:58:46.000+02:00
diff --git a/api.php b/api.php
@@ -348,10 +348,10 @@ public function __construct(String $name, String $type, int $length, int $precis
     public static function fromReflection(GenericReflection $reflection, array $columnResult): ReflectedColumn
     {
         $name = $columnResult['COLUMN_NAME'];
-        $length = $columnResult['CHARACTER_MAXIMUM_LENGTH'] + 0;
+        $length = (int) $columnResult['CHARACTER_MAXIMUM_LENGTH'];
         $type = $reflection->toJdbcType($columnResult['DATA_TYPE'], $length);
-        $precision = $columnResult['NUMERIC_PRECISION'] + 0;
-        $scale = $columnResult['NUMERIC_SCALE'] + 0;
+        $precision = (int) $columnResult['NUMERIC_PRECISION'];
+        $scale = (int) $columnResult['NUMERIC_SCALE'];
         $nullable = in_array(strtoupper($columnResult['IS_NULLABLE']), ['TRUE', 'YES', 'T', 'Y', '1']);
         $pk = false;
         $fk = '';
@@ -1824,6 +1824,12 @@ public function definition(): GenericDefinition
         return $this->definition;
     }
 
+    private function addAuthorizationCondition(Condition $condition2): Condition
+    {
+        $condition1 = VariableStore::get('authorization.condition');
+        return $condition1 ? AndCondition::fromArray([$condition1, $condition2]) : $condition2;
+    }
+
     public function createSingle(ReflectedTable $table, array $columnValues) /*: ?String*/
     {
         $this->converter->convertColumnValues($table, $columnValues);
@@ -1849,6 +1855,7 @@ public function selectSingle(ReflectedTable $table, array $columnNames, String $
         $selectColumns = $this->columns->getSelect($table, $columnNames);
         $tableName = $table->getName();
         $condition = new ColumnCondition($table->getPk(), 'eq', $id);
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array();
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $sql = 'SELECT ' . $selectColumns . ' FROM "' . $tableName . '" ' . $whereClause;
@@ -1870,6 +1877,7 @@ public function selectMultiple(ReflectedTable $table, array $columnNames, array
         $selectColumns = $this->columns->getSelect($table, $columnNames);
         $tableName = $table->getName();
         $condition = new ColumnCondition($table->getPk(), 'in', implode(',', $ids));
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array();
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $sql = 'SELECT ' . $selectColumns . ' FROM "' . $tableName . '" ' . $whereClause;
@@ -1882,6 +1890,7 @@ public function selectMultiple(ReflectedTable $table, array $columnNames, array
     public function selectCount(ReflectedTable $table, Condition $condition): int
     {
         $tableName = $table->getName();
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array();
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $sql = 'SELECT COUNT(*) FROM "' . $tableName . '"' . $whereClause;
@@ -1893,6 +1902,7 @@ public function selectAllUnordered(ReflectedTable $table, array $columnNames, Co
     {
         $selectColumns = $this->columns->getSelect($table, $columnNames);
         $tableName = $table->getName();
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array();
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $sql = 'SELECT ' . $selectColumns . ' FROM "' . $tableName . '"' . $whereClause;
@@ -1909,6 +1919,7 @@ public function selectAll(ReflectedTable $table, array $columnNames, Condition $
         }
         $selectColumns = $this->columns->getSelect($table, $columnNames);
         $tableName = $table->getName();
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array();
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $orderBy = $this->columns->getOrderBy($table, $columnOrdering);
@@ -1929,6 +1940,7 @@ public function updateSingle(ReflectedTable $table, array $columnValues, String
         $updateColumns = $this->columns->getUpdate($table, $columnValues);
         $tableName = $table->getName();
         $condition = new ColumnCondition($table->getPk(), 'eq', $id);
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array_values($columnValues);
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $sql = 'UPDATE "' . $tableName . '" SET ' . $updateColumns . $whereClause;
@@ -1940,6 +1952,7 @@ public function deleteSingle(ReflectedTable $table, String $id)
     {
         $tableName = $table->getName();
         $condition = new ColumnCondition($table->getPk(), 'eq', $id);
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array();
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $sql = 'DELETE FROM "' . $tableName . '" ' . $whereClause;
@@ -1956,6 +1969,7 @@ public function incrementSingle(ReflectedTable $table, array $columnValues, Stri
         $updateColumns = $this->columns->getIncrement($table, $columnValues);
         $tableName = $table->getName();
         $condition = new ColumnCondition($table->getPk(), 'eq', $id);
+        $condition = $this->addAuthorizationCondition($condition);
         $parameters = array_values($columnValues);
         $whereClause = $this->conditions->getWhereClause($condition, $parameters);
         $sql = 'UPDATE "' . $tableName . '" SET ' . $updateColumns . $whereClause;
@@ -2685,6 +2699,26 @@ protected function getProperty(String $key, $default)
     }
 }
 
+// file: src/Tqdev/PhpCrudApi/Middleware/Communication/VariableStore.php
+
+class VariableStore
+{
+    static $values = array();
+
+    public static function get(String $key)
+    {
+        if (isset(self::$values[$key])) {
+            return self::$values[$key];
+        }
+        return null;
+    }
+
+    public static function set(String $key, /* object */ $value)
+    {
+        self::$values[$key] = $value;
+    }
+}
+
 // file: src/Tqdev/PhpCrudApi/Middleware/Router/Router.php
 
 interface Router extends Handler
@@ -2848,6 +2882,23 @@ private function handleAllTables(String $method, String $path, String $databaseN
         }
     }
 
+    private function handleRecords(String $method, String $path, String $databaseName, String $tableName) /*: void*/
+    {
+        if (!$this->reflection->hasTable($tableName)) {
+            return;
+        }
+        $recordHandler = $this->getProperty('recordHandler', '');
+        if ($recordHandler) {
+            $query = call_user_func($recordHandler, $method, $path, $databaseName, $tableName);
+            $filters = new FilterInfo();
+            $table = $this->reflection->getTable($tableName);
+            $query = str_replace('][]=', ']=', str_replace('=', '[]=', $query));
+            parse_str($query, $params);
+            $condition = $filters->getCombinedConditions($table, $params);
+            VariableStore::set('authorization.condition', $condition);
+        }
+    }
+
     public function handle(Request $request): Response
     {
         $method = $request->getMethod();
@@ -2860,6 +2911,7 @@ public function handle(Request $request): Response
             if (isset($params['join'])) {
                 $this->handleJoinTables($method, $path, $databaseName, $params['join']);
             }
+            $this->handleRecords($method, $path, $databaseName, $tableName);
         } elseif ($path == 'columns') {
             $tableName = $request->getPathSegment(2);
             if ($tableName) {
@@ -3402,7 +3454,7 @@ public function _or(Condition $condition): Condition
         return $condition;
     }
 
-    public function not(): Condition
+    public function _not(): Condition
     {
         return $this;
     }
