public function run()
{
$query = Project::find();
if ($this->ownerId !== null) {
$query->byOwnerId($this->ownerId);
}
return $query->with('owner')->all();
}
public function testRemove()
{
$projectId = null;
\Yii::$app->on(Project::EVENT_REMOVED, function ($event) use(&$projectId) {
$projectId = $event->project->getId();
});
$project = Project::find()->byId(1)->one();
$this->assertInstanceOf(Project::class, $project);
$this->assertTrue($project->remove());
$this->assertEquals($project->getId(), $projectId);
$this->assertNull(Project::find()->byId(1)->one());
}
/** @inheritdoc */
protected function beforeCreate($data)
{
/** @var ProjectRole $role */
$role = ProjectRole::find()->byId($data['role_id'])->one();
/** @var Project $project */
$project = Project::find()->byId($data['project_id'])->one();
if ($role->getProjectId() != $project->getId()) {
throw new ForbiddenHttpException("Role '{$role->getId()}' doesn't owned by project '{$project->getId()}'.");
// todo-rbac
} elseif ($project->getOwnerId() == $data['user_id']) {
throw new ForbiddenHttpException("Owner cannot be the member.");
// todo-rbac
}
return true;
}
/**
* @param int $project_id
* @return ProjectMember
* @throws ModelValidateException
* @throws ForbiddenHttpException
*/
public function actionCreate($project_id)
{
$project = Project::find()->byId($project_id)->oneOrThrow();
if ($project->getOwnerId() != \Yii::$app->getUser()->getId()) {
throw new ForbiddenHttpException();
// todo-rbac
}
$data = \Yii::$app->getRequest()->post();
$data['project_id'] = $project_id;
$member = new ProjectMember();
if ($member->create($data)) {
return $member;
} else {
throw new ModelValidateException($member);
}
}
/**
* @param int $project_id
* @param int $role_id
* @return ProjectRole
* @throws ModelValidateException
* @throws NotFoundHttpException
* @throws ForbiddenHttpException
*/
public function actionUpdate($project_id, $role_id)
{
$project = Project::find()->byId($project_id)->oneOrThrow();
if ($project->getOwnerId() != \Yii::$app->getUser()->getId()) {
throw new ForbiddenHttpException();
// todo-rbac
}
$data = \Yii::$app->getRequest()->post();
$role = ProjectRole::find()->byId($role_id)->oneOrThrow();
if ($project->getId() != $role->getProjectId()) {
throw new ForbiddenHttpException();
}
if ($role->modify($data)) {
return $role;
} else {
throw new ModelValidateException($role);
}
}
public function init()
{
parent::init();
$this->userTbl = User::tableName();
$this->projectTbl = Project::tableName();
$this->memberTbl = ProjectMember::tableName();
$this->roleTbl = ProjectRole::tableName();
$this->ticketTbl = Ticket::tableName();
$this->ticketGroupTbl = TicketGroup::tableName();
$this->tokenTbl = Token::tableName();
$this->projectUserFk = $this->createFkData($this->projectTbl, 'owner_id', $this->userTbl, 'id', 'cascade', 'cascade');
$this->memberUserFk = $this->createFkData($this->memberTbl, 'user_id', $this->userTbl, 'id', 'cascade', 'cascade');
$this->memberRoleFk = $this->createFkData($this->memberTbl, 'role_id', $this->roleTbl, 'id', 'restrict', 'cascade');
$this->memberProjectFk = $this->createFkData($this->memberTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade');
$this->ticketUserFk = $this->createFkData($this->ticketTbl, 'creator_id', $this->userTbl, 'id', 'cascade', 'cascade');
$this->ticketGroupFk = $this->createFkData($this->ticketTbl, 'group_id', $this->ticketGroupTbl, 'id', 'restrict', 'cascade');
$this->ticketProjectFk = $this->createFkData($this->ticketTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade');
$this->roleProjectFk = $this->createFkData($this->roleTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade');
$this->groupProjectFk = $this->createFkData($this->ticketGroupTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade');
$this->tokenUserFk = $this->createFkData($this->tokenTbl, 'user_id', $this->userTbl, 'id', 'cascade', 'cascade');
}
/**
* @param int $id
* @throws ModelValidateException
* @throws NotFoundHttpException
* @throws ForbiddenHttpException
*/
public function actionDelete($id)
{
$project = Project::find()->byId($id)->oneOrThrow();
if ($project->getOwnerId() != \Yii::$app->getUser()->getId()) {
throw new ForbiddenHttpException();
// todo-rbac
}
if ($project->remove()) {
return;
} else {
throw new ModelValidateException($project);
}
}
