mirror of
https://github.com/FriendsOfTYPO3/tea.git
synced 2024-11-10 04:56:12 +01:00
cda38af84b
The delete action is triggered using a form with a submit button, causing a POST request to be sent instead of a GET request. This is because GET requests should not modify (or delete) data, but only read it and be idempotent. Also, the request then is guaranteed to not get cached. From a usability perspective, a button instead of a link also is semantically more correct: A link is expected to bring you to some place, whereas a button is expected to trigger some action. Closes #871
105 lines
2.6 KiB
PHP
105 lines
2.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace TTN\Tea\Controller;
|
|
|
|
use Psr\Http\Message\ResponseInterface;
|
|
use TTN\Tea\Domain\Model\Product\Tea;
|
|
use TTN\Tea\Domain\Repository\Product\TeaRepository;
|
|
use TYPO3\CMS\Core\Context\Context;
|
|
use TYPO3\CMS\Core\Utility\GeneralUtility;
|
|
use TYPO3\CMS\Extbase\Annotation as Extbase;
|
|
use TYPO3\CMS\Extbase\Mvc\Controller\ActionController;
|
|
|
|
/**
|
|
* Controller for a CRUD FE editor for teas.
|
|
*/
|
|
class FrontEndEditorController extends ActionController
|
|
{
|
|
private Context $context;
|
|
|
|
private TeaRepository $teaRepository;
|
|
|
|
public function __construct(Context $context, TeaRepository $teaRepository)
|
|
{
|
|
$this->context = $context;
|
|
$this->teaRepository = $teaRepository;
|
|
}
|
|
|
|
public function indexAction(): ResponseInterface
|
|
{
|
|
$userUid = $this->getUidOfLoggedInUser();
|
|
if ($userUid > 0) {
|
|
$this->view->assign('teas', $this->teaRepository->findByOwnerUid($userUid));
|
|
}
|
|
|
|
return $this->htmlResponse();
|
|
}
|
|
|
|
/**
|
|
* @return int<0, max>
|
|
*/
|
|
private function getUidOfLoggedInUser(): int
|
|
{
|
|
return $this->context->getPropertyFromAspect('frontend.user', 'id');
|
|
}
|
|
|
|
public function editAction(Tea $tea): ResponseInterface
|
|
{
|
|
$this->checkIfUserIsOwner($tea);
|
|
|
|
$this->view->assign('tea', $tea);
|
|
|
|
return $this->htmlResponse();
|
|
}
|
|
|
|
/**
|
|
* @throws \RuntimeException
|
|
*/
|
|
private function checkIfUserIsOwner(Tea $tea): void
|
|
{
|
|
if ($tea->getOwnerUid() !== $this->getUidOfLoggedInUser()) {
|
|
throw new \RuntimeException('You do not have the permissions to edit this tea.', 1687363749);
|
|
}
|
|
}
|
|
|
|
public function updateAction(Tea $tea): ResponseInterface
|
|
{
|
|
$this->checkIfUserIsOwner($tea);
|
|
|
|
$this->teaRepository->update($tea);
|
|
|
|
return $this->redirect('index');
|
|
}
|
|
|
|
public function newAction(?Tea $tea = null): ResponseInterface
|
|
{
|
|
// Note: We are using `makeInstance` here instead of `new` to allow for XCLASSing.
|
|
$teaToAssign = $tea ?? GeneralUtility::makeInstance(Tea::class);
|
|
$this->view->assign('tea', $teaToAssign);
|
|
|
|
return $this->htmlResponse();
|
|
}
|
|
|
|
public function createAction(Tea $tea): ResponseInterface
|
|
{
|
|
$tea->setOwnerUid($this->getUidOfLoggedInUser());
|
|
|
|
$this->teaRepository->add($tea);
|
|
|
|
return $this->redirect('index');
|
|
}
|
|
|
|
/**
|
|
* @Extbase\IgnoreValidation("tea")
|
|
*/
|
|
public function deleteAction(Tea $tea): ResponseInterface
|
|
{
|
|
$this->checkIfUserIsOwner($tea);
|
|
|
|
$this->teaRepository->remove($tea);
|
|
|
|
return $this->redirect('index');
|
|
}
|
|
}
|