8000 Address #2 - Csv Import by AndrewPoppe · Pull Request #4 · AndrewPoppe/ApiUserRights · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Address #2 - Csv Import #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Dec 7, 2023
Merged

Address #2 - Csv Import #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0f06942
Allow admins to use module
AndrewPoppe Dec 7, 2023
3116041
Address #2 - CSV Import
AndrewPoppe Dec 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 47 additions & 18 deletions ApiUserRights.php
View file
Open in desktop
8000
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
* @property \ExternalModules\Framework $framework
* @see Framework
*/

require_once 'CsvImporter.php';
class ApiUserRights extends \ExternalModules\AbstractExternalModule
{

Expand Down Expand Up @@ -468,22 +470,22 @@ class ApiUserRights extends \ExternalModules\AbstractExternalModule
'userRole',
'userRoleMapping'
];
public function redcap_module_api_before($project_id, $content, $action)
{
$this->framework->log('API Before', [
'project_id' => $project_id,
'project_id2' => $this->framework->getProjectId(),
'project_id3' => $this->framework->getProject()->getProjectId(),
'user_id' => $this->framework->getUser()->getUsername(),
'content' => $content,
'action' => $action,
]);
ob_start(function ($str) {
$this->framework->log('API After', [ 'response' => $str ]);
return $str;
}, 0, PHP_OUTPUT_HANDLER_FLUSHABLE);
//$this->framework->exitAfterHook();
}
// public function redcap_module_api_before($project_id, $content, $action)
// {
// $this->framework->log('API Before', [
// 'project_id' => $project_id,
// 'project_id2' => $this->framework->getProjectId(),
// 'project_id3' => $this->framework->getProject()->getProjectId(),
// 'user_id' => $this->framework->getUser()->getUsername(),
// 'content' => $content,
// 'action' => $action,
// ]);
// ob_start(function ($str) {
// $this->framework->log('API After', [ 'response' => $str ]);
// return $str;
// }, 0, PHP_OUTPUT_HANDLER_FLUSHABLE);
// //$this->framework->exitAfterHook();
// }
public function redcap_module_ajax($action, $payload, $project_id, $record, $instrument, $event_id, $repeat_instance, $survey_hash, $response_id, $survey_queue_hash, $page, $page_full, $user_id, $group_id)
{
try {
Expand All @@ -503,6 +505,33 @@ public function redcap_module_ajax($action, $payload, $project_id, $record, $ins
$userToSet = $payload['user'] ?? '';
$rights = $payload['rights'] ?? [];
$this->saveRights($userToSet, $rights, $project_id);
} elseif ( $action === 'importRightsCsv' ) {
$importer = new CsvImporter($this, $payload['data'] ?? '');
$importer->parseCsvString();

$contentsValid = $importer->contentsValid();
if ( $contentsValid !== true ) {
return [
'status' => 'error',
'data' => [
'errors' => $importer->errorMessages,
'badUsers' => $importer->badUsers,
'badMethods' => $importer->badMethods
]
];
}

if ( filter_var($payload['confirm'], FILTER_VALIDATE_BOOL) ) {
return [
'status' => 'ok',
'data' => $importer->import()
];
} else {
return [
'status' => 'ok',
'data' => $importer->getUpdateTable()
];
}
}
} catch ( \Throwable $e ) {
$this->framework->log('Ajax error', [ 'error' => $e->getMessage() ]);
Expand All @@ -513,7 +542,7 @@ public function redcap_module_link_check_display($project_id, $link)
{
$user = $this->framework->getUser();
$rights = $user->getRights();
if ( ($rights['user_rights'] ?? '') != '1' ) {
if ( ($rights['user_rights'] ?? '') != '1' && !$user->isSuperUser() ) {
return null;
}
return $link;
Expand Down Expand Up @@ -774,7 +803,7 @@ public function getTableHeader()
];
}

private function saveRights($userToSet, $rights, $project_id)
public function saveRights($userToSet, $rights, $project_id)
{
$settingKey = 'allowed-api-methods-' . $userToSet;
$this->framework->setProjectSetting($settingKey, $rights, $project_id);
Expand Down
270 changes: 270 additions & 0 deletions CsvImporter.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,270 @@
<?php

namespace YaleREDCap\ApiUserRights;

class CsvImporter
{
private string $csvString;
private ApiUserRights $module;
public $csvContents;
public $cleanContents;
private array $methods;
public $badMethods = [];
public $goodUsers = [];
public $goodMethods = [];
public $badUsers = [];
public $errorMessages = [];
public $proposed = [];
private $header;
private $valid = true;
private $rowValid = true;
private int $projectId;
private int $usernameIndex;
public function __construct(ApiUserRights $module, string $csvString)
{
$this->module = $module;
$this->csvString = $csvString;
$this->projectId = (int) $module->framework->getProject()->getProjectId();
$this->methods = $this->module->getTableHeader()['methodOrder'];
}

public function parseCsvString()
{
$lineEnding = strpos($this->csvString, "\r\n") !== false ? "\r\n" : "\n";
$data = str_getcsv($this->csvString, $lineEnding);
foreach ( $data as &$row ) {
$row = str_getcsv($row, ',');
}
$this->csvContents = $data;
}

private function methodNamesAreClean($row)
{
foreach ( $row as $method ) {
if ( $method === 'username' ) {
continue;
}
if ( !in_array($method, $this->methods, true) ) {
$this->badMethods[] = $this->module->framework->escape($method);
$this->rowValid = false;
$this->valid = false;
} elseif ( in_array($method, $this->goodMethods, true) ) {
$this->errorMessages[] = 'Duplicate method: ' . $this->module->framework->escape($method);
$this->rowValid = false;
$this->valid = false;
} else {
$this->goodMethods[] = $method;
}
}
}

private function checkUsername($username)
{
$username = trim($username);
if ( empty($username) ) {
$this->rowValid = false;
$this->badUsers[] = $this->module->framework->escape($username);
} elseif ( in_array($username, $this->goodUsers, true) ) {
$this->errorMessages[] = 'Duplicate username: ' . $this->module->framework->escape($username);
$this->rowValid = false;
} else {
$this->goodUsers[] = $username;
}

return $username;
}

private function checkUser($username)
{
$user = $this->module->framework->getUser($username);
$userRights = $user->getRights();
if ( is_null($userRights) ) {
$this->badUsers[] = $this->module->framework->escape($username);
$this->rowValid = false;
}
}

public function contentsValid()
{
$this->header = $this->csvContents[0];

$this->usernameIndex = array_search('username', $this->header, true);
if ( $this->usernameIndex === false ) {
$this->errorMessages[] = 'Missing username column';
return false;
}


foreach ( $this->csvContents as $key => $row ) {
$this->rowValid = true;

// Header Row
if ( $key === array_key_first($this->csvContents) ) {
$this->methodNamesAreClean($row);
continue;
}

// Data Row
$thisUsername = $this->checkUsername($row[$this->usernameIndex]);
$this->checkUser($thisUsername);

if ( !$this->rowValid ) {
$this->valid = false;
} else {
$this->cleanContents[] = [ 'user' => $thisUsername, 'permissions' => $this->parsePermissions($row) ];
}
}

if ( !empty($this->badUsers) ) {
$this->errorMessages[] = 'Invalid usernames';
$this->valid = false;
}

if ( !empty($this->badMethods) ) {
$this->errorMessages[] = 'Invalid API E7F5 methods';
$this->valid = false;
}

if ( empty($this->cleanContents) ) {
$this->errorMessages[] = 'No valid rows were present in the CSV file';
$this->valid = false;
}

$this->errorMessages = array_values(array_unique($this->errorMessages));
return $this->valid;
}

private function parsePermissions($thesePermissions, $validValues = [ 0, 1 ])
{
$result = [];
foreach ( $thesePermissions as $index => $value ) {
$method = $this->header[$index];
$isMethod = in_array($method, $this->methods, true);
if ( $isMethod ) {
$intValue = filter_var($value, FILTER_VALIDATE_INT);
if ( !in_array($intValue, $validValues, true) ) {
$this->errorMessages[] = 'Invalid "' . $method . '" value for <strong>' . $thesePermissions[$this->usernameIndex] . '</strong>: ' . $this->module->framework->escape($value);
$this->rowValid = false;
$this->valid = false;
}
$result[$method] = $intValue;
}
}
return $result;
}

private function getRights()
{
$result = [];
$currentRights = $this->module->getAllUsers($this->projectId);
foreach ( $this->cleanContents as $row ) {
$thisResult = [];
$user = $this->module->framework->getUser($row['user']);
$username = $user->getUsername();
$userFullname = $this->module->getFullName($username);
$userCurrentRights = array_filter($currentRights, function ($row) use ($username) {
return $row['username'] === $username;
});

$this->module->framework->log('ok', [ 'current' => json_encode($userCurrentRights, JSON_PRETTY_PRINT), 'proposed' => json_encode($row['permissions'], JSON_PRETTY_PRINT) ]);

$thisResult['user'] = $username;
$thisResult['name'] = $userFullname;
$thisResult['permissions'] = [];
foreach ( $this->methods as $method ) {
$current = (int) $userCurrentRights[0][$method];
$proposed = (int) $row['permissions'][$method];
if ( $current == $proposed ) {
$thisResult['permissions'][$method] = $proposed;
} else {
$thisResult['permissions'][$method] = [
'current' => $current,
'proposed' => $proposed
];
$thisResult['changes'] = true;
}
}
$result[] = $thisResult;
}
$this->proposed = $result;
}

private function formatCell($cellValue, $centerText = true)
{
if ( !is_array($cellValue) ) {
return '<td class="' . ($centerText ? 'text-center' : '') . '">' . $cellValue . '</td>';
}
return '<td class="table-warning">New: <span class="text-primary font-weight-bold">' . $cellValue['proposed'] .
'</span><br>Current: <span class="text-danger font-weight-bold">' .
$cellValue['current'] . '</span></td>';
}
public function getUpdateTable()
{
$this->getRights();
$html = '<div class="modal fade">
<div class="modal-xl modal-dialog modal-dialog-scrollable">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title">Confirm API Rights</h5>
<button type="button" class="btn-close align-self-center" data-bs-dismiss="modal" data-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<div class="container mb-4 w-90" style="font-size:larger;">Examine the table of proposed changes below to verify it is correct. Only users in highlighted rows or with
highlighted cells will be affected.</div>
<table class="table table-bordered">
<thead class="table-dark">
<tr>
<th>User</th>
<th>Name</th>';
foreach ( $this->methods as $method ) {
$html .= '<th>' . $method . '</th>';
}
$html .= '</tr>
</thead>
<tbody>';
$nothingToDo = true;
foreach ( $this->proposed as $row ) {
$rowClass = $row['changes'] ? 'bg-light' : 'table-secondary';
$nothingToDo = $row['changes'] ? false : $nothingToDo;

$html .= '<tr class="' . $rowClass . '">' .
$this->formatCell($row['user'], false) .
$this->formatCell($row['name'], false);
foreach ( $this->methods as $method ) {
$value = $row['permissions'][$method];
$html .= $this->formatCell($value);
}
$html .= '</tr>';
}

$html .= '</tbody>
</table>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal" data-bs-dismiss="modal">Cancel</button>
<button type="button" class="btn btn-primary" ' .
($nothingToDo ? 'title="There are no changes to make" disabled' : '') .
'>Confirm</button>
</div>
</div>
</div>
</div>';
return $html;
}

public function import()
{
$success = false;
try {
foreach ( $this->cleanContents as $row ) {
$this->module->saveRights($row['user'], $row['permissions'], $this->projectId);
}
$this->module->framework->log('Imported API rights from CSV');
$success = true;
} catch ( \Throwable $e ) {
$this->module->log('Error importing API rights', [ 'error' => $e->getMessage() ]);
} finally {
return $success;
}
}
}
Loading
0