Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
24 / 24 |
|
100.00% |
2 / 2 |
CRAP | |
100.00% |
1 / 1 |
| ProcessGetByExternalUserId | |
100.00% |
24 / 24 |
|
100.00% |
2 / 2 |
7 | |
100.00% |
1 / 1 |
| readResponse | |
100.00% |
19 / 19 |
|
100.00% |
1 / 1 |
3 | |||
| validateExternalUserId | |
100.00% |
5 / 5 |
|
100.00% |
1 / 1 |
4 | |||
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * @package ZMS API |
| 5 | * @copyright BerlinOnline Stadtportal GmbH & Co. KG |
| 6 | **/ |
| 7 | |
| 8 | namespace BO\Zmsapi; |
| 9 | |
| 10 | use BO\Slim\Render; |
| 11 | use BO\Mellon\Validator; |
| 12 | use BO\Zmsdb\Process; |
| 13 | |
| 14 | /** |
| 15 | * Citizen-scoped process read for trusted backends (e.g. zmscitizenapi after JWT validation). |
| 16 | * Requires workstation/service authentication via X-Authkey and matching external user id. |
| 17 | */ |
| 18 | class ProcessGetByExternalUserId extends BaseController |
| 19 | { |
| 20 | /** |
| 21 | * @SuppressWarnings(Param) |
| 22 | * @return \Psr\Http\Message\ResponseInterface |
| 23 | */ |
| 24 | public function readResponse( |
| 25 | \Psr\Http\Message\RequestInterface $request, |
| 26 | \Psr\Http\Message\ResponseInterface $response, |
| 27 | array $args |
| 28 | ) { |
| 29 | (new Helper\User($request, 2))->checkRights(); |
| 30 | |
| 31 | $resolveReferences = (int) (Validator::param('resolveReferences')->isNumber()->setDefault(2)->getValue() ?? 2); |
| 32 | $processId = (int) $args['id']; |
| 33 | $externalUserId = $args['externalUserId']; |
| 34 | |
| 35 | $process = (new Process())->readEntity( |
| 36 | $processId, |
| 37 | new \BO\Zmsdb\Helper\NoAuth(), |
| 38 | $resolveReferences |
| 39 | ); |
| 40 | |
| 41 | if (!$process || !$process->hasId()) { |
| 42 | $exception = new Exception\Process\ProcessNotFound(); |
| 43 | $exception->data = ['processId' => $processId]; |
| 44 | throw $exception; |
| 45 | } |
| 46 | |
| 47 | $this->validateExternalUserId($process, $externalUserId); |
| 48 | |
| 49 | $message = Response\Message::create($request); |
| 50 | $message->data = $process; |
| 51 | |
| 52 | $response = Render::withLastModified($response, time(), '0'); |
| 53 | $response = Render::withJson($response, $message->setUpdatedMetaData(), $message->getStatuscode()); |
| 54 | return $response; |
| 55 | } |
| 56 | |
| 57 | protected function validateExternalUserId(\BO\Zmsentities\Process $process, string $externalUserId): void |
| 58 | { |
| 59 | $processExternalUserId = $process->getExternalUserId(); |
| 60 | if ( |
| 61 | $processExternalUserId === null |
| 62 | || $processExternalUserId === '' |
| 63 | || (string) $processExternalUserId !== (string) $externalUserId |
| 64 | ) { |
| 65 | throw new Exception\Process\ExternalUserIdMatchFailed(); |
| 66 | } |
| 67 | } |
| 68 | } |