Open Journal Systems  3.3.0
api/v1/issues/IssueHandler.inc.php
1 <?php
2 
17 import('lib.pkp.classes.handler.APIHandler');
18 import('classes.core.Services');
19 
20 class IssueHandler extends APIHandler {
21 
25  public function __construct() {
26  $this->_handlerPath = 'issues';
27  $roles = array(ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR);
28  $this->_endpoints = array(
29  'GET' => array (
30  array(
31  'pattern' => $this->getEndpointPattern(),
32  'handler' => array($this, 'getMany'),
33  'roles' => $roles
34  ),
35  array(
36  'pattern' => $this->getEndpointPattern(). '/current',
37  'handler' => array($this, 'getCurrent'),
38  'roles' => $roles
39  ),
40  array(
41  'pattern' => $this->getEndpointPattern(). '/{issueId}',
42  'handler' => array($this, 'get'),
43  'roles' => $roles
44  ),
45  )
46  );
47  parent::__construct();
48  }
49 
50  //
51  // Implement methods from PKPHandler
52  //
53  function authorize($request, &$args, $roleAssignments) {
54  $routeName = null;
55  $slimRequest = $this->getSlimRequest();
56 
57  if (!is_null($slimRequest) && ($route = $slimRequest->getAttribute('route'))) {
58  $routeName = $route->getName();
59  }
60 
61  import('lib.pkp.classes.security.authorization.ContextRequiredPolicy');
62  $this->addPolicy(new ContextRequiredPolicy($request));
63 
64  import('lib.pkp.classes.security.authorization.ContextAccessPolicy');
65  $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments));
66 
67  import('classes.security.authorization.OjsJournalMustPublishPolicy');
68  $this->addPolicy(new OjsJournalMustPublishPolicy($request));
69 
70  if ($routeName === 'get') {
71  import('classes.security.authorization.OjsIssueRequiredPolicy');
72  $this->addPolicy(new OjsIssueRequiredPolicy($request, $args));
73  }
74 
75  return parent::authorize($request, $args, $roleAssignments);
76  }
77 
78  //
79  // Public handler methods
80  //
88  public function getMany($slimRequest, $response, $args) {
89  $request = $this->getRequest();
90  $currentUser = $request->getUser();
91  $context = $request->getContext();
92 
93  if (!$context) {
94  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
95  }
96 
97  $defaultParams = array(
98  'count' => 20,
99  'offset' => 0,
100  );
101 
102  $requestParams = array_merge($defaultParams, $slimRequest->getQueryParams());
103 
104  $params = array();
105 
106  // Process query params to format incoming data as needed
107  foreach ($requestParams as $param => $val) {
108  switch ($param) {
109 
110  case 'orderBy':
111  if (in_array($val, array('datePublished', 'lastModified', 'seq'))) {
112  $params[$param] = $val;
113  }
114  break;
115 
116  case 'orderDirection':
117  $params[$param] = $val === 'ASC' ? $val : 'DESC';
118  break;
119 
120  // Enforce a maximum count to prevent the API from crippling the
121  // server
122  case 'count':
123  $params[$param] = min(100, (int) $val);
124  break;
125 
126  case 'offset':
127  $params[$param] = (int) $val;
128  break;
129 
130  // Always convert volume, number and year values to array
131  case 'volumes':
132  case 'volume':
133  case 'numbers':
134  case 'number':
135  case 'years':
136  case 'year':
137 
138  // Support deprecated `year`, `number` and `volume` params
139  if (substr($param, -1) !== 's') {
140  $param .= 's';
141  }
142 
143  if (is_string($val) && strpos($val, ',') > -1) {
144  $val = explode(',', $val);
145  } elseif (!is_array($val)) {
146  $val = array($val);
147  }
148  $params[$param] = array_map('intval', $val);
149  break;
150 
151  case 'isPublished':
152  $params[$param] = $val ? true : false;
153  break;
154 
155  case 'searchPhrase':
156  $params[$param] = $val;
157  break;
158  }
159  }
160 
161  $params['contextId'] = $context->getId();
162 
163  \HookRegistry::call('API::issues::params', array(&$params, $slimRequest));
164 
165  // You must be a manager or site admin to access unpublished Issues
166  $isAdmin = $currentUser->hasRole(array(ROLE_ID_MANAGER), $context->getId()) || $currentUser->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE);
167  if (isset($params['isPublished']) && !$params['isPublished'] && !$isAdmin) {
168  return $response->withStatus(403)->withJsonError('api.submissions.403.unpublishedIssues');
169  } elseif (!$isAdmin) {
170  $params['isPublished'] = true;
171  }
172 
173  $items = array();
174  $issuesIterator = Services::get('issue')->getMany($params);
175  if (count($issuesIterator)) {
176  $propertyArgs = array(
177  'request' => $request,
178  'slimRequest' => $slimRequest,
179  );
180  foreach ($issuesIterator as $issue) {
181  $items[] = Services::get('issue')->getSummaryProperties($issue, $propertyArgs);
182  }
183  }
184 
185  $data = array(
186  'itemsMax' => Services::get('issue')->getMax($params),
187  'items' => $items,
188  );
189 
190  return $response->withJson($data, 200);
191  }
192 
202  public function getCurrent($slimRequest, $response, $args) {
203 
204  $request = $this->getRequest();
205  $context = $request->getContext();
206 
207  $issueDao = DAORegistry::getDAO('IssueDAO'); /* @var $issueDao IssueDAO */
208  $issue = $issueDao->getCurrent($context->getId());
209 
210  if (!$issue) {
211  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
212  }
213 
214  $data = Services::get('issue')->getFullProperties($issue, array(
215  'request' => $request,
216  'slimRequest' => $slimRequest,
217  ));
218 
219  return $response->withJson($data, 200);
220  }
221 
231  public function get($slimRequest, $response, $args) {
232  $request = $this->getRequest();
233  $issue = $this->getAuthorizedContextObject(ASSOC_TYPE_ISSUE);
234 
235  if (!$issue) {
236  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
237  }
238 
239  $data = Services::get('issue')->getFullProperties($issue, array(
240  'request' => $request,
241  'slimRequest' => $slimRequest,
242  ));
243 
244  return $response->withJson($data, 200);
245  }
246 }
ContextAccessPolicy
Class to control access to PKP applications' setup components.
Definition: ContextAccessPolicy.inc.php:17
DAORegistry\getDAO
static & getDAO($name, $dbconn=null)
Definition: DAORegistry.inc.php:57
OjsIssueRequiredPolicy
Policy that ensures that the request contains a valid issue.
Definition: OjsIssueRequiredPolicy.inc.php:17
IssueHandler\getCurrent
getCurrent($slimRequest, $response, $args)
Definition: api/v1/issues/IssueHandler.inc.php:202
APIHandler\getSlimRequest
getSlimRequest()
Definition: APIHandler.inc.php:158
APIHandler
Base request API handler.
Definition: APIHandler.inc.php:22
IssueHandler
Handle API requests for issues operations.
Definition: api/v1/issues/IssueHandler.inc.php:20
PKPHandler\getAuthorizedContextObject
& getAuthorizedContextObject($assocType)
Definition: PKPHandler.inc.php:174
IssueHandler\getMany
getMany($slimRequest, $response, $args)
Definition: api/v1/issues/IssueHandler.inc.php:88
OjsJournalMustPublishPolicy
Access policy to limit access to journals that do not publish online.
Definition: OjsJournalMustPublishPolicy.inc.php:18
IssueHandler\__construct
__construct()
Definition: api/v1/issues/IssueHandler.inc.php:25
APIHandler\getRequest
getRequest()
Definition: APIHandler.inc.php:149
PKPHandler\addPolicy
addPolicy($authorizationPolicy, $addToTop=false)
Definition: PKPHandler.inc.php:157
APIHandler\getEndpointPattern
getEndpointPattern()
Definition: APIHandler.inc.php:186
HookRegistry\call
static call($hookName, $args=null)
Definition: HookRegistry.inc.php:86
IssueHandler\authorize
authorize($request, &$args, $roleAssignments)
Definition: api/v1/issues/IssueHandler.inc.php:53
ContextRequiredPolicy
Policy to deny access if a context cannot be found in the request.
Definition: ContextRequiredPolicy.inc.php:17
PKPServices\get
static get($service)
Definition: PKPServices.inc.php:49