Open Journal Systems  3.3.0
api/v1/submissions/PKPSubmissionHandler.inc.php
1 <?php
2 
17 import('lib.pkp.classes.handler.APIHandler');
18 import('classes.core.Services');
19 
20 class PKPSubmissionHandler extends APIHandler {
21 
25  public function __construct() {
26  $this->_handlerPath = 'submissions';
27  $this->_endpoints = [
28  'GET' => [
29  [
30  'pattern' => $this->getEndpointPattern(),
31  'handler' => [$this, 'getMany'],
32  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
33  ],
34  [
35  'pattern' => $this->getEndpointPattern() . '/{submissionId}',
36  'handler' => [$this, 'get'],
37  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
38  ],
39  [
40  'pattern' => $this->getEndpointPattern() . '/{submissionId}/participants',
41  'handler' => [$this, 'getParticipants'],
42  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
43  ],
44  [
45  'pattern' => $this->getEndpointPattern() . '/{submissionId}/participants/{stageId}',
46  'handler' => [$this, 'getParticipants'],
47  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
48  ],
49  [
50  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications',
51  'handler' => [$this, 'getPublications'],
52  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
53  ],
54  [
55  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}',
56  'handler' => [$this, 'getPublication'],
57  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
58  ],
59  ],
60  'POST' => [
61  [
62  'pattern' => $this->getEndpointPattern(),
63  'handler' => [$this, 'add'],
64  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
65  ],
66  [
67  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications',
68  'handler' => [$this, 'addPublication'],
69  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
70  ],
71  [
72  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}/version',
73  'handler' => [$this, 'versionPublication'],
74  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
75  ],
76  ],
77  'PUT' => [
78  [
79  'pattern' => $this->getEndpointPattern() . '/{submissionId}',
80  'handler' => [$this, 'edit'],
81  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
82  ],
83  [
84  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}',
85  'handler' => [$this, 'editPublication'],
86  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_AUTHOR],
87  ],
88  [
89  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}/publish',
90  'handler' => [$this, 'publishPublication'],
91  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
92  ],
93  [
94  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}/unpublish',
95  'handler' => [$this, 'unpublishPublication'],
96  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
97  ],
98  ],
99  'DELETE' => [
100  [
101  'pattern' => $this->getEndpointPattern() . '/{submissionId}',
102  'handler' => [$this, 'delete'],
103  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
104  ],
105  [
106  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}',
107  'handler' => [$this, 'deletePublication'],
108  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
109  ],
110  ],
111  ];
112  parent::__construct();
113  }
114 
115  //
116  // Implement methods from PKPHandler
117  //
118  function authorize($request, &$args, $roleAssignments) {
119  $routeName = $this->getSlimRequest()->getAttribute('route')->getName();
120 
121  import('lib.pkp.classes.security.authorization.ContextAccessPolicy');
122  $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments));
123 
124  $requiresSubmissionAccess = [
125  'get',
126  'edit',
127  'delete',
128  'getParticipants',
129  'getPublications',
130  'getPublication',
131  'addPublication',
132  'versionPublication',
133  'editPublication',
134  'publishPublication',
135  'unpublishPublication',
136  'deletePublication',
137  ];
138  if (in_array($routeName, $requiresSubmissionAccess)) {
139  import('lib.pkp.classes.security.authorization.SubmissionAccessPolicy');
140  $this->addPolicy(new SubmissionAccessPolicy($request, $args, $roleAssignments));
141  }
142 
143  $requiresPublicationWriteAccess = [
144  'editPublication',
145  ];
146  if (in_array($routeName, $requiresPublicationWriteAccess)) {
147  import('lib.pkp.classes.security.authorization.PublicationWritePolicy');
148  $this->addPolicy(new PublicationWritePolicy($request, $args, $roleAssignments));
149  }
150 
151  $requiresProductionStageAccess = [
152  'addPublication',
153  'versionPublication',
154  'publishPublication',
155  'unpublishPublication',
156  'deletePublication',
157  ];
158  if (in_array($routeName, $requiresProductionStageAccess)) {
159  import('lib.pkp.classes.security.authorization.StageRolePolicy');
160  $this->addPolicy(new StageRolePolicy([ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT], WORKFLOW_STAGE_ID_PRODUCTION, false));
161  }
162 
163  return parent::authorize($request, $args, $roleAssignments);
164  }
165 
173  public function getMany($slimRequest, $response, $args) {
174  $request = Application::get()->getRequest();
175  $currentUser = $request->getUser();
176  $context = $request->getContext();
177 
178  if (!$context) {
179  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
180  }
181 
182  $defaultParams = [
183  'count' => 20,
184  'offset' => 0,
185  ];
186 
187  // Only admins and managers may access submissions they are not assigned to
188  $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES);
189  $canAccessUnassignedSubmission = !empty(array_intersect(array(ROLE_ID_SITE_ADMIN, ROLE_ID_MANAGER), $userRoles));
190  if (!$canAccessUnassignedSubmission) {
191  $defaultParams['assignedTo'] = [$currentUser->getId()];
192  }
193 
194  $params = array_merge($defaultParams, $slimRequest->getQueryParams());
195 
196  foreach ($params as $param => $val) {
197  switch ($param) {
198  case 'orderBy':
199  if (in_array($val, array('dateSubmitted', 'dateLastActivity', 'lastModified', 'title'))) {
200  $params[$param] = $val;
201  }
202  break;
203 
204  case 'orderDirection':
205  $params[$param] = $val === 'ASC' ? $val : 'DESC';
206  break;
207 
208  // Always convert status and stageIds to array
209  case 'status':
210  case 'stageIds':
211  case 'assignedTo':
212  if (is_string($val) && strpos($val, ',') > -1) {
213  $val = explode(',', $val);
214  } elseif (!is_array($val)) {
215  $val = array($val);
216  }
217  $params[$param] = array_map('intval', $val);
218  break;
219 
220  case 'daysInactive':
221  case 'offset':
222  $params[$param] = (int) $val;
223  break;
224 
225  case 'searchPhrase':
226  $params[$param] = $val;
227  break;
228 
229  // Enforce a maximum count to prevent the API from crippling the
230  // server
231  case 'count':
232  $params[$param] = min(100, (int) $val);
233  break;
234 
235  case 'isIncomplete':
236  case 'isOverdue':
237  $params[$param] = true;
238  break;
239  }
240  }
241 
242  $params['contextId'] = $request->getContext()->getId();
243 
244  \HookRegistry::call('API::submissions::params', array(&$params, $slimRequest));
245 
246  // Prevent users from viewing submissions they're not assigned to,
247  // except for journal managers and admins.
248  $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES);
249  $canAccessUnassignedSubmission = !empty(array_intersect(array(ROLE_ID_SITE_ADMIN, ROLE_ID_MANAGER), $userRoles));
250  if (!$canAccessUnassignedSubmission && !in_array($currentUser->getId(), $params['assignedTo'])) {
251  return $response->withStatus(403)->withJsonError('api.submissions.403.requestedOthersUnpublishedSubmissions');
252  }
253 
254  $items = [];
255  $submissionsIterator = Services::get('submission')->getMany($params);
256  if (count($submissionsIterator)) {
257  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
258  $propertyArgs = [
259  'request' => $request,
260  'slimRequest' => $slimRequest,
261  'userGroups' => $userGroupDao->getByContextId($context->getId())->toArray()
262  ];
263  foreach ($submissionsIterator as $submission) {
264  $items[] = Services::get('submission')->getSummaryProperties($submission, $propertyArgs);
265  }
266  }
267 
268  $data = [
269  'itemsMax' => Services::get('submission')->getMax($params),
270  'items' => $items,
271  ];
272 
273  return $response->withJson($data, 200);
274  }
275 
283  public function get($slimRequest, $response, $args) {
284  AppLocale::requireComponents(LOCALE_COMPONENT_PKP_READER, LOCALE_COMPONENT_PKP_SUBMISSION);
285 
286  $request = Application::get()->getRequest();
287  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
288  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
289 
290  $data = Services::get('submission')->getFullProperties($submission, array(
291  'request' => $request,
292  'slimRequest' => $slimRequest,
293  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
294  ));
295 
296  return $response->withJson($data, 200);
297  }
298 
307  public function add($slimRequest, $response, $args) {
308  AppLocale::requireComponents(LOCALE_COMPONENT_APP_AUTHOR);
309 
310  $request = $this->getRequest();
311 
312  // Don't allow submissions to be added via the site-wide API
313  if (!$request->getContext()) {
314  return $response->withStatus(400)->withJsonError('api.submissions.403.contextRequired');
315  }
316 
317  if ($request->getContext()->getData('disableSubmissions')) {
318  return $response->withStatus(403)->withJsonError('author.submit.notAccepting');
319  }
320 
321  $params = $this->convertStringsToSchema(SCHEMA_SUBMISSION, $slimRequest->getParsedBody());
322  $params['contextId'] = $request->getContext()->getId();
323 
324  $primaryLocale = $request->getContext()->getPrimaryLocale();
325  $allowedLocales = $request->getContext()->getData('supportedSubmissionLocales');
326 
327  $errors = Services::get('submission')->validate(VALIDATE_ACTION_ADD, $params, $allowedLocales, $primaryLocale);
328 
329  if (!empty($errors)) {
330  return $response->withStatus(400)->withJson($errors);
331  }
332 
333  $submissionDao = DAORegistry::getDAO('SubmissionDAO'); /* @var $submissionDao SubmissionDAO */
334  $submission = $submissionDao->newDataObject();
335  $submission->_data = $params;
336  $submission = Services::get('submission')->add($submission, $request);
337  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
338 
339  $data = Services::get('submission')->getFullProperties($submission, [
340  'request' => $request,
341  'slimRequest' => $slimRequest,
342  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
343  ]);
344 
345  return $response->withJson($data, 200);
346  }
347 
356  public function edit($slimRequest, $response, $args) {
357  $request = $this->getRequest();
358  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
359 
360  if (!$submission) {
361  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
362  }
363 
364  // Don't allow submissions to be added via the site-wide API
365  if (!$request->getContext()) {
366  return $response->withStatus(403)->withJsonError('api.submissions.403.contextRequired');
367  }
368 
369  $params = $this->convertStringsToSchema(SCHEMA_SUBMISSION, $slimRequest->getParsedBody());
370  $params['id'] = $submission->getId();
371  $params['contextId'] = $request->getContext()->getId();
372 
373  // Don't allow a submission's context to be changed
374  if (isset($params['contextId']) && $params['contextId'] !== $submission->getData('contextId')) {
375  return $response->withStatus(403)->withJsonError('api.submissions.403.cantChangeContext');
376  }
377 
378  $primaryLocale = $request->getContext()->getPrimaryLocale();
379  $allowedLocales = $request->getContext()->getData('supportedSubmissionLocales');
380 
381  $errors = Services::get('submission')->validate(VALIDATE_ACTION_EDIT, $params, $allowedLocales, $primaryLocale);
382 
383  if (!empty($errors)) {
384  return $response->withStatus(400)->withJson($errors);
385  }
386 
387  $submission = Services::get('submission')->edit($submission, $params, $request);
388  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
389 
390  $data = Services::get('submission')->getFullProperties($submission, [
391  'request' => $request,
392  'slimRequest' => $slimRequest,
393  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
394  ]);
395 
396  return $response->withJson($data, 200);
397  }
398 
407  public function delete($slimRequest, $response, $args) {
408  $request = $this->getRequest();
409  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
410 
411  if (!$submission) {
412  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
413  }
414 
415  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
416  $submissionProps = Services::get('submission')->getFullProperties($submission, [
417  'request' => $request,
418  'slimRequest' => $slimRequest,
419  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
420  ]);
421 
422  Services::get('submission')->delete($submission);
423 
424  return $response->withJson($submissionProps, 200);
425  }
426 
437  public function getParticipants($slimRequest, $response, $args) {
438  $request = Application::get()->getRequest();
439  $context = $request->getContext();
440  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
441  $stageId = isset($args['stageId']) ? $args['stageId'] : null;
442 
443  if (!$submission) {
444  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
445  }
446 
447  $data = array();
448 
449  $userService = Services::get('user');
450 
451  $usersIterator = $userService->getMany(array(
452  'contextId' => $context->getId(),
453  'assignedToSubmission' => $submission->getId(),
454  'assignedToSubmissionStage' => $stageId,
455  ));
456  if (count($usersIterator)) {
457  $args = array(
458  'request' => $request,
459  'slimRequest' => $slimRequest,
460  );
461  foreach ($usersIterator as $user) {
462  $data[] = $userService->getSummaryProperties($user, $args);
463  }
464  }
465 
466  return $response->withJson($data, 200);
467  }
468 
469 
478  public function getPublications($slimRequest, $response, $args) {
479  $request = $this->getRequest();
480 
481  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
482 
483  if (!$submission) {
484  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
485  }
486 
487  $args = [
488  'submissionIds' => $submission->getId()
489  ];
490 
491  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
492  $userGroups = $userGroupDao->getByContextId($submission->getData('contextId'))->toArray();
493 
494  $items = [];
495  $publicationsIterator = Services::get('publication')->getMany($args);
496  foreach ($publicationsIterator as $publication) {
497  $items[] = Services::get('publication')->getSummaryProperties(
498  $publication,
499  [
500  'request' => $request,
501  'submission' => $submission,
502  'userGroups' => $userGroups,
503  ]
504  );
505  }
506 
507  $data = [
508  'itemsMax' => Services::get('publication')->getMax($args),
509  'items' => $items,
510  ];
511 
512  return $response->withJson($data, 200);
513  }
514 
523  public function getPublication($slimRequest, $response, $args) {
524  $request = $this->getRequest();
525  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
526 
527  $publication = Services::get('publication')->get((int) $args['publicationId']);
528 
529  if (!$publication) {
530  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
531  }
532 
533  if ($submission->getId() !== $publication->getData('submissionId')) {
534  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
535  }
536 
537  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
538  $data = Services::get('publication')->getFullProperties(
539  $publication,
540  [
541  'request' => $request,
542  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
543  ]
544  );
545 
546  return $response->withJson($data, 200);
547  }
548 
560  public function addPublication($slimRequest, $response, $args) {
561  $request = $this->getRequest();
562  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
563 
564  $params = $this->convertStringsToSchema(SCHEMA_PUBLICATION, $slimRequest->getParsedBody());
565  $params['submissionId'] = $submission->getId();
566 
567  $submissionContext = $request->getContext();
568  if (!$submissionContext || $submissionContext->getId() !== $submission->getData('contextId')) {
569  $submissionContext = Services::get('context')->get($submission->getData('contextId'));
570  }
571  $primaryLocale = $submissionContext->getPrimaryLocale();
572  $allowedLocales = $submissionContext->getData('supportedSubmissionLocales');
573 
574  // A publication may have a different primary locale
575  if (!empty($params['locale']) && in_array($params['locale'], $allowedLocales)) {
576  $primaryLocale = $params['locale'];
577  }
578 
579  $errors = Services::get('publication')->validate(VALIDATE_ACTION_ADD, $params, $allowedLocales, $primaryLocale);
580 
581  if (!empty($errors)) {
582  return $response->withStatus(400)->withJson($errors);
583  }
584 
585  $publicationDao = DAORegistry::getDAO('PublicationDAO'); /* @var $publicationDao PublicationDAO */
586  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
587  $publication = $publicationDao->newDataObject();
588  $publication->_data = $params;
589  $publication = Services::get('publication')->add($publication, $request);
590  $publicationProps = Services::get('publication')->getFullProperties(
591  $publication,
592  [
593  'request' => $request,
594  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
595  ]
596  );
597 
598  return $response->withJson($publicationProps, 200);
599  }
600 
609  public function versionPublication($slimRequest, $response, $args) {
610  $request = $this->getRequest();
611  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
612  $publication = Services::get('publication')->get((int) $args['publicationId']);
613 
614  if (!$publication) {
615  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
616  }
617 
618  if ($submission->getId() !== $publication->getData('submissionId')) {
619  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
620  }
621 
622  $publication = Services::get('publication')->version($publication, $request);
623  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
624 
625  $publicationProps = Services::get('publication')->getFullProperties(
626  $publication,
627  [
628  'request' => $request,
629  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
630  ]
631  );
632 
633  $notificationManager = new NotificationManager();
634  $userService = Services::get('user');
635  $usersIterator = $userService->getMany(array(
636  'contextId' => $submission->getContextId(),
637  'assignedToSubmission' => $submission->getId(),
638  ));
639 
640  foreach ($usersIterator as $user) {
641  $notificationManager->createNotification(
642  $request,
643  $user->getId(),
644  NOTIFICATION_TYPE_SUBMISSION_NEW_VERSION,
645  $submission->getContextId(),
646  ASSOC_TYPE_SUBMISSION,
647  $submission->getId(),
648  NOTIFICATION_LEVEL_TASK
649  );
650  }
651 
652  return $response->withJson($publicationProps, 200);
653  }
654 
663  public function editPublication($slimRequest, $response, $args) {
664  $request = $this->getRequest();
665  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
666  $currentUser = $request->getUser();
667  $publication = Services::get('publication')->get((int) $args['publicationId']);
668 
669  if (!$publication) {
670  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
671  }
672 
673  if ($submission->getId() !== $publication->getData('submissionId')) {
674  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
675  }
676 
677  // Publications can not be edited when they are published
678  if ($publication->getData('status') === STATUS_PUBLISHED) {
679  return $response->withStatus(403)->withJsonError('api.publication.403.cantEditPublished');
680  }
681 
682  // Prevent users from editing publications if they do not have permission. Except for admins.
683  $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES);
684  if (!in_array(ROLE_ID_SITE_ADMIN, $userRoles) && !Services::get('submission')->canEditPublication($submission->getId(), $currentUser->getId())) {
685  return $response->withStatus(403)->withJsonError('api.submissions.403.userCantEdit');
686  }
687 
688  $params = $this->convertStringsToSchema(SCHEMA_PUBLICATION, $slimRequest->getParsedBody());
689  $params['id'] = $publication->getId();
690 
691  // Don't allow the status to be modified through the API. The `/publish` and /unpublish endpoints
692  // should be used instead.
693  if (array_key_exists('status', $params)) {
694  return $response->withStatus(403)->withJsonError('api.publication.403.cantEditStatus');
695  }
696 
697  $submissionContext = $request->getContext();
698  if (!$submissionContext || $submissionContext->getId() !== $submission->getData('contextId')) {
699  $submissionContext = Services::get('context')->get($submission->getData('contextId'));
700  }
701  $primaryLocale = $publication->getData('locale');
702  $allowedLocales = $submissionContext->getData('supportedSubmissionLocales');
703 
704  $errors = Services::get('publication')->validate(VALIDATE_ACTION_EDIT, $params, $allowedLocales, $primaryLocale);
705 
706  if (!empty($errors)) {
707  return $response->withStatus(400)->withJson($errors);
708  }
709 
710  $publication = Services::get('publication')->edit($publication, $params, $request);
711  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
712 
713  $publicationProps = Services::get('publication')->getFullProperties(
714  $publication,
715  [
716  'request' => $request,
717  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
718  ]
719  );
720 
721  return $response->withJson($publicationProps, 200);
722  }
723 
736  public function publishPublication($slimRequest, $response, $args) {
737  $request = $this->getRequest();
738  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
739  $publication = Services::get('publication')->get((int) $args['publicationId']);
740 
741  if (!$publication) {
742  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
743  }
744 
745  if ($submission->getId() !== $publication->getData('submissionId')) {
746  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
747  }
748 
749  if ($publication->getData('status') === STATUS_PUBLISHED) {
750  return $response->withStatus(403)->withJsonError('api.publication.403.alreadyPublished');
751  }
752 
753  AppLocale::requireComponents(LOCALE_COMPONENT_PKP_SUBMISSION, LOCALE_COMPONENT_APP_SUBMISSION);
754 
755  $submissionContext = $request->getContext();
756  if (!$submissionContext || $submissionContext->getId() !== $submission->getData('contextId')) {
757  $submissionContext = Services::get('context')->get($submission->getData('contextId'));
758  }
759  $primaryLocale = $submission->getData('locale');
760  $allowedLocales = $submissionContext->getData('supportedSubmissionLocales');
761 
762  $errors = Services::get('publication')->validatePublish($publication, $submission, $allowedLocales, $primaryLocale);
763 
764  if (!empty($errors)) {
765  return $response->withStatus(400)->withJson($errors);
766  }
767 
768  $publication = Services::get('publication')->publish($publication);
769  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
770 
771  $publicationProps = Services::get('publication')->getFullProperties(
772  $publication,
773  [
774  'request' => $request,
775  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
776  ]
777  );
778 
779  return $response->withJson($publicationProps, 200);
780  }
781 
790  public function unpublishPublication($slimRequest, $response, $args) {
791  $request = $this->getRequest();
792  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
793  $publication = Services::get('publication')->get((int) $args['publicationId']);
794 
795  if (!$publication) {
796  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
797  }
798 
799  if ($submission->getId() !== $publication->getData('submissionId')) {
800  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
801  }
802 
803  if (!in_array($publication->getData('status'), [STATUS_PUBLISHED, STATUS_SCHEDULED])) {
804  return $response->withStatus(403)->withJsonError('api.publication.403.alreadyUnpublished');
805  }
806 
807  $publication = Services::get('publication')->unpublish($publication);
808  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
809 
810  $publicationProps = Services::get('publication')->getFullProperties(
811  $publication,
812  [
813  'request' => $request,
814  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
815  ]
816  );
817 
818  return $response->withJson($publicationProps, 200);
819  }
820 
832  public function deletePublication($slimRequest, $response, $args) {
833  $request = $this->getRequest();
834  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
835  $publication = Services::get('publication')->get((int) $args['publicationId']);
836 
837  if (!$publication) {
838  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
839  }
840 
841  if ($submission->getId() !== $publication->getData('submissionId')) {
842  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
843  }
844 
845  if ($publication->getData('status') === STATUS_PUBLISHED) {
846  return $response->withStatus(403)->withJsonError('api.publication.403.cantDeletePublished');
847  }
848 
849  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
850  $publicationProps = Services::get('publication')->getFullProperties(
851  $publication,
852  [
853  'request' => $request,
854  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
855  ]
856  );
857 
858  Services::get('publication')->delete($publication);
859 
860  return $response->withJson($publicationProps, 200);
861  }
862 }
AppLocale\requireComponents
static requireComponents()
Definition: env1/MockAppLocale.inc.php:56
ContextAccessPolicy
Class to control access to PKP applications' setup components.
Definition: ContextAccessPolicy.inc.php:17
DAORegistry\getDAO
static & getDAO($name, $dbconn=null)
Definition: DAORegistry.inc.php:57
PKPSubmissionHandler\addPublication
addPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:560
PKPSubmissionHandler\add
add($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:307
PKPSubmissionHandler\__construct
__construct()
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:25
PKPSubmissionHandler\deletePublication
deletePublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:832
PKPSubmissionHandler\getParticipants
getParticipants($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:437
PKPSubmissionHandler\edit
edit($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:356
PKPSubmissionHandler
Base handler for submission requests.
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:20
APIHandler\getSlimRequest
getSlimRequest()
Definition: APIHandler.inc.php:158
PKPSubmissionHandler\versionPublication
versionPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:609
PKPSubmissionHandler\getMany
getMany($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:173
PublicationWritePolicy
Class to permit or deny write functions (add/edit) on a publication.
Definition: PublicationWritePolicy.inc.php:19
APIHandler
Base request API handler.
Definition: APIHandler.inc.php:22
PKPSubmissionHandler\editPublication
editPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:663
PKPSubmissionHandler\getPublications
getPublications($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:478
StageRolePolicy
Class to check if the user has an assigned role on a specific submission stage. Optionally deny autho...
Definition: StageRolePolicy.inc.php:19
PKPSubmissionHandler\authorize
authorize($request, &$args, $roleAssignments)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:118
PKPHandler\getAuthorizedContextObject
& getAuthorizedContextObject($assocType)
Definition: PKPHandler.inc.php:174
PKPSubmissionHandler\unpublishPublication
unpublishPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:790
APIHandler\convertStringsToSchema
convertStringsToSchema($schema, $params)
Definition: APIHandler.inc.php:281
NotificationManager
Definition: NotificationManager.inc.php:19
PKPSubmissionHandler\getPublication
getPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:523
PKPApplication\get
static get()
Definition: PKPApplication.inc.php:235
APIHandler\getRequest
getRequest()
Definition: APIHandler.inc.php:149
SubmissionAccessPolicy
Base class to control (write) access to submissions and (read) access to submission details in OMP.
Definition: SubmissionAccessPolicy.inc.php:19
PKPHandler\addPolicy
addPolicy($authorizationPolicy, $addToTop=false)
Definition: PKPHandler.inc.php:157
APIHandler\getEndpointPattern
getEndpointPattern()
Definition: APIHandler.inc.php:186
HookRegistry\call
static call($hookName, $args=null)
Definition: HookRegistry.inc.php:86
PKPServices\get
static get($service)
Definition: PKPServices.inc.php:49
PKPSubmissionHandler\publishPublication
publishPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:736