Open Preprint Systems  3.3.0
api/v1/submissions/PKPSubmissionHandler.inc.php
1 <?php
2 
17 import('lib.pkp.classes.handler.APIHandler');
18 import('classes.core.Services');
19 
20 class PKPSubmissionHandler extends APIHandler {
21 
25  public function __construct() {
26  $this->_handlerPath = 'submissions';
27  $this->_endpoints = [
28  'GET' => [
29  [
30  'pattern' => $this->getEndpointPattern(),
31  'handler' => [$this, 'getMany'],
32  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
33  ],
34  [
35  'pattern' => $this->getEndpointPattern() . '/{submissionId}',
36  'handler' => [$this, 'get'],
37  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
38  ],
39  [
40  'pattern' => $this->getEndpointPattern() . '/{submissionId}/participants',
41  'handler' => [$this, 'getParticipants'],
42  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
43  ],
44  [
45  'pattern' => $this->getEndpointPattern() . '/{submissionId}/participants/{stageId}',
46  'handler' => [$this, 'getParticipants'],
47  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
48  ],
49  [
50  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications',
51  'handler' => [$this, 'getPublications'],
52  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
53  ],
54  [
55  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}',
56  'handler' => [$this, 'getPublication'],
57  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR],
58  ],
59  ],
60  'POST' => [
61  [
62  'pattern' => $this->getEndpointPattern(),
63  'handler' => [$this, 'add'],
64  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
65  ],
66  [
67  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications',
68  'handler' => [$this, 'addPublication'],
69  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
70  ],
71  [
72  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}/version',
73  'handler' => [$this, 'versionPublication'],
74  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
75  ],
76  ],
77  'PUT' => [
78  [
79  'pattern' => $this->getEndpointPattern() . '/{submissionId}',
80  'handler' => [$this, 'edit'],
81  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
82  ],
83  [
84  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}',
85  'handler' => [$this, 'editPublication'],
86  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_AUTHOR],
87  ],
88  [
89  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}/publish',
90  'handler' => [$this, 'publishPublication'],
91  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
92  ],
93  [
94  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}/unpublish',
95  'handler' => [$this, 'unpublishPublication'],
96  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
97  ],
98  ],
99  'DELETE' => [
100  [
101  'pattern' => $this->getEndpointPattern() . '/{submissionId}',
102  'handler' => [$this, 'delete'],
103  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR],
104  ],
105  [
106  'pattern' => $this->getEndpointPattern() . '/{submissionId}/publications/{publicationId}',
107  'handler' => [$this, 'deletePublication'],
108  'roles' => [ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT],
109  ],
110  ],
111  ];
112  parent::__construct();
113  }
114 
115  //
116  // Implement methods from PKPHandler
117  //
118  function authorize($request, &$args, $roleAssignments) {
119  $routeName = $this->getSlimRequest()->getAttribute('route')->getName();
120 
121  import('lib.pkp.classes.security.authorization.ContextAccessPolicy');
122  $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments));
123 
124  $requiresSubmissionAccess = [
125  'get',
126  'edit',
127  'delete',
128  'getParticipants',
129  'getPublications',
130  'getPublication',
131  'addPublication',
132  'versionPublication',
133  'editPublication',
134  'publishPublication',
135  'unpublishPublication',
136  'deletePublication',
137  ];
138  if (in_array($routeName, $requiresSubmissionAccess)) {
139  import('lib.pkp.classes.security.authorization.SubmissionAccessPolicy');
140  $this->addPolicy(new SubmissionAccessPolicy($request, $args, $roleAssignments));
141  }
142 
143  $requiresPublicationWriteAccess = [
144  'editPublication',
145  ];
146  if (in_array($routeName, $requiresPublicationWriteAccess)) {
147  import('lib.pkp.classes.security.authorization.PublicationWritePolicy');
148  $this->addPolicy(new PublicationWritePolicy($request, $args, $roleAssignments));
149  }
150 
151  $requiresProductionStageAccess = [
152  'addPublication',
153  'versionPublication',
154  'publishPublication',
155  'unpublishPublication',
156  'deletePublication',
157  ];
158  if (in_array($routeName, $requiresProductionStageAccess)) {
159  import('lib.pkp.classes.security.authorization.StageRolePolicy');
160  $this->addPolicy(new StageRolePolicy([ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT], WORKFLOW_STAGE_ID_PRODUCTION, false));
161  }
162 
163  return parent::authorize($request, $args, $roleAssignments);
164  }
165 
173  public function getMany($slimRequest, $response, $args) {
174  $request = Application::get()->getRequest();
175  $currentUser = $request->getUser();
176  $context = $request->getContext();
177 
178  if (!$context) {
179  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
180  }
181 
182  $defaultParams = [
183  'count' => 20,
184  'offset' => 0,
185  ];
186 
187  // Only admins and managers may access submissions they are not assigned to
188  $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES);
189  $canAccessUnassignedSubmission = !empty(array_intersect(array(ROLE_ID_SITE_ADMIN, ROLE_ID_MANAGER), $userRoles));
190  if (!$canAccessUnassignedSubmission) {
191  $defaultParams['assignedTo'] = [$currentUser->getId()];
192  }
193 
194  $params = array_merge($defaultParams, $slimRequest->getQueryParams());
195 
196  foreach ($params as $param => $val) {
197  switch ($param) {
198  case 'orderBy':
199  if (in_array($val, array('dateSubmitted', 'dateLastActivity', 'lastModified', 'title'))) {
200  $params[$param] = $val;
201  }
202  break;
203 
204  case 'orderDirection':
205  $params[$param] = $val === 'ASC' ? $val : 'DESC';
206  break;
207 
208  // Always convert status and stageIds to array
209  case 'status':
210  case 'stageIds':
211  case 'assignedTo':
212  if (is_string($val) && strpos($val, ',') > -1) {
213  $val = explode(',', $val);
214  } elseif (!is_array($val)) {
215  $val = array($val);
216  }
217  $params[$param] = array_map('intval', $val);
218  break;
219 
220  case 'daysInactive':
221  case 'offset':
222  $params[$param] = (int) $val;
223  break;
224 
225  case 'searchPhrase':
226  $params[$param] = $val;
227  break;
228 
229  // Enforce a maximum count to prevent the API from crippling the
230  // server
231  case 'count':
232  $params[$param] = min(100, (int) $val);
233  break;
234 
235  case 'isIncomplete':
236  case 'isOverdue':
237  $params[$param] = true;
238  break;
239  }
240  }
241 
242  $params['contextId'] = $request->getContext()->getId();
243 
244  \HookRegistry::call('API::submissions::params', array(&$params, $slimRequest));
245 
246  // Prevent users from viewing submissions they're not assigned to,
247  // except for journal managers and admins.
248  $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES);
249  $canAccessUnassignedSubmission = !empty(array_intersect(array(ROLE_ID_SITE_ADMIN, ROLE_ID_MANAGER), $userRoles));
250  if (!$canAccessUnassignedSubmission && !in_array($currentUser->getId(), $params['assignedTo'])) {
251  return $response->withStatus(403)->withJsonError('api.submissions.403.requestedOthersUnpublishedSubmissions');
252  }
253 
254  $items = [];
255  $submissionsIterator = Services::get('submission')->getMany($params);
256  if (count($submissionsIterator)) {
257  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
258  $propertyArgs = [
259  'request' => $request,
260  'slimRequest' => $slimRequest,
261  'userGroups' => $userGroupDao->getByContextId($context->getId())->toArray()
262  ];
263  foreach ($submissionsIterator as $submission) {
264  $items[] = Services::get('submission')->getSummaryProperties($submission, $propertyArgs);
265  }
266  }
267 
268  $data = [
269  'itemsMax' => Services::get('submission')->getMax($params),
270  'items' => $items,
271  ];
272 
273  return $response->withJson($data, 200);
274  }
275 
283  public function get($slimRequest, $response, $args) {
284  AppLocale::requireComponents(LOCALE_COMPONENT_PKP_READER, LOCALE_COMPONENT_PKP_SUBMISSION);
285 
286  $request = Application::get()->getRequest();
287  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
288  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
289 
290  $data = Services::get('submission')->getFullProperties($submission, array(
291  'request' => $request,
292  'slimRequest' => $slimRequest,
293  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
294  ));
295 
296  return $response->withJson($data, 200);
297  }
298 
307  public function add($slimRequest, $response, $args) {
308  $request = $this->getRequest();
309 
310  // Don't allow submissions to be added via the site-wide API
311  if (!$request->getContext()) {
312  return $response->withStatus(400)->withJsonError('api.submissions.403.contextRequired');
313  }
314 
315  $params = $this->convertStringsToSchema(SCHEMA_SUBMISSION, $slimRequest->getParsedBody());
316  $params['contextId'] = $request->getContext()->getId();
317 
318  $primaryLocale = $request->getContext()->getPrimaryLocale();
319  $allowedLocales = $request->getContext()->getData('supportedSubmissionLocales');
320 
321  $errors = Services::get('submission')->validate(VALIDATE_ACTION_ADD, $params, $allowedLocales, $primaryLocale);
322 
323  if (!empty($errors)) {
324  return $response->withStatus(400)->withJson($errors);
325  }
326 
327  $submissionDao = DAORegistry::getDAO('SubmissionDAO'); /* @var $submissionDao SubmissionDAO */
328  $submission = $submissionDao->newDataObject();
329  $submission->_data = $params;
330  $submission = Services::get('submission')->add($submission, $request);
331  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
332 
333  $data = Services::get('submission')->getFullProperties($submission, [
334  'request' => $request,
335  'slimRequest' => $slimRequest,
336  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
337  ]);
338 
339  return $response->withJson($data, 200);
340  }
341 
350  public function edit($slimRequest, $response, $args) {
351  $request = $this->getRequest();
352  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
353 
354  if (!$submission) {
355  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
356  }
357 
358  // Don't allow submissions to be added via the site-wide API
359  if (!$request->getContext()) {
360  return $response->withStatus(403)->withJsonError('api.submissions.403.contextRequired');
361  }
362 
363  $params = $this->convertStringsToSchema(SCHEMA_SUBMISSION, $slimRequest->getParsedBody());
364  $params['id'] = $submission->getId();
365  $params['contextId'] = $request->getContext()->getId();
366 
367  // Don't allow a submission's context to be changed
368  if (isset($params['contextId']) && $params['contextId'] !== $submission->getData('contextId')) {
369  return $response->withStatus(403)->withJsonError('api.submissions.403.cantChangeContext');
370  }
371 
372  $primaryLocale = $request->getContext()->getPrimaryLocale();
373  $allowedLocales = $request->getContext()->getData('supportedSubmissionLocales');
374 
375  $errors = Services::get('submission')->validate(VALIDATE_ACTION_EDIT, $params, $allowedLocales, $primaryLocale);
376 
377  if (!empty($errors)) {
378  return $response->withStatus(400)->withJson($errors);
379  }
380 
381  $submission = Services::get('submission')->edit($submission, $params, $request);
382  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
383 
384  $data = Services::get('submission')->getFullProperties($submission, [
385  'request' => $request,
386  'slimRequest' => $slimRequest,
387  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
388  ]);
389 
390  return $response->withJson($data, 200);
391  }
392 
401  public function delete($slimRequest, $response, $args) {
402  $request = $this->getRequest();
403  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
404 
405  if (!$submission) {
406  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
407  }
408 
409  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
410  $submissionProps = Services::get('submission')->getFullProperties($submission, [
411  'request' => $request,
412  'slimRequest' => $slimRequest,
413  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
414  ]);
415 
416  Services::get('submission')->delete($submission);
417 
418  return $response->withJson($submissionProps, 200);
419  }
420 
431  public function getParticipants($slimRequest, $response, $args) {
432  $request = Application::get()->getRequest();
433  $context = $request->getContext();
434  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
435  $stageId = isset($args['stageId']) ? $args['stageId'] : null;
436 
437  if (!$submission) {
438  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
439  }
440 
441  $data = array();
442 
443  $userService = Services::get('user');
444 
445  $usersIterator = $userService->getMany(array(
446  'contextId' => $context->getId(),
447  'assignedToSubmission' => $submission->getId(),
448  'assignedToSubmissionStage' => $stageId,
449  ));
450  if (count($usersIterator)) {
451  $args = array(
452  'request' => $request,
453  'slimRequest' => $slimRequest,
454  );
455  foreach ($usersIterator as $user) {
456  $data[] = $userService->getSummaryProperties($user, $args);
457  }
458  }
459 
460  return $response->withJson($data, 200);
461  }
462 
463 
472  public function getPublications($slimRequest, $response, $args) {
473  $request = $this->getRequest();
474 
475  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
476 
477  if (!$submission) {
478  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
479  }
480 
481  $args = [
482  'submissionIds' => $submission->getId()
483  ];
484 
485  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
486  $userGroups = $userGroupDao->getByContextId($submission->getData('contextId'))->toArray();
487 
488  $items = [];
489  $publicationsIterator = Services::get('publication')->getMany($args);
490  foreach ($publicationsIterator as $publication) {
491  $items[] = Services::get('publication')->getSummaryProperties(
492  $publication,
493  [
494  'request' => $request,
495  'submission' => $submission,
496  'userGroups' => $userGroups,
497  ]
498  );
499  }
500 
501  $data = [
502  'itemsMax' => Services::get('publication')->getMax($args),
503  'items' => $items,
504  ];
505 
506  return $response->withJson($data, 200);
507  }
508 
517  public function getPublication($slimRequest, $response, $args) {
518  $request = $this->getRequest();
519  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
520 
521  $publication = Services::get('publication')->get((int) $args['publicationId']);
522 
523  if (!$publication) {
524  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
525  }
526 
527  if ($submission->getId() !== $publication->getData('submissionId')) {
528  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
529  }
530 
531  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
532  $data = Services::get('publication')->getFullProperties(
533  $publication,
534  [
535  'request' => $request,
536  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
537  ]
538  );
539 
540  return $response->withJson($data, 200);
541  }
542 
554  public function addPublication($slimRequest, $response, $args) {
555  $request = $this->getRequest();
556  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
557 
558  $params = $this->convertStringsToSchema(SCHEMA_PUBLICATION, $slimRequest->getParsedBody());
559  $params['submissionId'] = $submission->getId();
560 
561  $submissionContext = $request->getContext();
562  if (!$submissionContext || $submissionContext->getId() !== $submission->getData('contextId')) {
563  $submissionContext = Services::get('context')->get($submission->getData('contextId'));
564  }
565  $primaryLocale = $submissionContext->getPrimaryLocale();
566  $allowedLocales = $submissionContext->getData('supportedSubmissionLocales');
567 
568  // A publication may have a different primary locale
569  if (!empty($params['locale']) && in_array($params['locale'], $allowedLocales)) {
570  $primaryLocale = $params['locale'];
571  }
572 
573  $errors = Services::get('publication')->validate(VALIDATE_ACTION_ADD, $params, $allowedLocales, $primaryLocale);
574 
575  if (!empty($errors)) {
576  return $response->withStatus(400)->withJson($errors);
577  }
578 
579  $publicationDao = DAORegistry::getDAO('PublicationDAO'); /* @var $publicationDao PublicationDAO */
580  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
581  $publication = $publicationDao->newDataObject();
582  $publication->_data = $params;
583  $publication = Services::get('publication')->add($publication, $request);
584  $publicationProps = Services::get('publication')->getFullProperties(
585  $publication,
586  [
587  'request' => $request,
588  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
589  ]
590  );
591 
592  return $response->withJson($publicationProps, 200);
593  }
594 
603  public function versionPublication($slimRequest, $response, $args) {
604  $request = $this->getRequest();
605  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
606  $publication = Services::get('publication')->get((int) $args['publicationId']);
607 
608  if (!$publication) {
609  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
610  }
611 
612  if ($submission->getId() !== $publication->getData('submissionId')) {
613  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
614  }
615 
616  $publication = Services::get('publication')->version($publication, $request);
617  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
618 
619  $publicationProps = Services::get('publication')->getFullProperties(
620  $publication,
621  [
622  'request' => $request,
623  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
624  ]
625  );
626 
627  $notificationManager = new NotificationManager();
628  $userService = Services::get('user');
629  $usersIterator = $userService->getMany(array(
630  'contextId' => $submission->getContextId(),
631  'assignedToSubmission' => $submission->getId(),
632  ));
633 
634  foreach ($usersIterator as $user) {
635  $notificationManager->createNotification(
636  $request,
637  $user->getId(),
638  NOTIFICATION_TYPE_SUBMISSION_NEW_VERSION,
639  $submission->getContextId(),
640  ASSOC_TYPE_SUBMISSION,
641  $submission->getId(),
642  NOTIFICATION_LEVEL_TASK
643  );
644  }
645 
646  return $response->withJson($publicationProps, 200);
647  }
648 
657  public function editPublication($slimRequest, $response, $args) {
658  $request = $this->getRequest();
659  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
660  $currentUser = $request->getUser();
661  $publication = Services::get('publication')->get((int) $args['publicationId']);
662 
663  if (!$publication) {
664  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
665  }
666 
667  if ($submission->getId() !== $publication->getData('submissionId')) {
668  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
669  }
670 
671  // Publications can not be edited when they are published
672  if ($publication->getData('status') === STATUS_PUBLISHED) {
673  return $response->withStatus(403)->withJsonError('api.publication.403.cantEditPublished');
674  }
675 
676  // Prevent users from editing publications if they do not have permission. Except for admins.
677  $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES);
678  if (!in_array(ROLE_ID_SITE_ADMIN, $userRoles) && !Services::get('submission')->canEditPublication($submission->getId(), $currentUser->getId())) {
679  return $response->withStatus(403)->withJsonError('api.submissions.403.userCantEdit');
680  }
681 
682  $params = $this->convertStringsToSchema(SCHEMA_PUBLICATION, $slimRequest->getParsedBody());
683  $params['id'] = $publication->getId();
684 
685  // Don't allow the status to be modified through the API. The `/publish` and /unpublish endpoints
686  // should be used instead.
687  if (array_key_exists('status', $params)) {
688  return $response->withStatus(403)->withJsonError('api.publication.403.cantEditStatus');
689  }
690 
691  $submissionContext = $request->getContext();
692  if (!$submissionContext || $submissionContext->getId() !== $submission->getData('contextId')) {
693  $submissionContext = Services::get('context')->get($submission->getData('contextId'));
694  }
695  $primaryLocale = $publication->getData('locale');
696  $allowedLocales = $submissionContext->getData('supportedSubmissionLocales');
697 
698  $errors = Services::get('publication')->validate(VALIDATE_ACTION_EDIT, $params, $allowedLocales, $primaryLocale);
699 
700  if (!empty($errors)) {
701  return $response->withStatus(400)->withJson($errors);
702  }
703 
704  $publication = Services::get('publication')->edit($publication, $params, $request);
705  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
706 
707  $publicationProps = Services::get('publication')->getFullProperties(
708  $publication,
709  [
710  'request' => $request,
711  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
712  ]
713  );
714 
715  return $response->withJson($publicationProps, 200);
716  }
717 
730  public function publishPublication($slimRequest, $response, $args) {
731  $request = $this->getRequest();
732  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
733  $publication = Services::get('publication')->get((int) $args['publicationId']);
734 
735  if (!$publication) {
736  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
737  }
738 
739  if ($submission->getId() !== $publication->getData('submissionId')) {
740  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
741  }
742 
743  if ($publication->getData('status') === STATUS_PUBLISHED) {
744  return $response->withStatus(403)->withJsonError('api.publication.403.alreadyPublished');
745  }
746 
747  AppLocale::requireComponents(LOCALE_COMPONENT_PKP_SUBMISSION, LOCALE_COMPONENT_APP_SUBMISSION);
748 
749  $submissionContext = $request->getContext();
750  if (!$submissionContext || $submissionContext->getId() !== $submission->getData('contextId')) {
751  $submissionContext = Services::get('context')->get($submission->getData('contextId'));
752  }
753  $primaryLocale = $submission->getData('locale');
754  $allowedLocales = $submissionContext->getData('supportedSubmissionLocales');
755 
756  $errors = Services::get('publication')->validatePublish($publication, $submission, $allowedLocales, $primaryLocale);
757 
758  if (!empty($errors)) {
759  return $response->withStatus(400)->withJson($errors);
760  }
761 
762  $publication = Services::get('publication')->publish($publication);
763  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
764 
765  $publicationProps = Services::get('publication')->getFullProperties(
766  $publication,
767  [
768  'request' => $request,
769  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
770  ]
771  );
772 
773  return $response->withJson($publicationProps, 200);
774  }
775 
784  public function unpublishPublication($slimRequest, $response, $args) {
785  $request = $this->getRequest();
786  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
787  $publication = Services::get('publication')->get((int) $args['publicationId']);
788 
789  if (!$publication) {
790  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
791  }
792 
793  if ($submission->getId() !== $publication->getData('submissionId')) {
794  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
795  }
796 
797  if (!in_array($publication->getData('status'), [STATUS_PUBLISHED, STATUS_SCHEDULED])) {
798  return $response->withStatus(403)->withJsonError('api.publication.403.alreadyUnpublished');
799  }
800 
801  $publication = Services::get('publication')->unpublish($publication);
802  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
803 
804  $publicationProps = Services::get('publication')->getFullProperties(
805  $publication,
806  [
807  'request' => $request,
808  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
809  ]
810  );
811 
812  return $response->withJson($publicationProps, 200);
813  }
814 
826  public function deletePublication($slimRequest, $response, $args) {
827  $request = $this->getRequest();
828  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
829  $publication = Services::get('publication')->get((int) $args['publicationId']);
830 
831  if (!$publication) {
832  return $response->withStatus(404)->withJsonError('api.404.resourceNotFound');
833  }
834 
835  if ($submission->getId() !== $publication->getData('submissionId')) {
836  return $response->withStatus(403)->withJsonError('api.publications.403.submissionsDidNotMatch');
837  }
838 
839  if ($publication->getData('status') === STATUS_PUBLISHED) {
840  return $response->withStatus(403)->withJsonError('api.publication.403.cantDeletePublished');
841  }
842 
843  $userGroupDao = DAORegistry::getDAO('UserGroupDAO'); /* @var $userGroupDao UserGroupDAO */
844  $publicationProps = Services::get('publication')->getFullProperties(
845  $publication,
846  [
847  'request' => $request,
848  'userGroups' => $userGroupDao->getByContextId($submission->getData('contextId'))->toArray(),
849  ]
850  );
851 
852  Services::get('publication')->delete($publication);
853 
854  return $response->withJson($publicationProps, 200);
855  }
856 }
AppLocale\requireComponents
static requireComponents()
Definition: env1/MockAppLocale.inc.php:56
ContextAccessPolicy
Class to control access to PKP applications' setup components.
Definition: ContextAccessPolicy.inc.php:17
DAORegistry\getDAO
static & getDAO($name, $dbconn=null)
Definition: DAORegistry.inc.php:57
PKPSubmissionHandler\addPublication
addPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:554
PKPSubmissionHandler\add
add($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:307
PKPSubmissionHandler\__construct
__construct()
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:25
PKPSubmissionHandler\deletePublication
deletePublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:826
PKPSubmissionHandler\getParticipants
getParticipants($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:431
PKPSubmissionHandler\edit
edit($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:350
PKPSubmissionHandler
Base handler for submission requests.
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:20
APIHandler\getSlimRequest
getSlimRequest()
Definition: APIHandler.inc.php:158
PKPSubmissionHandler\versionPublication
versionPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:603
PKPSubmissionHandler\getMany
getMany($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:173
PublicationWritePolicy
Class to permit or deny write functions (add/edit) on a publication.
Definition: PublicationWritePolicy.inc.php:19
APIHandler
Base request API handler.
Definition: APIHandler.inc.php:22
PKPSubmissionHandler\editPublication
editPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:657
PKPSubmissionHandler\getPublications
getPublications($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:472
StageRolePolicy
Class to check if the user has an assigned role on a specific submission stage. Optionally deny autho...
Definition: StageRolePolicy.inc.php:19
PKPSubmissionHandler\authorize
authorize($request, &$args, $roleAssignments)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:118
PKPHandler\getAuthorizedContextObject
& getAuthorizedContextObject($assocType)
Definition: PKPHandler.inc.php:174
PKPSubmissionHandler\unpublishPublication
unpublishPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:784
APIHandler\convertStringsToSchema
convertStringsToSchema($schema, $params)
Definition: APIHandler.inc.php:281
NotificationManager
Definition: NotificationManager.inc.php:19
PKPSubmissionHandler\getPublication
getPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:517
PKPApplication\get
static get()
Definition: PKPApplication.inc.php:235
APIHandler\getRequest
getRequest()
Definition: APIHandler.inc.php:149
SubmissionAccessPolicy
Base class to control (write) access to submissions and (read) access to submission details in OMP.
Definition: SubmissionAccessPolicy.inc.php:19
PKPHandler\addPolicy
addPolicy($authorizationPolicy, $addToTop=false)
Definition: PKPHandler.inc.php:157
APIHandler\getEndpointPattern
getEndpointPattern()
Definition: APIHandler.inc.php:186
HookRegistry\call
static call($hookName, $args=null)
Definition: HookRegistry.inc.php:86
PKPServices\get
static get($service)
Definition: PKPServices.inc.php:49
PKPSubmissionHandler\publishPublication
publishPublication($slimRequest, $response, $args)
Definition: api/v1/submissions/PKPSubmissionHandler.inc.php:730