WCF/wcfsetup/install/files/lib/action/AbstractModerationAction.class.php at 2553fc40857367cf448aff02c4a6b67b88e8b514 · WoltLab/WCF · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php

namespace wcf\action;

use Laminas\Diactoros\Response\JsonResponse;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use wcf\data\moderation\queue\ModerationQueue;
use wcf\data\moderation\queue\ModerationQueueList;
use wcf\http\Helper;
use wcf\system\exception\IllegalLinkException;
use wcf\system\exception\PermissionDeniedException;
use wcf\system\form\builder\Psr15DialogForm;

/**
 * @author      Olaf Braun
 * @copyright   2001-2025 WoltLab GmbH
 * @license     GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 * @since       6.2
 *
 * @phpstan-type PerformActionResult array{
 *  result: array{
 *      assignee: ?array{
 *          username: string,
 *          userID: int,
 *          link: string,
 *      },
 *      status: string,
 *  }
 * }
 */
abstract class AbstractModerationAction implements RequestHandlerInterface
{
    #[\Override]
    public function handle(ServerRequestInterface $request): ResponseInterface
    {
        $parameters = Helper::mapQueryParameters(
            $request->getQueryParams(),
            <<<'EOT'
                array {
                    id?: positive-int,
                    ids?: positive-int[]
                }
                EOT
        );

        if (!isset($parameters['id']) && !isset($parameters['ids'])) {
            throw new IllegalLinkException();
        }

        $objectIDs = $parameters['ids'] ?? [$parameters['id']];
        $moderationList = new ModerationQueueList();
        $moderationList->setObjectIDs($objectIDs);
        $moderationList->readObjects();

        if ($moderationList->count() === 0) {
            throw new IllegalLinkException();
        }

        foreach ($moderationList as $queue) {
            $this->assertCanEditQueueEntry($queue);
        }

        $form = $this->getForm($moderationList->getObjects());

        if ($request->getMethod() === 'GET') {
            return $form->toResponse();
        } elseif ($request->getMethod() === 'POST') {
            $response = $form->validateRequest($request);
            if ($response !== null) {
                return $response;
            }

            $jsonResponse = [];
            foreach ($moderationList as $queue) {
                $jsonResponse = \array_merge($jsonResponse, $this->performAction($queue, $form));
            }

            return new JsonResponse($jsonResponse);
        } else {
            throw new \LogicException('Unreachable');
        }
    }

    protected function assertCanEditQueueEntry(ModerationQueue $queue): void
    {
        if (!$queue->canEdit()) {
            throw new PermissionDeniedException();
        }
    }

    /**
     * @param ModerationQueue[] $moderationQueues
     */
    abstract protected function getForm(array $moderationQueues): Psr15DialogForm;

    /**
     * @return PerformActionResult|array{}
     */
    abstract protected function performAction(ModerationQueue $queue, Psr15DialogForm $form): array;
}