updated WPS p5:getRelations

SE/se-lib/Api/Process/P5/GetRelations.php

@@ -1,6 +1,7 @@
 <?php
 
 Lib::loadClass('Relations');
+Lib::loadClass('Http');
 
 class Api_Process_P5_GetRelations { // TODO: extends Api_ProcessBase
 
@@ -12,10 +13,16 @@ class Api_Process_P5_GetRelations { // TODO: extends Api_ProcessBase
 		$remoteTypeName = (!empty($args['remoteTypeName'][0])) ? $args['remoteTypeName'][0] : '';
 		if (!$remoteTypeName) throw new Api_OwsException("Missing value for 'remoteTypeName'", 501, null, 'MissingParameterValue', 'request');
 
-		if (!Relations::isAllowedToGetRelation($userLogin, $typeName, $primaryKey, $remoteTypeName)) {
-			throw new Api_OwsException("User is not allowed to view relations from '{$typeName}.{$primaryKey}' to '{$remoteTypeName}' ", 501, null, 'AccessDenied', 'request');
+		try {
+			Relations::isAllowedToGetRelation($userLogin = User::getLogin(), $typeName, $primaryKey, $remoteTypeName);
+			$listRelations = Relations::getRelations($typeName, $primaryKey, $remoteTypeName);
+		} catch (HttpException $e) {
+			DBG::log($e);
+			throw new Api_OwsException($e->getMessage(), $e->getCode(), null, Http::getStatusText($e->getCode()), 'request');
+		} catch (Exception $e) {
+			DBG::log($e);
+			throw new Api_OwsException("User is not allowed to read relations from '{$typeName}.{$primaryKey}' to '{$remoteTypeName}'.\n" . $e->getMessage(), 501, null, 'AccessDenied', 'request');
 		}
-		$listRelations = Relations::getRelations($typeName, $primaryKey);
 
 		header('Content-Type: application/json');
 		echo json_encode([

SE/se-lib/Http.php

@@ -72,7 +72,7 @@ class Http {
 
 	/**
 	 * @param $code
-	 * 
+	 *
 	 * examples:
 	 *   404 -> HTTP/1.0 404 Not Found
 	 *   403 -> HTTP/1.0 403 Forbidden
@@ -83,4 +83,9 @@ class Http {
 		}
 	}
 
+	public static function getStatusText($code) {
+		if (!array_key_exists($code, self::$statusTexts)) throw new Exception("Not implemented http status code '{$code}'");
+		return self::$statusTexts[$code];
+	}
+
 }

SE/se-lib/Relations.php

@@ -6,20 +6,29 @@ Lib::loadClass('Api_WfsNs');
 class Relations {
 
 	static function isAllowedToCreateRelation($userLogin, $typeName, $primaryKey, $remoteTypeName) {
+		DBG::log("TODO: Relations::isAllowedToCreateRelation()...");
 		return false;
 	}
 
 	static function isAllowedToGetRelation($userLogin, $typeName, $primaryKey, $remoteTypeName) {
-		return false;
+		if ($userLogin !== User::getLogin()) throw new Exception("Not Implemented - isAllowedToGetRelation for another user");
+		$acl = ACL::getAclByNamespace( Api_WfsNs::toNamespace($typeName) );
+		if (!$acl->hasField($remoteTypeName)) throw new Exception("Missing field in given object. Field '{$remoteTypeName}' not exists in '{$typeName}'");
+		if (!$acl->canReadField($remoteTypeName)) throw new HttpException("Forbidden reading relations from {$typeName} to {$remoteTypeName} ", 403);
+		$item = $acl->getItem($primaryKey);
+		if (!$item) throw new HttpException("Object not found {$typeName}.{$primaryKey}", 404);
+		if (!$acl->canReadObjectField($remoteTypeName, $item)) throw new HttpException("Forbidden reading relations from {$typeName}.{$primaryKey} to {$remoteTypeName} ", 403);
+		return true;
 	}
 
 	static function isAllowedToDeleteRelation($userLogin, $typeName, $primaryKey, $remoteTypeName) {
+		DBG::log("TODO: Relations::isAllowedToDeleteRelation()...");
 		return false;
 	}
 
-	static function getRelations($typeName, $primaryKey) {
-		$acl = ACL::getAclByNamespace( Api_WfsNs::toNamespace($typeName) );
-		throw new Exception("TODO: Relations::getRelations");
+	static function getRelations($typeName, $primaryKey, $remoteTypeName) {
+		$namespace = Api_WfsNs::toNamespace($typeName);
+		return ACL::fetchRefs($namespace, $primaryKey, $remoteTypeName);
 	}
 
 	static function createRelations($typeName, $primaryKey, $remoteTypeName, $listRemotePrimaryKeys) {
@@ -29,7 +38,7 @@ class Relations {
 
 	static function deleteRelations($typeName, $primaryKey, $remoteTypeName, $listRemotePrimaryKeys) {
 		$acl = ACL::getAclByNamespace( Api_WfsNs::toNamespace($typeName) );
-		throw new Exception("TODO: Relations::getRelations");
+		throw new Exception("TODO: Relations::deleteRelations");
 	}
 
 }