From 5ef2495ee35235d8786952e30bbfd40fa799e1c6 Mon Sep 17 00:00:00 2001
From: Dmitriy Simushev <simushevds@ossg.ru>
Date: Tue, 20 May 2014 09:22:44 +0000
Subject: [PATCH] Replace "operator/cannededit.php" with a controller

---
 .../Controller/CannedMessageController.php    | 170 +++++++++++++++++-
 src/mibew/libs/routing.yml                    |  41 ++++-
 src/mibew/operator/cannededit.php             |  84 ---------
 .../server_side/canned_message.handlebars     |   8 +-
 ...dlebars => canned_message_edit.handlebars} |   2 +-
 5 files changed, 206 insertions(+), 99 deletions(-)
 delete mode 100644 src/mibew/operator/cannededit.php
 rename src/mibew/styles/pages/default/templates_src/server_side/{canned_edit.handlebars => canned_message_edit.handlebars} (95%)

diff --git a/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php b/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php
index 3d90fd94..cbce07b2 100644
--- a/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php
@@ -51,26 +51,21 @@ class CannedMessageController extends AbstractController
         }
         $page['locales'] = $locales_with_label;
 
-        $lang = $request->query->get('lang');
-        $correct_locale = $lang
-            && preg_match("/^[\w-]{2,5}$/", $lang)
-            && in_array($lang, $all_locales);
-        if (!$correct_locale) {
+        $lang = $this->extractLocale($request);
+        if (!$lang) {
             $lang = in_array(CURRENT_LOCALE, $all_locales)
                 ? CURRENT_LOCALE
                 : $all_locales[0];
         }
 
         // Get selected group ID, if any.
-        $group_id = $request->query->get('group');
-        if ($group_id && preg_match("/^\d{0,8}$/", $group_id)) {
+        $group_id = $this->extractGroupId($request);
+        if ($group_id) {
             $group = group_by_id($group_id);
             if (!$group) {
                 $page['errors'][] = getlocal('page.group.no_such');
                 $group_id = false;
             }
-        } else {
-            $group_id = false;
         }
 
         $all_groups = in_isolation($operator)
@@ -136,4 +131,161 @@ class CannedMessageController extends AbstractController
 
         return $this->redirect($this->generateUrl('canned_message', $parameters));
     }
+
+    /**
+     * Handles "canned_message_add" and "canned_message_edit" routes.
+     *
+     * Builds a page with form for add/edit canned message.
+     *
+     * @param Request $request
+     * @return string Rendered page content
+     */
+    public function showEditFormAction(Request $request)
+    {
+        set_csrf_token();
+
+        $operator = $request->attributes->get('_operator');
+        $message_id = $request->attributes->get('message_id', false);
+        $page = array(
+            // Use errors list stored in the request. We need to do so to have
+            // an ability to pass the request from the "save" action.
+            'errors' => $request->attributes->get('errors', array()),
+        );
+
+        if ($message_id) {
+            // Load existing message
+            $canned_message = load_canned_message($message_id);
+            if (!$canned_message) {
+                $page['errors'][] = getlocal('cannededit.no_such');
+                $message_id = false;
+            } else {
+                $title = $canned_message['vctitle'];
+                $message = $canned_message['vcvalue'];
+            }
+        } else {
+            // Create new message
+            $message = '';
+            $title = '';
+            $page['locale'] = $this->extractLocale($request);
+            $page['groupid'] = $this->extractGroupId($request);
+        }
+
+        // Override message's fields from the request if it's needed. This
+        // case will take place when save handler fails.
+        if ($request->request->has('title')) {
+            $title = $request->request->get('title');
+        }
+        if ($request->request->has('message')) {
+            $message = $request->request->get('message');
+        }
+
+        $page['saved'] = false;
+        $page['key'] = $message_id;
+        $page['formtitle'] = $title;
+        $page['formmessage'] = $message;
+        $page['formaction'] = $request->getBaseUrl() . $request->getPathInfo();
+        $page['title'] = empty($message_id)
+            ? getlocal('cannednew.title')
+            : getlocal('cannededit.title');
+        $page = array_merge($page, prepare_menu($operator, false));
+
+        return $this->render('canned_message_edit', $page);
+    }
+
+    /**
+     * Handles "canned_message_add_save" and "canned_message_edit_save" routes.
+     *
+     * The action processes submitting of the forms which are generated in
+     * "canned_message_add" and "canned_message_edit" routes (see
+     * {@link \Mibew\Controller\CannedMessageController::showEditForm()} for
+     * details).
+     *
+     * @param Request $request
+     * @return string Rendered page content
+     */
+    public function saveAction(Request $request)
+    {
+        csrf_check_token($request);
+
+        $operator = $request->attributes->get('_operator');
+        $message_id = $request->request->get('key');
+        $errors = array();
+
+        $title = $request->request->get('title');
+        if (!$title) {
+            $errors[] = no_field("form.field.title");
+        }
+
+        $message = $request->request->get('message');
+        if (!$message) {
+            $errors[] = no_field("form.field.message");
+        }
+
+        if (count($errors) != 0) {
+            $request->attributes->set('errors', $errors);
+
+            // The form should be rebuild. Invoke appropriate action.
+            return $this->showEditFormAction($request);
+        }
+
+        if ($message_id) {
+            save_canned_message($message_id, $title, $message);
+        } else {
+            $locale = $this->extractLocale($request);
+            $group_id = $this->extractGroupId($request);
+            add_canned_message($locale, $group_id, $title, $message);
+        }
+        $page['saved'] = true;
+        $page = array_merge($page, prepare_menu($operator, false));
+
+        return $this->render('canned_message_edit', $page);
+    }
+
+    /**
+     * Extracts locale code from the request.
+     *
+     * @param Request $request
+     * @return string|boolean Locale code or boolean false if the code cannot be
+     * extracted.
+     */
+    protected function extractLocale(Request $request)
+    {
+        $lang = $request->isMethod('POST')
+            ? $request->request->get('lang')
+            : $request->query->get('lang');
+
+        $all_locales = get_available_locales();
+        $correct_locale = !empty($lang)
+            && preg_match("/^[\w-]{2,5}$/", $lang)
+            && in_array($lang, $all_locales);
+        if (!$correct_locale) {
+            return false;
+        }
+
+        return $lang;
+    }
+
+    /**
+     * Extracts group ID from the request.
+     *
+     * @param Request $request
+     * @return string|boolean Group ID or boolean false if the ID cannot be
+     * extracted.
+     */
+    protected function extractGroupId(Request $request)
+    {
+        $group_id = $request->isMethod('POST')
+            ? $request->request->get('group')
+            : $request->query->get('group');
+
+        if (!$group_id) {
+            return false;
+        }
+
+        if (!preg_match("/^\d{0,10}$/", $group_id)) {
+            return false;
+        }
+
+        return $group_id;
+    }
 }
diff --git a/src/mibew/libs/routing.yml b/src/mibew/libs/routing.yml
index 3bc888f5..6350f132 100644
--- a/src/mibew/libs/routing.yml
+++ b/src/mibew/libs/routing.yml
@@ -12,20 +12,55 @@ widget_gateway:
     defaults: { _controller: Mibew\Controller\WidgetController::indexAction }
 
 # Operators' pages
+
+## Canned messages
 canned_message:
     path: /operator/canned-message
     defaults:
         _controller: Mibew\Controller\CannedMessageController::indexAction
         _access_check: Mibew\AccessControl\Check\LoggedInCheck
 
+canned_message_add:
+    path: /operator/canned-message/add
+    defaults:
+        _controller: Mibew\Controller\CannedMessageController::showEditFormAction
+        _access_check: Mibew\AccessControl\Check\LoggedInCheck
+    methods: [GET]
+
+canned_message_add_save:
+    path: /operator/canned-message/add
+    defaults:
+        _controller: Mibew\Controller\CannedMessageController::saveAction
+        _access_check: Mibew\AccessControl\Check\LoggedInCheck
+    methods: [POST]
+
 canned_message_delete:
     path: /operator/canned-message/{message_id}/delete
     defaults:
         _controller: Mibew\Controller\CannedMessageController::deleteAction
         _access_check: Mibew\AccessControl\Check\LoggedInCheck
     requirements:
-        message_id: \d+
+        message_id: \d{0,10}
 
+canned_message_edit:
+    path: /operator/canned-message/{message_id}/edit
+    defaults:
+        _controller: Mibew\Controller\CannedMessageController::showEditFormAction
+        _access_check: Mibew\AccessControl\Check\LoggedInCheck
+    requirements:
+        message_id: \d{0,10}
+    methods: [GET]
+
+canned_message_edit_save:
+    path: /operator/canned-message/{message_id}/edit
+    defaults:
+        _controller: Mibew\Controller\CannedMessageController::saveAction
+        _access_check: Mibew\AccessControl\Check\LoggedInCheck
+    requirements:
+        message_id: \d{0,10}
+    methods: [POST]
+
+## History
 history:
     path: /operator/history
     defaults:
@@ -54,6 +89,7 @@ history_user_track:
         _controller: Mibew\Controller\HistoryController::userTrackAction
         _access_check: Mibew\AccessControl\Check\LoggedInCheck
 
+## Password recovery
 password_recovery:
     path: /operator/password-recovery
     defaults:
@@ -64,6 +100,7 @@ password_recovery_reset:
     defaults:
         _controller: Mibew\Controller\PasswordRecoveryController::resetAction
 
+## Statistics
 statistics:
     path: /operator/statistics/{type}
     defaults:
@@ -73,12 +110,14 @@ statistics:
     requirements:
         type: by-date|by-operator|by-page
 
+## Updates
 updates:
     path: /operator/updates
     defaults:
         _controller: Mibew\Controller\UpdatesController::indexAction
         _access_check: Mibew\AccessControl\Check\LoggedInCheck
 
+## Users (visitors avaiting page)
 users:
     path: /operator/users
     defaults:
diff --git a/src/mibew/operator/cannededit.php b/src/mibew/operator/cannededit.php
deleted file mode 100644
index 2c673530..00000000
--- a/src/mibew/operator/cannededit.php
+++ /dev/null
@@ -1,84 +0,0 @@
-<?php
-/*
- * Copyright 2005-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-// Import namespaces and classes of the core
-use Mibew\Style\PageStyle;
-
-// Initialize libraries
-require_once(dirname(dirname(__FILE__)) . '/libs/init.php');
-
-$operator = check_login();
-csrf_check_token();
-
-$string_id = verify_param("key", "/^\d{0,9}$/", "");
-
-$page = array(
-    'errors' => array(),
-);
-
-$page_style = new PageStyle(PageStyle::getCurrentStyle());
-
-if ($string_id) {
-    $canned_message = load_canned_message($string_id);
-    if (!$canned_message) {
-        $page['errors'][] = getlocal("cannededit.no_such");
-        $string_id = "";
-    } else {
-        $title = $canned_message['vctitle'];
-        $message = $canned_message['vcvalue'];
-    }
-} else {
-    $message = '';
-    $title = '';
-    $page['locale'] = verify_param("lang", "/^[\w-]{2,5}$/", "");
-    $page['groupid'] = "";
-    $page['groupid'] = verify_param("group", "/^\d{0,8}$/");
-}
-
-if (isset($_POST['message']) && isset($_POST['title'])) {
-    $title = get_param('title');
-    if (!$title) {
-        $page['errors'][] = no_field("form.field.title");
-    }
-
-    $message = get_param('message');
-    if (!$message) {
-        $page['errors'][] = no_field("form.field.message");
-    }
-
-    if (count($page['errors']) == 0) {
-        if ($string_id) {
-            save_canned_message($string_id, $title, $message);
-        } else {
-            add_canned_message($page['locale'], $page['groupid'], $title, $message);
-        }
-        $page['saved'] = true;
-        $page = array_merge($page, prepare_menu($operator, false));
-        $page_style->render('canned_edit', $page);
-        exit;
-    }
-}
-
-$page['saved'] = false;
-$page['key'] = $string_id;
-$page['formtitle'] = $title;
-$page['formmessage'] = $message;
-$page['title'] = empty($string_id) ? getlocal("cannednew.title") : getlocal("cannededit.title");
-
-$page = array_merge($page, prepare_menu($operator, false));
-
-$page_style->render('canned_edit', $page);
diff --git a/src/mibew/styles/pages/default/templates_src/server_side/canned_message.handlebars b/src/mibew/styles/pages/default/templates_src/server_side/canned_message.handlebars
index 7be8bb25..bbfc217f 100644
--- a/src/mibew/styles/pages/default/templates_src/server_side/canned_message.handlebars
+++ b/src/mibew/styles/pages/default/templates_src/server_side/canned_message.handlebars
@@ -46,8 +46,8 @@
 
         <div class="tabletool">
             <img src="{{stylePath}}/images/buttons/createban.gif" border="0" alt=""/>
-            <a href="{{mibewRoot}}/operator/cannededit.php?lang={{formlang}}&amp;group={{formgroup}}" target="_blank"
-                        onclick="this.newWindow = window.open('{{mibewRoot}}/operator/cannededit.php?lang={{formlang}}&amp;group={{formgroup}}', '', 'toolbar=0,scrollbars=1,location=0,status=1,menubar=0,width=640,height=480,resizable=1');this.newWindow.focus();this.newWindow.opener=window;return false;">
+            <a href="{{mibewRoot}}/operator/canned-message/add?lang={{formlang}}&amp;group={{formgroup}}" target="_blank"
+                        onclick="this.newWindow = window.open('{{mibewRoot}}/operator/canned-message/add?lang={{formlang}}&amp;group={{formgroup}}', '', 'toolbar=0,scrollbars=1,location=0,status=1,menubar=0,width=640,height=480,resizable=1');this.newWindow.focus();this.newWindow.opener=window;return false;">
                 {{l10n "canned.add"}}
             </a>
         </div>
@@ -72,8 +72,8 @@
                             {{#replace "\n" "<br/>"}}{{vcvalue}}{{/replace}}
                         </td>
                         <td>
-                            <a href="{{../mibewRoot}}/operator/cannededit.php?key={{id}}" target="_blank"
-                                onclick="this.newWindow = window.open('{{../mibewRoot}}/operator/cannededit.php?key={{id}}', '', 'toolbar=0,scrollbars=1,location=0,status=1,menubar=0,width=640,height=480,resizable=1');this.newWindow.focus();this.newWindow.opener=window;return false;">{{l10n "canned.actions.edit"}}</a>,
+                            <a href="{{../mibewRoot}}/operator/canned-message/{{id}}/edit" target="_blank"
+                                onclick="this.newWindow = window.open('{{../mibewRoot}}/operator/canned-message/{{id}}/edit', '', 'toolbar=0,scrollbars=1,location=0,status=1,menubar=0,width=640,height=480,resizable=1');this.newWindow.focus();this.newWindow.opener=window;return false;">{{l10n "canned.actions.edit"}}</a>,
                             <a href="{{../mibewRoot}}/operator/canned-message/{{id}}/delete?lang={{../formlang}}&amp;group={{../formgroup}}{{csrfTokenInUrl}}">{{l10n "canned.actions.del"}}</a>
                         </td>
                     </tr>
diff --git a/src/mibew/styles/pages/default/templates_src/server_side/canned_edit.handlebars b/src/mibew/styles/pages/default/templates_src/server_side/canned_message_edit.handlebars
similarity index 95%
rename from src/mibew/styles/pages/default/templates_src/server_side/canned_edit.handlebars
rename to src/mibew/styles/pages/default/templates_src/server_side/canned_message_edit.handlebars
index c06f1e59..3e92b5a1 100644
--- a/src/mibew/styles/pages/default/templates_src/server_side/canned_edit.handlebars
+++ b/src/mibew/styles/pages/default/templates_src/server_side/canned_message_edit.handlebars
@@ -20,7 +20,7 @@
 
             {{> _errors}}
 
-            <form name="cannedForm" method="post" action="{{mibewRoot}}/operator/cannededit.php">
+            <form name="cannedForm" method="post" action="{{formaction}}">
                 {{csrfTokenInput}}
                 <input type="hidden" name="key" value="{{key}}"/>