115 lines
3.5 KiB
PHP
115 lines
3.5 KiB
PHP
<?php
|
|
/***********************************************************************************
|
|
* The contents of this file are subject to the Extension License Agreement
|
|
* ("Agreement") which can be viewed at
|
|
* https://www.espocrm.com/extension-license-agreement/.
|
|
* By copying, installing downloading, or using this file, You have unconditionally
|
|
* agreed to the terms and conditions of the Agreement, and You may not use this
|
|
* file except in compliance with the Agreement. Under the terms of the Agreement,
|
|
* You shall not license, sublicense, sell, resell, rent, lease, lend, distribute,
|
|
* redistribute, market, publish, commercialize, or otherwise transfer rights or
|
|
* usage to the software or any modified version or derivative work of the software
|
|
* created by or for you.
|
|
*
|
|
* Copyright (C) 2015-2025 EspoCRM, Inc.
|
|
*
|
|
* License ID: 19bc86a68a7bb01f458cb391d43a9212
|
|
************************************************************************************/
|
|
|
|
namespace Espo\Modules\Advanced\Tools\Report\Api;
|
|
|
|
use Espo\Core\Acl;
|
|
use Espo\Core\Acl\Table as AclTable;
|
|
use Espo\Core\Api\Action;
|
|
use Espo\Core\Api\Request;
|
|
use Espo\Core\Api\Response;
|
|
use Espo\Core\Api\ResponseComposer;
|
|
use Espo\Core\Exceptions\BadRequest;
|
|
use Espo\Core\Exceptions\Forbidden;
|
|
use Espo\Core\Select\Where\Item as WhereItem;
|
|
use Espo\Core\Utils\Json;
|
|
use Espo\Entities\User;
|
|
use Espo\Modules\Advanced\Entities\Report;
|
|
use Espo\Modules\Advanced\Tools\Report\PreviewReportProvider;
|
|
use Espo\Modules\Advanced\Tools\Report\Service;
|
|
use JsonException;
|
|
use stdClass;
|
|
|
|
/**
|
|
* @noinspection PhpUnused
|
|
*/
|
|
class PostRunGridPreview implements Action
|
|
{
|
|
public function __construct(
|
|
private Service $service,
|
|
private Acl $acl,
|
|
private User $user,
|
|
private PreviewReportProvider $previewReportProvider,
|
|
) {}
|
|
|
|
public function process(Request $request): Response
|
|
{
|
|
$this->checkAccess();
|
|
|
|
$data = $this->fetchData($request);
|
|
$report = $this->previewReportProvider->get($data);
|
|
|
|
if (!in_array($report->getType(), [Report::TYPE_GRID, Report::TYPE_JOINT_GRID])) {
|
|
throw new BadRequest("Bad report type.");
|
|
}
|
|
|
|
$where = $request->getParsedBody()->where ?? null;
|
|
|
|
$whereItem = null;
|
|
|
|
if ($where) {
|
|
$whereItem = WhereItem::fromRawAndGroup(self::normalizeWhere($where));
|
|
}
|
|
|
|
// Passing the user is important.
|
|
$result = $this->service->reportRunGridOrJoint($report, $whereItem, $this->user);
|
|
|
|
return ResponseComposer::json($result->toRaw());
|
|
}
|
|
|
|
/**
|
|
* @throws BadRequest
|
|
*/
|
|
private function fetchData(Request $request): stdClass
|
|
{
|
|
$data = $request->getParsedBody()->data ?? null;
|
|
|
|
if (!$data instanceof stdClass) {
|
|
throw new BadRequest("No data.");
|
|
}
|
|
|
|
return $data;
|
|
}
|
|
|
|
/**
|
|
* @throws BadRequest
|
|
*/
|
|
private static function normalizeWhere(mixed $where): mixed
|
|
{
|
|
try {
|
|
return Json::decode(Json::encode($where), true);
|
|
} catch (JsonException) {
|
|
throw new BadRequest("Bad where");
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @throws Forbidden
|
|
*/
|
|
private function checkAccess(): void
|
|
{
|
|
if (!$this->acl->checkScope(Report::ENTITY_TYPE, AclTable::ACTION_CREATE)) {
|
|
throw new Forbidden("No 'create' access.");
|
|
}
|
|
|
|
if ($this->user->isPortal()) {
|
|
throw new Forbidden("No access from portal.");
|
|
}
|
|
}
|
|
}
|