Skip to content

Commit

Permalink
WIP: FieldOrcid work
Browse files Browse the repository at this point in the history
  • Loading branch information
@ewhanson
ewhanson committed May 1, 2024
1 parent 54bb428 commit 7c443a0
Show file tree
Hide file tree
Showing 3 changed files with 198 additions and 1 deletion.
177 changes: 177 additions & 0 deletions api/v1/orcid/OrcidController.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,177 @@
<?php

/**
* @file api/v1/dois/OrcidController.php
*
* Copyright (c) 2024 Simon Fraser University
* Copyright (c) 2024 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class OrcidController
*
* @ingroup api_v1_orcid
*
* @brief Handle API requests for ORCID operations.
*
*/

namespace APP\API\v1\orcid;

use APP\facades\Repo;
use APP\orcid\actions\SendAuthorMail;
use APP\orcid\OrcidManager;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Http\Response;
use Illuminate\Support\Facades\Route;
use PKP\core\PKPBaseController;
use PKP\security\Role;
use PKP\stageAssignment\StageAssignment;

class OrcidController extends PKPBaseController
{
/**
* @inheritDoc
*/
public function getHandlerPath(): string
{
return 'orcid';
}

/**
* @inheritDoc
*/
public function getRouteGroupMiddleware(): array
{
return [
'has.user',
'has.context',
self::roleAuthorizer([
Role::ROLE_ID_SITE_ADMIN,
Role::ROLE_ID_MANAGER,
Role::ROLE_ID_SUB_EDITOR,
]),
];
}

/**
* @inheritDoc
*/
public function getGroupRoutes(): void
{
Route::post('requestAuthorVerification/{authorId}', $this->requestAuthorVerification(...))
->name('orcid.requestAuthorVerification');
Route::post('deleteForAuthor/{authorId}', $this->deleteForAuthor(...))
->name('orcid.delete');
}

/**
* Send email request for author to link their ORCID to the submission in OJS
*
*/
public function requestAuthorVerification(Request $illuminateRequest): JsonResponse
{
$context = $this->getRequest()->getContext();
if (!OrcidManager::isEnabled($context)) {
return response()->json([
'error' => __('api.orcid.403.orcidNotEnabled'),
], Response::HTTP_FORBIDDEN);
}

$authorId = (int) $illuminateRequest->route('authorId');
$author = Repo::author()->get($authorId);

if (empty($author)) {
return response()->json([
'error' => __('api.orcid.404.authorNotFound'),
], Response::HTTP_NOT_FOUND);
}

$user = $this->getRequest()->getUser();
$currentRoles = array_map(
function (Role $role) {
return $role->getId();
},
$user->getRoles($context->getId())
);

if (!array_intersect([Role::ROLE_ID_SITE_ADMIN, Role::ROLE_ID_MANAGER], $currentRoles)) {
$publicationId = $author->getData('publicationId');
$submissionId = Repo::publication()->get($publicationId)->getData('submissionId');

$editorAssignment = StageAssignment::withSubmissionIds([$submissionId])
->withRoleIds([Role::ROLE_ID_SUB_EDITOR])
->withUserId($user->getId())
->first();

if ($editorAssignment === null) {
return response()->json([
'error' => __('api.orcid.403.editWithoutPermission'),
], Response::HTTP_FORBIDDEN);
}
}

try {
(new SendAuthorMail($author, $context, true))->execute();
} catch (\Exception $exception) {
return response()->json([
'error' => __('api.orcid.404.contextRequired'),
], Response::HTTP_NOT_FOUND);
}

return response()->json([], Response::HTTP_OK);
}

/**
* Remove ORCID and access token data from submission author
*
*/
public function deleteForAuthor(Request $illuminateRequest): JsonResponse
{
$context = $this->getRequest()->getContext();
if (!OrcidManager::isEnabled($context)) {
return response()->json([
'error' => __('api.orcid.403.orcidNotEnabled'),
], Response::HTTP_FORBIDDEN);
}

$authorId = (int) $illuminateRequest->route('authorId');
$author = Repo::author()->get($authorId);

if (empty($author)) {
return response()->json([
'error' => __('api.orcid.404.authorNotFound'),
], Response::HTTP_NOT_FOUND);
}

$user = $this->getRequest()->getUser();
$currentRoles = array_map(
function (Role $role) {
return $role->getId();
},
$user->getRoles($context->getId())
);

if (!array_intersect([Role::ROLE_ID_SITE_ADMIN, Role::ROLE_ID_MANAGER], $currentRoles)) {
$publicationId = $author->getData('publicationId');
$submissionId = Repo::publication()->get($publicationId)->getData('submissionId');

$editorAssignment = StageAssignment::withSubmissionIds([$submissionId])
->withRoleIds([Role::ROLE_ID_SUB_EDITOR])
->withUserId($user->getId())
->first();

if ($editorAssignment === null) {
return response()->json([
'error' => __('api.orcid.403.editWithoutPermission'),
], Response::HTTP_FORBIDDEN);
}
}

$author->setOrcid(null);
OrcidManager::removeOrcidAccessToken($author);
Repo::author()->edit($author, []);

return response()->json([], Response::HTTP_OK);
}
}
20 changes: 20 additions & 0 deletions api/v1/orcid/index.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<?php

/**
* @defgroup api_v1_orcid ORCID API requests
*/

/**
* @file api/v1/orcid/index.php
*
* Copyright (c) 2024 Simon Fraser University
* Copyright (c) 2024 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @ingroup api_v1_orcid
*
* @brief Handle requests for ORCID API functions.
*
*/

return new \PKP\handler\APIHandler(new \APP\API\v1\orcid\OrcidController());
2 changes: 1 addition & 1 deletion classes/orcid/OrcidManager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ class OrcidManager
public static function isGloballyConfigured(): bool
{
$site = Application::get()->getRequest()->getSite();
return $site->getData(self::ENABLED);
return (bool) $site->getData(self::ENABLED);
}

/**
Expand Down

0 comments on commit 7c443a0

Please sign in to comment.