in api added methods: document created and get profile with reports permission

backend/modules/document/views/template/create.php

@@ -1,7 +1,5 @@
 <?php
 
-use yii\helpers\Html;
-
 /* @var $this yii\web\View */
 /* @var $model backend\modules\document\models\Template */
 

common/models/Document.php

@@ -110,4 +110,13 @@ class Document extends \yii\db\ActiveRecord
     {
         return $this->hasMany(DocumentFieldValue::className(), ['document_id' => 'id']);
     }
+
+    public static function getDocument($document_id)
+    {
+        return self::find()
+            ->joinWith(['documentFieldValues.field'])
+            ->where(['document.id' => $document_id])
+            ->asArray()
+            ->all();
+    }
 }

common/models/Manager.php

@@ -4,6 +4,7 @@ namespace common\models;
 
 use Yii;
 use yii\db\ActiveQuery;
+use yii\db\StaleObjectException;
 
 /**
  * This is the model class for table "manager".
@@ -48,6 +49,10 @@ class Manager extends \yii\db\ActiveRecord
         ];
     }
 
+    /**
+     * @throws StaleObjectException
+     * @throws \Throwable
+     */
     public function beforeDelete()
     {
         foreach ($this->managerEmployees as $employee){

common/models/Template.php

@@ -120,16 +120,4 @@ class Template extends \yii\db\ActiveRecord
     {
         return $this->title;
     }
-
-//TODO no need, delete
-    public function getDocumentFields()
-    {
-        $fieldsArray = [];
-
-        foreach ($this->templateDocumentFields as $templateDocField) {
-            $fieldsArray[] = $templateDocField->field;
-        }
-
-        return $fieldsArray;
-    }
 }

common/services/ProfileService.php

@@ -0,0 +1,69 @@
+<?php
+
+namespace common\services;
+
+use common\models\Manager;
+use common\models\ManagerEmployee;
+
+class ProfileService
+{
+    private $searcherID;
+    private $id;
+
+    public function __construct($searcherID, $id)
+    {
+        $this->searcherID = $searcherID;
+        $this->id = $id;
+    }
+
+    public function checkReportePermission()
+    {
+        if ($this->isMyProfile() or $this->isMyEmployee()) {
+            return true;
+        }
+        return false;
+    }
+
+    private function isMyProfile()
+    {
+        if ($this->id === $this->searcherID) {
+            return true;
+        }
+        return false;
+    }
+
+    private function isMyEmployee()
+    {
+       if (!$this->amIManager()) {
+           return false;
+       }
+
+       if ($this->findEmploee()) {
+           return true;
+       }
+       return false;
+    }
+
+    private function amIManager()
+    {
+        if (Manager::findOne($this->searcherID)) {
+            return true;
+        }
+        return false;
+    }
+
+    private function findEmploee()
+    {
+        $exist = ManagerEmployee::find()
+            ->where(['manager_id' => $this->searcherID, 'user_card_id' => $this->id])
+            ->exists();
+
+        if ($exist) {
+            return true;
+        }
+        return false;
+    }
+
+
+
+}

frontend/modules/api/controllers/DocumentController.php

@@ -3,10 +3,16 @@
 namespace frontend\modules\api\controllers;
 
 use common\models\Document;
+use common\models\DocumentFieldValue;
+use common\models\Template;
+use common\models\TemplateDocumentField;
+use Exception;
 use Yii;
 use yii\filters\auth\HttpBearerAuth;
+use yii\web\BadRequestHttpException;
 use yii\web\NotFoundHttpException;
 use yii\rest\Controller;
+use yii\web\ServerErrorHttpException;
 
 class DocumentController extends Controller
 {
@@ -26,7 +32,7 @@ class DocumentController extends Controller
         return [
 //            'get-task' => ['get'],
             'get-document-list' => ['get'],
-//            'create-task' => ['post'],
+            'create-document' => ['post'],
 //            'update-task' => ['put', 'patch'],
         ];
     }
@@ -50,11 +56,7 @@ class DocumentController extends Controller
             throw new NotFoundHttpException('Incorrect document ID');
         }
 
-        $document = Document::find()
-        ->joinWith(['documentFieldValues.field'])
-        ->where(['document.id' => $document_id])
-        ->asArray()
-        ->all();
+        $document = Document::getDocument($document_id);
 
         if(empty($document)) {
             throw new NotFoundHttpException('There is no such document');
@@ -62,4 +64,60 @@ class DocumentController extends Controller
 
         return $document;
     }
+
+    public function actionCreateDocument()
+    {
+        $document = Yii::$app->getRequest()->getBodyParams();
+        $documentFieldValues = Yii::$app->getRequest()->getBodyParams()['documentFieldValues'];
+
+        $tmp =  TemplateDocumentField::find()->select('field_id')
+            ->where(['template_id' => 94])->asArray()->all();
+
+        $modelDocument = new Document();
+        if ($modelDocument->load($document, '') && $modelDocument->save()) {
+
+            try {
+                $this->createDocimentFields($documentFieldValues, $modelDocument->id, $modelDocument->template_id);
+            }
+            catch (ServerErrorHttpException $e) {
+                $modelDocument->delete();
+                throw new BadRequestHttpException(json_encode($e->getMessage()));
+            }
+        }
+        else {
+            throw new BadRequestHttpException(json_encode($modelDocument->errors));
+        }
+
+        Yii::$app->getResponse()->setStatusCode(201);
+        return  Document::getDocument($modelDocument->id);
+    }
+
+    private function createDocimentFields($documentFieldValues , $document_id, $template_id)
+    {
+        if (!empty($documentFieldValues)) {
+
+            $modelFieldsArray = array();
+
+            foreach ($documentFieldValues as $docFieldValue) {
+                $tmpModelField = new DocumentFieldValue();
+
+                if ($tmpModelField->load($docFieldValue, '')) {
+                    $modelFieldsArray[] = $tmpModelField;
+                }
+                else {
+                    throw new ServerErrorHttpException(
+                        'Failed to load document field value where modelField: field_id=' . $tmpModelField->field_id . ' value=' . $tmpModelField->value);
+                }
+            }
+
+            foreach ($modelFieldsArray as $modelField) {
+
+                $modelField->document_id = $document_id;
+                if (!$modelField->save()) {
+                    throw new ServerErrorHttpException(
+                        'Failed to save document field value where modelField: field_id=' . $modelField->field_id . ' value=' . $modelField->value);
+                }
+            }
+        }
+    }
 }

frontend/modules/api/controllers/ProfileController.php

@@ -6,6 +6,7 @@ use common\behaviors\GsCors;
 use common\classes\Debug;
 use common\models\InterviewRequest;
 use common\models\User;
+use common\services\ProfileService;
 use frontend\modules\api\models\ProfileSearchForm;
 use kavalar\BotNotificationTemplateProcessor;
 use kavalar\TelegramBotService;
@@ -13,6 +14,7 @@ use yii\filters\auth\CompositeAuth;
 use yii\filters\auth\HttpBearerAuth;
 use yii\filters\auth\QueryParamAuth;
 use yii\filters\ContentNegotiator;
+use yii\web\BadRequestHttpException;
 use yii\web\Response;
 
 class ProfileController extends ApiController
@@ -51,6 +53,27 @@ class ProfileController extends ApiController
         return $searchModel->byParams();
     }
 
+    public function actionProfileWithReportPermission($id, $searcherID)
+    {
+        $searchModel = new ProfileSearchForm();
+        $searchModel->attributes = \Yii::$app->request->get();
+
+        if ($id && $searcherID) {
+            $profile = $searchModel->byId();
+
+            $profileService = new ProfileService($searcherID, $id);
+            if($profileService->checkReportePermission()) {
+                $profile += ['report_permission' => '1'];
+            }
+            else {
+                $profile += ['report_permission' => '0'];
+            }
+            return $profile;
+        }
+
+        throw new BadRequestHttpException(json_encode('Missing required parameter'));
+    }
+
     public function actionAddToInterview()
     {
         if (\Yii::$app->request->isPost) {

frontend/modules/api/controllers/TemplateController.php

@@ -0,0 +1,64 @@
+<?php
+
+namespace frontend\modules\api\controllers;
+
+use common\models\Document;
+use common\models\Template;
+use Yii;
+use yii\filters\auth\HttpBearerAuth;
+use yii\web\NotFoundHttpException;
+use yii\rest\Controller;
+
+class TemplateController extends Controller
+{
+    public function behaviors(): array
+    {
+        $behaviors = parent::behaviors();
+
+        $behaviors['authenticator']['authMethods'] = [
+            HttpBearerAuth::className(),
+        ];
+
+        return $behaviors;
+    }
+
+    public function verbs(): array
+    {
+        return [
+            'get-template-list' => ['get'],
+            'get-template-fields' => ['get'],
+        ];
+    }
+
+    public function actionGetTemplateList(): array
+    {
+        $template = Template::find()->asArray()->all();
+
+        if(empty($template)) {
+            throw new NotFoundHttpException('Documents are not assigned');
+        }
+
+        return $template;
+    }
+
+    public function actionGetTemplateFields(): array
+    {
+        $template_id = Yii::$app->request->get('template_id');
+        if(empty($template_id) or !is_numeric($template_id))
+        {
+            throw new NotFoundHttpException('Incorrect template ID');
+        }
+
+        $templates = Template::find()
+            ->joinWith('templateDocumentFields.field')
+            ->where(['template.id' => $template_id])
+            ->asArray()
+            ->all();
+
+        if(empty($templates)) {
+            throw new NotFoundHttpException('Documents are not assigned');
+        }
+
+        return $templates;
+    }
+}