fix academic#605

Mattlk13 · Jun 8, 2015 · a4b128e · a4b128e
1 parent 9fc29c9
commit a4b128e
Show file tree

Hide file tree

Showing 37 changed files with 255 additions and 414 deletions.
diff --git a/app/Resources/translations/messages.en.yml b/app/Resources/translations/messages.en.yml
@@ -504,7 +504,6 @@ fieldset: Fieldset
 optional: Optional 
 workflow.step.update: Update Workflow Update 
 role.plural: Roles
-ROLE_SUPER_ADMIN : System Super Administrator
 ROLE_JOURNAL_MANAGER : Journal Manager
 ROLE_SUBSCRIPTION_MANAGER : Subscription Manager
 ROLE_SECTION_EDITOR : Section Editor
@@ -1431,4 +1430,4 @@ full_file: "Full File"
 admin.log.history: "Changelog"
 admin.log.field: "Changed field"
 admin.log.oldValue: "old value"
-admin.log.newValue: "new value"
+admin.log.newValue: "new value"
diff --git a/app/Resources/translations/messages.tr.yml b/app/Resources/translations/messages.tr.yml
@@ -687,7 +687,6 @@ tubitak_journals: 'TÜBİTAK Dergileri'
 Yes: Evet
 No: Hayır
 role.plural: Roller
-ROLE_SUPER_ADMIN : Sistem Yöneticisi
 ROLE_JOURNAL_MANAGER : Dergi Yöneticisi
 ROLE_SUBSCRIPTION_MANAGER : Abonelik Yöneticisi
 ROLE_SECTION_EDITOR : Bölüm Editörü

diff --git a/app/config/ojs_params.yml b/app/config/ojs_params.yml
@@ -20,10 +20,3 @@ parameters:
         ar:
             name: Arabic
             code: ar
-
-    roles:
-        #dont modify
-        - 
-            role: ROLE_SUPER_ADMIN
-            desc: System Super Administrator
-            isSystemRole: True
diff --git a/docs/Roles.md b/docs/Roles.md
@@ -6,7 +6,6 @@ Ojs has 14 types of role definition.
 
 | Role Name 					| Role Description          |
 |-------------------------------|-------------------------------------------|
-| ROLE_SUPER_ADMIN				| System Administrator      |
 | ROLE_JOURNAL_MANAGER                          | Journal Manager           |
 | ROLE_SUBSCRIPTION_MANAGER                     | Subscription Manager      |
 | ROLE_EDITOR 				 	| Editor                    |

diff --git a/src/Ojs/ApiBundle/Controller/PublicSearchRestController.php b/src/Ojs/ApiBundle/Controller/PublicSearchRestController.php
@@ -4,6 +4,7 @@
 
 use Doctrine\ORM\EntityManager;
 use Nelmio\ApiDocBundle\Annotation\ApiDoc;
+use Ojs\JournalBundle\Entity\Citation;
 use Ojs\JournalBundle\Entity\Journal;
 use Ojs\UserBundle\Entity\User;
 use Ojs\JournalBundle\Entity\Institution;
@@ -167,6 +168,7 @@ public function getInstitutionAction($id)
      * )
      * @Get("/public/search/tags")
      *
+     * @param Request $request
      * @return array
      */
     public function getTagsAction(Request $request)
@@ -363,7 +365,7 @@ public function getCitationAction($id)
     {
         /** @var EntityManager $em */
         $em = $this->getDoctrine()->getManager();
-        /** @var Citation  $citation */
+        /** @var Citation $citation */
         $citation = $em->find('OjsJournalBundle:Citation', $id);
         if ($citation) {
             return JsonResponse::create(['id' => $id, 'text' => $citation->getRaw() ]);
@@ -480,7 +482,7 @@ public function getArticlesAction(Request $request)
 
         #$articleRepo = $this->getDoctrine()->getManager()->getRepository('OjsJournalBundle:Article');
         foreach ($results as $result) {
-            /*   if($user->hasRole('ROLE_SUPER_ADMIN'))
+            /*   if($user->isAdmin())
             {*/
                 $data[] = [
                     'id' => $result->getId(),
@@ -525,7 +527,7 @@ public function getArticleAction($id)
         $article = $em->find('OjsJournalBundle:Article', $id);
         //$user = $this->getUser();
         //$data = [];
-        //if($user->hasRole('ROLE_SUPER_ADMIN'))
+        //if($user->isAdmin())
         //{
             $data = [
                 'id' => $article->getId(),

diff --git a/src/Ojs/CliBundle/Command/InstallCommand.php b/src/Ojs/CliBundle/Command/InstallCommand.php
@@ -193,7 +193,6 @@ protected function insertRoles(OutputInterface $output)
             $output->writeln('<info>Added : '.$role['role'].'</info>');
             $new_role->setName($role['desc']);
             $new_role->setRole($role['role']);
-            $new_role->setIsSystemRole($role['isSystemRole']);
 
             $em->persist($new_role);
         }
@@ -232,8 +231,7 @@ protected function insertAdmin($username, $email, $password)
         $user->setStatus(1);
         $user->generateApiKey();
 
-        $role_repo = $doctrine->getRepository('OjsUserBundle:Role');
-        $user->addRole($role_repo->findOneBy(array('role' => 'ROLE_SUPER_ADMIN')));
+        $user->setAdmin(true);
 
         $em->persist($user);
         $em->flush();

diff --git a/src/Ojs/Common/Services/SecuritySwitchUserListener.php b/src/Ojs/Common/Services/SecuritySwitchUserListener.php
@@ -20,7 +20,7 @@ public function onSecuritySwitchUser(SwitchUserEvent $event)
     {
         /** @var User $user */
         $user = $this->tokenStorage->getToken()->getUser();
-        return $user->hasRole('ROLE_SUPER_ADMIN');
+        return $user->isAdmin();
     }
 
     public function getCurrentUser()

diff --git a/src/Ojs/Common/Twig/OjsExtension.php b/src/Ojs/Common/Twig/OjsExtension.php
@@ -236,11 +236,7 @@ public function isSystemAdmin()
     {
         $user = $this->userListener->checkUser();
         if ($user) {
-            foreach ($user->getRoles() as $role) {
-                if ($role->getRole() == 'ROLE_SUPER_ADMIN') {
-                    return true;
-                }
-            }
+            return $user->isAdmin();
         }
 
         return false;

diff --git a/src/Ojs/InstallerBundle/Controller/SetupController.php b/src/Ojs/InstallerBundle/Controller/SetupController.php
@@ -55,10 +55,8 @@ public function createUserAction(Request $request)
             $user->setPassword($password);
             $user->setIsActive(true);
             $user->generateApiKey();
-            $role_repo = $em->getRepository('OjsUserBundle:Role');
-            $role_sys_admin = $role_repo->findOneByRole('ROLE_SUPER_ADMIN');
 
-            $user->addRole($role_sys_admin);
+            $user->setAdmin(true);
 
             $em->persist($user);
             $em->flush();
@@ -81,14 +79,13 @@ private function insertRoles()
         $return = [];
         foreach ($roles as $role) {
             $new_role = new Role();
-            $check = $role_repo->findOneByRole($role['role']);
+            $check = $role_repo->findOneBy(array('role' => $role['role']));
             if (!empty($check)) {
                 continue;
             }
             $return[] = "Added :   {$role['role']}";
             $new_role->setName($role['desc']);
             $new_role->setRole($role['role']);
-            $new_role->setIsSystemRole($role['isSystemRole']);
             $em->persist($new_role);
         }
 

diff --git a/src/Ojs/JournalBundle/Controller/BoardController.php b/src/Ojs/JournalBundle/Controller/BoardController.php
@@ -2,6 +2,7 @@
 
 namespace Ojs\JournalBundle\Controller;
 
+use Ojs\UserBundle\Entity\User;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
@@ -31,13 +32,14 @@ class BoardController extends Controller
     public function indexAction()
     {
         $journal = $this->get('ojs.journal_service')->getSelectedJournal();
-        $isAdmin = $this->container->get('security.authorization_checker')->isGranted('ROLE_SUPER_ADMIN');
+        /** @var User $user */
+        $user = $this->getUser();
         if (!$this->isGranted('VIEW', $journal, 'boards')) {
             throw new AccessDeniedException("You not authorized for view this journal's boards!");
         }
         $source = new Entity('OjsJournalBundle:Board');
         //if user is not admin show only selected journal
-        if (!$isAdmin) {
+        if (!$user->isAdmin()) {
             $ta = $source->getTableAlias();
             $source->manipulateQuery(
                 function (QueryBuilder $query) use ($ta, $journal) {

diff --git a/src/Ojs/JournalBundle/Controller/IssueController.php b/src/Ojs/JournalBundle/Controller/IssueController.php
@@ -6,6 +6,7 @@
 use APY\DataGridBundle\Grid\Source\Entity;
 use Ojs\Common\Helper\ActionHelper;
 use Ojs\JournalBundle\Entity\Article;
+use Ojs\UserBundle\Entity\User;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Ojs\Common\Controller\OjsController as Controller;
@@ -29,14 +30,15 @@ class IssueController extends Controller
     public function indexAction()
     {
         $journal = $this->get('ojs.journal_service')->getSelectedJournal();
-        $isAdmin = $isAdmin = $this->container->get('security.authorization_checker')->isGranted('ROLE_SUPER_ADMIN');
+        /** @var User $user */
+        $user = $this->getUser();
 
         if(!$this->isGranted('VIEW', $journal, 'issues')) {
             throw new AccessDeniedException("You are not authorized for view this journal's issues!");
         }
         $source = new Entity('OjsJournalBundle:Issue');
         //if user is not admin show only selected journal
-        if(!$isAdmin){
+        if(!$user->isAdmin()){
             $ta = $source->getTableAlias();
             $source->manipulateQuery(
                 function (QueryBuilder $query) use ($ta, $journal)
@@ -50,7 +52,7 @@ function (QueryBuilder $query) use ($ta, $journal)
 
         $actionColumn = new ActionsColumn("actions", 'actions');
         ActionHelper::setup($this->get('security.csrf.token_manager'), $this->get('translator'));
-        $rowAction[] = ActionHelper::showAction($isAdmin?'issue_show':'issue_manager_issue_view', 'id');
+        $rowAction[] = ActionHelper::showAction($user->isAdmin()?'issue_show':'issue_manager_issue_view', 'id');
         if($this->isGranted('EDIT', $this->get('ojs.journal_service')->getSelectedJournal(), 'issues')) {
             $rowAction[] = ActionHelper::editAction('issue_edit', 'id');
         }

diff --git a/src/Ojs/JournalBundle/Controller/JournalContactController.php b/src/Ojs/JournalBundle/Controller/JournalContactController.php
@@ -6,8 +6,7 @@
 use APY\DataGridBundle\Grid\Source\Entity;
 use Doctrine\ORM\QueryBuilder;
 use Ojs\Common\Helper\ActionHelper;
-use Ojs\JournalBundle\Entity\Journal;
-use Ojs\JournalBundle\Entity\JournalDesign;
+use Ojs\UserBundle\Entity\User;
 use Symfony\Component\Form\Form;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -27,12 +26,13 @@ class JournalContactController extends Controller
 
     /**
      * Lists all JournalContact entities.
-     * @param  Journal  $journal if not set list all contacts. if set list only contacts for that journal
      * @return Response
      */
-    public function indexAction(Journal $journal = null)
+    public function indexAction()
     {
         $journal = $this->get('ojs.journal_service')->getSelectedJournal();
+        /** @var User $user */
+        $user = $this->getUser();
         if(!$this->isGranted('VIEW', $journal, 'contacts')) {
             throw new AccessDeniedException("You are not authorized for view this page!");
         }
@@ -53,7 +53,7 @@ function (QueryBuilder $query) use ($tableAlias, $journal) {
         $rowAction = [];
         ActionHelper::setup($this->get('security.csrf.token_manager'), $this->get('translator'));
 
-        if ($this->isGranted('ROLE_SUPER_ADMIN')) {
+        if ($user->isAdmin()) {
             $rowAction[] = ActionHelper::showAction('journalcontact_show', 'id');
             $rowAction[] = ActionHelper::editAction('journalcontact_edit', 'id');
             $rowAction[] = ActionHelper::deleteAction('journalcontact_delete', 'id');
@@ -90,10 +90,12 @@ public function indexManagerAction()
     public function createAction(Request $request)
     {
         $journal = $this->get('ojs.journal_service')->getSelectedJournal();
+
+        /** @var User $user */
+        $user = $this->getUser();
         if(!$this->isGranted('CREATE', $journal, 'contacts')) {
             throw new AccessDeniedException("You are not authorized for view this page!");
         }
-        $isAdmin = $this->isGranted('ROLE_SUPER_ADMIN');
         $entity = new JournalContact();
         $form = $this->createCreateForm($entity);
         $form->handleRequest($request);
@@ -105,7 +107,7 @@ public function createAction(Request $request)
 
             $this->successFlashBag('Successfully created');
 
-            return $this->redirectToRoute($isAdmin ? 'journalcontact_show' : 'manager_journalcontact_show', [
+            return $this->redirectToRoute($user->isAdmin() ? 'journalcontact_show' : 'manager_journalcontact_show', [
                 'id' => $entity->getId(),
                 ]
             );
@@ -126,9 +128,10 @@ public function createAction(Request $request)
      */
     private function createCreateForm(JournalContact $entity, $optionsArray = array())
     {
-        $isAdmin = $this->isGranted('ROLE_SUPER_ADMIN');
+        /** @var User $user */
+        $user = $this->getUser();
         $options = array_merge(array(
-            'action' => $this->generateUrl($isAdmin ? 'journalcontact_create' : 'manager_journalcontact_create'),
+            'action' => $this->generateUrl($user->isAdmin() ? 'journalcontact_create' : 'manager_journalcontact_create'),
             'method' => 'POST',
             'user' => $this->getUser(),
                 ), $optionsArray);
@@ -149,10 +152,9 @@ public function newManagerAction()
     /**
      * Displays a form to create a new JournalContact entity.
      *
-     * @param  null|Journal $journal
      * @return Response
      */
-    public function newAction($journal = null)
+    public function newAction()
     {
         $journal = $this->get('ojs.journal_service')->getSelectedJournal();
         if(!$this->isGranted('CREATE', $journal, 'contacts')) {
@@ -237,12 +239,14 @@ private function createEditForm(JournalContact $entity)
      */
     public function updateAction(Request $request, JournalContact $entity)
     {
+        /** @var User $user */
+        $user = $this->getUser();
         $this->throw404IfNotFound($entity);
         $journal = $this->get('ojs.journal_service')->getSelectedJournal();
         if(!$this->isGranted('EDIT', $journal, 'contacts')) {
             throw new AccessDeniedException("You are not authorized for view this page!");
         }
-        $isAdmin =  $this->isGranted('ROLE_SUPER_ADMIN');
+
         $em = $this->getDoctrine()->getManager();
         $editForm = $this->createEditForm($entity);
         $editForm->handleRequest($request);
@@ -251,7 +255,7 @@ public function updateAction(Request $request, JournalContact $entity)
             $em->flush();
             $this->successFlashBag('Successfully updated');
 
-            return $this->redirectToRoute($isAdmin ? 'journalcontact_edit' : 'manager_journalcontact_edit', [
+            return $this->redirectToRoute($user->isAdmin() ? 'journalcontact_edit' : 'manager_journalcontact_edit', [
                 'id' => $entity->getId(),
                 ]
             );
@@ -271,28 +275,30 @@ public function updateAction(Request $request, JournalContact $entity)
      */
     public function deleteAction(Request $request, JournalContact $entity)
     {
+        /** @var User $user */
+        $user = $this->getUser();
         $this->throw404IfNotFound($entity);
         $journal = $this->get('ojs.journal_service')->getSelectedJournal();
         if(!$this->isGranted('DELETE', $journal, 'contacts')) {
             throw new AccessDeniedException("You are not authorized for view this page!");
         }
-        $isAdmin =  $this->isGranted('ROLE_SUPER_ADMIN');
         $em = $this->getDoctrine()->getManager();
         $csrf = $this->get('security.csrf.token_manager');
-        if ($this->isGranted('ROLE_SUPER_ADMIN')) {
+        if ($user->isAdmin()) {
             $token = $csrf->getToken('journalcontact'.$entity->getId());
         } elseif ($this->get('ojs.journal_service')->hasJournalRole('ROLE_JOURNAL_MANAGER')) {
             $token = $csrf->getToken('manager_journalcontact'.$entity->getId());
         }else{
             $token = $csrf->getToken('journalcontact'.$entity->getId());
         }
 
-        if($token!=$request->get('_token'))
+        if($token!=$request->get('_token')) {
             throw new TokenNotFoundException("Token Not Found!");
+        }
         $em->remove($entity);
         $em->flush();
         $this->successFlashBag('Successfully removed');
 
-        return $this->redirectToRoute($isAdmin ? 'journalcontact' : 'manager_journalcontact');
+        return $this->redirectToRoute($user->isAdmin() ? 'journalcontact' : 'manager_journalcontact');
     }
 }
diff --git a/src/Ojs/JournalBundle/Controller/JournalSetup/JournalSetupController.php b/src/Ojs/JournalBundle/Controller/JournalSetup/JournalSetupController.php
@@ -22,14 +22,13 @@ class JournalSetupController extends Controller
      */
     public function indexAction()
     {
-        $superAdmin = $this->isGranted('ROLE_SUPER_ADMIN');
-        if (!$superAdmin) {
+        if (!$this->isGranted('CREATE', new Journal())) {
             throw new AccessDeniedException();
         }
         $user = $this->getUser();
         $dm = $this->get('doctrine_mongodb')->getManager();
         /** @var JournalSetupProgress $userSetup */
-        $userSetup = $dm->getRepository('OjsJournalBundle:JournalSetupProgress')->findOneByUserId($user->getId());
+        $userSetup = $dm->getRepository('OjsJournalBundle:JournalSetupProgress')->findOneBy(array('userId' => $user->getId()));
 
         //if user have an journal setup progress resume journal setup. Else create an journal setup progress
         if ($userSetup) {
@@ -77,7 +76,7 @@ public function resumeAction($setupId)
         $dm = $this->get('doctrine_mongodb')->getManager();
         $em = $this->getDoctrine()->getManager();
         /** @var JournalSetupProgress $setup */
-        $setup = $dm->getRepository('OjsJournalBundle:JournalSetupProgress')->findOneById($setupId);
+        $setup = $dm->getRepository('OjsJournalBundle:JournalSetupProgress')->find($setupId);
         $journal = $em->getRepository('OjsJournalBundle:Journal')->find($setup->getJournalId());
 
         $stepsForms = array();