From 79e9906a053813b3e7c33ba5e95977de3eaf36bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julien=20Fastr=C3=A9?= <julien.fastre@champs-libres.coop>
Date: Tue, 8 Nov 2022 18:02:26 +0100
Subject: [PATCH] =?UTF-8?q?Feature:=20[saved=20export]=20G=C3=A9n=C3=A9rat?=
 =?UTF-8?q?e=20a=20report=20from=20a=20saved=20export?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controller/ExportController.php           | 24 +++++++++++-
 .../Resources/views/Export/download.html.twig | 13 +++++--
 .../views/SavedExport/index.html.twig         | 14 ++++++-
 .../Authorization/SavedExportVoter.php        | 39 +++++++++++++++++++
 .../config/services/security.yaml             |  2 +
 5 files changed, 86 insertions(+), 6 deletions(-)
 create mode 100644 src/Bundle/ChillMainBundle/Security/Authorization/SavedExportVoter.php

diff --git a/src/Bundle/ChillMainBundle/Controller/ExportController.php b/src/Bundle/ChillMainBundle/Controller/ExportController.php
index 9037ae141..293a3c778 100644
--- a/src/Bundle/ChillMainBundle/Controller/ExportController.php
+++ b/src/Bundle/ChillMainBundle/Controller/ExportController.php
@@ -19,21 +19,24 @@ use Chill\MainBundle\Form\Type\Export\ExportType;
 use Chill\MainBundle\Form\Type\Export\FormatterType;
 use Chill\MainBundle\Form\Type\Export\PickCenterType;
 use Chill\MainBundle\Redis\ChillRedis;
+use Chill\MainBundle\Security\Authorization\SavedExportVoter;
 use Doctrine\ORM\EntityManagerInterface;
 use LogicException;
 use Psr\Log\LoggerInterface;
+use RedisException;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\Form\Extension\Core\Type\FormType;
 use Symfony\Component\Form\Extension\Core\Type\SubmitType;
 use Symfony\Component\Form\FormFactoryInterface;
 use Symfony\Component\Form\FormInterface;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\Routing\Annotation\Route;
-use Symfony\Contracts\Translation\TranslatorInterface;
 
+use Symfony\Contracts\Translation\TranslatorInterface;
 use function count;
 use function serialize;
 use function unserialize;
@@ -152,6 +155,25 @@ class ExportController extends AbstractController
         );
     }
 
+    /**
+     * @Route("/{_locale}/exports/generate-from-saved/{id}", name="chill_main_export_generate_from_saved")
+     *
+     * @throws RedisException
+     */
+    public function generateFromSavedExport(SavedExport $savedExport): RedirectResponse
+    {
+        $this->denyAccessUnlessGranted(SavedExportVoter::GENERATE, $savedExport);
+
+        $key = md5(uniqid((string) mt_rand(), false));
+
+        $this->redis->setEx($key, 3600, serialize($savedExport->getOptions()));
+
+        return $this->redirectToRoute(
+            'chill_main_export_download',
+            ['alias' => $savedExport->getExportAlias(), 'key' => $key, 'prevent_save' => true]
+        );
+    }
+
     /**
      * Render the list of available exports.
      */
diff --git a/src/Bundle/ChillMainBundle/Resources/views/Export/download.html.twig b/src/Bundle/ChillMainBundle/Resources/views/Export/download.html.twig
index a15e60088..1e69c5a49 100644
--- a/src/Bundle/ChillMainBundle/Resources/views/Export/download.html.twig
+++ b/src/Bundle/ChillMainBundle/Resources/views/Export/download.html.twig
@@ -49,9 +49,14 @@ window.addEventListener("DOMContentLoaded", function(e) {
              data-download-text="{{ "Download your report"|trans|escape('html_attr') }}"
         ><span id="waiting_text">{{ "Waiting for your report"|trans ~ '...' }}</span></div>
 
-        <div>
-            <a href="{{ chill_path_add_return_path('chill_main_export_save_from_key', { alias: alias, key: app.request.query.get('key')}) }}">{{ 'Save'|trans }}</a>
-        </div>
+        <ul class="record_actions sticky-form-buttons">
+            <li class="cancel"><a href="{{ chill_return_path_or('chill_main_export_index') }}" class="btn btn-cancel">{{ 'Back to the list'|trans }}</a></li>
 
-    </div>
+            {% if not app.request.query.has('prevent_save') %}
+                <li>
+                    <a href="{{ chill_path_add_return_path('chill_main_export_save_from_key', { alias: alias, key: app.request.query.get('key')}) }}" class="btn btn-save">{{ 'Save'|trans }}</a>
+                </li>
+            {% endif %}
+        </ul>
+</div>
 {% endblock content %}
\ No newline at end of file
diff --git a/src/Bundle/ChillMainBundle/Resources/views/SavedExport/index.html.twig b/src/Bundle/ChillMainBundle/Resources/views/SavedExport/index.html.twig
index 071a177a5..5cd697bb4 100644
--- a/src/Bundle/ChillMainBundle/Resources/views/SavedExport/index.html.twig
+++ b/src/Bundle/ChillMainBundle/Resources/views/SavedExport/index.html.twig
@@ -15,10 +15,16 @@
                         {% for s in saveds %}
                             <div class="col-6 col-md-4 mb-3">
                                 <h2>{{ s.saved.title }}</h2>
-                                <p>{{ s.export.title|trans }}</p>
+                                <p><strong>{{ s.export.title|trans }}</strong></p>
                                 <div>
                                     {{ s.saved.description|chill_markdown_to_html }}
                                 </div>
+
+                                <ul class="record_actions">
+                                    <li><a href="#" class="btn btn-delete"></a></li>
+                                    <li><a href="#" class="btn btn-edit"></a></li>
+                                    <li><a href="{{ path('chill_main_export_generate_from_saved', { id: s.saved.id }) }}" class="btn btn-action"><i class="fa fa-cog"></i></a></li>
+                                </ul>
                             </div>
                         {% endfor %}
                     </div>
@@ -39,6 +45,12 @@
                                 <div>
                                     {{ s.saved.description|chill_markdown_to_html }}
                                 </div>
+
+                                <ul class="record_actions">
+                                    <li><a href="#" class="btn btn-delete"></a></li>
+                                    <li><a href="#" class="btn btn-edit"></a></li>
+                                    <li><a href="{{ path('chill_main_export_generate_from_saved', { id: s.saved.id }) }}" class="btn btn-action"><i class="fa fa-cog"></i></a></li>
+                                </ul>
                             </div>
                         </div>
                     {% endfor %}
diff --git a/src/Bundle/ChillMainBundle/Security/Authorization/SavedExportVoter.php b/src/Bundle/ChillMainBundle/Security/Authorization/SavedExportVoter.php
new file mode 100644
index 000000000..bc74e2d45
--- /dev/null
+++ b/src/Bundle/ChillMainBundle/Security/Authorization/SavedExportVoter.php
@@ -0,0 +1,39 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * Chill is a software for social workers
+ *
+ * For the full copyright and license information, please view
+ * the LICENSE file that was distributed with this source code.
+ */
+
+namespace Chill\MainBundle\Security\Authorization;
+
+use Chill\MainBundle\Entity\SavedExport;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authorization\Voter\Voter;
+use UnexpectedValueException;
+
+class SavedExportVoter extends Voter
+{
+    public const GENERATE = 'CHLL_MAIN_EXPORT_SAVED_GENERATE';
+
+    protected function supports($attribute, $subject): bool
+    {
+        return $subject instanceof SavedExport && self::GENERATE === $attribute;
+    }
+
+    protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
+    {
+        /** @var SavedExport $subject */
+        switch ($attribute) {
+            case self::GENERATE:
+                return $subject->getUser() === $token->getUser();
+
+            default:
+                throw new UnexpectedValueException('attribute not supported: ' . $attribute);
+        }
+    }
+}
diff --git a/src/Bundle/ChillMainBundle/config/services/security.yaml b/src/Bundle/ChillMainBundle/config/services/security.yaml
index 3347871e3..824144470 100644
--- a/src/Bundle/ChillMainBundle/config/services/security.yaml
+++ b/src/Bundle/ChillMainBundle/config/services/security.yaml
@@ -50,6 +50,8 @@ services:
         tags:
             - { name: security.voter }
 
+    Chill\MainBundle\Security\Authorization\SavedExportVoter: ~
+
     Chill\MainBundle\Security\PasswordRecover\TokenManager:
         arguments:
             $secret: '%kernel.secret%'