Skip to content
This repository was archived by the owner on May 29, 2026. It is now read-only.
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions lib/Controller/AanbodController.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
namespace OCA\SoftwareCatalog\Controller;

use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IRequest;
use OCP\IUserSession;
Expand Down Expand Up @@ -162,6 +163,10 @@ public function getAanbod(): JSONResponse
*/
public function acceptAanbod(string $uuid): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

$this->logger->info(
'API: Accepting aanbod object',
[
Expand Down Expand Up @@ -262,6 +267,10 @@ function ($key) {
*/
public function denyAanbod(string $uuid): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

$this->logger->info(
'API: Denying aanbod object',
[
Expand Down
13 changes: 11 additions & 2 deletions lib/Controller/AangebodenGebruikController.php
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
namespace OCA\SoftwareCatalog\Controller;

use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IGroupManager;
use OCP\IRequest;
Expand Down Expand Up @@ -604,10 +605,14 @@ public function getGebruiksWhereDeelnemers(): JSONResponse
*
* @NoAdminRequired
* @NoCSRFRequired
* @spec openspec/changes/retrofit-2026-05-26-aangeboden-gebruik-api/tasks.md#task-2
* @spec openspec/changes/retrofit-2026-05-26-aangeboden-gebruik-api/tasks.md#task-2
*/
public function setGebruikSelfToActiveOrg(string $gebruikId): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

$this->logger->info(
'API: Setting gebruik @self property to active org',
[
Expand Down Expand Up @@ -710,10 +715,14 @@ function ($key) {
*
* @NoAdminRequired
* @NoCSRFRequired
* @spec openspec/changes/retrofit-2026-05-26-aangeboden-gebruik-api/tasks.md#task-2
* @spec openspec/changes/retrofit-2026-05-26-aangeboden-gebruik-api/tasks.md#task-2
*/
public function deleteGebruikAsAfnemer(string $gebruikId): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

$this->logger->info(
'API: Deleting gebruik object as afnemer',
[
Expand Down
3 changes: 2 additions & 1 deletion lib/Controller/ContactpersonenController.php
Original file line number Diff line number Diff line change
Expand Up @@ -525,7 +525,8 @@ public function changePassword(string $username, string $newPassword, string $cu
$isSelfReset = $currentUser->getUID() === $username;

// Non-admins may only change their own password.
if ($isAdmin === false && $isSelfReset === false) {
$hasPasswordChangePermission = ($isAdmin === true || $isSelfReset === true);
if ($hasPasswordChangePermission === false) {
return new JSONResponse(['message' => 'Insufficient permissions'], Http::STATUS_FORBIDDEN);
}

Expand Down
81 changes: 61 additions & 20 deletions lib/Controller/SettingsController.php
Original file line number Diff line number Diff line change
Expand Up @@ -815,7 +815,13 @@ public function performSync(int $minutesBack=0): JSONResponse
// For incremental sync, use the original method.
$result = $this->orgSyncSvc->performManualSync($minutesBack);

return new JSONResponse($result, $result['success'] === true ? 200 : 500);
if ($result['success'] === true) {
$statusCode = 200;
} else {
$statusCode = 500;
}

return new JSONResponse($result, $statusCode);
} catch (\Exception $e) {
$this->logger->error(
'Manual sync failed',
Expand Down Expand Up @@ -958,7 +964,13 @@ public function resetAutoConfig(): JSONResponse

$result = $this->settingsService->resetAutoConfiguration($resetConfiguration);

return new JSONResponse($result, $result['success'] === true ? 200 : 400);
if ($result['success'] === true) {
$statusCode = 200;
} else {
$statusCode = 400;
}

return new JSONResponse($result, $statusCode);
} catch (\Exception $e) {
return new JSONResponse(
[
Expand Down Expand Up @@ -1046,7 +1058,13 @@ public function manualImport(): JSONResponse
// Add timestamp for cache busting.
$result['timestamp'] = time();

return new JSONResponse($result, $result['success'] === true ? 200 : 400);
if ($result['success'] === true) {
$importStatusCode = 200;
} else {
$importStatusCode = 400;
}

return new JSONResponse($result, $importStatusCode);
} catch (\Exception $e) {
$this->logger->error(
'SettingsController: Manual import failed',
Expand Down Expand Up @@ -1697,20 +1715,19 @@ public function exportOrgArchiMate(string $organizationUuid): Response
}

// Require admin or organisation-admin group membership.
$isAdmin = $this->groupManager->isAdmin($currentUser->getUID());
if ($isAdmin === false) {
$orgAdminGroups = $this->settingsService->getOrganizationAdminGroups();
$isOrgAdmin = false;
foreach ($orgAdminGroups as $groupName) {
if ($this->groupManager->isInGroup($currentUser->getUID(), $groupName) === true) {
$isOrgAdmin = true;
break;
}
$isAdmin = $this->groupManager->isAdmin($currentUser->getUID());
$orgAdminGroups = $this->settingsService->getOrganizationAdminGroups();
$isOrgAdmin = false;
foreach ($orgAdminGroups as $groupName) {
if ($this->groupManager->isInGroup($currentUser->getUID(), $groupName) === true) {
$isOrgAdmin = true;
break;
}
}

if ($isOrgAdmin === false) {
return new JSONResponse(['message' => 'Admin or organisation-admin privileges required'], Http::STATUS_FORBIDDEN);
}
$hasExportPermission = ($isAdmin === true || $isOrgAdmin === true);
if ($hasExportPermission === false) {
return new JSONResponse(['message' => 'Admin or organisation-admin privileges required'], Http::STATUS_FORBIDDEN);
}

try {
Expand Down Expand Up @@ -2211,7 +2228,11 @@ public function updateEmailTemplate(string $templateName): JSONResponse
templateContent: $templateContent
);

$updateMsg = ($success === true) ? "Template {$templateName} updated successfully" : "Failed to update template {$templateName}";
if ($success === true) {
$updateMsg = "Template {$templateName} updated successfully";
} else {
$updateMsg = "Failed to update template {$templateName}";
}

return new JSONResponse(
[
Expand Down Expand Up @@ -2788,8 +2809,12 @@ public function cancelArchiMateImport(): JSONResponse
}

try {
$result = $this->settingsService->cancelArchiMateImport();
$message = ($result['cancelled'] === true) ? 'ArchiMate import cancellation succeeded' : 'ArchiMate import cancellation failed';
$result = $this->settingsService->cancelArchiMateImport();
if ($result['cancelled'] === true) {
$message = 'ArchiMate import cancellation succeeded';
} else {
$message = 'ArchiMate import cancellation failed';
}

return new JSONResponse(
[
Expand Down Expand Up @@ -3515,7 +3540,11 @@ public function syncOrganisations(): JSONResponse
// Call the settings service method.
$result = $this->settingsService->syncOrganisationsToVoorzieningenOptimized($options);

$statusCode = ($result['success'] === true) ? 200 : 500;
if ($result['success'] === true) {
$statusCode = 200;
} else {
$statusCode = 500;
}

$this->logger->info(
'SettingsController: Organisation sync completed',
Expand Down Expand Up @@ -3667,7 +3696,11 @@ public function updateCronjobConfig(): JSONResponse
$data = $this->request->getParams();
$result = $this->settingsService->updateCronjobConfig($data);

$statusCode = ($result['success'] === true) ? 200 : 400;
if ($result['success'] === true) {
$statusCode = 200;
} else {
$statusCode = 400;
}

return new JSONResponse($result, $statusCode);
} catch (\Exception $e) {
Expand Down Expand Up @@ -3701,6 +3734,10 @@ public function updateCronjobConfig(): JSONResponse
*/
public function getCronjobUsers(): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

return new JSONResponse(
[
'success' => false,
Expand All @@ -3723,6 +3760,10 @@ public function getCronjobUsers(): JSONResponse
*/
public function getCronjobOrganisations(): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

return new JSONResponse(
[
'success' => false,
Expand Down
18 changes: 17 additions & 1 deletion lib/Controller/ViewController.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,10 @@
namespace OCA\SoftwareCatalog\Controller;

use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IRequest;
use OCP\IUserSession;
use OCA\SoftwareCatalog\Service\ViewService;
use Psr\Log\LoggerInterface;

Expand All @@ -48,12 +50,14 @@ class ViewController extends Controller
* @param IRequest $request The request object
* @param ViewService $viewService The view service for business logic
* @param LoggerInterface $logger The logger service
* @param IUserSession $userSession The user session service
*/
public function __construct(
string $appName,
IRequest $request,
private readonly ViewService $viewService,
private readonly LoggerInterface $logger
private readonly LoggerInterface $logger,
private readonly IUserSession $userSession
) {
parent::__construct(appName: $appName, request: $request);
}//end __construct()
Expand All @@ -78,6 +82,10 @@ public function __construct(
*/
public function getAllViews(): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

$this->logger->info(
'API: Getting all views',
[
Expand Down Expand Up @@ -153,6 +161,10 @@ public function getAllViews(): JSONResponse
*/
public function getView(string $viewId): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

$this->logger->info(
'API: Getting specific view',
[
Expand Down Expand Up @@ -313,6 +325,10 @@ private function parseBooleanParam($value): bool
*/
public function getApiDocumentation(): JSONResponse
{
if ($this->userSession->getUser() === null) {
return new JSONResponse(['message' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED);
}

$documentation = [
'api_version' => '1.0.0',
'description' => 'SoftwareCatalog View API - Query and enrich ArchiMate views',
Expand Down
6 changes: 5 additions & 1 deletion lib/Service/ArchiMateExportService.php
Original file line number Diff line number Diff line change
Expand Up @@ -347,7 +347,11 @@ private function getNamespaceUri(\SimpleXMLElement $xml, string $prefix): string
}

$docNamespaces = $xml->getDocNamespaces(true);
$namespaces = ($docNamespaces !== false) ? $docNamespaces : [];
if ($docNamespaces !== false) {
$namespaces = $docNamespaces;
} else {
$namespaces = [];
}

return $namespaces[$prefix] ?? '';
}//end getNamespaceUri()
Expand Down
Loading