Added support for allow[Edit|Delete] functions to prevent delete an…

…d edit operations of used entities Fixes #18
MasterZydra · Feb 24, 2024 · 76ce870 · 76ce870
1 parent a2aae78
commit 76ce870
Show file tree

Hide file tree

Showing 29 changed files with 304 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,9 @@ Types of changes: `Added`, `Changed`, `Deprecate`, `Removed`, `Fixed`, `Secruity
 
 ## [Unreleased]
 
+### Added
+- Added support for `allow[Edit|Delete]` functions to prevent delete and edit operations of used entities
+
 ## v2.0.1 - 22.02.2024 - Minor styling improvements
 
 ### Added

diff --git a/app/Models/DeliveryNote.php b/app/Models/DeliveryNote.php
@@ -27,6 +27,22 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowEdit(): bool
+    {
+        return match (true) {
+            $this->getInvoiceId() !== null && $this->getInvoice()->getIsPaid() => false,
+            default => true,
+        };
+    }
+
+    public function allowDelete(): bool
+    {
+        return match (true) {
+            $this->getInvoiceId() !== null => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -44,6 +60,7 @@ public function save(): self
                 $this->getInvoiceId()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `year`=?, nr=?, deliveryDate=?, amount=?, productId=?, supplierId=?, recipientId=?, isInvoiceReady=?, invoiceId=? WHERE id=?',
                 'iisdiiiiii',
@@ -105,6 +122,11 @@ public function getRecipient(): Recipient
         return Recipient::findById($this->getRecipientId());
     }
 
+    public function getInvoice(): Invoice
+    {
+        return Invoice::findById($this->getInvoiceId());
+    }
+
     public static function nextDeliveryNoteNr(int $year = null): int
     {
         if ($year === null) {

diff --git a/app/Models/Invoice.php b/app/Models/Invoice.php
@@ -22,6 +22,24 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowEdit(): bool
+    {
+        $before = Invoice::findById($this->getId());
+
+        return match (true) {
+            $before->getIsPaid() => false,
+            default => true,
+        };
+    }
+
+    public function allowDelete(): bool
+    {
+        return match (true) {
+            $this->getIsPaid() => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -35,6 +53,7 @@ public function save(): self
                 Convert::boolToInt($this->getIsPaid())
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `year`=?, nr=?, invoiceDate=?, recipientId=?, isPaid=? WHERE id=?',
                 'iisiii',

diff --git a/app/Models/Language.php b/app/Models/Language.php
@@ -4,6 +4,8 @@
 
 use Framework\Database\BaseModel;
 use Framework\Database\Database;
+use Framework\Database\Query\ColType;
+use Framework\Database\Query\Condition;
 
 class Language extends BaseModel
 {
@@ -15,6 +17,18 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $users = User::all(
+            User::getQueryBuilder()->where(ColType::Int, 'languageId', Condition::Equal, $this->getId())
+        );
+
+        return match (true) {
+            count($users) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -25,6 +39,7 @@ public function save(): self
                 $this->getName()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET code=?, `name`=? WHERE id=?',
                 'ssi',

diff --git a/app/Models/Plot.php b/app/Models/Plot.php
@@ -4,6 +4,8 @@
 
 use Framework\Database\BaseModel;
 use Framework\Database\Database;
+use Framework\Database\Query\ColType;
+use Framework\Database\Query\Condition;
 use Framework\Facades\Convert;
 
 class Plot extends BaseModel
@@ -19,6 +21,18 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $volumeDistributions = VolumeDistribution::all(
+            VolumeDistribution::getQueryBuilder()->where(ColType::Int, 'plotId', Condition::Equal, $this->getId())
+        );
+
+        return match (true) {
+            count($volumeDistributions) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -32,6 +46,7 @@ public function save(): self
                 Convert::boolToInt($this->getIsLocked())
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET nr=?, name=?, subdistrict=?, supplierId=?, isLocked=? WHERE id=?',
                 'sssiii',

diff --git a/app/Models/Price.php b/app/Models/Price.php
@@ -4,6 +4,8 @@
 
 use Framework\Database\BaseModel;
 use Framework\Database\Database;
+use Framework\Database\Query\ColType;
+use Framework\Database\Query\Condition;
 
 class Price extends BaseModel
 {
@@ -18,6 +20,21 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $deliveryNotes = DeliveryNote::all(
+            DeliveryNote::getQueryBuilder()
+                ->where(ColType::Int, 'year', Condition::Equal, $this->getYear())
+                ->where(ColType::Int, 'productId', Condition::Equal, $this->getProductId())
+                ->where(ColType::Int, 'recipientId', Condition::Equal, $this->getRecipientId())
+        );
+
+        return match (true) {
+            count($deliveryNotes) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -31,6 +48,7 @@ public function save(): self
                 $this->getRecipientId()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `year` = ?, price = ?, pricePayout = ?, productId = ?, recipientId = ? WHERE id = ?',
                 'iddiii',

diff --git a/app/Models/Product.php b/app/Models/Product.php
@@ -4,6 +4,8 @@
 
 use Framework\Database\BaseModel;
 use Framework\Database\Database;
+use Framework\Database\Query\ColType;
+use Framework\Database\Query\Condition;
 use Framework\Facades\Convert;
 
 class Product extends BaseModel
@@ -16,6 +18,22 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $deliveryNotes = DeliveryNote::all(
+            DeliveryNote::getQueryBuilder()->where(ColType::Int, 'productId', Condition::Equal, $this->getId())
+        );
+        $prices = Price::all(
+            Price::getQueryBuilder()->where(ColType::Int, 'productId', Condition::Equal, $this->getId())
+        );
+
+        return match (true) {
+            count($deliveryNotes) > 0 => false,
+            count($prices) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -26,6 +44,7 @@ public function save(): self
                 Convert::boolToInt($this->getIsDiscontinued())
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `name`=?, isDiscontinued=? WHERE id=?',
                 'sii',

diff --git a/app/Models/Recipient.php b/app/Models/Recipient.php
@@ -4,6 +4,8 @@
 
 use Framework\Database\BaseModel;
 use Framework\Database\Database;
+use Framework\Database\Query\ColType;
+use Framework\Database\Query\Condition;
 use Framework\Facades\Convert;
 
 class Recipient extends BaseModel
@@ -19,6 +21,26 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $deliveryNotes = DeliveryNote::all(
+            DeliveryNote::getQueryBuilder()->where(ColType::Int, 'recipientId', Condition::Equal, $this->getId())
+        );
+        $invoices = Invoice::all(
+            Invoice::getQueryBuilder()->where(ColType::Int, 'recipientId', Condition::Equal, $this->getId())
+        );
+        $prices = Price::all(
+            Price::getQueryBuilder()->where(ColType::Int, 'recipientId', Condition::Equal, $this->getId())
+        );
+
+        return match (true) {
+            count($deliveryNotes) > 0 => false,
+            count($invoices) > 0 => false,
+            count($prices) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -32,6 +54,7 @@ public function save(): self
                 Convert::boolToInt($this->getIsLocked())
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `name`=?, street=?, postalCode=?, city=?, isLocked=? WHERE id=?',
                 'ssssii',

diff --git a/app/Models/Role.php b/app/Models/Role.php
@@ -16,6 +16,18 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $userRoles = UserRole::all(
+            UserRole::getQueryBuilder()->where(ColType::Int, 'roleId', Condition::Equal, $this->getId())
+        );
+
+        return match (true) {
+            count($userRoles) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -25,6 +37,7 @@ public function save(): self
                 $this->getName()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `name`=? WHERE id=?',
                 'si',

diff --git a/app/Models/Setting.php b/app/Models/Setting.php
@@ -29,6 +29,7 @@ public function save(): self
                 $this->getValue()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `name`=?, description=?, value=? WHERE id=?',
                 'sssi',

diff --git a/app/Models/Supplier.php b/app/Models/Supplier.php
@@ -4,6 +4,8 @@
 
 use Framework\Database\BaseModel;
 use Framework\Database\Database;
+use Framework\Database\Query\ColType;
+use Framework\Database\Query\Condition;
 use Framework\Facades\Convert;
 
 class Supplier extends BaseModel
@@ -18,6 +20,22 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $deliveryNotes = DeliveryNote::all(
+            DeliveryNote::getQueryBuilder()->where(ColType::Int, 'supplierId', Condition::Equal, $this->getId())
+        );
+        $plots = Plot::all(
+            Plot::getQueryBuilder()->where(ColType::Int, 'supplierId', Condition::Equal, $this->getId())
+        );
+
+        return match (true) {
+            count($deliveryNotes) > 0 => false,
+            count($plots) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -30,6 +48,7 @@ public function save(): self
                 Convert::boolToInt($this->getHasNoPayout())
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET `name`=?, isLocked=?, hasFullPayout=?, hasNoPayout=? WHERE id=?',
                 'siiii',

diff --git a/app/Models/User.php b/app/Models/User.php
@@ -24,6 +24,18 @@ protected static function new(array $data = []): self
         return new self($data);
     }
 
+    public function allowDelete(): bool
+    {
+        $userRoles = UserRole::all(
+            UserRole::getQueryBuilder()->where(ColType::Int, 'userId', Condition::Equal, $this->getId())
+        );
+
+        return match (true) {
+            count($userRoles) > 0 => false,
+            default => true,
+        };
+    }
+
     public function save(): self
     {
         if ($this->getId() === null) {
@@ -39,6 +51,7 @@ public function save(): self
                 $this->getLanguageId()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET firstname=?, lastname=?, username=?, password=?, isLocked=?, isPwdChangeForced=?, languageId=? WHERE id=?',
                 'ssssiiii',

diff --git a/app/Models/UserRole.php b/app/Models/UserRole.php
@@ -27,6 +27,7 @@ public function save(): self
                 $this->getRoleId()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET userId=?, roleId=? WHERE id=?',
                 'iii',

diff --git a/app/Models/VolumeDistribution.php b/app/Models/VolumeDistribution.php
@@ -29,6 +29,7 @@ public function save(): self
                 $this->getAmount()
             );
         } else {
+            $this->checkAllowEdit();
             Database::prepared(
                 'UPDATE ' . $this->getTableName() . ' SET deliveryNoteId=?, plotId=?, amount=? WHERE id=?',
                 'iidi',