Refuse pirep prefile is user not allowed to use aircraft #170
This commit is contained in:
@@ -5,6 +5,7 @@ namespace App\Http\Controllers\Api;
|
||||
use App\Http\Requests\Acars\EventRequest;
|
||||
use App\Http\Requests\Acars\UpdateRequest;
|
||||
use App\Models\Enums\PirepSource;
|
||||
use App\Services\UserService;
|
||||
use Auth;
|
||||
use Log;
|
||||
use Illuminate\Http\Request;
|
||||
@@ -40,7 +41,8 @@ class PirepController extends RestController
|
||||
protected $acarsRepo,
|
||||
$geoSvc,
|
||||
$pirepRepo,
|
||||
$pirepSvc;
|
||||
$pirepSvc,
|
||||
$userSvc;
|
||||
|
||||
/**
|
||||
* PirepController constructor.
|
||||
@@ -53,12 +55,14 @@ class PirepController extends RestController
|
||||
AcarsRepository $acarsRepo,
|
||||
GeoService $geoSvc,
|
||||
PirepRepository $pirepRepo,
|
||||
PIREPService $pirepSvc
|
||||
PIREPService $pirepSvc,
|
||||
UserService $userSvc
|
||||
) {
|
||||
$this->acarsRepo = $acarsRepo;
|
||||
$this->geoSvc = $geoSvc;
|
||||
$this->pirepRepo = $pirepRepo;
|
||||
$this->pirepSvc = $pirepSvc;
|
||||
$this->userSvc = $userSvc;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -111,19 +115,30 @@ class PirepController extends RestController
|
||||
*
|
||||
* @param PrefileRequest $request
|
||||
* @return PirepResource
|
||||
* @throws \Symfony\Component\HttpKernel\Exception\BadRequestHttpException
|
||||
*/
|
||||
public function prefile(PrefileRequest $request)
|
||||
{
|
||||
Log::info('PIREP Prefile, user '.Auth::id(), $request->post());
|
||||
|
||||
$user = Auth::user();
|
||||
|
||||
$attrs = $request->post();
|
||||
$attrs['user_id'] = Auth::id();
|
||||
$attrs['user_id'] = $user->id;
|
||||
$attrs['source'] = PirepSource::ACARS;
|
||||
$attrs['state'] = PirepState::IN_PROGRESS;
|
||||
$attrs['status'] = PirepStatus::PREFILE;
|
||||
|
||||
$pirep = new Pirep($attrs);
|
||||
|
||||
# See if this user is allowed to fly this aircraft
|
||||
if(setting('pireps.restrict_aircraft_to_rank', false)) {
|
||||
$can_use_ac = $this->userSvc->aircraftAllowed($user, $pirep->aircraft_id);
|
||||
if (!$can_use_ac) {
|
||||
throw new BadRequestHttpException('User is not allowed to fly this aircraft');
|
||||
}
|
||||
}
|
||||
|
||||
# Find if there's a duplicate, if so, let's work on that
|
||||
$dupe_pirep = $this->pirepSvc->findDuplicate($pirep);
|
||||
if($dupe_pirep !== false) {
|
||||
|
||||
@@ -25,8 +25,9 @@ class Aircraft extends BaseModel
|
||||
* @var array
|
||||
*/
|
||||
protected $casts = [
|
||||
'zfw' => 'float',
|
||||
'active' => 'boolean',
|
||||
'subfleet_id' => 'integer',
|
||||
'zfw' => 'float',
|
||||
'active' => 'boolean',
|
||||
];
|
||||
|
||||
/**
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace App\Services;
|
||||
|
||||
use App\Repositories\AircraftRepository;
|
||||
use App\Repositories\SubfleetRepository;
|
||||
use Illuminate\Support\Collection;
|
||||
use Log;
|
||||
@@ -16,15 +17,17 @@ use App\Models\Enums\UserState;
|
||||
|
||||
class UserService extends BaseService
|
||||
{
|
||||
protected $subfleetRepo;
|
||||
protected $aircraftRepo, $subfleetRepo;
|
||||
|
||||
/**
|
||||
* UserService constructor.
|
||||
* @param SubfleetRepository $subfleetRepo
|
||||
*/
|
||||
public function __construct(
|
||||
AircraftRepository $aircraftRepo,
|
||||
SubfleetRepository $subfleetRepo
|
||||
) {
|
||||
$this->aircraftRepo = $aircraftRepo;
|
||||
$this->subfleetRepo = $subfleetRepo;
|
||||
}
|
||||
|
||||
@@ -83,6 +86,21 @@ class UserService extends BaseService
|
||||
return $subfleets->with('aircraft')->get();
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a bool if a user is allowed to fly the current aircraft
|
||||
* @param $user
|
||||
* @param $aircraft_id
|
||||
* @return bool
|
||||
*/
|
||||
public function aircraftAllowed($user, $aircraft_id)
|
||||
{
|
||||
$aircraft = $this->aircraftRepo->find($aircraft_id, ['subfleet_id']);
|
||||
$subfleets = $this->getAllowableSubfleets($user);
|
||||
$subfleet_ids = $subfleets->pluck('id')->toArray();
|
||||
|
||||
return \in_array($aircraft->subfleet_id, $subfleet_ids, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Change the user's state. PENDING to ACCEPTED, etc
|
||||
* Send out an email
|
||||
|
||||
Reference in New Issue
Block a user