1<?php 2/** 3 * OrangeHRM is a comprehensive Human Resource Management (HRM) System that captures 4 * all the essential functionalities required for any enterprise. 5 * Copyright (C) 2006 OrangeHRM Inc., http://www.orangehrm.com 6 * 7 * OrangeHRM is free software; you can redistribute it and/or modify it under the terms of 8 * the GNU General Public License as published by the Free Software Foundation; either 9 * version 2 of the License, or (at your option) any later version. 10 * 11 * OrangeHRM is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; 12 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 13 * See the GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License along with this program; 16 * if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 17 * Boston, MA 02110-1301, USA 18 */ 19 20use Orangehrm\Rest\Api\Exception\BadRequestException; 21use Orangehrm\Rest\Api\Exception\NotImplementedException; 22use Orangehrm\Rest\Api\Leave\SaveLeaveRequestAPI; 23use Orangehrm\Rest\Api\User\Leave\AssignLeaveRequestAPI; 24use Orangehrm\Rest\Http\Request; 25 26class SubordinateLeaveRequestApiAction extends BaseUserApiAction 27{ 28 /** 29 * @var null|AssignLeaveRequestAPI 30 */ 31 private $assignLeaveRequestAPI = null; 32 33 protected function init(Request $request) 34 { 35 $this->assignLeaveRequestAPI = new AssignLeaveRequestAPI($request); 36 $this->postValidationRule = $this->assignLeaveRequestAPI->getValidationRules(); 37 } 38 39 protected function handleGetRequest(Request $request) 40 { 41 throw new NotImplementedException(); 42 } 43 44 /** 45 * @OA\Post( 46 * path="/subordinate/{id}/leave-request", 47 * summary="Save Subordinate Leave Request (Single Day/Multiple Day)", 48 * tags={"Leave","User"}, 49 * @OA\Parameter( 50 * name="id", 51 * in="path", 52 * required=true, 53 * @OA\Schema(type="number"), 54 * description="Subordinate employee id", 55 * ), 56 * @OA\RequestBody( 57 * @OA\JsonContent( 58 * oneOf={@OA\Schema(ref="#/components/schemas/LeaveRequestSingleDayRequestBody"), 59 * @OA\Schema(ref="#/components/schemas/LeaveRequestMultipleDayRequestBody")} 60 * ) 61 * ), 62 * @OA\Response( 63 * response=200, 64 * description="Successful operation", 65 * @OA\JsonContent(ref="#/components/schemas/SuccessfullySaved"), 66 * ), 67 * @OA\Response( 68 * response=400, 69 * description="No Bound User", 70 * @OA\JsonContent(ref="#/components/schemas/NoBoundUserError"), 71 * ), 72 * @OA\Response( 73 * response=404, 74 * description="No Records Found", 75 * @OA\JsonContent(ref="#/components/schemas/RecordNotFoundException"), 76 * ), 77 * ) 78 */ 79 protected function handlePostRequest(Request $request) 80 { 81 $this->setUserToContext(); 82 $empNumber = $this->assignLeaveRequestAPI->getRequestParams()->getUrlParam(SaveLeaveRequestAPI::PARAMETER_ID); 83 if (!in_array($empNumber, $this->getAccessibleEmpNumbers())) { 84 throw new BadRequestException('Access Denied'); 85 } 86 return $this->assignLeaveRequestAPI->saveLeaveRequest(); 87 } 88 89 protected function getAccessibleEmpNumbers(): array 90 { 91 $properties = ["empNumber"]; 92 $requiredPermissions = [BasicUserRoleManager::PERMISSION_TYPE_ACTION => ['assign_leave']]; 93 $employeeList = UserRoleManagerFactory::getUserRoleManager()->getAccessibleEntityProperties( 94 'Employee', 95 $properties, 96 null, 97 null, 98 [], 99 [], 100 $requiredPermissions 101 ); 102 103 return array_keys($employeeList); 104 } 105} 106