Moves some dashboard methods to API (#12587)

* Move some dashboard methods to API

* Pass correct param in dashboard APITest for createNewDashboardForUser API method.

5 files changed, 267 insertions, 89 deletions

diff --git a/plugins/Dashboard/API.php b/plugins/Dashboard/API.php
index 05a6579c9d..de6551ca60 100644
--- a/plugins/Dashboard/API.php
+++ b/plugins/Dashboard/API.php
@@ -17,10 +17,12 @@ use Piwik\Piwik;
 class API extends \Piwik\Plugin\API
 {
     private $dashboard = null;
+    private $model     = null;
 
-    public function __construct(Dashboard $dashboard)
+    public function __construct(Dashboard $dashboard, Model $model)
     {
         $this->dashboard = $dashboard;
+        $this->model     = $model;
     }
 
     /**
@@ -40,6 +42,94 @@ class API extends \Piwik\Plugin\API
         return $dashboards;
     }
 
+
+    /**
+     * Creates a new dashboard for the given login
+     *
+     * Note: Only a super user is able to create dashboards for other users
+     *
+     * @param string $login login of the user that dashboard should be created for
+     * @param string $dashboardName name of the new dashboard
+     * @param bool $addDefaultWidgets  whether to add the current default widget collection or not
+     * @return int|string
+     */
+    public function createNewDashboardForUser($login, $dashboardName = '', $addDefaultWidgets = true)
+    {
+        Piwik::checkUserHasSuperUserAccessOrIsTheUser($login);
+
+        $layout = '{}';
+
+        if ($addDefaultWidgets) {
+            $layout = $this->dashboard->getDefaultLayout();
+        }
+
+        return $this->model->createNewDashboardForUser($login, $dashboardName, $layout);
+    }
+
+    /**
+     * Removes a dashboard according to given dashboard id and login
+     *
+     * Note: Only a super user is able to remove dashboards for other users
+     *
+     * @param int $idDashboard id of the dashboard to be removed
+     * @param string $login  Login of the dashboard user [defaults to current user]
+     */
+    public function removeDashboard($idDashboard, $login='')
+    {
+        $login = $login ? $login : Piwik::getCurrentUserLogin();
+
+        Piwik::checkUserHasSuperUserAccessOrIsTheUser($login);
+
+        if ($idDashboard != 1) {
+            $this->model->deleteDashboardForUser($idDashboard, $login);
+        }
+    }
+
+    /**
+     * Copy a dashboard of current user to another user
+     *
+     * Note: current user needs super user access
+     *
+     * @param int $idDashboard Id of the dashboard that should be copied
+     * @param string $copyToUser User the dashboard should be copied to
+     * @param string $dashboardName Name of the new dashboard (defaults to 'Dashboard of {user}')
+     * @return int id of the new dashboard
+     * @throws \Exception if an error occurs, or dashboard can't be found
+     */
+    public function copyDashboardToUser($idDashboard, $copyToUser, $dashboardName = '')
+    {
+        Piwik::checkUserHasSuperUserAccess();
+
+        $login  = Piwik::getCurrentUserLogin();
+        $layout = $this->dashboard->getLayoutForUser($login, $idDashboard);
+
+        if ($layout !== false) {
+            return $this->model->createNewDashboardForUser($copyToUser, $dashboardName, $layout);
+        }
+
+        throw new \Exception('Dashboard not found');
+    }
+
+    /**
+     * Resets a dashboard to the default widget configuration
+     *
+     * Note: Only a super user is able to reset dashboards for other users
+
+     * @param int $idDashboard dashboard id
+     * @param string $login user the dashboard belongs
+     *
+     */
+    public function resetDashboardLayout($idDashboard, $login='')
+    {
+        $login = $login ? $login : Piwik::getCurrentUserLogin();
+
+        Piwik::checkUserHasSuperUserAccessOrIsTheUser($login);
+
+        $layout = $this->dashboard->getDefaultLayout();
+
+        $this->model->updateLayoutForUser($login, $idDashboard, $layout);
+    }
+
     /**
      * Get the default dashboard.
      * @return \array[]
diff --git a/plugins/Dashboard/Controller.php b/plugins/Dashboard/Controller.php
index bef5a89237..4aaabe1828 100644
--- a/plugins/Dashboard/Controller.php
+++ b/plugins/Dashboard/Controller.php
@@ -7,6 +7,7 @@
  */
 namespace Piwik\Plugins\Dashboard;
 
+use Piwik\API\Request;
 use Piwik\Common;
 use Piwik\DataTable\Renderer\Json;
 use Piwik\Db;
@@ -85,14 +86,12 @@ class Controller extends \Piwik\Plugin\Controller
     public function resetLayout()
     {
         $this->checkTokenInUrl();
-        $layout = $this->dashboard->getDefaultLayout();
-        $idDashboard = Common::getRequestVar('idDashboard', 1, 'int');
         if (Piwik::isUserIsAnonymous()) {
             $session = new SessionNamespace("Dashboard");
-            $session->dashboardLayout = $layout;
+            $session->dashboardLayout = $this->dashboard->getDefaultLayout();
             $session->setExpirationSeconds(1800);
         } else {
-            $this->getModel()->updateLayoutForUser(Piwik::getCurrentUserLogin(), $idDashboard, $layout);
+            Request::processRequest('Dashboard.resetDashboardLayout');
         }
     }
 
@@ -102,25 +101,6 @@ class Controller extends \Piwik\Plugin\Controller
     }
 
     /**
-     * Removes the dashboard with the given id
-     */
-    public function removeDashboard()
-    {
-        $this->checkTokenInUrl();
-
-        if (Piwik::isUserIsAnonymous()) {
-            return;
-        }
-
-        $idDashboard = Common::getRequestVar('idDashboard', 1, 'int');
-
-        // first layout can't be removed
-        if ($idDashboard != 1) {
-            $this->getModel()->deleteDashboardForUser($idDashboard, Piwik::getCurrentUserLogin());
-        }
-    }
-
-    /**
      * Outputs all available dashboards for the current user as a JSON string
      */
     public function getAllDashboards()
@@ -140,56 +120,6 @@ class Controller extends \Piwik\Plugin\Controller
     }
 
     /**
-     * Creates a new dashboard for the current user
-     * User needs to be logged in
-     */
-    public function createNewDashboard()
-    {
-        $this->checkTokenInUrl();
-
-        if (Piwik::isUserIsAnonymous()) {
-            return '0';
-        }
-
-        $name   = urldecode(Common::getRequestVar('name', '', 'string'));
-        $type   = urldecode(Common::getRequestVar('type', 'default', 'string'));
-        $layout = '{}';
-        $login  = Piwik::getCurrentUserLogin();
-
-        if ($type == 'default') {
-            $layout = $this->dashboard->getDefaultLayout();
-        }
-
-        $nextId = $this->getModel()->createNewDashboardForUser($login, $name, $layout);
-
-        Json::sendHeaderJSON();
-        return json_encode($nextId);
-    }
-
-    public function copyDashboardToUser()
-    {
-        $this->checkTokenInUrl();
-
-        if (!Piwik::hasUserSuperUserAccess()) {
-            return '0';
-        }
-
-        $login = Piwik::getCurrentUserLogin();
-        $name  = urldecode(Common::getRequestVar('name', '', 'string'));
-        $user  = urldecode(Common::getRequestVar('user', '', 'string'));
-        $idDashboard = Common::getRequestVar('dashboardId', 0, 'int');
-
-        $layout = $this->dashboard->getLayoutForUser($login, $idDashboard);
-
-        if ($layout !== false) {
-            $nextId = $this->getModel()->createNewDashboardForUser($user, $name, $layout);
-
-            Json::sendHeaderJSON();
-            return json_encode($nextId);
-        }
-    }
-
-    /**
      * Saves the layout for the current user
      * anonymous = in the session
      * authenticated user = in the DB
diff --git a/plugins/Dashboard/javascripts/dashboard.js b/plugins/Dashboard/javascripts/dashboard.js
index 27ef28dfa0..22e07e38e0 100644
--- a/plugins/Dashboard/javascripts/dashboard.js
+++ b/plugins/Dashboard/javascripts/dashboard.js
@@ -10,21 +10,24 @@ function createDashboard() {
 
     piwikHelper.modalConfirm(makeSelectorLastId('createDashboardConfirm'), {yes: function () {
         var dashboardName = $(makeSelectorLastId('createDashboardName')).val();
-        var type = ($('[id=dashboard_type_empty]:last:checked').length > 0) ? 'empty' : 'default';
+        var addDefaultWidgets = ($('[id=dashboard_type_empty]:last:checked').length > 0) ? 0 : 1;
 
         var ajaxRequest = new ajaxHelper();
         ajaxRequest.setLoadingElement();
         ajaxRequest.withTokenInUrl();
         ajaxRequest.addParams({
-            module: 'Dashboard',
-            action: 'createNewDashboard'
+            module: 'API',
+            method: 'Dashboard.createNewDashboardForUser',
+            format: 'json'
         }, 'get');
         ajaxRequest.addParams({
-            name: encodeURIComponent(dashboardName),
-            type: type
+            dashboardName: encodeURIComponent(dashboardName),
+            addDefaultWidgets: addDefaultWidgets,
+            login: piwik.userLogin
         }, 'post');
         ajaxRequest.setCallback(
-            function (id) {
+            function (response) {
+                var id = response.value;
                 angular.element(document).injector().invoke(function ($location, reportingMenuModel, dashboardsModel) {
                     dashboardsModel.reloadAllDashboards().then(function () {
 
@@ -126,16 +129,17 @@ function copyDashboardToUser() {
 
             var ajaxRequest = new ajaxHelper();
             ajaxRequest.addParams({
-                module: 'Dashboard',
-                action: 'copyDashboardToUser'
+                module: 'API',
+                method: 'Dashboard.copyDashboardToUser',
+                format: 'json'
             }, 'get');
             ajaxRequest.addParams({
-                name: encodeURIComponent(copyDashboardName),
-                dashboardId: $('#dashboardWidgetsArea').dashboard('getDashboardId'),
-                user: encodeURIComponent(copyDashboardUser)
+                dashboardName: encodeURIComponent(copyDashboardName),
+                idDashboard: $('#dashboardWidgetsArea').dashboard('getDashboardId'),
+                copyToUser: encodeURIComponent(copyDashboardUser)
             }, 'post');
             ajaxRequest.setCallback(
-                function (id) {
+                function (response) {
                     $('#alert').find('h2').text(_pk_translate('Dashboard_DashboardCopied'));
                     piwikHelper.modalConfirm('#alert', {});
                 }
diff --git a/plugins/Dashboard/javascripts/dashboardObject.js b/plugins/Dashboard/javascripts/dashboardObject.js
index c79feea1c5..6af7a1ec05 100644
--- a/plugins/Dashboard/javascripts/dashboardObject.js
+++ b/plugins/Dashboard/javascripts/dashboardObject.js
@@ -197,9 +197,11 @@
             var ajaxRequest = new ajaxHelper();
             ajaxRequest.setLoadingElement();
             ajaxRequest.addParams({
-                module: 'Dashboard',
-                action: 'removeDashboard',
-                idDashboard: dashboardId
+                module: 'API',
+                method: 'Dashboard.removeDashboard',
+                idDashboard: dashboardId,
+                login: piwik.userLogin,
+                format: 'json'
             }, 'get');
             ajaxRequest.setCallback(
                 function () {
diff --git a/plugins/Dashboard/tests/Integration/APITest.php b/plugins/Dashboard/tests/Integration/APITest.php
new file mode 100644
index 0000000000..ffb1f4c12f
--- /dev/null
+++ b/plugins/Dashboard/tests/Integration/APITest.php
@@ -0,0 +1,152 @@
+<?php
+/**
+ * Piwik - free/libre analytics platform
+ *
+ * @link http://piwik.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ */
+
+namespace Piwik\Plugins\Dashboard\tests\Integration;
+
+use Piwik\Plugins\Dashboard\API;
+use Piwik\Plugins\Dashboard\Model;
+use Piwik\Tests\Framework\Fixture;
+use Piwik\Tests\Framework\Mock\FakeAccess;
+use Piwik\Tests\Framework\TestCase\IntegrationTestCase;
+
+/**
+ * @group GoalsDashboard
+ * @group Plugins
+ * @group APITest
+ * @group Plugins
+ */
+class APITest extends IntegrationTestCase
+{
+    /**
+     * @var Model
+     */
+    private $model;
+
+    /**
+     * @var API
+     */
+    private $api;
+
+    public function setUp()
+    {
+        parent::setUp();
+
+        Fixture::createSuperUser();
+
+        $this->model = new Model();
+        $this->api = API::getInstance();
+    }
+
+    /**
+     * @expectedException \Exception
+     * @expectedExceptionMessage General_ExceptionCheckUserHasSuperUserAccessOrIsTheUser
+     */
+    public function testCreateNewDashboardForOtherUserDoesNotWorkForNonSuperUser()
+    {
+        FakeAccess::$superUser = false;
+
+        $layout ='[[{"uniqueId":"widgetLivewidget","parameters":{"module":"Live","action":"widget"}}]]';
+        $this->api->createNewDashboardForUser('eva', 'name', $layout);
+    }
+
+    public function testCreateNewDashboardForUserHimself()
+    {
+        FakeAccess::$superUser = false;
+        FakeAccess::$identity = 'eva';
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertEmpty($dashboards);
+
+        $this->api->createNewDashboardForUser('eva', 'name', $addDefaultWidgets = true);
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertCount(1, $dashboards);
+    }
+
+    public function testCreateNewDashboardForOtherUser()
+    {
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertEmpty($dashboards);
+        $this->api->createNewDashboardForUser('eva', 'name', $addDefaultWidgets = true);
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertCount(1, $dashboards);
+    }
+
+    public function testCopyDashboardToUser()
+    {
+        $layout ='[[{"uniqueId":"widgetLivewidget","parameters":{"module":"Live","action":"widget"}}]]';
+        $id = $this->model->createNewDashboardForUser('superUserLogin', 'any name', $layout);
+
+        $this->assertNotEmpty($id);
+
+        $newId = $this->api->copyDashboardToUser($id, 'eva', 'new name');
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+
+        $this->assertCount(1, $dashboards);
+        $dashboard = end($dashboards);
+        $this->assertEquals($dashboard['iddashboard'], $newId);
+        $this->assertEquals($dashboard['name'], 'new name');
+        $this->assertEquals($dashboard['layout'], $layout);
+    }
+
+    /**
+     * @expectedException \Exception
+     * @expectedExceptionMessage Dashboard not found
+     */
+    public function testCopyDashboardToUserFails()
+    {
+        $this->api->copyDashboardToUser(5, 'eva', 'new name');
+    }
+
+    public function testRemoveDashboardForUserHimself()
+    {
+        FakeAccess::$superUser = false;
+        FakeAccess::$identity = 'eva';
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertEmpty($dashboards);
+
+        // first dashboard can't be removed
+        $this->api->createNewDashboardForUser('eva', 'name', $addDefaultWidgets = true);
+        $id = $this->api->createNewDashboardForUser('eva', 'new name', $addDefaultWidgets = true);
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertCount(2, $dashboards);
+
+        $this->api->removeDashboard($id);
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertCount(1, $dashboards);
+    }
+
+    public function testRemoveDashboardForOtherUser()
+    {
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertEmpty($dashboards);
+
+        // first dashboard can't be removed
+        $this->api->createNewDashboardForUser('eva', 'name', $addDefaultWidgets = true);
+        $id = $this->api->createNewDashboardForUser('eva', 'new name', $addDefaultWidgets = true);
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertCount(2, $dashboards);
+
+        $this->api->removeDashboard($id, 'eva');
+
+        $dashboards = $this->model->getAllDashboardsForUser('eva');
+        $this->assertCount(1, $dashboards);
+    }
+
+    public function provideContainerConfig()
+    {
+        return array(
+            'Piwik\Access' => new FakeAccess()
+        );
+    }
+}
\ No newline at end of file