Re update Json event, Handle json error, Parameter, schema, event handling, rephase, non nullable search,Text Parameter fixes

Author: stunnerparas

src/Gdpr/Attribute/Request/GdprRequestBody.php

@@ -14,6 +14,7 @@
 namespace Pimcore\Bundle\StudioBackendBundle\Gdpr\Attribute\Request;
 
 use Attribute;
+use OpenApi\Attributes\Items;
 use OpenApi\Attributes\JsonContent;
 use OpenApi\Attributes\Property;
 use OpenApi\Attributes\RequestBody;
@@ -29,13 +30,24 @@ public function __construct()
         parent::__construct(
             required: true,
             content: new JsonContent(
-                required: ['providerName'],
+
+                required: ['providers', 'searchTerms'], 
                 properties: [
                     new Property(
-                        property: 'providerName',
-                        description: 'The key of the single provider to search (e.g., pimcore_user)',
-                        type: 'string',
-                        example: 'pimcore_user'
+                        property: 'providers',
+                        description: 'A list of provider keys to search',
+                        type: 'array',
+                        items: new Items(
+                            type: 'string',
+                            example: 'pimcore_users'
+                        )
+                    ),
+
+                    new Property(
+                        property: 'searchTerms',
+                        description: 'The object containing the search values.',
+                        ref: SearchTerms::class,
+                        type: 'object'
                     ),
                 ],
                 type: 'object',

src/Gdpr/Controller/ExportController.php

@@ -54,15 +54,13 @@ public function __construct(
         operationId: 'gdpr_export',
         summary: 'gdpr_export_summary',
         description: 'gdpr_export_description',
-        tags: [Tags::Export->value],
-        parameters: [
-            new TextFieldParameter(
-                name: 'providerKey',
-                description: 'The key of the single provider to export',
-                required: true,
-                example: 'pimcore_user'
-            ),
-        ]
+        tags: [Tags::Export->value]
+    )]
+    #[TextFieldParameter(
+        name: 'providerKey',
+        description: 'The key of the single provider to export',
+        required: true,
+        example: 'pimcore_user'
     )]
     #[SuccessResponse(
         description: 'gdpr_export_success_response',

src/Gdpr/Event/PreResponse/GdprExportDataEvent.php

@@ -13,28 +13,23 @@
 
 namespace Pimcore\Bundle\StudioBackendBundle\Gdpr\Event\PreResponse;
 
+use Pimcore\Bundle\StudioBackendBundle\Event\AbstractPreResponseEvent;
 use Pimcore\Bundle\StudioBackendBundle\Gdpr\Schema\GdprSearchResultCollection;
-use Symfony\Contracts\EventDispatcher\Event;
 
 /**
  * @internal
  */
-final class GdprSearchResultEvent extends Event
+final class GdprSearchResultEvent extends AbstractPreResponseEvent
 {
     public const string EVENT_NAME = 'pre_response.gdpr_search_result';
 
-    public function __construct(private GdprSearchResultCollection $collection)
+    public function __construct(private readonly GdprSearchResultCollection $collection)
     {
-
+        parent::__construct($this->collection);
     }
 
     public function getCollection(): GdprSearchResultCollection
     {
         return $this->collection;
     }
-
-    public function setCollection(GdprSearchResultCollection $collection): void
-    {
-        $this->collection = $collection;
-    }
 }

src/Gdpr/Event/PreResponse/GdprSearchResultEvent.php

@@ -18,6 +18,7 @@
 use Symfony\Component\Validator\Constraints\NotBlank;
 use Symfony\Component\Validator\Constraints\Type;
 use Symfony\Component\Validator\Constraints\Valid;
+use Symfony\Component\Validator\Constraints\NotNull;
 
 /**
  * @internal
@@ -33,7 +34,8 @@ public function __construct(
         public array $providers,
 
         #[Valid]
-        public ?SearchTerms $searchTerms = null
+        #[NotNull]
+        public SearchTerms $searchTerms
     ) {
     }
 }

src/Gdpr/MappedParameter/GdprStructuredSearchRequest.php

@@ -24,7 +24,7 @@ interface DataProviderInterface
     /**
      * @return GdprDataRow[]
      */
-    public function findData(?SearchTerms $terms): array;
+    public function findData(SearchTerms $terms): array;
 
     public function getName(): string;
 

src/Gdpr/Provider/DataProviderInterface.php

@@ -28,7 +28,7 @@
     /**
      * {@inheritdoc}
      */
-    public function findData(?SearchTerms $terms): array
+    public function findData(SearchTerms $terms): array
     {
         $listing = new Listing();
         $conditionParts = [];

src/Gdpr/Provider/PimcoreUserProvider.php

@@ -13,6 +13,8 @@
 
 namespace Pimcore\Bundle\StudioBackendBundle\Gdpr\Schema;
 
+use Pimcore\Bundle\StudioBackendBundle\Util\Schema\AdditionalAttributesInterface;
+use Pimcore\Bundle\StudioBackendBundle\Util\Trait\AdditionalAttributesTrait;
 use OpenApi\Attributes\Items;
 use OpenApi\Attributes\Property;
 use OpenApi\Attributes\Schema;
@@ -27,8 +29,10 @@
     required: ['items']
 )]
 
-final class GdprSearchResultCollection
+final class GdprSearchResultCollection implements AdditionalAttributesInterface
 {
+    use AdditionalAttributesTrait;
+
     /**
      * @param array<GdprSearchResult> $items
      */
@@ -38,7 +42,8 @@ public function __construct(
             type: 'array',
             items: new Items(ref: GdprSearchResult::class)
         )]
-        private array $items,
+
+        private readonly array $items,
     ) {
     }
 

src/Gdpr/Schema/GdprSearchResultCollection.php

@@ -15,7 +15,6 @@
 
 use Pimcore\Bundle\StudioBackendBundle\Exception\Api\ForbiddenException;
 use Pimcore\Bundle\StudioBackendBundle\Gdpr\Event\PreResponse\GdprDataProviderEvent;
-use Pimcore\Bundle\StudioBackendBundle\Gdpr\Event\PreResponse\GdprExportDataEvent;
 use Pimcore\Bundle\StudioBackendBundle\Gdpr\Event\PreResponse\GdprSearchResultEvent;
 use Pimcore\Bundle\StudioBackendBundle\Gdpr\MappedParameter\GdprStructuredSearchRequest;
 use Pimcore\Bundle\StudioBackendBundle\Gdpr\Provider\DataProviderInterface;
@@ -27,8 +26,10 @@
 use Pimcore\Bundle\StudioBackendBundle\Util\Constant\HttpResponseCodes;
 use Pimcore\Bundle\StudioBackendBundle\Util\Constant\HttpResponseHeaders;
 use Pimcore\Bundle\StudioBackendBundle\Util\Trait\StreamedResponseTrait;
+use Pimcore\Bundle\StudioBackendBundle\Exception\Api\InvalidArgumentException;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
+use JsonException;
 use function count;
 use function sprintf;
 use function strlen;
@@ -63,36 +64,11 @@ public function getAvailableProviders(): Collection
     public function search(GdprStructuredSearchRequest $request): GdprSearchResultCollection
     {
         $allResults = [];
-        $currentUser = $this->securityService->getCurrentUser();
 
         foreach ($request->providers as $providerKey) {
             $provider = $this->loader->resolve($providerKey);
-
-            $permissions = $provider->getRequiredPermissions();
-            $isGranted = false;
-
-            if (empty($permissions)) {
-                $isGranted = true; // No permissions required
-            } else {
-                foreach ($permissions as $permission) {
-                    if ($currentUser->isAllowed($permission)) {
-                        $isGranted = true;
-
-                        break;
-                    }
-                }
-            }
-
-            // Check if the current user has the required permission
-            if (!$isGranted) {
-                throw new ForbiddenException(
-                    sprintf(
-                        'Not allowed to access the targeted provider "%s". Required permission(s): "%s"',
-                        $providerKey,
-                        implode(', ', $permissions)
-                    )
-                );
-            }
+            
+            $this->checkProviderPermission($provider);
 
             $results = $provider->findData($request->searchTerms);
 
@@ -113,34 +89,9 @@ public function search(GdprStructuredSearchRequest $request): GdprSearchResultCo
      */
     public function getExportDataAsJson(int $id, string $providerKey): StreamedResponse
     {
-        $currentUser = $this->securityService->getCurrentUser();
-
         $provider = $this->loader->resolve($providerKey);
-
-        $permissions = $provider->getRequiredPermissions();
-        $isGranted = false;
-
-        if (empty($permissions)) {
-            $isGranted = true; // No permissions required
-        } else {
-            foreach ($permissions as $permission) {
-                if ($currentUser->isAllowed($permission)) {
-                    $isGranted = true;
-
-                    break;
-                }
-            }
-        }
-
-        if (!$isGranted) {
-            throw new ForbiddenException(
-                sprintf(
-                    'Not allowed for provider: %s. Required permission(s): %s',
-                    $provider->getKey(),
-                    implode(', ', $permissions)
-                )
-            );
-        }
+        
+        $this->checkProviderPermission($provider);
 
         $data = $provider->getSingleItemForDownload($id); //id is a single item of a particular provider
 
@@ -194,11 +145,19 @@ private function getSearchResultCollection(array $results): GdprSearchResultColl
      */
     private function createExportResponse(mixed $data, string $providerKey, int $id): StreamedResponse
     {
-        $event = new GdprExportDataEvent($data);
-        $this->eventDispatcher->dispatch($event, GdprExportDataEvent::EVENT_NAME);
-        $finalData = $event->getData();
-
-        $jsonData = json_encode($finalData, JSON_THROW_ON_ERROR);
+        try {
+            $jsonData = json_encode($data, JSON_THROW_ON_ERROR);
+        } catch (JsonException $e) {
+            throw new InvalidArgumentException(
+                sprintf(
+                    'JSON encode failed for "%s" (ID: %d): %s',
+                    $providerKey,
+                    $id,
+                    $e->getMessage()
+                ),
+                previous: $e
+            );
+        }
 
         $filename = sprintf('gdpr-export-%s-%d.json', $providerKey, $id);
         $fileSize = strlen($jsonData);
@@ -234,4 +193,35 @@ private function sortProviders(array $providers): array
 
         return $providers;
     }
+
+    /**
+     * @throws ForbiddenException
+     */
+    private function checkProviderPermission(DataProviderInterface $provider): void
+    {
+        $currentUser = $this->securityService->getCurrentUser();
+        $permissions = $provider->getRequiredPermissions();
+
+        // Check if user has at least one of the required permissions in order to access the provider
+        $isGranted = false;
+
+        if ($currentUser !== null) {
+            foreach ($permissions as $permission) {
+                if ($currentUser->isAllowed($permission)) {
+                    $isGranted = true;
+                    break;
+                }
+            }
+        }
+
+        if (!$isGranted) {
+            throw new ForbiddenException(
+                sprintf(
+                    'Not allowed for provider: %s. Required permission(s): %s',
+                    $provider->getKey(),
+                    implode(', ', $permissions)
+                )
+            );
+        }
+    }
 }