feat(demo): add story 1 — Sorano: Rock and Time

2026-06-20 21:19:57 +02:00
parent 42ed59a6b3
commit 8f87155c1d
5508 changed files with 1595740 additions and 124 deletions
@@ -0,0 +1,89 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Grav\Plugin\Api\Controllers;
+
+use Grav\Plugin\Api\Exceptions\ForbiddenException;
+use Grav\Plugin\Api\Exceptions\ValidationException;
+use Grav\Plugin\Api\PermissionResolver;
+use Grav\Plugin\Api\Response\ApiResponse;
+use Grav\Plugin\Api\Services\DashboardLayoutResolver;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+
+/**
+ * Dashboard widget customization endpoints.
+ *
+ * Backs admin-next's per-user / per-site customizable dashboard. The merged
+ * widget list combines a built-in core registry, plugin contributions via
+ * `onApiDashboardWidgets`, the site default layout (super-admin), and the
+ * current user's overrides. Site-hidden widgets are not exposed to users.
+ */
+class DashboardWidgetController extends AbstractApiController
+{
+    /**
+     * GET /dashboard/widgets — Resolved widget list + layouts for the current user.
+     */
+    public function widgets(ServerRequestInterface $request): ResponseInterface
+    {
+        $this->requirePermission($request, 'api.access');
+
+        $user = $this->getUser($request);
+        $resolver = $this->getResolver();
+        $isSuperAdmin = $this->isSuperAdmin($user);
+
+        return ApiResponse::create($resolver->resolve($user, $isSuperAdmin));
+    }
+
+    /**
+     * PATCH /dashboard/layout — Save the current user's dashboard layout.
+     */
+    public function saveUserLayout(ServerRequestInterface $request): ResponseInterface
+    {
+        $this->requirePermission($request, 'api.access');
+
+        $body = $this->getRequestBody($request);
+        if (!is_array($body)) {
+            throw new ValidationException('Request body must be a JSON object.');
+        }
+
+        $user = $this->getUser($request);
+        $resolver = $this->getResolver();
+        $resolver->saveUserLayout($user, $body);
+
+        return ApiResponse::create($resolver->resolve($user, $this->isSuperAdmin($user)));
+    }
+
+    /**
+     * PATCH /dashboard/site-layout — Save the site-wide default dashboard layout.
+     *
+     * Super-admin only. Widgets marked invisible here are hidden for all users
+     * and cannot be re-enabled per-user.
+     */
+    public function saveSiteLayout(ServerRequestInterface $request): ResponseInterface
+    {
+        $user = $this->getUser($request);
+        if (!$this->isSuperAdmin($user)) {
+            throw new ForbiddenException('Only super-admins can edit the site dashboard layout.');
+        }
+
+        $body = $this->getRequestBody($request);
+        if (!is_array($body)) {
+            throw new ValidationException('Request body must be a JSON object.');
+        }
+
+        $resolver = $this->getResolver();
+        $resolver->saveSiteLayout($body);
+
+        return ApiResponse::create($resolver->resolve($user, true));
+    }
+
+    private function getResolver(): DashboardLayoutResolver
+    {
+        return new DashboardLayoutResolver(
+            $this->grav,
+            new PermissionResolver($this->grav['permissions']),
+        );
+    }
+}