Merge pull request #579 from wri/release/sassy-sycamore-hotfix-2024-1…

…1-18 [RELEASE] Sassy Sycamore Hotfix 2024 11 18
wri · Nov 20, 2024 · f7dfdec · f7dfdec
2 parents 9574202 + b94b5b9
commit f7dfdec
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 9 deletions.
diff --git a/app/Http/Controllers/V2/Dashboard/GetProjectsController.php b/app/Http/Controllers/V2/Dashboard/GetProjectsController.php
@@ -14,7 +14,10 @@ public function __invoke(Request $request)
     {
         /** @var User $user */
         $user = Auth::user();
-        if ($user->hasRole('government') && data_get($request, 'filter.projectUuid', '')) {
+
+        if (is_null($user)) {
+            $request = new Request(['filter' => []]);
+        } elseif ($user->hasRole('government') && data_get($request, 'filter.projectUuid', '')) {
             $request = new Request(['filter' => []]);
         } else {
             $frameworks = data_get($request, 'filter.programmes', []);

diff --git a/app/Http/Controllers/V2/Dashboard/ViewProjectController.php b/app/Http/Controllers/V2/Dashboard/ViewProjectController.php
@@ -18,14 +18,18 @@ public function getIfUserIsAllowedToProject(String $uuid)
     {
         /** @var User $user */
         $user = Auth::user();
-        if ($user->hasRole('government')) {
+        if (is_null($user)) {
+            $response = (object)[
+              'allowed' => false,
+            ];
+        } elseif ($user->hasRole('government')) {
             $response = (object)[
               'allowed' => false,
             ];
         } elseif ($user->hasRole('funder')) {
             $isAllowed = Project::where('uuid', $uuid)
-                ->where('framework_key', $user->program)
-                ->exists();
+            ->where('framework_key', $user->program)
+            ->exists();
             $response = (object)[
                 'allowed' => $isAllowed,
             ];
@@ -38,7 +42,7 @@ public function getIfUserIsAllowedToProject(String $uuid)
             $response = (object)[
                 'allowed' => $isInvite,
             ];
-        } elseif ($user->isAdmin) {
+        } elseif ($user->hasDashboardAdminAccess()) {
             $response = (object)[
                 'allowed' => true,
             ];

diff --git a/app/Http/Controllers/V2/Terrafund/TerrafundCreateGeometryController.php b/app/Http/Controllers/V2/Terrafund/TerrafundCreateGeometryController.php
@@ -1050,12 +1050,18 @@ public function downloadAllActivePolygonsByFramework(Request $request)
     {
         ini_set('max_execution_time', '-1');
         ini_set('memory_limit', '-1');
+        ini_set('post_max_size', '300M');
+        ini_set('upload_max_filesize', '300M');
+        if (! ini_set('max_execution_time', 60)) {
+            Log::info('Failed to set max_execution_time');
+        }
+
         $framework = $request->query('framework');
 
         try {
             $sitesFromFramework = Site::where('framework_key', $framework)->pluck('uuid');
 
-            $activePolygonIds = SitePolygon::wherein('site_id', $sitesFromFramework)->active()->pluck('poly_id');
+            $activePolygonIds = SitePolygon::wherein('site_id', $sitesFromFramework)->where('status', 'approved')->active()->pluck('poly_id');
             Log::info('count of active polygons: ', ['count' => count($activePolygonIds)]);
             $features = [];
             foreach ($activePolygonIds as $polygonUuid) {
@@ -1095,7 +1101,7 @@ public function downloadGeojsonAllActivePolygons()
         ini_set('memory_limit', '-1');
 
         try {
-            $activePolygonIds = SitePolygon::active()->pluck('poly_id');
+            $activePolygonIds = SitePolygon::active()->where('status', 'approved')->pluck('poly_id');
 
             $features = [];
             foreach ($activePolygonIds as $polygonUuid) {
@@ -1110,7 +1116,7 @@ public function downloadGeojsonAllActivePolygons()
                     continue;
                 }
                 $sitePolygon = SitePolygon::where('poly_id', $polygonUuid)->first();
-                $properties = $sitePolygon ? $sitePolygon->only(['poly_name', 'plantstart', 'plantend', 'practice', 'target_sys', 'distr', 'num_trees', 'site_id', 'uuid']) : [];
+                $properties = $sitePolygon ? $sitePolygon->only(['poly_name', 'plantstart', 'plantend', 'practice', 'target_sys', 'distr', 'num_trees', 'site_id', 'uuid', 'id']) : [];
                 $feature = [
                     'type' => 'Feature',
                     'geometry' => json_decode($polygonGeometry->geojsonGeom),

diff --git a/app/Models/V2/User.php b/app/Models/V2/User.php
@@ -394,4 +394,12 @@ public function getIsAdminAttribute(): bool
     {
         return $this->hasAnyRole(self::adminRoles());
     }
+
+    public function hasDashboardAdminAccess(): bool
+    {
+        return in_array($this->primaryRole->name, [
+                   'admin-super',
+                   'admin-terrafund',
+               ]);
+    }
 }
diff --git a/routes/api_v2.php b/routes/api_v2.php
@@ -722,7 +722,7 @@ function () {
     Route::delete('/{auditable}/{uuid}/delete', DeleteAuditStatusController::class);
 });
 
-Route::prefix('dashboard')->group(function () {
+Route::prefix('dashboard')->withoutMiddleware('auth:service-api-key,api')->group(function () {
     Route::get('/restoration-strategy', ViewRestorationStrategyController::class);
     Route::get('/jobs-created', GetJobsCreatedController::class);
     Route::get('/volunteers-survival-rate', VolunteersAndAverageSurvivalRateController::class);