Merge pull request #715 from City-of-Helsinki/ASU-1733-delete-application

Asu 1733 delete application

Author: Andrey-Baklanov

public/modules/custom/asu_api/src/Api/BackendApi/BackendApi.php

@@ -5,6 +5,7 @@
 use Drupal\Core\TempStore\PrivateTempStore;
 use Drupal\Core\TempStore\PrivateTempStoreFactory;
 use Drupal\asu_api\Api\BackendApi\Request\AuthenticationRequest;
+use Drupal\asu_api\Api\BackendApi\Request\DeleteApplicationRequest;
 use Drupal\asu_api\Api\Request;
 use Drupal\asu_api\Api\Response;
 use Drupal\asu_api\Exception\IllegalApplicationException;
@@ -63,6 +64,12 @@ public function __construct(Client $client, LoggerInterface $logger, PrivateTemp
     $this->store = $storeFactory->get('customer');
   }
 
+  public function deleteApplication(UserInterface $sender, string $applicationId): void {
+    $request = new DeleteApplicationRequest($sender, $applicationId);
+    $this->send($request);
+  }
+
+
   /**
    * Send request.
    *
@@ -79,6 +86,7 @@ public function __construct(Client $client, LoggerInterface $logger, PrivateTemp
    */
   public function send(Request $request, array $options = []): ?Response {
     $options['headers'] = $options['headers'] ?? [];
+    $sender = $request->getSender();
     if ($request->requiresAuthentication()) {
       if ($token = $this->handleAuthentication($request->getSender())) {
         $options['headers']['Authorization'] = sprintf("Bearer %s", $token);

public/modules/custom/asu_api/src/Api/BackendApi/Request/DeleteApplicationRequest.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace Drupal\asu_api\Api\BackendApi\Request;
+
+use Drupal\asu_api\Api\Request;
+use Drupal\asu_api\Api\BackendApi\Response\DeleteApplicationResponse;
+use Drupal\user\UserInterface;
+use GuzzleHttp\Exception\GuzzleException;
+use GuzzleHttp\Client;
+use Psr\Http\Message\ResponseInterface;
+
+class DeleteApplicationRequest extends Request {
+
+  protected const AUTHENTICATED = TRUE;
+  protected string $method = 'DELETE';
+
+  protected string $applicationId;
+  protected array $payload;
+
+  public function __construct(
+    ?UserInterface $sender,
+    string $applicationId,
+    array $payload = []
+  ) {
+    if ($sender) {
+      $this->setSender($sender);
+    }
+    $this->applicationId = $applicationId;
+    $this->payload = $payload ?: [
+      'comment' => 'Cancelled by user',
+      'cancellation_reason' => 'terminated',
+    ];
+  }
+
+  public function getPath(): string {
+    return "/v1/applications/delete/{$this->applicationId}/";
+  }
+
+  public static function getResponse(ResponseInterface $response): DeleteApplicationResponse {
+    return DeleteApplicationResponse::createFromHttpResponse($response);
+  }
+
+  public function getPayload(): array {
+    return $this->payload;
+  }
+
+  public function toArray(): array {
+    return $this->getPayload();
+  }
+
+  public function getMethod(): string {
+    return 'DELETE';
+  }
+}

public/modules/custom/asu_api/src/Api/BackendApi/Response/DeleteApplicationResponse.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Drupal\asu_api\Api\BackendApi\Response;
+
+use Drupal\asu_api\Api\Response;
+use Psr\Http\Message\ResponseInterface;
+
+/**
+ * Response for DeleteApplicationRequest.
+ */
+class DeleteApplicationResponse extends Response {
+
+  /**
+   * Create a new response from HTTP response.
+   */
+  public static function createFromHttpResponse(ResponseInterface $response): self {
+    return new self($response);
+  }
+
+}

public/modules/custom/asu_application/asu_application.install

@@ -194,3 +194,17 @@ function asu_application_update_9009() : void {
     ->condition('field_locked', 1)
     ->execute();
 }
+
+/**
+ * Add backend_id field to asu_application entity.
+ */
+function asu_application_update_9011() {
+  $field = BaseFieldDefinition::create('string')
+    ->setLabel(t('Backend application ID'))
+    ->setDescription(t('UUID returned from Django backend when creating application.'))
+    ->setRequired(FALSE)
+    ->setReadOnly(FALSE);
+
+  $definition_update_manager = \Drupal::entityDefinitionUpdateManager();
+  $definition_update_manager->installFieldStorageDefinition('field_backend_application_id', 'asu_application', 'asu_application', $field);
+}

public/modules/custom/asu_application/asu_application.module

@@ -130,6 +130,7 @@ function template_preprocess_asu_application(array &$variables) {
     $application_teaser_values = [
       '#teaser_values' => [
         'application_id' => $application->id->value,
+        'backend_application_id' => $application->get('field_backend_id')->value,
         'project_uuid' => $project->uuid(),
         'language' => \Drupal::languageManager()->getCurrentLanguage()->getId(),
         'project_name' => $project->field_housing_company->value,
@@ -291,3 +292,22 @@ function asu_application_send_apply_for_free_apartment(array &$message, array $p
   $message['subject'] = $params['subject'];
   $message['body'][] = $params['message'];
 }
+
+
+/**
+ * Implements hook_preprocess_HOOK() for asu_application templates.
+ */
+function asu_application_preprocess_asu_application(array &$variables) {
+  $view_mode = $variables['elements']['#view_mode'] ?? NULL;
+  if ($view_mode !== 'submitted_teaser') {
+    return;
+  }
+
+  $teaser_values = &$variables['content']['#teaser_values'];
+
+  if (!empty($teaser_values['application_id'])) {
+    $app_id = $teaser_values['application_id'];
+    $token = \Drupal::service('csrf_token')->get("delete_application_{$app_id}");
+    $teaser_values['delete_url'] = "/asu/application/delete/{$app_id}/{$token}";
+  }
+}

public/modules/custom/asu_application/asu_application.routing.yml

@@ -1,31 +1,42 @@
 asu_application.admin_create_application:
-  path: '/application/create/{user_id}'
+  path: "/application/create/{user_id}"
   defaults:
-    _title: 'Create application'
+    _title: "Create application"
     _form: '\Drupal\asu_application\Form\SalespersonApplicationForm'
   requirements:
-    _permission: 'administer applications'
+    _permission: "administer applications"
 
 asu_application.application_results:
-  path: '/user/application/results'
+  path: "/user/application/results"
   defaults:
     _controller: '\Drupal\asu_application\Controller\ResultController::getResults'
   methods: [POST]
   requirements:
-    _permission: 'create application'
+    _permission: "create application"
 
 asu_application.lottery_start:
-  path: '/lottery/start/{project_uuid}'
+  path: "/lottery/start/{project_uuid}"
   defaults:
     _controller: '\Drupal\asu_application\Controller\ResultController::startLottery'
   methods: [GET]
   requirements:
-    _permission: 'administer applications'
+    _permission: "administer applications"
 
 asu_application.apply_for_free_apartment:
-  path: '/contact/apply_for_free_apartment'
+  path: "/contact/apply_for_free_apartment"
   defaults:
     _form: 'Drupal\asu_application\Form\ReservedApartmentContactForm'
-    _title: 'Apply for an apartment'
+    _title: "Apply for an apartment"
   requirements:
-    _permission: 'access content'
+    _permission: "access content"
+
+asu_application.delete_secure:
+  path: "/asu/application/delete/{application}/{token}"
+  defaults:
+    _controller: '\Drupal\asu_application\Controller\AsuApplicationDeleteController::delete'
+    _title: "Delete application"
+  requirements:
+    _permission: "access content"
+    application: '\d+'
+    token: "[A-Za-z0-9-_]+"
+  methods: ["POST"]

public/modules/custom/asu_application/src/Controller/AsuApplicationDeleteController.php

@@ -0,0 +1,73 @@
+<?php
+
+namespace Drupal\asu_application\Controller;
+
+use Drupal\Core\Controller\ControllerBase;
+use Drupal\Core\Entity\EntityTypeManagerInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Symfony\Component\DependencyInjection\ContainerInterface;
+use Drupal\asu_api\Api\BackendApi\BackendApi;
+use Drupal\Core\Session\AccountProxyInterface;
+
+class AsuApplicationDeleteController extends ControllerBase {
+
+  protected $entityTypeManager;
+  protected BackendApi $backendApi;
+  protected $currentUser;
+
+  public function __construct(
+    EntityTypeManagerInterface $entityTypeManager,
+    BackendApi $backendApi,
+    AccountProxyInterface $currentUser
+  ) {
+    $this->entityTypeManager = $entityTypeManager;
+    $this->backendApi = $backendApi;
+    $this->currentUser = $currentUser;
+  }
+
+  public static function create(ContainerInterface $container): self {
+    return new static(
+      $container->get('entity_type.manager'),
+      $container->get('asu_api.backendapi'),
+      $container->get('current_user')
+    );
+  }
+
+  public function delete($application, $token): RedirectResponse {
+
+    $storage = $this->entityTypeManager->getStorage('asu_application');
+    $entity = $storage->load($application);
+    foreach ($entity->getFields() as $name => $field) {
+      $value = $field->isEmpty() ? 'EMPTY' : $field->first()->getValue();
+    }
+    if (!$entity || $entity->getOwnerId() !== $this->currentUser->id()) {
+      $this->messenger()->addError($this->t('Application not found or access denied.'));
+      return new RedirectResponse('/user/applications');
+    }
+
+    $externalId = $entity->get('field_backend_id')->value;
+    if (!$externalId) {
+      $this->messenger()->addError($this->t('Missing application ID.'));
+      return new RedirectResponse('/user/applications');
+    }
+
+    $sender = \Drupal::entityTypeManager()->getStorage('user')->load($this->currentUser->id());
+
+    try {
+      $user = \Drupal::entityTypeManager()->getStorage('user')->load($this->currentUser->id());
+      $this->backendApi->deleteApplication($user, $externalId);
+    }
+    catch (\Exception $e) {
+      $this->messenger()->addError($this->t('Failed to delete application from backend.'));
+      return new RedirectResponse('/user/applications');
+    }
+
+    // Удаление из Drupal
+    $entity->delete();
+
+    $this->messenger()->addStatus($this->t('Your application has been successfully deleted.'));
+    return new RedirectResponse('/user/applications');
+  }
+}

public/modules/custom/asu_application/src/Entity/Application.php

@@ -274,6 +274,12 @@ public static function baseFieldDefinitions(EntityTypeInterface $entity_type) {
         'settings' => [],
       ]);
 
+    $fields['field_backend_id'] = BaseFieldDefinition::create('string')
+      ->setLabel(t('Backend application ID'))
+      ->setDescription(t('Application UUID returned from Django backend.'))
+      ->setReadOnly(TRUE)
+      ->setDefaultValue(NULL);
+
     $fields['main_applicant'] = BaseFieldDefinition::create('asu_main_applicant')
       ->setLabel(t('Basic information'))
       ->setDescription(t('Basic information of the people who are applying'))

public/modules/custom/asu_application/src/EventSubscriber/ApplicationSubscriber.php

@@ -153,7 +153,8 @@ public function sendApplicationToBackend(ApplicationEvent $applicationEvent) {
       );
 
       $request->setSender($user);
-      $this->backendApi->send($request);
+      $response = $this->backendApi->send($request);
+      $application->set('field_backend_id', $response->getContent()['application_uuid'] ?? NULL);
 
       $application->set('field_locked', 1);
       $application->set('error', NULL);
@@ -259,7 +260,8 @@ public function salesSendApplicationToBackend(SalesApplicationEvent $application
 
       $request->setSender($sender);
 
-      $this->backendApi->send($request);
+      $response = $this->backendApi->send($request);
+      $application->set('field_backend_id', $response->getContent()['application_uuid'] ?? NULL);
       $this->logger->notice(
        'Sales sent application to backend successfully'
       );

public/modules/custom/asu_application/templates/asu-application.html.twig

@@ -106,6 +106,15 @@
               </span>
             </a>
           </div>
+          {% if content['#teaser_values'].is_application_period and content['#teaser_values'].delete_url %}
+          <div class="application--action">
+            <form method="post" action="{{ content['#teaser_values'].delete_url }}">
+              <button type="submit" class="hds-button hds-button--secondary">
+                <span class="hds-button__label">{% trans %}Delete{% endtrans %}</span>
+              </button>
+            </form>
+          </div>
+          {% endif %}
         </div>
       </div>
     </article>