Improve edit task template search, validation, and controller logic

Hafsa-Naeem · Hafsa-Naeem · commit bc76e6f18c79 · 2025-11-10T21:09:27.000+05:00
diff --git a/api/v1/editTaskTemplates/PKPEditTaskTemplateController.php b/api/v1/editTaskTemplates/PKPEditTaskTemplateController.php
@@ -98,7 +98,6 @@ public function add(AddTaskTemplate $illuminateRequest): JsonResponse
                 'include' => $validated['include'] ?? false,
                 'description' => $validated['description'] ?? null,
                 'dueInterval' => $validated['dueInterval'] ?? null,
-                'type' => (int) $validated['type'],
             ]);
 
             $tpl->userGroups()->sync($validated['userGroupIds']);
@@ -144,11 +143,9 @@ public function getMany(Request $request): JsonResponse
                     $collector->filterByTitleLike((string) $val);
                     break;
                 case 'type':
-                    if (is_numeric($val)) {
-                        $type = (int) $val;
-                        if (in_array($type, [EditorialTaskType::DISCUSSION->value, EditorialTaskType::TASK->value], true)) {
-                            $collector->filterByType($type);
-                        }
+                    $type = (int) $val;
+                    if (in_array($type, array_column(EditorialTaskType::cases(), 'value'), true)) {
+                        $collector->filterByType($type);
                     }
                     break;
                 case 'stageId':
@@ -233,12 +230,17 @@ public function delete(Request $illuminateRequest): JsonResponse
             ], Response::HTTP_NOT_FOUND);
         }
 
+        $resource = new TaskTemplateResource($template->load('userGroups'));
+
         DB::transaction(function () use ($template) {
             // Pivot/settings rows cascade via FKs defined in migration
             $template->delete();
         });
 
-        return response()->json([], Response::HTTP_OK);
+        return response()->json(
+            $resource->toArray($illuminateRequest),
+            Response::HTTP_OK
+        );
     }
 
 }
diff --git a/api/v1/editTaskTemplates/formRequests/UpdateTaskTemplate.php b/api/v1/editTaskTemplates/formRequests/UpdateTaskTemplate.php
@@ -32,26 +32,32 @@ public function rules(): array
 
     protected function prepareForValidation(): void
     {
-        $stageId = $this->input('stageId', null);
-        $type = $this->input('type', null);
-
-        $this->merge([
-            'include' => $this->has('include')
-                ? filter_var($this->input('include'), FILTER_VALIDATE_BOOLEAN)
-                : $this->input('include', null),
-
-            'userGroupIds' => $this->has('userGroupIds')
-                ? array_values(array_map('intval', (array) $this->input('userGroupIds', [])))
-                : $this->input('userGroupIds', null),
-
-            'stageId' => $this->has('stageId')
-                ? (is_null($stageId) ? null : (int) $stageId)
-                : $this->input('stageId', null),
-
-            'type' => $this->has('type')
-                ? (is_null($type) ? null : (int) $type)
-                : $this->input('type', null),
-        ]);
+        $stageId = $this->input('stageId');
+        $type = $this->input('type');
+
+        $data = [];
+
+        if ($this->has('include')) {
+            $data['include'] = filter_var($this->input('include'), FILTER_VALIDATE_BOOLEAN);
+        }
+
+        if ($this->has('userGroupIds')) {
+            $data['userGroupIds'] = array_values(
+                array_map('intval', (array) $this->input('userGroupIds', []))
+            );
+        }
+
+        if ($this->has('stageId')) {
+            $data['stageId'] = is_null($stageId) ? null : (int) $stageId;
+        }
+
+        if ($this->has('type')) {
+            $data['type'] = is_null($type) ? null : (int) $type;
+        }
+
+        if ($data) {
+            $this->merge($data);
+        }
     }
 
 }
diff --git a/api/v1/editTaskTemplates/resources/TaskTemplateResource.php b/api/v1/editTaskTemplates/resources/TaskTemplateResource.php
@@ -31,7 +31,6 @@ public function toArray(Request $request)
             'include' => (bool) $this->include,
             'dueInterval' => $this->dueInterval,
             'description' => $this->description,
-            'type' => (int) $this->type,
             'userGroups' => $this->whenLoaded(
                 'userGroups',
                 fn () => $this->userGroups
diff --git a/classes/editorialTask/Template.php b/classes/editorialTask/Template.php
@@ -185,8 +185,12 @@ public function scopeFilterByTitleLike(Builder $query, string $title): Builder
         if ($title === '') {
             return $query;
         }
-        $needle = '%' . str_replace(['%', '_'], ['\\%', '\\_'], mb_strtolower($title)) . '%';
-        return $query->whereRaw('LOWER(title) LIKE ?', [$needle]);
+
+        // escape LIKE wildcards in the user input, then wrap with %
+        $needle = '%' . addcslashes($title, '%_') . '%';
+
+        // use LOWER() on both sides so DB applies the same case-folding
+        return $query->whereRaw('LOWER(title) LIKE LOWER(?)', [$needle]);
     }
 
     /**

Original file line number	Diff line number	Diff line change
`@@ -185,8 +185,12 @@ public function scopeFilterByTitleLike(Builder $query, string $title): Builder`
`185`	`185`	`if ($title === '') {`
`186`	`186`	`return $query;`
`187`	`187`	`}`
`188`		`- $needle = '%' . str_replace(['%', '_'], ['\\%', '\\_'], mb_strtolower($title)) . '%';`
`189`		`- return $query->whereRaw('LOWER(title) LIKE ?', [$needle]);`
	`188`	`+`
	`189`	`+ // escape LIKE wildcards in the user input, then wrap with %`
	`190`	`+ $needle = '%' . addcslashes($title, '%_') . '%';`
	`191`	`+`
	`192`	`+ // use LOWER() on both sides so DB applies the same case-folding`
	`193`	`+ return $query->whereRaw('LOWER(title) LIKE LOWER(?)', [$needle]);`
`190`	`194`	`}`
`191`	`195`
`192`	`196`	`/**`