MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: further progress on the attribute soft delete

pull/1125/head
Iglocska 2016-05-07 23:12:09 +02:00
parent 262c3bda0d
commit 738c607e0d
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app/Controller/AttributesController.php
View File

@ -874,6 +874,30 @@ class AttributesController extends AppController {
}
}
public function restore($id = null) {
if ($this->request->is('ajax')) {
if ($this->request->is('post')) {
$result = $this->Attribute->restore($id, $this->Auth->user());
if ($result === true) return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Attribute restored.')),'status'=>200));
else return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $result)),'status'=>200));
} else {
$this->set('id', $id);
$attribute = $this->Attribute->find('first', array(
'conditions' => array('id' => $id),
'recursive' => -1,
'fields' => array('id', 'event_id'),
));
$this->set('event_id', $attribute['Attribute']['event_id']);
$this->render('ajax/attributeConfirmationForm');
}
} else {
if (!$this->request->is('post') && !$this->_isRest()) throw new MethodNotAllowedException();
if ($this->Attribute->restore($id, $this->Auth->user())) $this->redirect(array('action' => 'view', $id));
else throw new NotFoundException('Could not restore the attribute');
}
}
/**
* unification of the actual delete for the multi-select
*

15
app/Model/Attribute.php
View File

@ -1981,4 +1981,19 @@ class Attribute extends AppModel {
return $this->validationErrors;
}
}
public function restore($id, $user) {
$this->id = $id;
if (!$this->exists()) return 'Attribute doesn\'t exist, or you lack the permission to edit it.';
$this->read();
if (!$user['Role']['perm_site_admin']) {
if (!($this->data['Event']['orgc_id'] == $user['org_id'] && (($user['Role']['perm_modify'] && $this->data['Event']['user_id'] != $user['id']) || $user['Role']['perm_modify_org']))) {
if (!$this->exists()) return 'Attribute doesn\'t exist, or you lack the permission to edit it.';
}
}
unset($this->data['Attribute']['timestamp']);
$this->data['Attribute']['deleted'] = false;
if ($this->save($this->data)) return true;
else return 'Could not save changes.';
}
}