mirror of https://github.com/MISP/MISP
chg: further progress on the attribute soft delete
parent
262c3bda0d
commit
738c607e0d
|
@ -874,6 +874,30 @@ class AttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
public function restore($id = null) {
|
||||
if ($this->request->is('ajax')) {
|
||||
if ($this->request->is('post')) {
|
||||
$result = $this->Attribute->restore($id, $this->Auth->user());
|
||||
if ($result === true) return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Attribute restored.')),'status'=>200));
|
||||
else return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $result)),'status'=>200));
|
||||
} else {
|
||||
$this->set('id', $id);
|
||||
$attribute = $this->Attribute->find('first', array(
|
||||
'conditions' => array('id' => $id),
|
||||
'recursive' => -1,
|
||||
'fields' => array('id', 'event_id'),
|
||||
));
|
||||
$this->set('event_id', $attribute['Attribute']['event_id']);
|
||||
$this->render('ajax/attributeConfirmationForm');
|
||||
}
|
||||
} else {
|
||||
if (!$this->request->is('post') && !$this->_isRest()) throw new MethodNotAllowedException();
|
||||
if ($this->Attribute->restore($id, $this->Auth->user())) $this->redirect(array('action' => 'view', $id));
|
||||
else throw new NotFoundException('Could not restore the attribute');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* unification of the actual delete for the multi-select
|
||||
*
|
||||
|
|
|
@ -1981,4 +1981,19 @@ class Attribute extends AppModel {
|
|||
return $this->validationErrors;
|
||||
}
|
||||
}
|
||||
|
||||
public function restore($id, $user) {
|
||||
$this->id = $id;
|
||||
if (!$this->exists()) return 'Attribute doesn\'t exist, or you lack the permission to edit it.';
|
||||
$this->read();
|
||||
if (!$user['Role']['perm_site_admin']) {
|
||||
if (!($this->data['Event']['orgc_id'] == $user['org_id'] && (($user['Role']['perm_modify'] && $this->data['Event']['user_id'] != $user['id']) || $user['Role']['perm_modify_org']))) {
|
||||
if (!$this->exists()) return 'Attribute doesn\'t exist, or you lack the permission to edit it.';
|
||||
}
|
||||
}
|
||||
unset($this->data['Attribute']['timestamp']);
|
||||
$this->data['Attribute']['deleted'] = false;
|
||||
if ($this->save($this->data)) return true;
|
||||
else return 'Could not save changes.';
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue