cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: [encryption keys] tightened ACL across all CRUD functions

pull/92/head
iglocska 2022-01-18 00:17:47 +01:00
parent 6d13d4aba0
commit b80d778e1a
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
1 changed files with 60 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
src/Controller/EncryptionKeysController.php
View File

@ -39,7 +39,15 @@ class EncryptionKeysController extends AppController
public function delete($id) public function delete($id)
{ {
$this->CRUD->delete($id); $orgConditions = [];
$individualConditions = [];
$dropdownData = [];
$currentUser = $this->ACL->getUser();
$params = [];
if (empty($currentUser['role']['perm_admin'])) {
$params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
}
$this->CRUD->delete($id, $params);
$responsePayload = $this->CRUD->getResponsePayload(); $responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) { if (!empty($responsePayload)) {
return $responsePayload; return $responsePayload;
@ -47,13 +55,8 @@ class EncryptionKeysController extends AppController
$this->set('metaGroup', 'ContactDB'); $this->set('metaGroup', 'ContactDB');
} }
public function add() private function buildBeforeSave(array $params, $currentUser, array &$orgConditions, array &$individualConditions, array &$dropdownData): array
{ {
$orgConditions = [];
$individualConditions = [];
$currentUser = $this->ACL->getUser();
$params = ['redirect' => $this->referer()];
if (empty($currentUser['role']['perm_admin'])) {
$orgConditions = [ $orgConditions = [
'id' => $currentUser['organisation_id'] 'id' => $currentUser['organisation_id']
]; ];
@ -84,12 +87,6 @@ class EncryptionKeysController extends AppController
} }
return $entity; return $entity;
}; };
}
$this->CRUD->add($params);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
return $responsePayload;
}
$this->loadModel('Organisations'); $this->loadModel('Organisations');
$this->loadModel('Individuals'); $this->loadModel('Individuals');
$dropdownData = [ $dropdownData = [
@ -102,13 +99,35 @@ class EncryptionKeysController extends AppController
'conditions' => $individualConditions 'conditions' => $individualConditions
]) ])
]; ];
return $params;
}
public function add()
{
$orgConditions = [];
$individualConditions = [];
$dropdownData = [];
$currentUser = $this->ACL->getUser();
$params = [
'redirect' => $this->referer()
];
if (empty($currentUser['role']['perm_admin'])) {
$params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
}
$this->CRUD->add($params);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
return $responsePayload;
}
$this->set(compact('dropdownData')); $this->set(compact('dropdownData'));
$this->set('metaGroup', 'ContactDB'); $this->set('metaGroup', 'ContactDB');
} }
public function edit($id = false) public function edit($id = false)
{ {
$conditions = []; $orgConditions = [];
$individualConditions = [];
$dropdownData = [];
$currentUser = $this->ACL->getUser(); $currentUser = $this->ACL->getUser();
$params = [ $params = [
'fields' => [ 'fields' => [
@ -117,9 +136,7 @@ class EncryptionKeysController extends AppController
'redirect' => $this->referer() 'redirect' => $this->referer()
]; ];
if (empty($currentUser['role']['perm_admin'])) { if (empty($currentUser['role']['perm_admin'])) {
if (empty($currentUser['role']['perm_org_admin'])) { $params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
}
} }
$this->CRUD->edit($id, $params); $this->CRUD->edit($id, $params);
$responsePayload = $this->CRUD->getResponsePayload(); $responsePayload = $this->CRUD->getResponsePayload();