fix: [app] Prevent some ID overrides
mokaddem
parent
15da5d067b
commit
cf3a8653e1
|
|
@ -156,6 +156,27 @@ class BroodsController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function downloadSharingGroup($brood_id, $sg_id)
|
||||
{
|
||||
$result = $this->Broods->downloadSharingGroup($brood_id, $sg_id, $this->ACL->getUser()['id']);
|
||||
$success = __('Sharing group fetched from remote.');
|
||||
$fail = __('Could not save the remote sharing group');
|
||||
if ($this->ParamHandler->isRest()) {
|
||||
if ($result) {
|
||||
return $this->RestResponse->saveSuccessResponse('Brood', 'downloadSharingGroup', $brood_id, 'json', $success);
|
||||
} else {
|
||||
return $this->RestResponse->saveFailResponse('Brood', 'downloadSharingGroup', $brood_id, $fail, 'json');
|
||||
}
|
||||
} else {
|
||||
if ($result) {
|
||||
$this->Flash->success($success);
|
||||
} else {
|
||||
$this->Flash->error($fail);
|
||||
}
|
||||
$this->redirect($this->referer());
|
||||
}
|
||||
}
|
||||
|
||||
public function interconnectTools()
|
||||
{
|
||||
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
|
||||
|
|
|
|||
|
|
@ -130,7 +130,7 @@ class CRUDComponent extends Component
|
|||
if ($this->request->is('post')) {
|
||||
$patchEntityParams = [
|
||||
'associated' => [],
|
||||
'accessibleFields' => ['uuid' => true],
|
||||
'accessibleFields' => $data->getAccessibleFieldForNew(),
|
||||
];
|
||||
if (!empty($params['id'])) {
|
||||
unset($params['id']);
|
||||
|
|
|
|||
|
|
@ -12,4 +12,13 @@ class Individual extends AppModel
|
|||
'id' => false,
|
||||
'uuid' => false,
|
||||
];
|
||||
|
||||
protected $_accessibleOnNew = [
|
||||
'uuid' => true,
|
||||
];
|
||||
|
||||
public function getAccessibleFieldForNew(): array
|
||||
{
|
||||
return $this->_accessibleOnNew;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,5 +7,18 @@ use Cake\ORM\Entity;
|
|||
|
||||
class Organisation extends AppModel
|
||||
{
|
||||
protected $_accessible = [
|
||||
'*' => true,
|
||||
'id' => false,
|
||||
'uuid' => false,
|
||||
];
|
||||
|
||||
protected $_accessibleOnNew = [
|
||||
'uuid' => true,
|
||||
];
|
||||
|
||||
public function getAccessibleFieldForNew(): array
|
||||
{
|
||||
return $this->_accessibleOnNew;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
namespace App\Model\Entity;
|
||||
|
||||
use App\Model\Entity\AppModel;
|
||||
use Cake\ORM\Entity;
|
||||
|
||||
class SharingGroup extends AppModel
|
||||
{
|
||||
protected $_accessible = [
|
||||
'*' => true,
|
||||
'id' => false,
|
||||
'uuid' => false,
|
||||
'organisation_id' => false,
|
||||
'user_id' => false,
|
||||
];
|
||||
|
||||
protected $_accessibleOnNew = [
|
||||
'uuid' => true,
|
||||
'organisation_id' => true,
|
||||
'user_id' => true,
|
||||
];
|
||||
|
||||
public function getAccessibleFieldForNew(): array
|
||||
{
|
||||
return $this->_accessibleOnNew;
|
||||
}
|
||||
}
|
||||
|
|
@ -115,6 +115,7 @@ class BroodsTable extends AppTable
|
|||
}
|
||||
}
|
||||
|
||||
// TODO: Delete this function?
|
||||
public function downloadAndCapture($brood_id, $object_id, $scope, $path)
|
||||
{
|
||||
$query = $this->find();
|
||||
|
|
@ -122,7 +123,7 @@ class BroodsTable extends AppTable
|
|||
if (empty($brood)) {
|
||||
throw new NotFoundException(__('Brood not found'));
|
||||
}
|
||||
$response = $this->HTTPClientGET(sprintf('/%s/view/%s/index.json', $scope, $org_id), $brood);
|
||||
$response = $this->HTTPClientGET(sprintf('/%s/view/%s.json', $scope, $org_id), $brood);
|
||||
if ($response->isOk()) {
|
||||
$org = $response->getJson();
|
||||
$this->Organisation = TableRegistry::getTableLocator()->get('Organisations');
|
||||
|
|
@ -140,7 +141,7 @@ class BroodsTable extends AppTable
|
|||
if (empty($brood)) {
|
||||
throw new NotFoundException(__('Brood not found'));
|
||||
}
|
||||
$response = $this->HTTPClientGET(sprintf('/organisations/view/%s/index.json', $org_id), $brood);
|
||||
$response = $this->HTTPClientGET(sprintf('/organisations/view/%s.json', $org_id), $brood);
|
||||
if ($response->isOk()) {
|
||||
$org = $response->getJson();
|
||||
$this->Organisation = TableRegistry::getTableLocator()->get('Organisations');
|
||||
|
|
@ -158,7 +159,7 @@ class BroodsTable extends AppTable
|
|||
if (empty($brood)) {
|
||||
throw new NotFoundException(__('Brood not found'));
|
||||
}
|
||||
$response = $this->HTTPClientGET(sprintf('/individuals/view/%s/index.json', $individual_id), $brood);
|
||||
$response = $this->HTTPClientGET(sprintf('/individuals/view/%s.json', $individual_id), $brood);
|
||||
if ($response->isOk()) {
|
||||
$individual = $response->getJson();
|
||||
$this->Individuals = TableRegistry::getTableLocator()->get('Individuals');
|
||||
|
|
@ -169,6 +170,24 @@ class BroodsTable extends AppTable
|
|||
}
|
||||
}
|
||||
|
||||
public function downloadSharingGroup($brood_id, $sg_id, $user_id)
|
||||
{
|
||||
$query = $this->find();
|
||||
$brood = $query->where(['id' => $brood_id])->first();
|
||||
if (empty($brood)) {
|
||||
throw new NotFoundException(__('Brood not found'));
|
||||
}
|
||||
$response = $this->HTTPClientGET(sprintf('/sharing-groups/view/%s.json', $sg_id), $brood);
|
||||
if ($response->isOk()) {
|
||||
$individual = $response->getJson();
|
||||
$this->SharingGroups = TableRegistry::getTableLocator()->get('SharingGroups');
|
||||
$result = $this->SharingGroups->captureSharingGroup($individual, $user_id);
|
||||
return $result;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public function queryLocalTools($brood_id)
|
||||
{
|
||||
$query = $this->find();
|
||||
|
|
|
|||
|
|
@ -55,11 +55,10 @@ class IndividualsTable extends AppTable
|
|||
return null;
|
||||
}
|
||||
if (empty($existingIndividual)) {
|
||||
$entity = $this->newEmptyEntity();
|
||||
$this->patchEntity($entity, $individual, [
|
||||
'accessibleFields' => ['uuid' => true]
|
||||
$entityToSave = $this->newEmptyEntity();
|
||||
$this->patchEntity($entityToSave, $individual, [
|
||||
'accessibleFields' => $entityToSave->getAccessibleFieldForNew()
|
||||
]);
|
||||
$entityToSave = $entity;
|
||||
} else {
|
||||
$this->patchEntity($existingIndividual, $individual);
|
||||
$entityToSave = $existingIndividual;
|
||||
|
|
|
|||
|
|
@ -55,9 +55,6 @@ class OrganisationsTable extends AppTable
|
|||
|
||||
public function captureOrg($org): ?int
|
||||
{
|
||||
if (!empty($org['id'])) {
|
||||
unset($org['id']);
|
||||
}
|
||||
if (!empty($org['uuid'])) {
|
||||
$existingOrg = $this->find()->where([
|
||||
'uuid' => $org['uuid']
|
||||
|
|
@ -66,27 +63,20 @@ class OrganisationsTable extends AppTable
|
|||
return null;
|
||||
}
|
||||
if (empty($existingOrg)) {
|
||||
$data = $this->newEmptyEntity();
|
||||
$data = $this->patchEntity($data, $org, ['associated' => []]);
|
||||
if (!$this->save($data)) {
|
||||
return null;
|
||||
}
|
||||
$savedOrg = $data;
|
||||
$entityToSave = $this->newEmptyEntity();
|
||||
$this->patchEntity($entityToSave, $org, [
|
||||
'accessibleFields' => $entityToSave->getAccessibleFieldForNew()
|
||||
]);
|
||||
} else {
|
||||
$reserved = ['id', 'uuid', 'metaFields'];
|
||||
foreach ($org as $field => $value) {
|
||||
if (in_array($field, $reserved)) {
|
||||
continue;
|
||||
}
|
||||
$existingOrg->$field = $value;
|
||||
}
|
||||
if (!$this->save($existingOrg)) {
|
||||
return null;
|
||||
}
|
||||
$savedOrg = $existingOrg;
|
||||
$this->patchEntity($existingOrg, $org);
|
||||
$entityToSave = $existingOrg;
|
||||
}
|
||||
$this->postCaptureActions($savedOrg->id, $org);
|
||||
return $savedOrg->id;
|
||||
$savedEntity = $this->save($entityToSave, ['associated' => false]);
|
||||
if (!$savedEntity) {
|
||||
return null;
|
||||
}
|
||||
$this->postCaptureActions($savedEntity->id, $org);
|
||||
return $savedEntity->id;
|
||||
}
|
||||
|
||||
public function postCaptureActions($id, $org)
|
||||
|
|
|
|||
|
|
@ -46,9 +46,6 @@ class SharingGroupsTable extends AppTable
|
|||
|
||||
public function captureSharingGroup($input, int $user_id = 0): ?int
|
||||
{
|
||||
if (!empty($input['id'])) {
|
||||
unset($input['id']);
|
||||
}
|
||||
if (!empty($input['uuid'])) {
|
||||
$existingSG = $this->find()->where([
|
||||
'uuid' => $input['uuid']
|
||||
|
|
@ -57,41 +54,31 @@ class SharingGroupsTable extends AppTable
|
|||
return null;
|
||||
}
|
||||
if (empty($existingSG)) {
|
||||
$data = $this->newEmptyEntity();
|
||||
$entityToSave = $this->newEmptyEntity();
|
||||
$input['organisation_id'] = $this->Organisations->captureOrg($input['organisation']);
|
||||
$input['user_id'] = $user_id;
|
||||
$data = $this->patchEntity($data, $input, ['associated' => []]);
|
||||
if (!$this->save($data)) {
|
||||
return null;
|
||||
}
|
||||
$savedSG = $data;
|
||||
$this->patchEntity($entityToSave, $input, [
|
||||
'accessibleFields' => $entityToSave->getAccessibleFieldForNew()
|
||||
]);
|
||||
} else {
|
||||
$reserved = ['id', 'uuid', 'metaFields'];
|
||||
foreach ($input as $field => $value) {
|
||||
if (in_array($field, $reserved)) {
|
||||
continue;
|
||||
}
|
||||
$existingSG->$field = $value;
|
||||
}
|
||||
if (!$this->save($existingSG)) {
|
||||
return null;
|
||||
}
|
||||
$savedSG = $existingSG;
|
||||
$this->patchEntity($existingSG, $input);
|
||||
$entityToSave = $existingSG;
|
||||
}
|
||||
$this->postCaptureActions($savedSG->id, $input);
|
||||
return $savedSG->id;
|
||||
$savedEntity = $this->save($entityToSave, ['associated' => false]);
|
||||
if (!$savedEntity) {
|
||||
return null;
|
||||
}
|
||||
$this->postCaptureActions($savedEntity, $input);
|
||||
return $savedEntity->id;
|
||||
}
|
||||
|
||||
public function postCaptureActions($id, $input): void
|
||||
public function postCaptureActions($savedEntity, $input): void
|
||||
{
|
||||
$sharingGroup = $this->find()->where([
|
||||
'id' => $id
|
||||
])->first();
|
||||
$orgs = [];
|
||||
foreach ($input['sharing_group_orgs'] as $sgo) {
|
||||
$organisation_id = $this->Organisations->captureOrg($sgo);
|
||||
$orgs[] = $this->SharingGroupOrgs->get($organisation_id);
|
||||
}
|
||||
$this->SharingGroupOrgs->link($sharingGroup, $orgs);
|
||||
$this->SharingGroupOrgs->link($savedEntity, $orgs);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue