fix: [app] Prevent some ID overrides
mokaddem
parent
15da5d067b
commit
cf3a8653e1
|
|
@ -156,6 +156,27 @@ class BroodsController extends AppController
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function downloadSharingGroup($brood_id, $sg_id)
|
||||||
|
{
|
||||||
|
$result = $this->Broods->downloadSharingGroup($brood_id, $sg_id, $this->ACL->getUser()['id']);
|
||||||
|
$success = __('Sharing group fetched from remote.');
|
||||||
|
$fail = __('Could not save the remote sharing group');
|
||||||
|
if ($this->ParamHandler->isRest()) {
|
||||||
|
if ($result) {
|
||||||
|
return $this->RestResponse->saveSuccessResponse('Brood', 'downloadSharingGroup', $brood_id, 'json', $success);
|
||||||
|
} else {
|
||||||
|
return $this->RestResponse->saveFailResponse('Brood', 'downloadSharingGroup', $brood_id, $fail, 'json');
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if ($result) {
|
||||||
|
$this->Flash->success($success);
|
||||||
|
} else {
|
||||||
|
$this->Flash->error($fail);
|
||||||
|
}
|
||||||
|
$this->redirect($this->referer());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public function interconnectTools()
|
public function interconnectTools()
|
||||||
{
|
{
|
||||||
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
|
$this->InboxProcessors = TableRegistry::getTableLocator()->get('InboxProcessors');
|
||||||
|
|
|
||||||
|
|
@ -130,7 +130,7 @@ class CRUDComponent extends Component
|
||||||
if ($this->request->is('post')) {
|
if ($this->request->is('post')) {
|
||||||
$patchEntityParams = [
|
$patchEntityParams = [
|
||||||
'associated' => [],
|
'associated' => [],
|
||||||
'accessibleFields' => ['uuid' => true],
|
'accessibleFields' => $data->getAccessibleFieldForNew(),
|
||||||
];
|
];
|
||||||
if (!empty($params['id'])) {
|
if (!empty($params['id'])) {
|
||||||
unset($params['id']);
|
unset($params['id']);
|
||||||
|
|
|
||||||
|
|
@ -12,4 +12,13 @@ class Individual extends AppModel
|
||||||
'id' => false,
|
'id' => false,
|
||||||
'uuid' => false,
|
'uuid' => false,
|
||||||
];
|
];
|
||||||
|
|
||||||
|
protected $_accessibleOnNew = [
|
||||||
|
'uuid' => true,
|
||||||
|
];
|
||||||
|
|
||||||
|
public function getAccessibleFieldForNew(): array
|
||||||
|
{
|
||||||
|
return $this->_accessibleOnNew;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,5 +7,18 @@ use Cake\ORM\Entity;
|
||||||
|
|
||||||
class Organisation extends AppModel
|
class Organisation extends AppModel
|
||||||
{
|
{
|
||||||
|
protected $_accessible = [
|
||||||
|
'*' => true,
|
||||||
|
'id' => false,
|
||||||
|
'uuid' => false,
|
||||||
|
];
|
||||||
|
|
||||||
|
protected $_accessibleOnNew = [
|
||||||
|
'uuid' => true,
|
||||||
|
];
|
||||||
|
|
||||||
|
public function getAccessibleFieldForNew(): array
|
||||||
|
{
|
||||||
|
return $this->_accessibleOnNew;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,28 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Model\Entity;
|
||||||
|
|
||||||
|
use App\Model\Entity\AppModel;
|
||||||
|
use Cake\ORM\Entity;
|
||||||
|
|
||||||
|
class SharingGroup extends AppModel
|
||||||
|
{
|
||||||
|
protected $_accessible = [
|
||||||
|
'*' => true,
|
||||||
|
'id' => false,
|
||||||
|
'uuid' => false,
|
||||||
|
'organisation_id' => false,
|
||||||
|
'user_id' => false,
|
||||||
|
];
|
||||||
|
|
||||||
|
protected $_accessibleOnNew = [
|
||||||
|
'uuid' => true,
|
||||||
|
'organisation_id' => true,
|
||||||
|
'user_id' => true,
|
||||||
|
];
|
||||||
|
|
||||||
|
public function getAccessibleFieldForNew(): array
|
||||||
|
{
|
||||||
|
return $this->_accessibleOnNew;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -115,6 +115,7 @@ class BroodsTable extends AppTable
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: Delete this function?
|
||||||
public function downloadAndCapture($brood_id, $object_id, $scope, $path)
|
public function downloadAndCapture($brood_id, $object_id, $scope, $path)
|
||||||
{
|
{
|
||||||
$query = $this->find();
|
$query = $this->find();
|
||||||
|
|
@ -122,7 +123,7 @@ class BroodsTable extends AppTable
|
||||||
if (empty($brood)) {
|
if (empty($brood)) {
|
||||||
throw new NotFoundException(__('Brood not found'));
|
throw new NotFoundException(__('Brood not found'));
|
||||||
}
|
}
|
||||||
$response = $this->HTTPClientGET(sprintf('/%s/view/%s/index.json', $scope, $org_id), $brood);
|
$response = $this->HTTPClientGET(sprintf('/%s/view/%s.json', $scope, $org_id), $brood);
|
||||||
if ($response->isOk()) {
|
if ($response->isOk()) {
|
||||||
$org = $response->getJson();
|
$org = $response->getJson();
|
||||||
$this->Organisation = TableRegistry::getTableLocator()->get('Organisations');
|
$this->Organisation = TableRegistry::getTableLocator()->get('Organisations');
|
||||||
|
|
@ -140,7 +141,7 @@ class BroodsTable extends AppTable
|
||||||
if (empty($brood)) {
|
if (empty($brood)) {
|
||||||
throw new NotFoundException(__('Brood not found'));
|
throw new NotFoundException(__('Brood not found'));
|
||||||
}
|
}
|
||||||
$response = $this->HTTPClientGET(sprintf('/organisations/view/%s/index.json', $org_id), $brood);
|
$response = $this->HTTPClientGET(sprintf('/organisations/view/%s.json', $org_id), $brood);
|
||||||
if ($response->isOk()) {
|
if ($response->isOk()) {
|
||||||
$org = $response->getJson();
|
$org = $response->getJson();
|
||||||
$this->Organisation = TableRegistry::getTableLocator()->get('Organisations');
|
$this->Organisation = TableRegistry::getTableLocator()->get('Organisations');
|
||||||
|
|
@ -158,7 +159,7 @@ class BroodsTable extends AppTable
|
||||||
if (empty($brood)) {
|
if (empty($brood)) {
|
||||||
throw new NotFoundException(__('Brood not found'));
|
throw new NotFoundException(__('Brood not found'));
|
||||||
}
|
}
|
||||||
$response = $this->HTTPClientGET(sprintf('/individuals/view/%s/index.json', $individual_id), $brood);
|
$response = $this->HTTPClientGET(sprintf('/individuals/view/%s.json', $individual_id), $brood);
|
||||||
if ($response->isOk()) {
|
if ($response->isOk()) {
|
||||||
$individual = $response->getJson();
|
$individual = $response->getJson();
|
||||||
$this->Individuals = TableRegistry::getTableLocator()->get('Individuals');
|
$this->Individuals = TableRegistry::getTableLocator()->get('Individuals');
|
||||||
|
|
@ -169,6 +170,24 @@ class BroodsTable extends AppTable
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function downloadSharingGroup($brood_id, $sg_id, $user_id)
|
||||||
|
{
|
||||||
|
$query = $this->find();
|
||||||
|
$brood = $query->where(['id' => $brood_id])->first();
|
||||||
|
if (empty($brood)) {
|
||||||
|
throw new NotFoundException(__('Brood not found'));
|
||||||
|
}
|
||||||
|
$response = $this->HTTPClientGET(sprintf('/sharing-groups/view/%s.json', $sg_id), $brood);
|
||||||
|
if ($response->isOk()) {
|
||||||
|
$individual = $response->getJson();
|
||||||
|
$this->SharingGroups = TableRegistry::getTableLocator()->get('SharingGroups');
|
||||||
|
$result = $this->SharingGroups->captureSharingGroup($individual, $user_id);
|
||||||
|
return $result;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public function queryLocalTools($brood_id)
|
public function queryLocalTools($brood_id)
|
||||||
{
|
{
|
||||||
$query = $this->find();
|
$query = $this->find();
|
||||||
|
|
|
||||||
|
|
@ -55,11 +55,10 @@ class IndividualsTable extends AppTable
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
if (empty($existingIndividual)) {
|
if (empty($existingIndividual)) {
|
||||||
$entity = $this->newEmptyEntity();
|
$entityToSave = $this->newEmptyEntity();
|
||||||
$this->patchEntity($entity, $individual, [
|
$this->patchEntity($entityToSave, $individual, [
|
||||||
'accessibleFields' => ['uuid' => true]
|
'accessibleFields' => $entityToSave->getAccessibleFieldForNew()
|
||||||
]);
|
]);
|
||||||
$entityToSave = $entity;
|
|
||||||
} else {
|
} else {
|
||||||
$this->patchEntity($existingIndividual, $individual);
|
$this->patchEntity($existingIndividual, $individual);
|
||||||
$entityToSave = $existingIndividual;
|
$entityToSave = $existingIndividual;
|
||||||
|
|
|
||||||
|
|
@ -55,9 +55,6 @@ class OrganisationsTable extends AppTable
|
||||||
|
|
||||||
public function captureOrg($org): ?int
|
public function captureOrg($org): ?int
|
||||||
{
|
{
|
||||||
if (!empty($org['id'])) {
|
|
||||||
unset($org['id']);
|
|
||||||
}
|
|
||||||
if (!empty($org['uuid'])) {
|
if (!empty($org['uuid'])) {
|
||||||
$existingOrg = $this->find()->where([
|
$existingOrg = $this->find()->where([
|
||||||
'uuid' => $org['uuid']
|
'uuid' => $org['uuid']
|
||||||
|
|
@ -66,27 +63,20 @@ class OrganisationsTable extends AppTable
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
if (empty($existingOrg)) {
|
if (empty($existingOrg)) {
|
||||||
$data = $this->newEmptyEntity();
|
$entityToSave = $this->newEmptyEntity();
|
||||||
$data = $this->patchEntity($data, $org, ['associated' => []]);
|
$this->patchEntity($entityToSave, $org, [
|
||||||
if (!$this->save($data)) {
|
'accessibleFields' => $entityToSave->getAccessibleFieldForNew()
|
||||||
return null;
|
]);
|
||||||
}
|
|
||||||
$savedOrg = $data;
|
|
||||||
} else {
|
} else {
|
||||||
$reserved = ['id', 'uuid', 'metaFields'];
|
$this->patchEntity($existingOrg, $org);
|
||||||
foreach ($org as $field => $value) {
|
$entityToSave = $existingOrg;
|
||||||
if (in_array($field, $reserved)) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
$existingOrg->$field = $value;
|
|
||||||
}
|
|
||||||
if (!$this->save($existingOrg)) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
$savedOrg = $existingOrg;
|
|
||||||
}
|
}
|
||||||
$this->postCaptureActions($savedOrg->id, $org);
|
$savedEntity = $this->save($entityToSave, ['associated' => false]);
|
||||||
return $savedOrg->id;
|
if (!$savedEntity) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
$this->postCaptureActions($savedEntity->id, $org);
|
||||||
|
return $savedEntity->id;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function postCaptureActions($id, $org)
|
public function postCaptureActions($id, $org)
|
||||||
|
|
|
||||||
|
|
@ -46,9 +46,6 @@ class SharingGroupsTable extends AppTable
|
||||||
|
|
||||||
public function captureSharingGroup($input, int $user_id = 0): ?int
|
public function captureSharingGroup($input, int $user_id = 0): ?int
|
||||||
{
|
{
|
||||||
if (!empty($input['id'])) {
|
|
||||||
unset($input['id']);
|
|
||||||
}
|
|
||||||
if (!empty($input['uuid'])) {
|
if (!empty($input['uuid'])) {
|
||||||
$existingSG = $this->find()->where([
|
$existingSG = $this->find()->where([
|
||||||
'uuid' => $input['uuid']
|
'uuid' => $input['uuid']
|
||||||
|
|
@ -57,41 +54,31 @@ class SharingGroupsTable extends AppTable
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
if (empty($existingSG)) {
|
if (empty($existingSG)) {
|
||||||
$data = $this->newEmptyEntity();
|
$entityToSave = $this->newEmptyEntity();
|
||||||
$input['organisation_id'] = $this->Organisations->captureOrg($input['organisation']);
|
$input['organisation_id'] = $this->Organisations->captureOrg($input['organisation']);
|
||||||
$input['user_id'] = $user_id;
|
$input['user_id'] = $user_id;
|
||||||
$data = $this->patchEntity($data, $input, ['associated' => []]);
|
$this->patchEntity($entityToSave, $input, [
|
||||||
if (!$this->save($data)) {
|
'accessibleFields' => $entityToSave->getAccessibleFieldForNew()
|
||||||
return null;
|
]);
|
||||||
}
|
|
||||||
$savedSG = $data;
|
|
||||||
} else {
|
} else {
|
||||||
$reserved = ['id', 'uuid', 'metaFields'];
|
$this->patchEntity($existingSG, $input);
|
||||||
foreach ($input as $field => $value) {
|
$entityToSave = $existingSG;
|
||||||
if (in_array($field, $reserved)) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
$existingSG->$field = $value;
|
|
||||||
}
|
|
||||||
if (!$this->save($existingSG)) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
$savedSG = $existingSG;
|
|
||||||
}
|
}
|
||||||
$this->postCaptureActions($savedSG->id, $input);
|
$savedEntity = $this->save($entityToSave, ['associated' => false]);
|
||||||
return $savedSG->id;
|
if (!$savedEntity) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
$this->postCaptureActions($savedEntity, $input);
|
||||||
|
return $savedEntity->id;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function postCaptureActions($id, $input): void
|
public function postCaptureActions($savedEntity, $input): void
|
||||||
{
|
{
|
||||||
$sharingGroup = $this->find()->where([
|
|
||||||
'id' => $id
|
|
||||||
])->first();
|
|
||||||
$orgs = [];
|
$orgs = [];
|
||||||
foreach ($input['sharing_group_orgs'] as $sgo) {
|
foreach ($input['sharing_group_orgs'] as $sgo) {
|
||||||
$organisation_id = $this->Organisations->captureOrg($sgo);
|
$organisation_id = $this->Organisations->captureOrg($sgo);
|
||||||
$orgs[] = $this->SharingGroupOrgs->get($organisation_id);
|
$orgs[] = $this->SharingGroupOrgs->get($organisation_id);
|
||||||
}
|
}
|
||||||
$this->SharingGroupOrgs->link($sharingGroup, $orgs);
|
$this->SharingGroupOrgs->link($savedEntity, $orgs);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue