diff --git a/src/app/parameter/controllers/ParameterController.php b/src/app/parameter/controllers/ParameterController.php
index c8a8d891d2e3f58d9376d4936c73e920074f2beb..139f458f5781d79ba0bbdf7ac7e6c4d79bf39ae4 100755
--- a/src/app/parameter/controllers/ParameterController.php
+++ b/src/app/parameter/controllers/ParameterController.php
@@ -23,6 +23,7 @@ use Parameter\models\ParameterModel;
use Respect\Validation\Validator;
use Slim\Http\Request;
use Slim\Http\Response;
+use SrcCore\models\CoreConfigModel;
class ParameterController
{
@@ -87,37 +88,80 @@ class ParameterController
return $response->withJson(['success' => 'success']);
}
- public function update(Request $request, Response $response, array $aArgs)
+ public function update(Request $request, Response $response, array $args)
{
if (!PrivilegeController::hasPrivilege(['privilegeId' => 'admin_parameters', 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
}
- $parameter = ParameterModel::getById(['id' => $aArgs['id']]);
+ $body = $request->getParsedBody();
+
+ if ($args['id'] == 'logo' || $args['id'] == 'bodyImage') {
+ $customId = CoreConfigModel::getCustomId();
+ if (empty($customId)) {
+ return $response->withStatus(400)->withJson(['errors' => 'A custom is needed for this operation']);
+ }
+
+ $tmpPath = CoreConfigModel::getTmpPath();
+ if ($args['id'] == 'logo') {
+ if (strpos($body['image'], 'data:image/jpeg;base64,') === false) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body image is not a base64 image']);
+ }
+ $tmpFileName = $tmpPath . 'parameter_logo_' . rand() . '_file.svg';
+ $body['logo'] = str_replace('data:image/svg+xml;base64,', '', $body['logo']);
+ $file = base64_decode($body['logo']);
+ file_put_contents($tmpFileName, $file);
+
+ $size = strlen($file);
+ if ($size > 5000000) {
+ return $response->withStatus(400)->withJson(['errors' => 'Logo size is not allowed']);
+ }
+ copy($tmpFileName, "custom/{$body['customId']}/img/logo.svg");
+ } elseif ($args['id'] == 'bodyImage') {
+ if (strpos($body['image'], 'data:image/jpeg;base64,') === false) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body image is not a base64 image']);
+ }
+ $tmpFileName = $tmpPath . 'parameter_body_' . rand() . '_file.jpg';
+ $body['image'] = str_replace('data:image/jpeg;base64,', '', $body['image']);
+ $file = base64_decode($body['image']);
+ file_put_contents($tmpFileName, $file);
+
+ $size = strlen($file);
+ $imageSizes = getimagesize($tmpFileName);
+ if ($imageSizes[0] < 1920 || $imageSizes[1] < 1080) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body image is not wide enough']);
+ } elseif ($size > 10000000) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body size is not allowed']);
+ }
+ copy($tmpFileName, "custom/{$customId}/img/bodylogin.jpg");
+ }
+ unset($tmpFileName);
+ return $response->withStatus(204);
+ }
+
+ $parameter = ParameterModel::getById(['id' => $args['id']]);
if (empty($parameter)) {
return $response->withStatus(400)->withJson(['errors' => 'Parameter not found']);
}
- $data = $request->getParams();
-
- $check = (empty($data['param_value_int']) || Validator::intVal()->validate($data['param_value_int']));
- $check = $check && (empty($data['param_value_string']) || Validator::stringType()->validate($data['param_value_string']));
+ $check = (empty($body['param_value_int']) || Validator::intVal()->validate($body['param_value_int']));
+ $check = $check && (empty($body['param_value_string']) || Validator::stringType()->validate($body['param_value_string']));
if (!$check) {
return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
}
- $data['id'] = $aArgs['id'];
- ParameterModel::update($data);
+ $body['id'] = $args['id'];
+ ParameterModel::update($body);
HistoryController::add([
'tableName' => 'parameters',
- 'recordId' => $aArgs['id'],
+ 'recordId' => $args['id'],
'eventType' => 'UP',
- 'info' => _PARAMETER_MODIFICATION . " : {$aArgs['id']}",
+ 'info' => _PARAMETER_MODIFICATION . " : {$args['id']}",
'moduleId' => 'parameter',
'eventId' => 'parameterModification',
]);
- return $response->withJson(['success' => 'success']);
+ return $response->withStatus(204);
}
public function delete(Request $request, Response $response, array $aArgs)
diff --git a/src/core/controllers/InstallerController.php b/src/core/controllers/InstallerController.php
index 05cf41ced5533581c94d6216e2fbff67a3b945ea..4430f8f84dabc80c3b027fc86331abe6fd4bed38 100644
--- a/src/core/controllers/InstallerController.php
+++ b/src/core/controllers/InstallerController.php
@@ -485,6 +485,7 @@ class InstallerController
return $response->withStatus(400)->withJson(['errors' => 'BodyLogin size is not allowed']);
}
copy($tmpFileName, "custom/{$body['customId']}/img/bodylogin.jpg");
+ unset($tmpFileName);
}
if (strpos($body['logo'], 'data:image/svg+xml;base64,') !== false) {
@@ -499,6 +500,7 @@ class InstallerController
return $response->withStatus(400)->withJson(['errors' => 'Logo size is not allowed']);
}
copy($tmpFileName, "custom/{$body['customId']}/img/logo.svg");
+ unset($tmpFileName);
}
DatabasePDO::reset();
diff --git a/test/unitTests/app/parameter/ParameterControllerTest.php b/test/unitTests/app/parameter/ParameterControllerTest.php
index 792231d28680ad073b86074c5f5aa35fcc23f9ee..4cf2233caf61015f92301b6620f3356e6520bd83 100755
--- a/test/unitTests/app/parameter/ParameterControllerTest.php
+++ b/test/unitTests/app/parameter/ParameterControllerTest.php
@@ -57,9 +57,7 @@ class ParameterControllerTest extends TestCase
$fullRequest = \httpRequestCustom::addContentInBody($aArgs, $request);
$response = $parameterController->update($fullRequest, new \Slim\Http\Response(), ['id' => 'TEST-PARAMETER123']);
- $responseBody = json_decode((string)$response->getBody());
-
- $this->assertSame('success', $responseBody->success);
+ $this->assertSame(204, $response->getStatusCode());
// READ
$environment = \Slim\Http\Environment::mock(['REQUEST_METHOD' => 'GET']);