diff --git a/rest/index.php b/rest/index.php
index d7e74bbd743ddb2b1aab65176a46fea2b3108e3c..d3d486800fec6c08dd35e427e80ba35b286cc72d 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -210,6 +210,7 @@ $app->get('/entities', \Entity\controllers\EntityController::class . ':get');
$app->delete('/entities/{id}', \Entity\controllers\EntityController::class . ':delete');
$app->get('/entities/{id}/details', \Entity\controllers\EntityController::class . ':getDetailledById');
$app->put('/entities/{id}/reassign/{newEntityId}', \Entity\controllers\EntityController::class . ':reassignEntity');
+$app->put('/entities/{id}/status', \Entity\controllers\EntityController::class . ':updateStatus');
//Parameters
$app->get('/parameters', \Parameter\controllers\ParameterController::class . ':get');
diff --git a/src/app/entity/controllers/EntityController.php b/src/app/entity/controllers/EntityController.php
index 890da7db0d79a3f0bc0ad02072ca3cd47909211d..8f1d7cf9eb1b4e57f9824c6bdd382aebefffaba9 100644
--- a/src/app/entity/controllers/EntityController.php
+++ b/src/app/entity/controllers/EntityController.php
@@ -153,6 +153,13 @@ class EntityController
return $response->withStatus(400)->withJson(['errors' => 'Entity not found']);
}
+ $aEntities = EntityModel::getAllowedEntitiesByUserId(['userId' => $GLOBALS['userId']]);
+ foreach ($aEntities as $aEntity) {
+ if ($aEntity['entity_id'] == $aArgs['id'] && $aEntity['allowed'] == false) {
+ return $response->withStatus(403)->withJson(['errors' => 'Entity out of perimeter']);
+ }
+ }
+
$data = $request->getParams();
$check = Validator::stringType()->notEmpty()->validate($data['entity_label']);
@@ -304,4 +311,48 @@ class EntityController
return $response->withJson(['entities' => $entities]);
}
+
+ public function updateStatus(Request $request, Response $response, array $aArgs)
+ {
+ if (!ServiceModel::hasService(['id' => 'manage_entities', 'userId' => $GLOBALS['userId'], 'location' => 'entities', 'type' => 'admin'])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+ }
+
+ $entity = EntityModel::getById(['entityId' => $aArgs['id'], 'select' => [1]]);
+ if (empty($entity)) {
+ return $response->withStatus(400)->withJson(['errors' => 'Entity not found']);
+ }
+
+ $aEntities = EntityModel::getAllowedEntitiesByUserId(['userId' => $GLOBALS['userId']]);
+ foreach ($aEntities as $aEntity) {
+ if ($aEntity['entity_id'] == $aArgs['id'] && $aEntity['allowed'] == false) {
+ return $response->withStatus(403)->withJson(['errors' => 'Entity out of perimeter']);
+ }
+ }
+
+ $data = $request->getParams();
+ $check = Validator::stringType()->notEmpty()->validate($data['method']);
+ if (!$check) {
+ return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
+ }
+
+ if ($data['method'] == 'disable') {
+ $status = 'N';
+ } else {
+ $status = 'Y';
+ }
+ $fatherAndSons = EntityModel::getEntityChildren(['entityId' => $aArgs['id']]);
+
+ EntityModel::update(['set' => ['enabled' => $status], 'where' => ['entity_id in (?)'], 'data' => [$fatherAndSons]]);
+ HistoryController::add([
+ 'tableName' => 'entities',
+ 'recordId' => $aArgs['id'],
+ 'eventType' => 'UP',
+ 'info' => _ENTITY_MODIFICATION . " : {$aArgs['id']}",
+ 'moduleId' => 'entity',
+ 'eventId' => 'entityModification',
+ ]);
+
+ return $response->withJson(['success' => 'success']);
+ }
}
diff --git a/src/app/entity/models/EntityModelAbstract.php b/src/app/entity/models/EntityModelAbstract.php
index d2a2bcf80acb0228f97b678b7462e7257b7dcff3..459219e5b189e2ddbd8cbe25dad48eb64c4bdf80 100644
--- a/src/app/entity/models/EntityModelAbstract.php
+++ b/src/app/entity/models/EntityModelAbstract.php
@@ -92,7 +92,7 @@ class EntityModelAbstract
ValidatorModel::notEmpty($aArgs, ['set', 'where', 'data']);
ValidatorModel::arrayType($aArgs, ['set', 'where', 'data']);
- DatabaseModel::delete([
+ DatabaseModel::update([
'table' => 'entities',
'set' => $aArgs['set'],
'where' => $aArgs['where'],