From c566f40decd0a8950906f1a32d1fbc7d9cdee347 Mon Sep 17 00:00:00 2001
From: Guillaume Heurtier <guillaume.heurtier@maarch.org>
Date: Fri, 7 Feb 2020 15:00:50 +0100
Subject: [PATCH] FEAT #12072 TIME 0:10 added control in get ar by id

---
 rest/index.php                                              | 6 +++---
 .../controllers/AcknowledgementReceiptController.php        | 4 ++++
 .../create-acknowledgement-receipt-action.component.ts      | 2 +-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/rest/index.php b/rest/index.php
index cbcfe80c797..45e008f639e 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -63,9 +63,9 @@ $app->put('/actions/{id}', \Action\controllers\ActionController::class . ':updat
 $app->delete('/actions/{id}', \Action\controllers\ActionController::class . ':delete');
 
 //Acknowledgement Receipt
-$app->post('/acknowledgementReceipt', \AcknowledgementReceipt\controllers\AcknowledgementReceiptController::class . ':createPaperAcknowledgement');
-$app->get('/acknowledgementReceipt/{id}', \AcknowledgementReceipt\controllers\AcknowledgementReceiptController::class . ':getById');
-$app->get('/acknowledgementReceipt/{id}/content', \AcknowledgementReceipt\controllers\AcknowledgementReceiptController::class . ':getAcknowledgementReceipt');
+$app->post('/acknowledgementReceipts', \AcknowledgementReceipt\controllers\AcknowledgementReceiptController::class . ':createPaperAcknowledgement');
+$app->get('/acknowledgementReceipts/{id}', \AcknowledgementReceipt\controllers\AcknowledgementReceiptController::class . ':getById');
+$app->get('/acknowledgementReceipts/{id}/content', \AcknowledgementReceipt\controllers\AcknowledgementReceiptController::class . ':getAcknowledgementReceipt');
 
 //Attachments
 $app->post('/attachments', \Attachment\controllers\AttachmentController::class . ':create');
diff --git a/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php b/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php
index 59cd3bf9056..9b020babd01 100644
--- a/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php
+++ b/src/app/acknowledgementReceipt/controllers/AcknowledgementReceiptController.php
@@ -68,6 +68,10 @@ class AcknowledgementReceiptController
 
     public static function getById(Request $request, Response $response, array $args)
     {
+        if (!Validator::intVal()->validate($args['id'])) {
+            return $response->withStatus(400)->withJson(['errors' => 'Route param id is not an integer']);
+        }
+
         $acknowledgementReceipt = AcknowledgementReceiptModel::getByIds([
             'select'  => ['id', 'res_id', 'type', 'format', 'user_id', 'creation_date', 'send_date', 'contact_id'],
             'ids'     => [$args['id']]
diff --git a/src/frontend/app/actions/create-acknowledgement-receipt-action/create-acknowledgement-receipt-action.component.ts b/src/frontend/app/actions/create-acknowledgement-receipt-action/create-acknowledgement-receipt-action.component.ts
index 2d202fda67f..10f46253b4c 100644
--- a/src/frontend/app/actions/create-acknowledgement-receipt-action/create-acknowledgement-receipt-action.component.ts
+++ b/src/frontend/app/actions/create-acknowledgement-receipt-action/create-acknowledgement-receipt-action.component.ts
@@ -92,7 +92,7 @@ export class CreateAcknowledgementReceiptActionComponent implements OnInit {
 
     downloadAcknowledgementReceipt(data: any) {
         this.loadingExport = true;
-        this.http.post('../../rest/acknowledgementReceipt', { 'resources': data }, { responseType: "blob" })
+        this.http.post('../../rest/acknowledgementReceipts', { 'resources': data }, { responseType: "blob" })
             .subscribe((data) => {
                 let downloadLink = document.createElement('a');
                 downloadLink.href = window.URL.createObjectURL(data);
-- 
GitLab