diff --git a/src/app/entity/models/EntityModelAbstract.php b/src/app/entity/models/EntityModelAbstract.php
index 06c8f39abbeafee2f2beafa2dfa9df4eccc8733f..8d9538275c93b7d0a99033c3f1fcbd5e02f34203 100755
--- a/src/app/entity/models/EntityModelAbstract.php
+++ b/src/app/entity/models/EntityModelAbstract.php
@@ -39,23 +39,23 @@ abstract class EntityModelAbstract
return $aEntities;
}
- public static function getById(array $aArgs)
+ public static function getById(array $args)
{
- ValidatorModel::notEmpty($aArgs, ['id']);
- ValidatorModel::intVal($aArgs, ['id']);
+ ValidatorModel::notEmpty($args, ['id']);
+ ValidatorModel::intVal($args, ['id']);
- $aEntity = DatabaseModel::select([
- 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
+ $entity = DatabaseModel::select([
+ 'select' => empty($args['select']) ? ['*'] : $args['select'],
'table' => ['entities'],
'where' => ['id = ?'],
- 'data' => [$aArgs['id']]
+ 'data' => [$args['id']]
]);
- if (empty($aEntity[0])) {
+ if (empty($entity[0])) {
return [];
}
- return $aEntity[0];
+ return $entity[0];
}
public static function getByEntityId(array $aArgs)
diff --git a/src/app/resource/controllers/ResController.php b/src/app/resource/controllers/ResController.php
index 175439550d6b91d6c472f7120d72c5416cb0b1e4..e417237a5b70bf8df29a7f57883da5189760d03a 100755
--- a/src/app/resource/controllers/ResController.php
+++ b/src/app/resource/controllers/ResController.php
@@ -845,6 +845,12 @@ class ResController extends ResourceControlController
return $response->withStatus(400)->withJson(['errors' => 'Document does not exist']);
}
+ $queryParams = $request->getQueryParams();
+ if ($args['fieldId'] == 'destination' && !empty($queryParams['alt'])) {
+ $entity = EntityModel::getByEntityId(['entityId' => $resource['destination'], 'select' => ['id']]);
+ $resource['destination'] = $entity['id'];
+ }
+
return $response->withJson(['field' => $resource[$args['fieldId']]]);
}
diff --git a/src/app/resource/controllers/ResourceControlController.php b/src/app/resource/controllers/ResourceControlController.php
index 5034e5b5ed1ca09a57e68febca651c3c741d9c0d..db36b5a382d0721fc3b90e38f25320f254cf76bb 100644
--- a/src/app/resource/controllers/ResourceControlController.php
+++ b/src/app/resource/controllers/ResourceControlController.php
@@ -123,7 +123,7 @@ class ResourceControlController
return ['errors' => 'Body is not set or empty'];
}
- $resource = ResModel::getById(['resId' => $args['resId'], 'select' => ['status', 'model_id', 'format', 'external_id->>\'signatureBookId\' as signaturebookid']]);
+ $resource = ResModel::getById(['resId' => $args['resId'], 'select' => ['status', 'model_id', 'format', 'initiator', 'external_id->>\'signatureBookId\' as signaturebookid']]);
if (empty($resource['status'])) {
return ['errors' => 'Resource status is empty. It can not be modified'];
}
@@ -171,10 +171,16 @@ class ResourceControlController
}
if (!empty($body['initiator'])) {
- $userEntities = UserModel::getEntitiesByLogin(['login' => $GLOBALS['userId']]);
- $userEntities = array_column($userEntities, 'id');
- if (!in_array($body['initiator'], $userEntities)) {
- return ['errors' => "Body initiator does not belong to your entities"];
+ $entity = EntityModel::getById(['id' => $body['initiator'], 'select' => ['entity_id']]);
+ if (empty($entity)) {
+ return ['errors' => "Body initiator does not exist"];
+ }
+ if ($body['initiator'] != $entity['entity_id']) {
+ $userEntities = UserModel::getEntitiesByLogin(['login' => $GLOBALS['userId']]);
+ $userEntities = array_column($userEntities, 'id');
+ if (!in_array($body['initiator'], $userEntities)) {
+ return ['errors' => "Body initiator does not belong to your entities"];
+ }
}
}