From e25edb38c4b6f266e39647c0abea6ca01d5cc9dd Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Mon, 11 Mar 2019 11:21:28 +0100
Subject: [PATCH] FIX Notes folder
---
modules/folder/show_folder.php | 2 +-
.../class/class_modules_tools_Abstract.php | 4 ++--
modules/notes/notes.php | 19 +++++++++++++++++--
modules/notes/notes_ajax_content.php | 10 +++++++---
sql/develop.sql | 2 ++
.../app/priority/PriorityControllerTest.php | 1 -
6 files changed, 29 insertions(+), 9 deletions(-)
diff --git a/modules/folder/show_folder.php b/modules/folder/show_folder.php
index cdd1a7a0223..14e7437bbda 100755
--- a/modules/folder/show_folder.php
+++ b/modules/folder/show_folder.php
@@ -192,7 +192,7 @@ if (isset($_POST['delete_folder'])) {
$notes_tools = new notes();
//Count notes
- $nbr_notes = $notes_tools->countUserNotes($_SESSION['current_folder_id']);
+ $nbr_notes = $notes_tools->countUserNotes($_SESSION['current_folder_id'], 'folder');
if ($nbr_notes > 0 ) $nbr_notes = ' ('.$nbr_notes.')'; else $nbr_notes = '';
//Notes iframe
?>
diff --git a/modules/notes/class/class_modules_tools_Abstract.php b/modules/notes/class/class_modules_tools_Abstract.php
index 3d90983e1c6..851fee18231 100755
--- a/modules/notes/class/class_modules_tools_Abstract.php
+++ b/modules/notes/class/class_modules_tools_Abstract.php
@@ -170,13 +170,13 @@ abstract class notes_Abstract
}
}
- public function countUserNotes($id) {
+ public function countUserNotes($id, $type = 'resource') {
$not_nbr = 0;
$db = new Database();
$stmt = $db->query("SELECT id, identifier, user_id, creation_date, note_text FROM "
. NOTES_TABLE
- . " WHERE identifier = ? order by creation_date desc", array($id));
+ . " WHERE identifier = ? and type = ? order by creation_date desc", array($id, $type));
while ($res = $stmt->fetchObject())
{
diff --git a/modules/notes/notes.php b/modules/notes/notes.php
index 865a4a07b49..7696681bcb9 100755
--- a/modules/notes/notes.php
+++ b/modules/notes/notes.php
@@ -41,8 +41,17 @@ if (isset($_REQUEST['identifier']) && !empty($_REQUEST['identifier'])) {
}
//Origin
-if (isset($_REQUEST['origin']) && !empty($_REQUEST['origin'])) $origin = $_REQUEST['origin'];
-
+if (isset($_REQUEST['origin']) && !empty($_REQUEST['origin'])) {
+ $origin = $_REQUEST['origin'];
+}
+
+if (empty($origin) || $origin != 'folder') {
+ $right = \Resource\controllers\ResController::hasRightByResId(['resId' => $identifier, 'userId' => $_SESSION['user']['UserId']]);
+ if (!$right) {
+ exit(_NO_RIGHT_TXT);
+ }
+}
+
//Extra parameters
if (isset($_REQUEST['size']) && !empty($_REQUEST['size'])) $parameters .= '&size='.$_REQUEST['size'];
if (isset($_REQUEST['order']) && !empty($_REQUEST['order'])) $parameters .= '&order='.$_REQUEST['order'];
@@ -105,8 +114,14 @@ if (isset($_REQUEST['load'])) {
$where_tab = array();
//
$where_tab[] = "identifier = ?";
+ $where_tab[] = "type = ?";
$where_tab[] = "notes.id in (select notes.id from notes left join note_entities on notes.id = note_entities.note_id where item_id IS NULL OR item_id = '".$_SESSION['user']['primaryentity']['id']."' or notes.user_id = '".$_SESSION['user']['UserId']."')";
$arrayPDO = array($identifier);
+ if (empty($origin) || $origin != 'folder') {
+ $arrayPDO[] = 'resource';
+ } else {
+ $arrayPDO[] = 'folder';
+ }
//Build where
$where = implode(' and ', $where_tab);
diff --git a/modules/notes/notes_ajax_content.php b/modules/notes/notes_ajax_content.php
index 56c8cd6b62f..c4f734b6bc9 100755
--- a/modules/notes/notes_ajax_content.php
+++ b/modules/notes/notes_ajax_content.php
@@ -244,10 +244,14 @@ switch ($mode) {
$userId = $_SESSION['user']['UserId'];
+ if (empty($_REQUEST['origin']) || $_REQUEST['origin'] != 'folder') {
+ $type = 'resource';
+ } else {
+ $type = 'folder';
+ }
$db->query(
- "INSERT INTO " . NOTES_TABLE . "(identifier, note_text, creation_date, "
- . "user_id) VALUES (?, ?, CURRENT_TIMESTAMP, ?)",
- array($identifier, $notes, $userId)
+ "INSERT INTO " . NOTES_TABLE . "(identifier, note_text, creation_date, user_id, type) VALUES (?, ?, CURRENT_TIMESTAMP, ?, ?)",
+ array($identifier, $notes, $userId, $type)
);
//Last insert ID from sequence
diff --git a/sql/develop.sql b/sql/develop.sql
index 70603742bc6..c0653a0a06f 100755
--- a/sql/develop.sql
+++ b/sql/develop.sql
@@ -144,6 +144,8 @@ ALTER TABLE res_letterbox ALTER COLUMN locker_user_id TYPE INTEGER USING locker_
ALTER TABLE res_letterbox ALTER COLUMN locker_user_id SET DEFAULT NULL;
ALTER TABLE notes DROP COLUMN IF EXISTS tablename;
ALTER TABLE notes DROP COLUMN IF EXISTS coll_id;
+ALTER TABLE notes DROP COLUMN IF EXISTS type;
+ALTER TABLE notes ADD COLUMN type CHARACTER VARYING (32) DEFAULT 'resource' NOT NULL;
DO $$ BEGIN
IF (SELECT count(attname) FROM pg_attribute WHERE attrelid = (SELECT oid FROM pg_class WHERE relname = 'notes') AND attname = 'date_note') = 1 THEN
ALTER TABLE notes RENAME COLUMN date_note TO creation_date;
diff --git a/test/unitTests/app/priority/PriorityControllerTest.php b/test/unitTests/app/priority/PriorityControllerTest.php
index 4cc47d03001..ba1f03ed82a 100755
--- a/test/unitTests/app/priority/PriorityControllerTest.php
+++ b/test/unitTests/app/priority/PriorityControllerTest.php
@@ -136,7 +136,6 @@ class PriorityControllerTest extends TestCase
foreach ($responseBody->priorities as $value) {
$this->assertNotEmpty($value->id);
$this->assertNotEmpty($value->label);
- $this->assertInternalType('int', $value->order);
}
}
}
--
GitLab