From fd80b01780fbd593310aa8e439bd27dac8d862e5 Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Wed, 20 Feb 2019 16:06:53 +0100
Subject: [PATCH] [REFACTORING] locker_user_id => serial
---
apps/maarch_entreprise/actions/docLocker.php | 73 ++++++++++---------
sql/develop.sql | 4 +
sql/structure.sql | 2 +-
.../resource/controllers/ResController.php | 23 +++++-
src/app/resource/models/ResModelAbstract.php | 27 -------
5 files changed, 64 insertions(+), 65 deletions(-)
diff --git a/apps/maarch_entreprise/actions/docLocker.php b/apps/maarch_entreprise/actions/docLocker.php
index 2a6a8aca1bf..8e26606b0b5 100755
--- a/apps/maarch_entreprise/actions/docLocker.php
+++ b/apps/maarch_entreprise/actions/docLocker.php
@@ -58,22 +58,36 @@ class docLocker
public function isLock()
{
- return \Resource\models\ResModel::isLock(['resId' => $this->res_id, 'userId' => $_SESSION['user']['UserId']]);
+ $currentUser = \User\models\UserModel::getByLogin(['login' => $_SESSION['user']['UserId'], 'select' => ['id']]);
+ $resource = \Resource\models\ResModel::getById(['resId' => $this->res_id, 'select' => ['locker_user_id', 'locker_time']]);
+
+ $lock = true;
+ if (empty($resource['locker_user_id'] || empty($resource['locker_time']))) {
+ $lock = false;
+ } elseif ($resource['locker_user_id'] == $currentUser['id']) {
+ $lock = false;
+ } elseif (strtotime($resource['locker_time']) < time()) {
+ $lock = false;
+ }
+
+ $lockBy = '';
+ if ($lock) {
+ $lockBy = \User\models\UserModel::getLabelledUserById(['id' => $resource['locker_user_id']]);
+ }
+
+ return ['lock' => $lock, 'lockBy' => $lockBy];
}
public function lock()
{
- if (!$this->checkProperties()) return false;
+ if (!$this->checkProperties())
+ return false;
- $query = "UPDATE ";
- $query .= $this->table . " ";
- $query .= "SET ";
- $query .= "locker_user_id = ?, ";
- $query .= "locker_time = current_timestamp + interval '1' MINUTE ";
- $query .= "WHERE ";
- $query .= "res_id = ?";
+ $query = "UPDATE res_letterbox SET locker_user_id = ?, locker_time = current_timestamp + interval '1' MINUTE WHERE res_id = ?";
+
+ $user = \User\models\UserModel::getByLogin(['login' => $this->user_id, 'select' => ['id']]);
- $arrayPDO = array($this->user_id, $this->res_id);
+ $arrayPDO = array($user['id'], $this->res_id);
$db = new Database();
$db->query($query, $arrayPDO);
@@ -83,20 +97,14 @@ class docLocker
public function unlock()
{
- if (!$this->checkProperties()) return false;
-
- $query .= "UPDATE ";
- $query .= $this->table . " ";
- $query .= "SET ";
- $query .= "locker_user_id = NULL, ";
- $query .= "locker_time = NULL ";
- $query .= "WHERE ";
- $query .= "res_id = ?";
+ if (!$this->checkProperties())
+ return false;
- $arrayPDO = array($this->res_id);
-
- $db = new Database();
- $db->query($query, $arrayPDO);
+ \Resource\models\ResModel::update([
+ 'set' => ['locker_user_id' => null, 'locker_time' => null],
+ 'where' => ['res_id = ?'],
+ 'data' => [$this->res_id]
+ ]);
return true;
}
@@ -135,21 +143,14 @@ class docLocker
private function userLock()
{
- $query = "SELECT ";
- $query .= "locker_user_id as user_lock ";
- $query .= "FROM ";
- $query .= $this->table . " ";
- $query .= "WHERE ";
- $query .= "res_id = ? ";
+ $resource = \Resource\models\ResModel::getById(['resId' => $this->res_id, 'select' => ['locker_user_id']]);
- $arrayPDO = array($this->res_id);
-
- $db = new Database();
- $stmt = $db->query($query, $arrayPDO);
+ if (empty($resource['locker_user_id'])) {
+ return '';
+ }
- while ($result = $stmt->fetchObject())
- return $result->user_lock;
+ $user = \User\models\UserModel::getById(['id' => $resource['locker_user_id'], 'select' => ['user_id']]);
- return '';
+ return $user['user_id'];
}
}
\ No newline at end of file
diff --git a/sql/develop.sql b/sql/develop.sql
index 684ff710f1d..7f5ade634ae 100755
--- a/sql/develop.sql
+++ b/sql/develop.sql
@@ -138,6 +138,10 @@ UPDATE baskets SET basket_res_order = regexp_replace(basket_res_order,'recommend
/* REFACTORING */
ALTER TABLE mlb_coll_ext DROP COLUMN IF EXISTS flag_notif;
DELETE FROM usergroups_services WHERE service_id = 'print_doc_details_from_list';
+UPDATE res_letterbox SET locker_user_id = NULL;
+ALTER TABLE res_letterbox ALTER COLUMN locker_user_id DROP DEFAULT;
+ALTER TABLE res_letterbox ALTER COLUMN locker_user_id TYPE INTEGER USING locker_user_id::integer;
+ALTER TABLE res_letterbox ALTER COLUMN locker_user_id SET DEFAULT NULL;
/* PARAM LIST DISPLAY */
diff --git a/sql/structure.sql b/sql/structure.sql
index ce503d09458..2f24058c779 100755
--- a/sql/structure.sql
+++ b/sql/structure.sql
@@ -1354,7 +1354,7 @@ CREATE TABLE res_letterbox
tablename character varying(32) DEFAULT 'res_letterbox'::character varying,
initiator character varying(50) DEFAULT NULL::character varying,
dest_user character varying(128) DEFAULT NULL::character varying,
- locker_user_id character varying(255) DEFAULT NULL::character varying,
+ locker_user_id INTEGER DEFAULT NULL::character varying,
locker_time timestamp without time zone,
confidentiality character(1),
convert_result character varying(10) DEFAULT NULL::character varying,
diff --git a/src/app/resource/controllers/ResController.php b/src/app/resource/controllers/ResController.php
index be48cec20fa..6d97a03436b 100755
--- a/src/app/resource/controllers/ResController.php
+++ b/src/app/resource/controllers/ResController.php
@@ -495,7 +495,28 @@ class ResController
public function isLock(Request $request, Response $response, array $aArgs)
{
- return $response->withJson(ResModel::isLock(['resId' => $aArgs['resId'], 'userId' => $GLOBALS['userId']]));
+ if (!ResController::hasRightByResId(['resId' => $aArgs['resId'], 'userId' => $GLOBALS['userId']])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
+ }
+
+ $currentUser = UserModel::getByLogin(['login' => $GLOBALS['userId'], 'select' => ['id']]);
+ $resource = ResModel::getById(['resId' => $aArgs['resId'], 'select' => ['locker_user_id', 'locker_time']]);
+
+ $lock = true;
+ if (empty($resource['locker_user_id'] || empty($resource['locker_time']))) {
+ $lock = false;
+ } elseif ($resource['locker_user_id'] == $currentUser['id']) {
+ $lock = false;
+ } elseif (strtotime($resource['locker_time']) < time()) {
+ $lock = false;
+ }
+
+ $lockBy = '';
+ if ($lock) {
+ $lockBy = UserModel::getLabelledUserById(['id' => $resource['locker_user_id']]);
+ }
+
+ return $response->withJson(['lock' => $lock, 'lockBy' => $lockBy]);
}
public function getNotesCountForCurrentUserById(Request $request, Response $response, array $aArgs)
diff --git a/src/app/resource/models/ResModelAbstract.php b/src/app/resource/models/ResModelAbstract.php
index ed2b62737d0..30da140accd 100755
--- a/src/app/resource/models/ResModelAbstract.php
+++ b/src/app/resource/models/ResModelAbstract.php
@@ -216,33 +216,6 @@ abstract class ResModelAbstract
return $resources;
}
- public static function isLock(array $aArgs)
- {
- ValidatorModel::notEmpty($aArgs, ['resId', 'userId']);
- ValidatorModel::intVal($aArgs, ['resId']);
- ValidatorModel::stringType($aArgs, ['userId']);
-
- $aReturn = DatabaseModel::select([
- 'select' => ['locker_user_id', 'locker_time'],
- 'table' => ['res_letterbox'],
- 'where' => ['res_id = ?'],
- 'data' => [$aArgs['resId']]
- ]);
-
- $lock = true;
- $lockBy = empty($aReturn[0]['locker_user_id']) ? '' : $aReturn[0]['locker_user_id'];
-
- if (empty($aReturn[0]['locker_user_id'] || empty($aReturn[0]['locker_time']))) {
- $lock = false;
- } elseif ($aReturn[0]['locker_user_id'] == $aArgs['userId']) {
- $lock = false;
- } elseif (strtotime($aReturn[0]['locker_time']) < time()) {
- $lock = false;
- }
-
- return ['lock' => $lock, 'lockBy' => $lockBy];
- }
-
public static function getDocsByClause(array $aArgs = [])
{
ValidatorModel::notEmpty($aArgs, ['clause']);
--
GitLab