Commit 996664a9 authored by Quentin Ribac's avatar Quentin Ribac
Browse files

FEAT #17436 TIME 0:15 clean code and fix function calls

parent 1acae3f2
......@@ -321,33 +321,33 @@ class GroupController
return $response->withStatus(204);
}
public function removeUser(Request $request, Response $response, array $aArgs)
public function removeUser(Request $request, Response $response, array $args)
{
$hasGroupPrivilege = PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups']);
$hasUserPrivilege = false;
$manageableGroups = UserController::getManageableGroups(['userId' => $GLOBALS['id']]);
$manageableGroups = array_column(UserController::getManageableGroups(['userId' => $GLOBALS['id']]), 'id');
$targetUserGroups = UserGroupModel::get([
'select' => ['group_id'],
'where' => ['user_id = ?'],
'data' => [$aArgs['userId']]
'data' => [$args['userId']]
]);
$targetUserGroups = array_column($targetUserGroups, 'group_id');
if (!empty(array_intersect($manageableGroups, $targetUserGroups))) {
if (in_array($args['id'], $manageableGroups) && in_array($args['id'], $targetUserGroups)) {
$hasUserPrivilege = true;
}
if (!$hasGroupPrivilege && !$hasUserPrivilege) {
return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
}
if (!Validator::intVal()->notEmpty()->validate($aArgs['id'])) {
if (!Validator::intVal()->notEmpty()->validate($args['id'])) {
return $response->withStatus(400)->withJson(['errors' => 'Id must be an integer']);
} elseif (!Validator::intVal()->notEmpty()->validate($aArgs['userId'])) {
} elseif (!Validator::intVal()->notEmpty()->validate($args['userId'])) {
return $response->withStatus(400)->withJson(['errors' => 'userId must be an integer']);
}
$group = GroupModel::getById(['id' => $aArgs['id']]);
$user = UserModel::getById(['id' => $aArgs['userId'], 'select' => ['firstname', 'lastname']]);
$group = GroupModel::getById(['id' => $args['id']]);
$user = UserModel::getById(['id' => $args['userId'], 'select' => ['firstname', 'lastname']]);
if (empty($group)) {
return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
......@@ -356,14 +356,14 @@ class GroupController
}
UserGroupModel::removeUser([
'groupId' => $aArgs['id'],
'userId' => $aArgs['userId']
'groupId' => $args['id'],
'userId' => $args['userId']
]);
HistoryController::add([
'code' => 'OK',
'objectType' => 'groups',
'objectId' => $aArgs['id'],
'objectId' => $args['id'],
'type' => 'MODIFICATION',
'message' => "{removedFromGroup} : {$user['firstname']} {$user['lastname']}"
]);
......@@ -371,7 +371,7 @@ class GroupController
HistoryController::add([
'code' => 'OK',
'objectType' => 'users',
'objectId' => $aArgs['userId'],
'objectId' => $args['userId'],
'type' => 'MODIFICATION',
'message' => "{removedFromGroup} : {$group['label']}"
]);
......
......@@ -96,7 +96,7 @@ class PrivilegeController
return true;
} else {
$candidateGroups = $args['parameters']['authorized'] ?? [];
$manageableGroups = UserController::getManageableGroups(['userId' => $args['userId']]);
$manageableGroups = array_column(UserController::getManageableGroups(['userId' => $args['userId']]), 'id');
if (!empty(array_diff($candidateGroups, $manageableGroups))) {
return false;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment