From daf048f12943cc798f590c6f269ace6bfea521f3 Mon Sep 17 00:00:00 2001
From: Quentin RIBAC <quentin.ribac@xelians.fr>
Date: Tue, 5 Apr 2022 11:59:22 +0200
Subject: [PATCH] FEAT #17436 TIME 0:30 removed
GroupController::getGroupPrivilege() route in favor of
GroupController::getById()
---
rest/index.php | 1 -
src/app/group/controllers/GroupController.php | 47 ++++---------------
2 files changed, 10 insertions(+), 38 deletions(-)
diff --git a/rest/index.php b/rest/index.php
index 3ee8527e6c..4584a4ffb8 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -112,7 +112,6 @@ $app->get('/groups/{id}', \Group\controllers\GroupController::class . ':getById'
$app->delete('/groups/{id}', \Group\controllers\GroupController::class . ':delete');
$app->put('/groups/{id}', \Group\controllers\GroupController::class . ':update');
$app->put('/groups/{id}/privilege/{privilegeId}', \Group\controllers\GroupController::class . ':updateGroupPrivilege');
-$app->get('/groups/{id}/privilege/{privilegeId}', \Group\controllers\GroupController::class . ':getGroupPrivilege');
$app->put('/groups/{id}/users', \Group\controllers\GroupController::class . ':addUser');
$app->delete('/groups/{id}/users/{userId}', \Group\controllers\GroupController::class . ':removeUser');
diff --git a/src/app/group/controllers/GroupController.php b/src/app/group/controllers/GroupController.php
index 5b3ee70fe6..4fa407b5ee 100755
--- a/src/app/group/controllers/GroupController.php
+++ b/src/app/group/controllers/GroupController.php
@@ -57,13 +57,20 @@ class GroupController
'select' => ['users.id', 'users.firstname', 'users.lastname']
]);
- $groupPrivileges = GroupPrivilegeModel::getPrivilegesByGroupId(['groupId' => $args['id']]);
- $groupPrivileges = array_column($groupPrivileges, 'privilege');
+ $groupPrivileges = GroupPrivilegeModel::getPrivilegesByGroupId([
+ 'select' => ['privilege', 'parameters'],
+ 'groupId' => $args['id']
+ ]);
+ $groupPrivileges = array_column($groupPrivileges, 'parameters', 'privilege');
+ $groupPrivileges = array_map(function ($parameters) {
+ return json_decode($parameters, 'true');
+ }, $groupPrivileges);
$aPrivileges = PrivilegeController::PRIVILEGES;
foreach ($aPrivileges as $key => $value) {
- if (in_array($value['id'], $groupPrivileges)) {
+ if (array_key_exists($value['id'], $groupPrivileges)) {
$aPrivileges[$key]['checked'] = true;
+ $aPrivileges[$key]['parameters'] = $groupPrivileges[$value['id']];
} else {
$aPrivileges[$key]['checked'] = false;
}
@@ -173,40 +180,6 @@ class GroupController
return $response->withStatus(204);
}
- public function getGroupPrivilege(Request $request, Response $response, array $args)
- {
- if (!Validator::intVal()->notEmpty()->validate($args['id'])) {
- return $response->withStatus(400)->withJson(['errors' => 'Route id in not an integer']);
- }
- if (!Validator::stringType()->notEmpty()->validate($args['privilegeId'])) {
- return $response->withStatus(400)->withJson(['errors' => 'Route privilegeId is empty or not a string']);
- }
-
- $hasGroup = UserGroupModel::hasGroup(['userId' => $GLOBALS['id'], 'groupId' => $args['id']]);
- $hasRight = PrivilegeController::hasRightByPrivilege(['userId' => $GLOBALS['id'], 'groupId' => $args['id'], 'privilegeId' => $args['privilegeId'], 'readOnly' => true]);
- if (!$hasGroup && !$hasRight) {
- return $response->withStatus(403)->withJson(['errors' => 'Current user cannot see this privilege']);
- }
-
- $privilege = GroupPrivilegeModel::getPrivileges([
- 'where' => ['group_id = ?', 'privilege = ?'],
- 'data' => [$args['id'], $args['privilegeId']],
- 'limit' => 1
- ]);
-
- if (empty($privilege[0])) {
- return $response->withStatus(400)->withJson(['errors' => 'Privilege not enabled for this group']);
- }
-
- $privilege = [
- 'groupId' => $privilege[0]['group_id'],
- 'privilege' => $privilege[0]['privilege'],
- 'parameters' => json_decode($privilege[0]['parameters'], true)
- ];
-
- return $response->withJson($privilege);
- }
-
public function updateGroupPrivilege(Request $request, Response $response, array $args)
{
if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
--
GitLab