composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-24 02:58:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

WIP

Browse Source
This commit is contained in:
jf-cbd
2025-02-27 16:00:58 +01:00
parent 944b1f557d
commit cb2a093498
2 changed files with 140 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
core/restservices.class.inc.php
View File

@@ -128,7 +128,7 @@ class ObjectResult
foreach($this->fields as $sAttCode => $value)
{
$oAttDef = MetaModel::GetAttributeDef($this->class, $sAttCode);
if ($oAttDef instanceof AttributeEncryptedString)
if ($oAttDef instanceof AttributeEncryptedString || $oAttDef instanceof AttributePassword)
{
$this->fields[$sAttCode] = '******';
}
@@ -688,8 +688,30 @@ class CoreServices implements iRestServiceProvider, iRestInputSanitizer
public function SanitizeJsonInput(string $sJsonInput): string
{
//TODO
return 'TODO: sanitized input';
$sSanitizedJsonInput = $sJsonInput;
$aJsonData = json_decode($sSanitizedJsonInput, true);
$sOperation = $aJsonData['operation'];
switch ($sOperation) {
case 'core/check_credentials':
if (isset($aJsonData['password'])) {
$aJsonData['password'] = '*****';
}
break;
case 'core/update':
case 'core/create':
default :
$sClass = $aJsonData['class'];
foreach ($aJsonData['fields'] as $sAttCode => $value) {
$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
if ($oAttDef instanceof AttributePassword || $oAttDef instanceof AttributeEncryptedPassword) {
$aJsonData['fields'][$sAttCode] = '*****';
}
}
// TODO : fields type relations avec champs sensible dedans
break;
}
return json_encode($aJsonData);
}
/**