diff --git a/core/restservices.class.inc.php b/core/restservices.class.inc.php index 5316b52fb..79df08dad 100644 --- a/core/restservices.class.inc.php +++ b/core/restservices.class.inc.php @@ -136,9 +136,6 @@ public function SanitizeContent() { $this->fields[$sAttCode] = '******'; } - { - $this->fields[$sAttCode] = '******'; - } } } } @@ -709,11 +706,13 @@ class CoreServices implements iRestServiceProvider, iRestInputSanitizer case 'core/create': default : $sClass = $aJsonData['class']; - foreach ($aJsonData['fields'] as $sAttCode => $value) { + if (isset($aJsonData['fields'])) { + foreach ($aJsonData['fields'] as $sAttCode => $value) { $oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode); if ($oAttDef instanceof iAttributeNoGroupBy) // iAttributeNoGroupBy is equivalent to sensitive attribute { - $aJsonData['fields'][$sAttCode] = '*****'; + $aJsonData['fields'][$sAttCode] = '*****'; + } } } break; diff --git a/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php b/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php index 0e013338a..0db5ad9c9 100644 --- a/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php +++ b/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php @@ -119,22 +119,22 @@ class RestServicesTest extends ItopDataTestCase 'core/update' => [ 'core/update', ['comment' => 'Update user', 'class' => 'UserLocal', 'key' => ['login' => 'my_example'], 'output_fields' => 'password', 'fields' => ['password' => 'opkB!req57']], - '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"******","password":"******"}}},"code":0,"message":null}' + '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"","password":"******"}}},"code":0,"message":null}' ], 'core/create' => [ 'core/create', ['comment' => 'Create user', 'class' => 'UserLocal', 'fields' => ['password' => 'Azertyuiiop*12', 'login' => 'toto', 'profile_list' => [1]]], - '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"******","password":"******"}}},"code":0,"message":null}' + '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"","password":"******"}}},"code":0,"message":null}' ], 'core/get' => [ 'core/get', ['comment' => 'Get user', 'class' => 'UserLocal', 'key' => ['login' => 'my_example'], 'output_fields' => 'first_name, password'], - '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"******","password":"******"}}},"code":0,"message":null}' + '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"","password":"******"}}},"code":0,"message":null}' ], 'core/check_credentials' => [ 'core/check_credentials', ['user' => 'admin', 'password' => 'admin'], - '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"******","password":"******"}}},"code":0,"message":null}' ], + '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"","password":"******"}}},"code":0,"message":null}' ], ]; } }