mirror of
https://github.com/Combodo/iTop.git
synced 2026-04-26 03:58:45 +02:00
N°6933 - Symfony 6.4 - Remove deprecated calls (#577)
* N°6933 - SF 6.4 - Remove deprecated calls
- BrowseBrickController (services access)
* N°6933 - SF 6.4 - Remove deprecated calls
- AggregatePageBrickController (services access)
* N°6933 - SF 6.4 - Remove deprecated calls
- CreateBrickController (services access)
* N°6933 - SF 6.4 - Remove deprecated calls
- ManageBrickController (services access)
* N°6933 - SF 6.4 - Remove deprecated calls
- ObjectController (services access)
* N°6933 - SF 6.4 - Remove deprecated calls
- SessionMessageController (services access)
* N°6933 - SF 6.4 - Remove deprecated calls
- UserProfileBrickController (services access)
* N°6933 - SF 6.4 - Remove deprecated calls
- AbstractController (remove getSubscribedServices override, add setter for router service injection)
* Fix SessionMessageController Call to a member function AddMessage() on null
* Fix depreciation on Request::HEADER_X_FORWARDED_ALL constant in index.php
Chose to move the protection to the yaml config instead as it is possible since Symfony 5.2
Also removed default support for the $_SERVER['TRUSTED_PROXIES'], seems too untrusty. Use TRUSTED_PROXIES env var instead !
See https://jolicode.com/blog/symfony-reverse-proxies-and-ip-protection
* ✏️ N°6933 - SF 6.4 - Remove deprecated calls
- AbstractController (typo)
* N°6933 - SF 6.4 - Remove deprecated calls
- CreateBrickController (remove return type)
* Revert "Fix depreciation on Request::HEADER_X_FORWARDED_ALL constant in index.php"
This reverts commit be4daef79a.
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/AbstractController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/BrowseBrickController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/BrowseBrickController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/ObjectController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/AggregatePageBrickController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/UserProfileBrickController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/UserProfileBrickController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/UserProfileBrickController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/SessionMessageController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* Update datamodels/2.x/itop-portal-base/portal/src/Controller/BrowseBrickController.php
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
* N°6933 - SF 6.4 - Remove deprecated calls
- ALl controllers (php doc and parameters names)
---------
Co-authored-by: Pierre Goiffon <pierre.goiffon@combodo.com>
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
This commit is contained in:
bdalsass
@@ -27,9 +27,16 @@ use AttributeFriendlyName;
|
||||
use AttributeImage;
|
||||
use BinaryExpression;
|
||||
use Combodo\iTop\Form\Field\DateTimeField;
|
||||
use Combodo\iTop\Portal\Brick\BrickCollection;
|
||||
use Combodo\iTop\Portal\Brick\CreateBrick;
|
||||
use Combodo\iTop\Portal\Helper\ApplicationHelper;
|
||||
use Combodo\iTop\Portal\Helper\ContextManipulatorHelper;
|
||||
use Combodo\iTop\Portal\Helper\NavigationRuleHelper;
|
||||
use Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper;
|
||||
use Combodo\iTop\Portal\Helper\RequestManipulatorHelper;
|
||||
use Combodo\iTop\Portal\Helper\ScopeValidatorHelper;
|
||||
use Combodo\iTop\Portal\Helper\SecurityHelper;
|
||||
use Combodo\iTop\Portal\Routing\UrlGenerator;
|
||||
use Combodo\iTop\Renderer\Bootstrap\FieldRenderer\BsLinkedSetFieldRenderer;
|
||||
use DBObject;
|
||||
use DBObjectSearch;
|
||||
@@ -67,6 +74,31 @@ class ObjectController extends BrickController
|
||||
const DEFAULT_PAGE_NUMBER = 1;
|
||||
const DEFAULT_LIST_LENGTH = 10;
|
||||
|
||||
/**
|
||||
* @param \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper
|
||||
* @param \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidatorHelper
|
||||
* @param \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulatorHelper
|
||||
* @param \Combodo\iTop\Portal\Routing\UrlGenerator $oUrlGenerator
|
||||
* @param \Combodo\iTop\Portal\Brick\BrickCollection $oBrickCollection
|
||||
* @param \Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper $oObjectFormHandlerHelper
|
||||
* @param \Combodo\iTop\Portal\Helper\NavigationRuleHelper $oNavigationRuleHelper
|
||||
*
|
||||
* @since 3.2.0 N°6933
|
||||
*/
|
||||
public function __construct(
|
||||
protected SecurityHelper $oSecurityHelper,
|
||||
protected ScopeValidatorHelper $oScopeValidatorHelper,
|
||||
protected RequestManipulatorHelper $oRequestManipulatorHelper,
|
||||
protected UrlGenerator $oUrlGenerator,
|
||||
protected BrickCollection $oBrickCollection,
|
||||
protected ObjectFormHandlerHelper $oObjectFormHandlerHelper,
|
||||
protected NavigationRuleHelper $oNavigationRuleHelper,
|
||||
protected ContextManipulatorHelper $oContextManipulatorHelper
|
||||
|
||||
)
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Displays an cmdbAbstractObject (from its ID) if the connected user is allowed to.
|
||||
*
|
||||
@@ -85,11 +117,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function ViewAction(Request $oRequest, $sObjectClass, $sObjectId)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
|
||||
// Checking parameters
|
||||
if ($sObjectClass === '' || $sObjectId === '') {
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : sObjectClass and sObjectId expected, "'.$sObjectClass.'" and "'.$sObjectId.'" given.');
|
||||
@@ -97,14 +124,14 @@ class ObjectController extends BrickController
|
||||
}
|
||||
|
||||
// Checking security layers
|
||||
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sObjectClass, $sObjectId)) {
|
||||
if (!$this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sObjectClass, $sObjectId)) {
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to read '.$sObjectClass.'::'.$sObjectId.' object.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
}
|
||||
|
||||
// Retrieving object
|
||||
$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* MustBeFound */,
|
||||
$oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
$this->oScopeValidatorHelper->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
if ($oObject === null) {
|
||||
// We should never be there as the secuirty helper makes sure that the object exists, but just in case.
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : Could not load object '.$sObjectClass.'::'.$sObjectId.'.');
|
||||
@@ -134,11 +161,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function ViewFromAttributeAction(Request $oRequest, $sObjectClass, $sObjectAttCode, $sObjectAttValue)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
|
||||
// Checking parameters
|
||||
if ($sObjectClass === '' || $sObjectAttCode === '' || $sObjectAttValue === '') {
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : sObjectClass and sObjectAttCode/sObjectAttValue expected, "'
|
||||
@@ -147,7 +169,7 @@ class ObjectController extends BrickController
|
||||
}
|
||||
|
||||
$oObject = MetaModel::GetObjectByColumn($sObjectClass, $sObjectAttCode, $sObjectAttValue, false,
|
||||
$oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
$this->oScopeValidatorHelper->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
if ($oObject === null) {
|
||||
// null if object not found or multiple matches
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : Could not load object '.$sObjectClass.'" and "'.$sObjectAttCode.' / '.$sObjectAttValue.'.');
|
||||
@@ -156,7 +178,7 @@ class ObjectController extends BrickController
|
||||
|
||||
// Checking security layers
|
||||
$sObjectId = $oObject->GetKey();
|
||||
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sObjectClass, $sObjectId)) {
|
||||
if (!$this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sObjectClass, $sObjectId)) {
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to read '.$sObjectClass.'::'.$sObjectId.' object.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
}
|
||||
@@ -182,31 +204,21 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
protected function PrepareViewObjectResponse(Request $oRequest, DBObject $oObject)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Routing\UrlGenerator $oUrlGenerator */
|
||||
$oUrlGenerator = $this->get('url_generator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper $oObjectFormHandler */
|
||||
$oObjectFormHandler = $this->get('object_form_handler');
|
||||
/** @var \Combodo\iTop\Portal\Brick\BrickCollection $oBrickCollection */
|
||||
$oBrickCollection = $this->get('brick_collection');
|
||||
|
||||
$sOperation = $oRequestManipulator->ReadParam('operation', '');
|
||||
$sOperation = $this->oRequestManipulatorHelper->ReadParam('operation', '');
|
||||
$sObjectClass = get_class($oObject);
|
||||
$sObjectId = $oObject->GetKey();
|
||||
|
||||
$oObject->FireEvent(EVENT_DISPLAY_OBJECT_DETAILS);
|
||||
|
||||
$aData = array('sMode' => 'view');
|
||||
$aData['form'] = $oObjectFormHandler->HandleForm($oRequest, $aData['sMode'], $sObjectClass, $sObjectId);
|
||||
$aData['form'] = $this->oObjectFormHandlerHelper->HandleForm($oRequest, $aData['sMode'], $sObjectClass, $sObjectId);
|
||||
$aData['form']['title'] = Dict::Format('Brick:Portal:Object:Form:View:Title', MetaModel::GetName($sObjectClass),
|
||||
$oObject->GetName());
|
||||
|
||||
// Add an edit button if user is allowed
|
||||
if ($oSecurityHelper->IsActionAllowed(UR_ACTION_MODIFY, $sObjectClass, $sObjectId)) {
|
||||
$sModifyUrl = $oUrlGenerator->generate('p_object_edit', array('sObjectClass' => $sObjectClass, 'sObjectId' => $sObjectId));
|
||||
if ($this->oSecurityHelper->IsActionAllowed(UR_ACTION_MODIFY, $sObjectClass, $sObjectId)) {
|
||||
$sModifyUrl = $this->oUrlGenerator->generate('p_object_edit', array('sObjectClass' => $sObjectClass, 'sObjectId' => $sObjectId));
|
||||
$oModifyButton = new JSButtonItem(
|
||||
'modify_object',
|
||||
Dict::S('UI:Menu:Modify'),
|
||||
@@ -226,9 +238,9 @@ class ObjectController extends BrickController
|
||||
}
|
||||
} else {
|
||||
// Adding brick if it was passed
|
||||
$sBrickId = $oRequestManipulator->ReadParam('sBrickId', '');
|
||||
$sBrickId = $this->oRequestManipulatorHelper->ReadParam('sBrickId', '');
|
||||
if (!empty($sBrickId)) {
|
||||
$oBrick = $oBrickCollection->GetBrickById($sBrickId);
|
||||
$oBrick = $this->oBrickCollection->GetBrickById($sBrickId);
|
||||
if ($oBrick !== null) {
|
||||
$aData['oBrick'] = $oBrick;
|
||||
}
|
||||
@@ -256,17 +268,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function EditAction(Request $oRequest, $sObjectClass, $sObjectId)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper $oObjectFormHandler */
|
||||
$oObjectFormHandler = $this->get('object_form_handler');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
/** @var \Combodo\iTop\Portal\Brick\BrickCollection $oBrickCollection */
|
||||
$oBrickCollection = $this->get('brick_collection');
|
||||
|
||||
// Checking parameters
|
||||
if ($sObjectClass === '' || $sObjectId === '')
|
||||
{
|
||||
@@ -277,7 +278,7 @@ class ObjectController extends BrickController
|
||||
// Checking security layers
|
||||
// Warning : This is a dirty quick fix to allow editing its own contact information
|
||||
$bAllowWrite = ($sObjectClass === 'Person' && $sObjectId == UserRights::GetContactId());
|
||||
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_MODIFY, $sObjectClass, $sObjectId) && !$bAllowWrite)
|
||||
if (!$this->oSecurityHelper->IsActionAllowed(UR_ACTION_MODIFY, $sObjectClass, $sObjectId) && !$bAllowWrite)
|
||||
{
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to modify '.$sObjectClass.'::'.$sObjectId.' object.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
@@ -285,7 +286,7 @@ class ObjectController extends BrickController
|
||||
|
||||
// Retrieving object
|
||||
$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* MustBeFound */,
|
||||
$oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
$this->oScopeValidatorHelper->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
if ($oObject === null)
|
||||
{
|
||||
// We should never be there as the secuirty helper makes sure that the object exists, but just in case.
|
||||
@@ -293,10 +294,10 @@ class ObjectController extends BrickController
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
}
|
||||
|
||||
$sOperation = $oRequestManipulator->ReadParam('operation', '');
|
||||
$sOperation = $this->oRequestManipulatorHelper->ReadParam('operation', '');
|
||||
|
||||
$aData = array('sMode' => 'edit');
|
||||
$aData['form'] = $oObjectFormHandler->HandleForm($oRequest, $aData['sMode'], $sObjectClass, $sObjectId);
|
||||
$aData['form'] = $this->oObjectFormHandlerHelper->HandleForm($oRequest, $aData['sMode'], $sObjectClass, $sObjectId);
|
||||
$aData['form']['title'] = Dict::Format('Brick:Portal:Object:Form:Edit:Title', MetaModel::GetName($sObjectClass),
|
||||
$aData['form']['object_name']);
|
||||
|
||||
@@ -316,10 +317,10 @@ class ObjectController extends BrickController
|
||||
else
|
||||
{
|
||||
// Adding brick if it was passed
|
||||
$sBrickId = $oRequestManipulator->ReadParam('sBrickId', '');
|
||||
$sBrickId = $this->oRequestManipulatorHelper->ReadParam('sBrickId', '');
|
||||
if (!empty($sBrickId))
|
||||
{
|
||||
$oBrick = $oBrickCollection->GetBrickById($sBrickId);
|
||||
$oBrick = $this->oBrickCollection->GetBrickById($sBrickId);
|
||||
if ($oBrick !== null)
|
||||
{
|
||||
$aData['oBrick'] = $oBrick;
|
||||
@@ -436,19 +437,6 @@ class ObjectController extends BrickController
|
||||
/** @var array $aCombodoPortalInstanceConf */
|
||||
$aCombodoPortalInstanceConf = $this->getParameter('combodo.portal.instance.conf');
|
||||
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Routing\UrlGenerator $oUrlGenerator */
|
||||
$oUrlGenerator = $this->get('url_generator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\NavigationRuleHelper $oNavigationRuleHelper */
|
||||
$oNavigationRuleHelper = $this->get('navigation_rule_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper $oObjectFormHandler */
|
||||
$oObjectFormHandler = $this->get('object_form_handler');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
|
||||
// Checking parameters
|
||||
if ($sObjectClass === '' || $sObjectId === '' || $sStimulusCode === '')
|
||||
{
|
||||
@@ -458,18 +446,18 @@ class ObjectController extends BrickController
|
||||
}
|
||||
|
||||
// Checking security layers
|
||||
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_MODIFY, $sObjectClass, $sObjectId))
|
||||
if (!$this->oSecurityHelper->IsActionAllowed(UR_ACTION_MODIFY, $sObjectClass, $sObjectId))
|
||||
{
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to modify '.$sObjectClass.'::'.$sObjectId.' object.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
}
|
||||
if (!$oSecurityHelper->IsStimulusAllowed($sStimulusCode, $sObjectClass))
|
||||
if (!$this->oSecurityHelper->IsStimulusAllowed($sStimulusCode, $sObjectClass))
|
||||
{
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
}
|
||||
|
||||
// Retrieving object
|
||||
$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* MustBeFound */, $oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* MustBeFound */, $this->oScopeValidatorHelper->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
|
||||
if ($oObject === null)
|
||||
{
|
||||
// We should never be there as the secuirty helper makes sure that the object exists, but just in case.
|
||||
@@ -478,7 +466,7 @@ class ObjectController extends BrickController
|
||||
}
|
||||
|
||||
// Retrieving request parameters
|
||||
$sOperation = $oRequestManipulator->ReadParam('operation', '');
|
||||
$sOperation = $this->oRequestManipulatorHelper->ReadParam('operation', '');
|
||||
|
||||
// Retrieving form properties
|
||||
$aStimuliForms = ApplicationHelper::GetLoadedFormFromClass($aCombodoPortalInstanceConf['forms'], $sObjectClass, 'apply_stimulus');
|
||||
@@ -505,7 +493,7 @@ class ObjectController extends BrickController
|
||||
$oRequest->request->set('apply_stimulus', array('code' => $sStimulusCode));
|
||||
|
||||
$aData = array('sMode' => 'apply_stimulus');
|
||||
$aData['form'] = $oObjectFormHandler->HandleForm($oRequest, $aData['sMode'], $sObjectClass, $sObjectId, $aFormProperties);
|
||||
$aData['form'] = $this->oObjectFormHandlerHelper->HandleForm($oRequest, $aData['sMode'], $sObjectClass, $sObjectId, $aFormProperties);
|
||||
$aData['form']['title'] = Dict::Format('Brick:Portal:Object:Form:Stimulus:Title');
|
||||
|
||||
// TODO : This is a ugly patch to avoid showing a modal with a readonly form to the user as it would prevent user from finishing the transition.
|
||||
@@ -523,12 +511,12 @@ class ObjectController extends BrickController
|
||||
$oSubRequest->request->set('formmanager_data', json_encode($aData['form']['formmanager_data']));
|
||||
|
||||
$aData = array('sMode' => 'apply_stimulus');
|
||||
$aData['form'] = $oObjectFormHandler->HandleForm($oSubRequest, $aData['sMode'], $sObjectClass, $sObjectId,
|
||||
$aData['form'] = $this->oObjectFormHandlerHelper->HandleForm($oSubRequest, $aData['sMode'], $sObjectClass, $sObjectId,
|
||||
$aFormProperties);
|
||||
|
||||
// Reload the object to make sure we have it in a clean state
|
||||
$oObject->Reload(true);
|
||||
$aNavigationRules = $oNavigationRuleHelper->PrepareRulesForForm($aFormProperties, $oObject, true);
|
||||
$aNavigationRules = $this->oNavigationRuleHelper->PrepareRulesForForm($aFormProperties, $oObject, true);
|
||||
|
||||
// Redefining the array to be as simple as possible :
|
||||
$aData = array(
|
||||
@@ -585,16 +573,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function SearchAutocompleteAction(Request $oRequest, $sTargetAttCode, $sHostObjectClass, $sHostObjectId = null)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ContextManipulatorHelper $oContextManipulator */
|
||||
$oContextManipulator = $this->get('context_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper $oFormHandlerHelper */
|
||||
$oFormHandlerHelper = $this->get('object_form_handler');
|
||||
|
||||
$aData = array(
|
||||
'results' => array(
|
||||
@@ -618,7 +596,7 @@ class ObjectController extends BrickController
|
||||
$sFieldId = $aRequestContent['sFieldId'];
|
||||
|
||||
// Checking security layers
|
||||
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostObjectClass, $sHostObjectId))
|
||||
if (!$this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostObjectClass, $sHostObjectId))
|
||||
{
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : Could not load object '.$sHostObjectClass.'::'.$sHostObjectId.'.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
@@ -637,10 +615,10 @@ class ObjectController extends BrickController
|
||||
//
|
||||
// Note : The action rules must be a base64-encoded JSON object, this is just so users are tempted to changes values.
|
||||
// But it would not be a security issue as it only presets values in the form.
|
||||
$sActionRulesToken = $oRequestManipulator->ReadParam('ar_token', '');
|
||||
$aActionRules = (!empty($sActionRulesToken)) ? $oContextManipulator->DecodeRulesToken($sActionRulesToken) : array();
|
||||
$sActionRulesToken = $this->oRequestManipulatorHelper->ReadParam('ar_token', '');
|
||||
$aActionRules = (!empty($sActionRulesToken)) ? $this->oContextManipulatorHelper->DecodeRulesToken($sActionRulesToken) : array();
|
||||
// Preparing object
|
||||
$oContextManipulator->PrepareObject($aActionRules, $oHostObject);
|
||||
$this->oContextManipulatorHelper->PrepareObject($aActionRules, $oHostObject);
|
||||
}
|
||||
|
||||
// Updating host object with form data / values
|
||||
@@ -649,14 +627,14 @@ class ObjectController extends BrickController
|
||||
if (!empty($sFormManagerClass) && !empty($sFormManagerData)) {
|
||||
/** @var \Combodo\iTop\Portal\Form\ObjectFormManager $oFormManager */
|
||||
$oFormManager = $sFormManagerClass::FromJSON($sFormManagerData);
|
||||
$oFormManager->SetObjectFormHandlerHelper($oFormHandlerHelper);
|
||||
$oFormManager->SetObjectFormHandlerHelper($this->oObjectFormHandlerHelper);
|
||||
$oFormManager->SetObject($oHostObject);
|
||||
|
||||
// Applying action rules if present
|
||||
if (($oFormManager->GetActionRulesToken() !== null) && ($oFormManager->GetActionRulesToken() !== '')) {
|
||||
$aActionRules = ContextManipulatorHelper::DecodeRulesToken($oFormManager->GetActionRulesToken());
|
||||
$oObj = $oFormManager->GetObject();
|
||||
$oContextManipulator->PrepareObject($aActionRules, $oObj);
|
||||
$this->oContextManipulatorHelper->PrepareObject($aActionRules, $oObj);
|
||||
$oFormManager->SetObject($oObj);
|
||||
}
|
||||
|
||||
@@ -700,7 +678,7 @@ class ObjectController extends BrickController
|
||||
// It is the responsibility of the template designer to write the right query so the user see only what he should.
|
||||
if ($oTargetAttDef->GetEditClass() !== 'CustomFields')
|
||||
{
|
||||
$oScopeSearch = $oScopeValidator->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ);
|
||||
$oScopeSearch = $this->oScopeValidatorHelper->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ);
|
||||
$oSearch = $oSearch->Intersect($oScopeSearch);
|
||||
// - Allowing all data if necessary
|
||||
if ($oScopeSearch->IsAllDataAllowed())
|
||||
@@ -765,27 +743,16 @@ class ObjectController extends BrickController
|
||||
/** @var array $aCombodoPortalInstanceConf */
|
||||
$aCombodoPortalInstanceConf = $this->getParameter('combodo.portal.instance.conf');
|
||||
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ContextManipulatorHelper $oContextManipulator */
|
||||
$oContextManipulator = $this->get('context_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper $oFormHandlerHelper */
|
||||
$oFormHandlerHelper = $this->get('object_form_handler');
|
||||
|
||||
$aData = array(
|
||||
'sMode' => 'search_regular',
|
||||
'sTargetAttCode' => $sTargetAttCode,
|
||||
'sHostObjectClass' => $sHostObjectClass,
|
||||
'sHostObjectId' => $sHostObjectId,
|
||||
'sActionRulesToken' => $oRequestManipulator->ReadParam('ar_token', ''),
|
||||
'sActionRulesToken' => $this->oRequestManipulatorHelper->ReadParam('ar_token', ''),
|
||||
);
|
||||
|
||||
// Checking security layers
|
||||
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostObjectClass, $sHostObjectId))
|
||||
if (!$this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostObjectClass, $sHostObjectId))
|
||||
{
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to read '.$sHostObjectClass.'::'.$sHostObjectId.' object.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
@@ -806,41 +773,41 @@ class ObjectController extends BrickController
|
||||
// But it would not be a security issue as it only presets values in the form.
|
||||
$aActionRules = !empty($aData['sActionRulesToken']) ? ContextManipulatorHelper::DecodeRulesToken($aData['sActionRulesToken']) : array();
|
||||
// Preparing object
|
||||
$oContextManipulator->PrepareObject($aActionRules, $oHostObject);
|
||||
$this->oContextManipulatorHelper->PrepareObject($aActionRules, $oHostObject);
|
||||
}
|
||||
|
||||
// Updating host object with form data / values
|
||||
$sFormManagerClass = $oRequestManipulator->ReadParam('formmanager_class', '', FILTER_UNSAFE_RAW);
|
||||
$sFormManagerData = $oRequestManipulator->ReadParam('formmanager_data', '', FILTER_UNSAFE_RAW);
|
||||
$sFormManagerClass = $this->oRequestManipulatorHelper->ReadParam('formmanager_class', '', FILTER_UNSAFE_RAW);
|
||||
$sFormManagerData = $this->oRequestManipulatorHelper->ReadParam('formmanager_data', '', FILTER_UNSAFE_RAW);
|
||||
if (!empty($sFormManagerClass) && !empty($sFormManagerData)) {
|
||||
/** @var \Combodo\iTop\Portal\Form\ObjectFormManager $oFormManager */
|
||||
$oFormManager = $sFormManagerClass::FromJSON($sFormManagerData);
|
||||
$oFormManager->SetObjectFormHandlerHelper($oFormHandlerHelper);
|
||||
$oFormManager->SetObjectFormHandlerHelper($this->oObjectFormHandlerHelper);
|
||||
$oFormManager->SetObject($oHostObject);
|
||||
|
||||
// Applying action rules if present
|
||||
if (($oFormManager->GetActionRulesToken() !== null) && ($oFormManager->GetActionRulesToken() !== '')) {
|
||||
$aActionRules = ContextManipulatorHelper::DecodeRulesToken($oFormManager->GetActionRulesToken());
|
||||
$oObj = $oFormManager->GetObject();
|
||||
$oContextManipulator->PrepareObject($aActionRules, $oObj);
|
||||
$this->oContextManipulatorHelper->PrepareObject($aActionRules, $oObj);
|
||||
$oFormManager->SetObject($oObj);
|
||||
}
|
||||
|
||||
// Updating host object
|
||||
$oFormManager->OnUpdate(array(
|
||||
'currentValues' => $oRequestManipulator->ReadParam('current_values', array(), FILTER_UNSAFE_RAW),
|
||||
'currentValues' => $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW),
|
||||
));
|
||||
$oHostObject = $oFormManager->GetObject();
|
||||
}
|
||||
|
||||
// Retrieving request parameters
|
||||
$iPageNumber = $oRequestManipulator->ReadParam('iPageNumber', static::DEFAULT_PAGE_NUMBER, FILTER_SANITIZE_NUMBER_INT);
|
||||
$iListLength = $oRequestManipulator->ReadParam('iListLength', static::DEFAULT_LIST_LENGTH, FILTER_SANITIZE_NUMBER_INT);
|
||||
$bInitialPass = $oRequestManipulator->HasParam('draw') ? false : true;
|
||||
$sQuery = $oRequestManipulator->ReadParam('sSearchValue', '');
|
||||
$sFormPath = $oRequestManipulator->ReadParam('sFormPath', '');
|
||||
$sFieldId = $oRequestManipulator->ReadParam('sFieldId', '');
|
||||
$aObjectIdsToIgnore = $oRequestManipulator->ReadParam('aObjectIdsToIgnore', null, FILTER_UNSAFE_RAW);
|
||||
$iPageNumber = $this->oRequestManipulatorHelper->ReadParam('iPageNumber', static::DEFAULT_PAGE_NUMBER, FILTER_SANITIZE_NUMBER_INT);
|
||||
$iListLength = $this->oRequestManipulatorHelper->ReadParam('iListLength', static::DEFAULT_LIST_LENGTH, FILTER_SANITIZE_NUMBER_INT);
|
||||
$bInitialPass = $this->oRequestManipulatorHelper->HasParam('draw') ? false : true;
|
||||
$sQuery = $this->oRequestManipulatorHelper->ReadParam('sSearchValue', '');
|
||||
$sFormPath = $this->oRequestManipulatorHelper->ReadParam('sFormPath', '');
|
||||
$sFieldId = $this->oRequestManipulatorHelper->ReadParam('sFieldId', '');
|
||||
$aObjectIdsToIgnore = $this->oRequestManipulatorHelper->ReadParam('aObjectIdsToIgnore', null, FILTER_UNSAFE_RAW);
|
||||
|
||||
// Building search query
|
||||
// - Retrieving target object class from attcode
|
||||
@@ -889,7 +856,7 @@ class ObjectController extends BrickController
|
||||
// - Retrieving scope search
|
||||
// Note : This do NOT apply to custom fields as the portal administrator is not supposed to know which objects will be put in the templates.
|
||||
// It is the responsibility of the template designer to write the right query so the user see only what he should.
|
||||
$oScopeSearch = $oScopeValidator->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ);
|
||||
$oScopeSearch = $this->oScopeValidatorHelper->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sTargetObjectClass, UR_ACTION_READ);
|
||||
$aInternalParams = array();
|
||||
if (($oScopeSearch === null) && ($oTargetAttDef->GetEditClass() !== 'CustomFields'))
|
||||
{
|
||||
@@ -1083,12 +1050,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function DocumentAction(Request $oRequest, $sOperation = null)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
|
||||
// Setting default operation
|
||||
if ($sOperation === null)
|
||||
@@ -1097,9 +1058,9 @@ class ObjectController extends BrickController
|
||||
}
|
||||
|
||||
// Retrieving ormDocument's host object
|
||||
$sObjectClass = $oRequestManipulator->ReadParam('sObjectClass', '');
|
||||
$sObjectId = $oRequestManipulator->ReadParam('sObjectId', '');
|
||||
$sObjectField = $oRequestManipulator->ReadParam('sObjectField', '');
|
||||
$sObjectClass = $this->oRequestManipulatorHelper->ReadParam('sObjectClass', '');
|
||||
$sObjectId = $this->oRequestManipulatorHelper->ReadParam('sObjectId', '');
|
||||
$sObjectField = $this->oRequestManipulatorHelper->ReadParam('sObjectField', '');
|
||||
$bCheckSecurity = true;
|
||||
|
||||
// When reaching to an Attachment, we have to check security on its host object instead of the Attachment itself
|
||||
@@ -1114,7 +1075,7 @@ class ObjectController extends BrickController
|
||||
$sHostId = $oAttachment->Get('item_id');
|
||||
|
||||
// Attachments could be linked to host objects without an org_id. Retrieving the attachment would fail if enforced silos are based on org_id
|
||||
if($oAttachment->Get('item_org_id') === 0 && ($sHostId > 0) && $oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostClass, $sHostId)) {
|
||||
if($oAttachment->Get('item_org_id') === 0 && ($sHostId > 0) && $this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostClass, $sHostId)) {
|
||||
$bCheckSecurity = false;
|
||||
}
|
||||
|
||||
@@ -1132,14 +1093,14 @@ class ObjectController extends BrickController
|
||||
|
||||
// Checking security layers
|
||||
// Note: Checking if host object already exists as we can try to download document from an object that is being created
|
||||
if (($bCheckSecurity === true) && ($sHostId > 0) && !$oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostClass, $sHostId))
|
||||
if (($bCheckSecurity === true) && ($sHostId > 0) && !$this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sHostClass, $sHostId))
|
||||
{
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to retrieve document from attribute '.$sObjectField.' as it not allowed to read '.$sHostClass.'::'.$sHostId.' object.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
}
|
||||
|
||||
// Retrieving object
|
||||
$bAllowAllDataFlag = ($bCheckSecurity === false) ? true : $oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sHostClass);
|
||||
$bAllowAllDataFlag = ($bCheckSecurity === false) ? true : $this->oScopeValidatorHelper->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sHostClass);
|
||||
$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* Must not be found */, $bAllowAllDataFlag);
|
||||
if ($oObject === null)
|
||||
{
|
||||
@@ -1156,7 +1117,7 @@ class ObjectController extends BrickController
|
||||
}
|
||||
else
|
||||
{
|
||||
$iCacheSec = $oRequestManipulator->ReadParam('cache', 0, FILTER_SANITIZE_NUMBER_INT);
|
||||
$iCacheSec = $this->oRequestManipulatorHelper->ReadParam('cache', 0, FILTER_SANITIZE_NUMBER_INT);
|
||||
}
|
||||
|
||||
$aHeaders = array();
|
||||
@@ -1204,11 +1165,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function AttachmentAction(Request $oRequest, $sOperation = null)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Routing\UrlGenerator $oUrlGenerator */
|
||||
$oUrlGenerator = $this->get('url_generator');
|
||||
|
||||
$aData = array(
|
||||
'att_id' => 0,
|
||||
'preview' => false,
|
||||
@@ -1218,14 +1174,14 @@ class ObjectController extends BrickController
|
||||
// Retrieving sOperation from request only if it wasn't forced (determined by the route)
|
||||
if ($sOperation === null)
|
||||
{
|
||||
$sOperation = $oRequestManipulator->ReadParam('operation', null);
|
||||
$sOperation = $this->oRequestManipulatorHelper->ReadParam('operation', null);
|
||||
}
|
||||
switch ($sOperation)
|
||||
{
|
||||
case 'add':
|
||||
$sFieldName = $oRequestManipulator->ReadParam('field_name', '');
|
||||
$sObjectClass = $oRequestManipulator->ReadParam('object_class', '');
|
||||
$sTempId = $oRequestManipulator->ReadParam('temp_id', '');
|
||||
$sFieldName = $this->oRequestManipulatorHelper->ReadParam('field_name', '');
|
||||
$sObjectClass = $this->oRequestManipulatorHelper->ReadParam('object_class', '');
|
||||
$sTempId = $this->oRequestManipulatorHelper->ReadParam('temp_id', '');
|
||||
|
||||
if (empty($sObjectClass) || empty($sTempId))
|
||||
{
|
||||
@@ -1277,7 +1233,7 @@ class ObjectController extends BrickController
|
||||
// - Route
|
||||
$aRouteParams = array(
|
||||
'sObjectClass' => 'Attachment',
|
||||
'sObjectId' => $oRequestManipulator->ReadParam('sAttachmentId', null),
|
||||
'sObjectId' => $this->oRequestManipulatorHelper->ReadParam('sAttachmentId', null),
|
||||
'sObjectField' => 'contents',
|
||||
);
|
||||
|
||||
@@ -1313,17 +1269,13 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function GetInformationAsJsonAction(Request $oRequest)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
|
||||
$aData = array();
|
||||
|
||||
// Retrieving parameters
|
||||
$sObjectClass = $oRequestManipulator->ReadParam('sObjectClass', '');
|
||||
$aObjectIds = $oRequestManipulator->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectAttCodes = $oRequestManipulator->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$sObjectClass = $this->oRequestManipulatorHelper->ReadParam('sObjectClass', '');
|
||||
$aObjectIds = $this->oRequestManipulatorHelper->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectAttCodes = $this->oRequestManipulatorHelper->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
if (empty($sObjectClass) || empty($aObjectIds) || empty($aObjectAttCodes)) {
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : sObjectClass, aObjectIds and aObjectAttCodes expected, "'.$sObjectClass.'", "'.implode('/',
|
||||
$aObjectIds).'" given.');
|
||||
@@ -1331,7 +1283,7 @@ class ObjectController extends BrickController
|
||||
}
|
||||
|
||||
// Building the search
|
||||
$bIgnoreSilos = $oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass);
|
||||
$bIgnoreSilos = $this->oScopeValidatorHelper->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass);
|
||||
$aParams = array('objects_id' => $aObjectIds);
|
||||
$oSearch = DBObjectSearch::FromOQL("SELECT $sObjectClass WHERE id IN (:objects_id)");
|
||||
if ($bIgnoreSilos === true) {
|
||||
@@ -1371,11 +1323,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
public function GetInformationForLinkedSetAsJsonAction(Request $oRequest)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ScopeValidatorHelper $oScopeValidator */
|
||||
$oScopeValidator = $this->get('scope_validator');
|
||||
|
||||
// Data array
|
||||
$aData = array(
|
||||
'js_inline' => '',
|
||||
@@ -1383,12 +1330,12 @@ class ObjectController extends BrickController
|
||||
);
|
||||
|
||||
// Retrieving parameters
|
||||
$sObjectClass = $oRequestManipulator->ReadParam('sObjectClass', '');
|
||||
$sLinkClass = $oRequestManipulator->ReadParam('sLinkClass', '');
|
||||
$aObjectIds = $oRequestManipulator->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectAttCodes = $oRequestManipulator->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$aLinkAttCodes = $oRequestManipulator->ReadParam('aLinkAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$sDateTimePickerWidgetParent = $oRequestManipulator->ReadParam('sDateTimePickerWidgetParent', array(), FILTER_UNSAFE_RAW);
|
||||
$sObjectClass = $this->oRequestManipulatorHelper->ReadParam('sObjectClass', '');
|
||||
$sLinkClass = $this->oRequestManipulatorHelper->ReadParam('sLinkClass', '');
|
||||
$aObjectIds = $this->oRequestManipulatorHelper->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectAttCodes = $this->oRequestManipulatorHelper->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$aLinkAttCodes = $this->oRequestManipulatorHelper->ReadParam('aLinkAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$sDateTimePickerWidgetParent = $this->oRequestManipulatorHelper->ReadParam('sDateTimePickerWidgetParent', array(), FILTER_UNSAFE_RAW);
|
||||
|
||||
if (empty($sObjectClass) || empty($aObjectIds) || empty($aObjectAttCodes)) {
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : sObjectClass, aObjectIds and aObjectAttCodes expected, "'.$sObjectClass.'", "'.implode('/',
|
||||
@@ -1397,7 +1344,7 @@ class ObjectController extends BrickController
|
||||
}
|
||||
|
||||
// Building the search
|
||||
$bIgnoreSilos = $oScopeValidator->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass);
|
||||
$bIgnoreSilos = $this->oScopeValidatorHelper->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass);
|
||||
$aParams = array('objects_id' => $aObjectIds);
|
||||
$oSearch = DBObjectSearch::FromOQL("SELECT $sObjectClass WHERE id IN (:objects_id)");
|
||||
if ($bIgnoreSilos === true)
|
||||
@@ -1460,11 +1407,6 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
protected function PrepareObjectInformation(DBObject $oObject, $aAttCodes = array())
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Routing\UrlGenerator $oUrlGenerator */
|
||||
$oUrlGenerator = $this->get('url_generator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
|
||||
$sObjectClass = get_class($oObject);
|
||||
$aObjectData = array(
|
||||
'id' => $oObject->GetKey(),
|
||||
@@ -1496,9 +1438,9 @@ class ObjectController extends BrickController
|
||||
$aAttData['value'] = $oObject->GetAsHTML($oAttDef->GetCode().'_friendlyname');
|
||||
|
||||
// Checking if user can access object's external key
|
||||
if ($oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $oAttDef->GetTargetClass()))
|
||||
if ($this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $oAttDef->GetTargetClass()))
|
||||
{
|
||||
$aAttData['url'] = $oUrlGenerator->generate('p_object_view',
|
||||
$aAttData['url'] = $this->oUrlGenerator->generate('p_object_view',
|
||||
array('sObjectClass' => $oAttDef->GetTargetClass(), 'sObjectId' => $oObject->Get($oAttDef->GetCode())));
|
||||
}
|
||||
}
|
||||
@@ -1513,7 +1455,7 @@ class ObjectController extends BrickController
|
||||
$oOrmDoc = $oObject->Get($oAttDef->GetCode());
|
||||
if (is_object($oOrmDoc) && !$oOrmDoc->IsEmpty())
|
||||
{
|
||||
$sUrl = $oUrlGenerator->generate('p_object_document_display', [
|
||||
$sUrl = $this->oUrlGenerator->generate('p_object_document_display', [
|
||||
'sObjectClass' => get_class($oObject),
|
||||
'sObjectId' => $oObject->GetKey(),
|
||||
'sObjectField' => $oAttDef->GetCode(),
|
||||
@@ -1537,9 +1479,9 @@ class ObjectController extends BrickController
|
||||
if ($oAttDef instanceof AttributeFriendlyName)
|
||||
{
|
||||
// Checking if user can access object
|
||||
if ($oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sObjectClass))
|
||||
if ($this->oSecurityHelper->IsActionAllowed(UR_ACTION_READ, $sObjectClass))
|
||||
{
|
||||
$aAttData['url'] = $oUrlGenerator->generate('p_object_view',
|
||||
$aAttData['url'] = $this->oUrlGenerator->generate('p_object_view',
|
||||
array('sObjectClass' => $sObjectClass, 'sObjectId' => $oObject->GetKey()));
|
||||
}
|
||||
}
|
||||
@@ -1569,26 +1511,17 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
protected function DisplayCreationForm(Request $oRequest, $sObjectClass)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\ObjectFormHandlerHelper $oObjectFormHandler */
|
||||
$oObjectFormHandler = $this->get('object_form_handler');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Brick\BrickCollection $oBrickCollection */
|
||||
$oBrickCollection = $this->get('brick_collection');
|
||||
|
||||
// Checking security layers
|
||||
if (!$oSecurityHelper->IsActionAllowed(UR_ACTION_CREATE, $sObjectClass))
|
||||
if (!$this->oSecurityHelper->IsActionAllowed(UR_ACTION_CREATE, $sObjectClass))
|
||||
{
|
||||
IssueLog::Warning(__METHOD__.' at line '.__LINE__.' : User #'.UserRights::GetUserId().' not allowed to create '.$sObjectClass.' object.');
|
||||
throw new HttpException(Response::HTTP_NOT_FOUND, Dict::S('UI:ObjectDoesNotExist'));
|
||||
}
|
||||
|
||||
$sOperation = $oRequestManipulator->ReadParam('operation', '');
|
||||
$sOperation = $this->oRequestManipulatorHelper->ReadParam('operation', '');
|
||||
|
||||
$aData = array('sMode' => 'create');
|
||||
$aData['form'] = $oObjectFormHandler->HandleForm($oRequest, $aData['sMode'], $sObjectClass);
|
||||
$aData['form'] = $this->oObjectFormHandlerHelper->HandleForm($oRequest, $aData['sMode'], $sObjectClass);
|
||||
$aData['form']['title'] = Dict::Format('Brick:Portal:Object:Form:Create:Title', MetaModel::GetName($sObjectClass));
|
||||
|
||||
// Preparing response
|
||||
@@ -1607,10 +1540,10 @@ class ObjectController extends BrickController
|
||||
else
|
||||
{
|
||||
// Adding brick if it was passed
|
||||
$sBrickId = $oRequestManipulator->ReadParam('sBrickId', '');
|
||||
$sBrickId = $this->oRequestManipulatorHelper->ReadParam('sBrickId', '');
|
||||
if (!empty($sBrickId))
|
||||
{
|
||||
$oBrick = $oBrickCollection->GetBrickById($sBrickId);
|
||||
$oBrick = $this->oBrickCollection->GetBrickById($sBrickId);
|
||||
if ($oBrick !== null)
|
||||
{
|
||||
$aData['oBrick'] = $oBrick;
|
||||
@@ -1639,25 +1572,18 @@ class ObjectController extends BrickController
|
||||
*/
|
||||
protected function DisplayLeafClassesForm($sObjectClass)
|
||||
{
|
||||
/** @var \Combodo\iTop\Portal\Helper\RequestManipulatorHelper $oRequestManipulator */
|
||||
$oRequestManipulator = $this->get('request_manipulator');
|
||||
/** @var \Combodo\iTop\Portal\Helper\SecurityHelper $oSecurityHelper */
|
||||
$oSecurityHelper = $this->get('security_helper');
|
||||
/** @var \Combodo\iTop\Portal\Brick\BrickCollection $oBrickCollection */
|
||||
$oBrickCollection = $this->get('brick_collection');
|
||||
|
||||
$aData = array(
|
||||
'aLeafClasses' => array(),
|
||||
'sPageTitle' => Dict::Format('Brick:Portal:Object:Form:Create:Title', MetaModel::GetName($sObjectClass)),
|
||||
'sLeafClassesListId' => 'leaf_classes_list_' . uniqid(),
|
||||
'ar_token' => $oRequestManipulator->ReadParam('ar_token', ''),
|
||||
'ar_token' => $this->oRequestManipulatorHelper->ReadParam('ar_token', ''),
|
||||
);
|
||||
$sTemplatePath = CreateBrick::DEFAULT_PAGE_TEMPLATE_PATH;
|
||||
|
||||
$sBrickId = $oRequestManipulator->ReadParam('sBrickId', '');
|
||||
$sBrickId = $this->oRequestManipulatorHelper->ReadParam('sBrickId', '');
|
||||
if (!empty($sBrickId))
|
||||
{
|
||||
$oBrick = $oBrickCollection->GetBrickById($sBrickId);
|
||||
$oBrick = $this->oBrickCollection->GetBrickById($sBrickId);
|
||||
$sTemplatePath = $oBrick->GetPageTemplatePath();
|
||||
|
||||
$aData['sBrickId'] = $sBrickId;
|
||||
@@ -1669,7 +1595,7 @@ class ObjectController extends BrickController
|
||||
$aChildClasses = MetaModel::EnumChildClasses($sObjectClass);
|
||||
foreach ($aChildClasses as $sChildClass)
|
||||
{
|
||||
if (!MetaModel::IsAbstract($sChildClass) && $oSecurityHelper->IsActionAllowed(UR_ACTION_CREATE, $sChildClass))
|
||||
if (!MetaModel::IsAbstract($sChildClass) && $this->oSecurityHelper->IsActionAllowed(UR_ACTION_CREATE, $sChildClass))
|
||||
{
|
||||
$aLeafClasses[] = array(
|
||||
'id' => $sChildClass,
|
||||
|
||||
Reference in New Issue
Block a user