Add explicit check for PermissionSet and ProfileField
This commit is contained in:
parent
03164d00e8
commit
f73e4adc44
3 changed files with 15 additions and 24 deletions
|
@ -23,6 +23,7 @@ namespace Friendica\Model;
|
||||||
|
|
||||||
use Friendica\BaseModel;
|
use Friendica\BaseModel;
|
||||||
use Friendica\Database\Database;
|
use Friendica\Database\Database;
|
||||||
|
use Friendica\Network\HTTPException\NotFoundException;
|
||||||
use Friendica\Security\PermissionSet\Depository\PermissionSet as PermissionSetDepository;
|
use Friendica\Security\PermissionSet\Depository\PermissionSet as PermissionSetDepository;
|
||||||
use Friendica\Security\PermissionSet\Entity\PermissionSet;
|
use Friendica\Security\PermissionSet\Entity\PermissionSet;
|
||||||
use Psr\Log\LoggerInterface;
|
use Psr\Log\LoggerInterface;
|
||||||
|
@ -40,12 +41,12 @@ use Psr\Log\LoggerInterface;
|
||||||
* @property string value
|
* @property string value
|
||||||
* @property string created
|
* @property string created
|
||||||
* @property string edited
|
* @property string edited
|
||||||
* @property PermissionSet permissionset
|
* @property PermissionSet permissionSet
|
||||||
*/
|
*/
|
||||||
class ProfileField extends BaseModel
|
class ProfileField extends BaseModel
|
||||||
{
|
{
|
||||||
/** @var PermissionSet */
|
/** @var PermissionSet */
|
||||||
private $permissionset;
|
private $permissionSet;
|
||||||
|
|
||||||
/** @var PermissionSetDepository */
|
/** @var PermissionSetDepository */
|
||||||
private $permissionSetDepository;
|
private $permissionSetDepository;
|
||||||
|
@ -62,10 +63,17 @@ class ProfileField extends BaseModel
|
||||||
$this->checkValid();
|
$this->checkValid();
|
||||||
|
|
||||||
switch ($name) {
|
switch ($name) {
|
||||||
case 'permissionset':
|
case 'permissionSet':
|
||||||
$this->permissionset = $this->permissionset ?? $this->permissionSetDepository->selectOneForUser($this->uid, $this->psid);
|
if (empty($this->permissionSet)) {
|
||||||
|
$permissionSet = $this->permissionSetDepository->selectOneById($this->psid);
|
||||||
|
if ($permissionSet->uid !== $this->uid) {
|
||||||
|
throw new NotFoundException(sprintf('PermissionSet %d for ProfileSet %d is invalid.', $permissionSet->uid, $this->uid));
|
||||||
|
}
|
||||||
|
|
||||||
$return = $this->permissionset;
|
$this->permissionSet = $permissionSet;
|
||||||
|
}
|
||||||
|
|
||||||
|
$return = $this->permissionSet;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
$return = parent::__get($name);
|
$return = parent::__get($name);
|
||||||
|
|
|
@ -162,8 +162,8 @@ class Index extends BaseSettings
|
||||||
$profileFields = DI::profileField()->selectByUserId(local_user());
|
$profileFields = DI::profileField()->selectByUserId(local_user());
|
||||||
foreach ($profileFields as $profileField) {
|
foreach ($profileFields as $profileField) {
|
||||||
/** @var ProfileField $profileField */
|
/** @var ProfileField $profileField */
|
||||||
$defaultPermissions = $profileField->permissionset->withAllowedContacts(
|
$defaultPermissions = $profileField->permissionSet->withAllowedContacts(
|
||||||
Contact::pruneUnavailable($profileField->permissionset->allow_cid)
|
Contact::pruneUnavailable($profileField->permissionSet->allow_cid)
|
||||||
);
|
);
|
||||||
|
|
||||||
$custom_fields[] = [
|
$custom_fields[] = [
|
||||||
|
|
|
@ -177,23 +177,6 @@ class PermissionSet extends BaseDepository
|
||||||
return $this->selectOrCreate($this->factory->createFromString($uid));
|
return $this->selectOrCreate($this->factory->createFromString($uid));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Fetch one PermissionSet with check for ownership
|
|
||||||
*
|
|
||||||
* @param int $uid The user id
|
|
||||||
* @param int $id The unique id of the PermissionSet
|
|
||||||
*
|
|
||||||
* @return Entity\PermissionSet
|
|
||||||
* @throws NotFoundException in case either the id is invalid or the PermissionSet does not relay to the given user
|
|
||||||
*/
|
|
||||||
public function selectOneForUser(int $uid, int $id): Entity\PermissionSet
|
|
||||||
{
|
|
||||||
return $this->selectOne([
|
|
||||||
'id' => $id,
|
|
||||||
'uid' => $uid,
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Selects or creates a PermissionSet based on it's fields
|
* Selects or creates a PermissionSet based on it's fields
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in a new issue