1 | <?php |
||||
2 | /** |
||||
3 | * sysPass |
||||
4 | * |
||||
5 | * @author nuxsmin |
||||
6 | * @link https://syspass.org |
||||
7 | * @copyright 2012-2019, Rubén Domínguez nuxsmin@$syspass.org |
||||
8 | * |
||||
9 | * This file is part of sysPass. |
||||
10 | * |
||||
11 | * sysPass is free software: you can redistribute it and/or modify |
||||
12 | * it under the terms of the GNU General Public License as published by |
||||
13 | * the Free Software Foundation, either version 3 of the License, or |
||||
14 | * (at your option) any later version. |
||||
15 | * |
||||
16 | * sysPass is distributed in the hope that it will be useful, |
||||
17 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
18 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
19 | * GNU General Public License for more details. |
||||
20 | * |
||||
21 | * You should have received a copy of the GNU General Public License |
||||
22 | * along with sysPass. If not, see <http://www.gnu.org/licenses/>. |
||||
23 | */ |
||||
24 | |||||
25 | namespace SP\Modules\Web\Controllers; |
||||
26 | |||||
27 | use DI\DependencyException; |
||||
28 | use DI\NotFoundException; |
||||
29 | use Exception; |
||||
30 | use SP\Core\Acl\Acl; |
||||
31 | use SP\Core\Events\Event; |
||||
32 | use SP\Core\Events\EventMessage; |
||||
33 | use SP\Core\Exceptions\ConstraintException; |
||||
34 | use SP\Core\Exceptions\QueryException; |
||||
35 | use SP\Core\Exceptions\SessionTimeout; |
||||
36 | use SP\Core\Exceptions\SPException; |
||||
37 | use SP\Http\JsonResponse; |
||||
38 | use SP\Modules\Web\Controllers\Helpers\Grid\AccountGrid; |
||||
39 | use SP\Modules\Web\Controllers\Traits\ItemTrait; |
||||
40 | use SP\Modules\Web\Controllers\Traits\JsonTrait; |
||||
41 | use SP\Modules\Web\Forms\AccountForm; |
||||
42 | use SP\Mvc\View\Components\SelectItemAdapter; |
||||
43 | use SP\Services\Account\AccountBulkRequest; |
||||
44 | use SP\Services\Account\AccountHistoryService; |
||||
45 | use SP\Services\Account\AccountSearchFilter; |
||||
46 | use SP\Services\Account\AccountSearchService; |
||||
47 | use SP\Services\Account\AccountService; |
||||
48 | use SP\Services\Auth\AuthException; |
||||
49 | use SP\Services\Category\CategoryService; |
||||
50 | use SP\Services\Client\ClientService; |
||||
51 | use SP\Services\Tag\TagService; |
||||
52 | use SP\Services\User\UserService; |
||||
53 | use SP\Services\UserGroup\UserGroupService; |
||||
54 | use SP\Util\Util; |
||||
55 | |||||
56 | /** |
||||
57 | * Class AccountManagerController |
||||
58 | * |
||||
59 | * @package SP\Modules\Web\Controllers |
||||
60 | */ |
||||
61 | final class AccountManagerController extends ControllerBase |
||||
62 | { |
||||
63 | use JsonTrait, ItemTrait; |
||||
0 ignored issues
–
show
introduced
by
Loading history...
|
|||||
64 | |||||
65 | /** |
||||
66 | * @var AccountService |
||||
67 | */ |
||||
68 | protected $accountService; |
||||
69 | /** |
||||
70 | * @var AccountSearchService |
||||
71 | */ |
||||
72 | protected $accountSearchService; |
||||
73 | |||||
74 | /** |
||||
75 | * @return bool |
||||
76 | * @throws DependencyException |
||||
77 | * @throws NotFoundException |
||||
78 | * @throws ConstraintException |
||||
79 | * @throws QueryException |
||||
80 | * @throws SPException |
||||
81 | */ |
||||
82 | public function searchAction() |
||||
83 | { |
||||
84 | $this->checkSecurityToken($this->previousSk, $this->request); |
||||
85 | |||||
86 | if (!$this->acl->checkUserAccess(Acl::ACCOUNTMGR_SEARCH)) { |
||||
87 | return $this->returnJsonResponse(JsonResponse::JSON_ERROR, __u('You don\'t have permission to do this operation')); |
||||
88 | } |
||||
89 | |||||
90 | $this->view->addTemplate('datagrid-table', 'grid'); |
||||
91 | $this->view->assign('index', $this->request->analyzeInt('activetab', 0)); |
||||
92 | $this->view->assign('data', $this->getSearchGrid()); |
||||
93 | |||||
94 | return $this->returnJsonResponseData(['html' => $this->render()]); |
||||
95 | } |
||||
96 | |||||
97 | /** |
||||
98 | * getSearchGrid |
||||
99 | * |
||||
100 | * @return $this |
||||
101 | * @throws DependencyException |
||||
102 | * @throws NotFoundException |
||||
103 | * @throws ConstraintException |
||||
104 | * @throws QueryException |
||||
105 | * @throws SPException |
||||
106 | */ |
||||
107 | protected function getSearchGrid() |
||||
108 | { |
||||
109 | $itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request); |
||||
110 | |||||
111 | $accountGrid = $this->dic->get(AccountGrid::class); |
||||
112 | |||||
113 | $filter = new AccountSearchFilter(); |
||||
114 | $filter->setLimitCount($itemSearchData->getLimitCount()); |
||||
115 | $filter->setLimitStart($itemSearchData->getLimitStart()); |
||||
116 | $filter->setStringFilters($this->accountSearchService->analyzeQueryFilters($itemSearchData->getSeachString())); |
||||
117 | $filter->setCleanTxtSearch($this->accountSearchService->getCleanString()); |
||||
118 | |||||
119 | return $accountGrid->updatePager( |
||||
120 | $accountGrid->getGrid( |
||||
121 | $this->accountService->getByFilter($filter)), |
||||
122 | $itemSearchData); |
||||
123 | } |
||||
124 | |||||
125 | /** |
||||
126 | * Delete action |
||||
127 | * |
||||
128 | * @param $id |
||||
129 | * |
||||
130 | * @return bool |
||||
131 | */ |
||||
132 | public function deleteAction($id = null) |
||||
133 | { |
||||
134 | try { |
||||
135 | $this->checkSecurityToken($this->previousSk, $this->request); |
||||
136 | |||||
137 | if ($id === null) { |
||||
138 | $this->accountService->deleteByIdBatch($this->getItemsIdFromRequest($this->request)); |
||||
0 ignored issues
–
show
It seems like
$this->getItemsIdFromRequest($this->request) can also be of type null ; however, parameter $ids of SP\Services\Account\Acco...vice::deleteByIdBatch() does only seem to accept array , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
139 | |||||
140 | $this->deleteCustomFieldsForItem(Acl::ACCOUNT, $id); |
||||
141 | |||||
142 | $this->eventDispatcher->notifyEvent('delete.account.selection', |
||||
143 | new Event($this, EventMessage::factory()->addDescription(__u('Accounts removed'))) |
||||
144 | ); |
||||
145 | |||||
146 | return $this->returnJsonResponseData(JsonResponse::JSON_SUCCESS, __u('Accounts removed')); |
||||
0 ignored issues
–
show
__u('Accounts removed') of type string is incompatible with the type integer expected by parameter $status of SP\Modules\Web\Controlle...eturnJsonResponseData() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
147 | } |
||||
148 | |||||
149 | $accountDetails = $this->accountService->getById($id)->getAccountVData(); |
||||
150 | |||||
151 | $this->accountService->delete($id); |
||||
152 | |||||
153 | $this->deleteCustomFieldsForItem(Acl::ACCOUNT, $id); |
||||
154 | |||||
155 | $this->eventDispatcher->notifyEvent('delete.account', |
||||
156 | new Event($this, EventMessage::factory() |
||||
157 | ->addDescription(__u('Account removed')) |
||||
158 | ->addDetail(__u('Account'), $accountDetails->getName()) |
||||
159 | ->addDetail(__u('Client'), $accountDetails->getClientName())) |
||||
160 | ); |
||||
161 | |||||
162 | return $this->returnJsonResponse(JsonResponse::JSON_SUCCESS, __u('Account removed')); |
||||
163 | } catch (Exception $e) { |
||||
164 | processException($e); |
||||
165 | |||||
166 | return $this->returnJsonResponseException($e); |
||||
167 | } |
||||
168 | } |
||||
169 | |||||
170 | /** |
||||
171 | * saveBulkEditAction |
||||
172 | * |
||||
173 | * @return bool |
||||
174 | */ |
||||
175 | public function saveBulkEditAction() |
||||
176 | { |
||||
177 | try { |
||||
178 | $this->checkSecurityToken($this->previousSk, $this->request); |
||||
179 | |||||
180 | $form = new AccountForm($this->dic); |
||||
181 | $form->validate(Acl::ACCOUNTMGR_BULK_EDIT); |
||||
182 | |||||
183 | $request = new AccountBulkRequest( |
||||
184 | Util::itemsIdAdapter($this->request->analyzeString('itemsId')), |
||||
0 ignored issues
–
show
It seems like
$this->request->analyzeString('itemsId') can also be of type null ; however, parameter $itemsId of SP\Util\Util::itemsIdAdapter() does only seem to accept string , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
185 | $form->getItemData()); |
||||
186 | $request->setDeleteHistory($this->request->analyzeBool('delete_history', false)); |
||||
187 | |||||
188 | if ($request->isDeleteHistory()) { |
||||
189 | $accountHistoryService = $this->dic->get(AccountHistoryService::class); |
||||
190 | $accountHistoryService->deleteByAccountIdBatch($request->getItemsId()); |
||||
191 | } |
||||
192 | |||||
193 | $this->accountService->updateBulk($request); |
||||
194 | |||||
195 | // $this->updateCustomFieldsForItem(Acl::ACCOUNT, $id, $this->request); |
||||
196 | |||||
197 | $this->eventDispatcher->notifyEvent('edit.account.bulk', |
||||
198 | new Event($this, EventMessage::factory() |
||||
199 | ->addDescription(__u('Accounts updated'))) |
||||
200 | ); |
||||
201 | |||||
202 | return $this->returnJsonResponse(JsonResponse::JSON_SUCCESS, __u('Accounts updated')); |
||||
203 | } catch (Exception $e) { |
||||
204 | processException($e); |
||||
205 | |||||
206 | return $this->returnJsonResponseException($e); |
||||
207 | } |
||||
208 | } |
||||
209 | |||||
210 | /** |
||||
211 | * bulkEditAction |
||||
212 | * |
||||
213 | * @return bool |
||||
214 | */ |
||||
215 | public function bulkEditAction() |
||||
216 | { |
||||
217 | try { |
||||
218 | $this->checkSecurityToken($this->previousSk, $this->request); |
||||
219 | |||||
220 | if (!$this->acl->checkUserAccess(Acl::ACCOUNTMGR)) { |
||||
221 | return $this->returnJsonResponse(JsonResponse::JSON_ERROR, __u('You don\'t have permission to do this operation')); |
||||
222 | } |
||||
223 | |||||
224 | $this->view->assign('header', __('Bulk Update')); |
||||
225 | $this->view->assign('isView', false); |
||||
226 | $this->view->assign('route', 'accountManager/saveBulkEdit'); |
||||
227 | $this->view->assign('itemsId', $this->getItemsIdFromRequest($this->request)); |
||||
228 | |||||
229 | $this->setViewData(); |
||||
230 | |||||
231 | $this->eventDispatcher->notifyEvent('show.account.bulkEdit', new Event($this)); |
||||
232 | |||||
233 | return $this->returnJsonResponseData(['html' => $this->render()]); |
||||
234 | } catch (Exception $e) { |
||||
235 | processException($e); |
||||
236 | |||||
237 | return $this->returnJsonResponseException($e); |
||||
238 | } |
||||
239 | } |
||||
240 | |||||
241 | /** |
||||
242 | * Sets view data |
||||
243 | */ |
||||
244 | protected function setViewData() |
||||
245 | { |
||||
246 | $this->view->addTemplate('account_bulkedit', 'itemshow'); |
||||
247 | |||||
248 | $this->view->assign('nextAction', Acl::getActionRoute(Acl::ITEMS_MANAGE)); |
||||
249 | |||||
250 | $clients = SelectItemAdapter::factory(ClientService::getItemsBasic())->getItemsFromModel(); |
||||
251 | $categories = SelectItemAdapter::factory(CategoryService::getItemsBasic())->getItemsFromModel(); |
||||
252 | $tags = SelectItemAdapter::factory(TagService::getItemsBasic())->getItemsFromModel(); |
||||
253 | |||||
254 | $users = SelectItemAdapter::factory(UserService::getItemsBasic())->getItemsFromModel(); |
||||
255 | $userGroups = SelectItemAdapter::factory(UserGroupService::getItemsBasic())->getItemsFromModel(); |
||||
256 | |||||
257 | $this->view->assign('users', $users); |
||||
258 | $this->view->assign('userGroups', $userGroups); |
||||
259 | |||||
260 | $this->view->assign('clients', $clients); |
||||
261 | $this->view->assign('categories', $categories); |
||||
262 | $this->view->assign('tags', $tags); |
||||
263 | |||||
264 | if ($this->view->isView === true) { |
||||
0 ignored issues
–
show
The property
isView does not exist on SP\Mvc\View\Template . Since you implemented __get , consider adding a @property annotation.
Loading history...
|
|||||
265 | $this->view->assign('disabled', 'disabled'); |
||||
266 | $this->view->assign('readonly', 'readonly'); |
||||
267 | } else { |
||||
268 | $this->view->assign('disabled', false); |
||||
269 | $this->view->assign('readonly', false); |
||||
270 | } |
||||
271 | } |
||||
272 | |||||
273 | /** |
||||
274 | * Initialize class |
||||
275 | * |
||||
276 | * @throws AuthException |
||||
277 | * @throws DependencyException |
||||
278 | * @throws NotFoundException |
||||
279 | * @throws SessionTimeout |
||||
280 | */ |
||||
281 | protected function initialize() |
||||
282 | { |
||||
283 | $this->checkLoggedIn(); |
||||
284 | |||||
285 | $this->accountService = $this->dic->get(AccountService::class); |
||||
286 | $this->accountSearchService = $this->dic->get(AccountSearchService::class); |
||||
287 | } |
||||
288 | } |