viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-06-28 06:56:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

request check fixes

Browse Source
This commit is contained in:
yuri
2015-08-14 16:54:50 +03:00
parent 5fc502c6a2
commit 778e7b335e
5 changed files with 17 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
application/Espo/Controllers/ExternalAccount.php
View File

@@ -18,12 +18,13 @@
*
* You should have received a copy of the GNU General Public License
* along with EspoCRM. If not, see http://www.gnu.org/licenses/.
************************************************************************/
************************************************************************/
namespace Espo\Controllers;
use \Espo\Core\Exceptions\Error;
use \Espo\Core\Exceptions\Forbidden;
use \Espo\Core\Exceptions\BadRequest;
class ExternalAccount extends \Espo\Core\Controllers\Record
{
@@ -34,7 +35,7 @@ class ExternalAccount extends \Espo\Core\Controllers\Record
$integrations = $this->getEntityManager()->getRepository('Integration')->find();
$arr = array();
foreach ($integrations as $entity) {
if ($entity->get('enabled') && $this->getMetadata()->get('integrations.' . $entity->id .'.allowUserAccounts')) {
if ($entity->get('enabled') && $this->getMetadata()->get('integrations.' . $entity->id .'.allowUserAccounts')) {
$arr[] = array(
'id' => $entity->id
);
@@ -77,15 +78,18 @@ class ExternalAccount extends \Espo\Core\Controllers\Record
return $entity->toArray();
}
public function actionUpdate($params, $data)
public function actionUpdate($params, $data, $request)
{
return $this->actionPatch($params, $data);
return $this->actionPatch($params, $data, $request);
}
public function actionPatch($params, $data)
public function actionPatch($params, $data, $request)
{
list($integration, $userId) = explode('__', $params['id']);
if (!$request->isPost() && !$request->isPatch()) {
throw new BadRequest();
}
list($integration, $userId) = explode('__', $params['id']);
if ($this->getUser()->id != $userId) {
throw new Forbidden();

2
application/Espo/Controllers/Integration.php
View File

@@ -51,7 +51,7 @@ class Integration extends \Espo\Core\Controllers\Record
public function actionUpdate($params, $data, $request)
{
return $this->actionPatch($params, $data);
return $this->actionPatch($params, $data, $request);
}
public function actionPatch($params, $data, $request)

4
application/Espo/Controllers/Layout.php
View File

@@ -62,9 +62,9 @@ class Layout extends \Espo\Core\Controllers\Base
return $layoutManager->get($params['scope'], $params['name']);
}
public function actionPatch($params, $data)
public function actionPatch($params, $data, $request)
{
return $this->actionUpdate($params, $data);
return $this->actionUpdate($params, $data, $request);
}
public function actionResetToDefault($params, $data, $request)

4
application/Espo/Controllers/Preferences.php
View File

@@ -67,9 +67,9 @@ class Preferences extends \Espo\Core\Controllers\Base
return $this->getEntityManager()->getRepository('Preferences')->resetToDefaults($userId);
}
public function actionPatch($params, $data)
public function actionPatch($params, $data, $request)
{
return $this->actionUpdate($params, $data);
return $this->actionUpdate($params, $data, $request);
}
public function actionUpdate($params, $data, $request)

4
application/Espo/Controllers/Settings.php
View File

@@ -47,9 +47,9 @@ class Settings extends \Espo\Core\Controllers\Base
return $this->getConfigData();
}
public function actionUpdate($params, $data)
public function actionUpdate($params, $data, $request)
{
return $this->actionPatch($params, $data);
return $this->actionPatch($params, $data, $request);
}
public function actionPatch($params, $data, $request)