viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-06-28 15:06:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Yuri Kuznetsov
2021-04-29 11:23:30 +03:00
parent dfa839526c
commit 93e4bd8cd0
5 changed files with 102 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
application/Espo/Classes/Acl/AuthToken/AccessChecker.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM - Open Source CRM application.
* Copyright (C) 2014-2021 Yurii Kuznietsov, Taras Machyshyn, Oleksii Avramenko
* Website: https://www.espocrm.com
*
* EspoCRM is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* EspoCRM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with EspoCRM. If not, see http://www.gnu.org/licenses/.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU General Public License version 3.
*
* In accordance with Section 7(b) of the GNU General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Classes\Acl\AuthToken;
use Espo\Entities\User;
use Espo\Core\{
Acl\ScopeData,
Acl\DefaultAccessChecker,
Acl\AccessEntityCREDChecker,
Acl\Traits\DefaultAccessCheckerDependency,
};
class AccessChecker implements AccessEntityCREDChecker
{
use DefaultAccessCheckerDependency;
private $defaultAccessChecker;
public function __construct(DefaultAccessChecker $defaultAccessChecker)
{
$this->defaultAccessChecker = $defaultAccessChecker;
}
public function checkCreate(User $user, ScopeData $data): bool
{
return false;
}
}

50
application/Espo/Controllers/AuthToken.php
View File

@@ -40,51 +40,6 @@ class AuthToken extends \Espo\Core\Controllers\Record
}
}
public function actionUpdate($params, $data, $request)
{
$dataAr = get_object_vars($data);
if (
is_object($data)
&&
isset($data->isActive)
&&
$data->isActive === false
&&
count(array_keys($dataAr)) === 1
) {
return parent::actionUpdate($params, $data, $request);
}
throw new Forbidden();
}
public function actionMassUpdate($params, $data, $request)
{
if (empty($data->attributes)) {
throw new BadRequest();
}
$attributes = $data->attributes;
if (
is_object($attributes)
&&
isset($attributes->isActive)
&&
$attributes->isActive === false
&&
count(array_keys(get_object_vars($attributes))) === 1
) {
return parent::actionMassUpdate($params, $data, $request);
}
throw new Forbidden();
}
public function beforeCreate()
{
throw new Forbidden();
}
public function beforeCreateLink()
{
throw new Forbidden();
@@ -94,9 +49,4 @@ class AuthToken extends \Espo\Core\Controllers\Record
{
throw new Forbidden();
}
public function beforeMassConvertCurrency()
{
throw new Forbidden();
}
}

3
application/Espo/Resources/metadata/aclDefs/AuthToken.json Normal file
View File

@@ -0,0 +1,3 @@
{
"accessCheckerClassName": "Espo\\Classes\\Acl\\AuthToken\\AccessChecker"
}

21
application/Espo/Services/AuthToken.php
View File

@@ -29,7 +29,28 @@
namespace Espo\Services;
use StdClass;
class AuthToken extends Record
{
protected $actionHistoryDisabled = true;
public function filterUpdateInput(StdClass $data): void
{
parent::filterUpdateInput($data);
$dataArray = get_object_vars($data);
foreach (array_keys($dataArray) as $attribute) {
if ($attribute !== 'isActive') {
unset($data->$attribute);
continue;
}
}
if ($data->isActive ?? false) {
unset($data->isActive);
}
}
}

32
client/src/views/admin/auth-token/record/list.js
View File

@@ -26,7 +26,7 @@
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
Espo.define('views/admin/auth-token/record/list', 'views/record/list', function (Dep) {
define('views/admin/auth-token/record/list', 'views/record/list', function (Dep) {
return Dep.extend({
@@ -39,37 +39,49 @@ Espo.define('views/admin/auth-token/record/list', 'views/record/list', function
massActionSetInactive: function () {
var ids = false;
var allResultIsChecked = this.allResultIsChecked;
if (!allResultIsChecked) {
ids = this.checkedList;
}
var attributes = {
isActive: false
};
var ids = false;
var allResultIsChecked = this.allResultIsChecked;
if (!allResultIsChecked) {
ids = this.checkedList;
}
this.ajaxPutRequest(this.scope + '/action/massUpdate', {
attributes: attributes,
ids: ids || null,
where: (!ids || ids.length == 0) ? this.collection.getWhere() : null,
selectData: (!ids || ids.length == 0) ? this.collection.data : null,
byWhere: this.allResultIsChecked
Espo.Ajax.postRequest('MassAction', {
action: 'update',
entityType: this.entityType,
params: {
ids: ids || null,
where: (!ids || ids.length === 0) ? this.collection.getWhere() : null,
selectData: (!ids || ids.length === 0) ? this.collection.data : null,
},
data: attributes,
}).then(function () {
var result = result || {};
var count = result.count;
this.collection.fetch();
}.bind(this));
},
actionSetInactive: function (data) {
if (!data.id) return;
if (!data.id) {
return;
};
var model = this.collection.get(data.id);
if (!model) return;
if (!model) {
return;
}
Espo.Ui.notify(this.translate('pleaseWait', 'messages'));