Jingga/oms-Admin
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Admin.git synced 2026-01-11 13:38:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bug fixes

Browse Source
This commit is contained in:
Dennis Eichhorn 2024-10-11 19:17:39 +00:00
parent baaf2422b1
commit 4358d855ef
12 changed files with 119 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Admin/Installer.php
View File

@ -90,7 +90,7 @@ final class Installer extends InstallerAbstract
(OperatingSystem::getSystem() === SystemType::WIN
? 'php.exe'
: 'php'
) . ' ' . __DIR__ . '/../../../../cli.php -v'
) . ' ' . __DIR__ . '/../../../cli.php -v'
);
$cmdResult = $cmdResult === null || $cmdResult === false ? '' : $cmdResult;

24
Admin/Routes/Web/Api.php
View File

@ -190,7 +190,7 @@ return [
],
],
],
'^.*/admin/find/accgrp(\?.*$|$)' => [
'^.*/admin/accgrp/find(\?.*$|$)' => [
[
'dest' => '\Modules\Admin\Controller\ApiController:apiAccountGroupFind',
'verb' => RouteVerb::GET,
@ -290,6 +290,17 @@ return [
'state' => PermissionCategory::MODULE,
],
],
[
'dest' => '\Modules\Admin\Controller\ApiController:apiDeleteAccountFromGroup',
'verb' => RouteVerb::DELETE,
'csrf' => true,
'active' => true,
'permission' => [
'module' => ApiController::NAME,
'type' => PermissionType::MODIFY,
'state' => PermissionCategory::MODULE,
],
],
],
'^.*/admin/account/group(\?.*$|$)' => [
[
@ -303,6 +314,17 @@ return [
'state' => PermissionCategory::MODULE,
],
],
[
'dest' => '\Modules\Admin\Controller\ApiController:apiDeleteGroupFromAccount',
'verb' => RouteVerb::DELETE,
'csrf' => true,
'active' => true,
'permission' => [
'module' => ApiController::NAME,
'type' => PermissionType::MODIFY,
'state' => PermissionCategory::MODULE,
],
],
],
'^.*/admin/group/permission(\?.*$|$)' => [

38
Controller/ApiController.php
View File

@ -135,6 +135,7 @@ final class ApiController extends Controller
);
if ($login > LoginReturnType::OK) {
$this->app->sessionManager->sessionStart();
$this->app->sessionManager->set('UID', $login, true);
$response->set($request->uri->__toString(), new \phpOMS\Model\Message\Redirect());
} elseif ($login === LoginReturnType::NOT_ACTIVATED) {
@ -187,6 +188,7 @@ final class ApiController extends Controller
{
$response->header->set('Content-Type', MimeType::M_JSON . '; charset=utf-8', true);
$this->app->sessionManager->sessionStart();
$this->app->sessionManager->remove('UID');
$this->app->sessionManager->save();
@ -839,7 +841,7 @@ final class ApiController extends Controller
// request account is valid
if ($requestAccount <= 0) {
$this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
$this->fillJsonResponse($request, $response, NotificationLevel::ERROR, '', 'Invalid account', []);
$response->header->status = RequestStatusCode::R_403;
return;
@ -854,7 +856,7 @@ final class ApiController extends Controller
if ($account->login === null
|| AccountMapper::login($account->login, (string) $request->getData('oldpass')) !== $requestAccount
) {
$this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
$this->fillJsonResponse($request, $response, NotificationLevel::ERROR, '', 'Invalid old password', []);
$response->header->status = RequestStatusCode::R_403;
return;
@ -862,7 +864,7 @@ final class ApiController extends Controller
// test password repetition
if (((string) $request->getData('newpass')) !== ((string) $request->getData('reppass'))) {
$this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
$this->fillJsonResponse($request, $response, NotificationLevel::ERROR, '', 'Invalid password repetition', []);
$response->header->status = RequestStatusCode::R_403;
return;
@ -872,7 +874,7 @@ final class ApiController extends Controller
/** @var \Model\Setting $complexity */
$complexity = $this->app->appSettings->get(names: SettingsEnum::PASSWORD_PATTERN, module: 'Admin');
if (\preg_match($complexity->content, (string) $request->getData('newpass')) !== 1) {
$this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
$this->fillJsonResponse($request, $response, NotificationLevel::ERROR, '', 'Invalid password complexity', []);
$response->header->status = RequestStatusCode::R_403;
return;
@ -1522,7 +1524,7 @@ final class ApiController extends Controller
{
/** @var \Modules\Admin\Models\Group[] $groups */
$groups = GroupMapper::getAll()
->where('name', '%' . ($request->getDataString('search') ?? '') . '%', 'LIKE')
->where('name', '%' . ($request->getDataString('group') ?? '') . '%', 'LIKE')
->limit($request->getDataInt('limit') ?? 50)
->executeGetArray();
@ -1534,7 +1536,7 @@ final class ApiController extends Controller
}
/**
* Api method to get an accoung
* Api method to get an account
*
* @param RequestAbstract $request Request
* @param ResponseAbstract $response Response
@ -2757,17 +2759,16 @@ final class ApiController extends Controller
public function apiAddAccountPermission(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
{
if (!empty($val = $this->validatePermissionCreate($request))) {
$response->header->status = RequestStatusCode::R_400;
$this->createInvalidCreateResponse($request, $response, $val);
$response->header->status = RequestStatusCode::R_400;
return;
}
$permission = $this->createPermissionFromRequest($request);
if (!($permission instanceof AccountPermission)) {
$response->data['permission_create'] = new FormValidation($val);
$response->header->status = RequestStatusCode::R_400;
// @todo Create a response text
$response->header->status = RequestStatusCode::R_400;
return;
}
@ -2969,7 +2970,7 @@ final class ApiController extends Controller
}
$account = (int) $request->getData('account');
$groups = [$request->getDataInt('account-list') ?? 0];
$groups = [$request->getDataInt('group') ?? 0];
// @todo Check if already in group
@ -2990,7 +2991,7 @@ final class ApiController extends Controller
{
$val = [];
if (($val['account'] = !$request->hasData('account'))
|| ($val['accountlist'] = !$request->hasData('account-list'))
|| ($val['group'] = !$request->hasData('group'))
) {
return $val;
}
@ -3965,8 +3966,7 @@ final class ApiController extends Controller
$hasLocationChange = ($request->getDataString('address') ?? $address->address) !== $address->address
|| ($request->getDataString('postal') ?? $address->postal) !== $address->postal
|| ($request->getDataString('city') ?? $address->city) !== $address->city
|| ($request->getDataString('state') ?? $address->state) !== $address->state
|| ($request->getDataString('country') ?? $address->country) !== $address->country;
|| ($request->getDataString('state') ?? $address->state) !== $address->state;
$address->name = $request->getDataString('name') ?? $address->name;
$address->fao = $request->getDataString('fao') ?? $address->fao;
@ -3975,7 +3975,10 @@ final class ApiController extends Controller
$address->postal = $request->getDataString('postal') ?? $address->postal;
$address->city = $request->getDataString('city') ?? $address->city;
$address->state = $request->getDataString('state') ?? $address->state;
$address->setCountry($request->getDataString('country') ?? $address->country);
if (ISO3166TwoEnum::isValidValue($request->getDataString('country') ?? ISO3166TwoEnum::_XXX)) {
$address->setCountry($request->getDataString('country') ?? $address->country);
}
if ($hasLocationChange) {
$geocoding = Nominatim::geocoding($address->country, $address->city, $address->address);
@ -4067,7 +4070,10 @@ final class ApiController extends Controller
$address->postal = $request->getDataString('postal') ?? '';
$address->city = $request->getDataString('city') ?? '';
$address->state = $request->getDataString('state') ?? '';
$address->setCountry($request->getDataString('country') ?? ISO3166TwoEnum::_XXX);
if (ISO3166TwoEnum::isValidValue($request->getDataString('country') ?? ISO3166TwoEnum::_XXX)) {
$address->setCountry($request->getDataString('country') ?? ISO3166TwoEnum::_XXX);
}
$geocoding = Nominatim::geocoding($address->country, $address->city, $address->address);
if ($geocoding === ['lat' => 0.0, 'lon' => 0.0]) {

4
Controller/BackendController.php
View File

@ -255,7 +255,9 @@ final class BackendController extends Controller
$pageLimit = 25;
$view->data['pageLimit'] = $pageLimit;
$mapper = AuditMapper::getAll()->with('createdBy');
$mapper = AuditMapper::getAll()
->with('createdBy')
->where('createdBy', $request->getDataInt('id'));
/** @var \Modules\Auditor\Models\Audit[] $list */
$list = AuditMapper::find(

7
Theme/Backend/Components/AddressEditor/AddressView.php
View File

@ -60,7 +60,7 @@ class AddressView extends View
* @var string
* @since 1.0.0
*/
public string $name = '';
public string $refName = 'account';
/**
* API Uri for attribute actions
@ -68,7 +68,7 @@ class AddressView extends View
* @var string
* @since 1.0.0
*/
public string $apiUri = '';
public string $endpoint = '{/api}account/address?csrf={$CSRF}';
/**
* Reference id
@ -96,6 +96,9 @@ class AddressView extends View
$this->form = $data[0];
$this->virtualPath = $data[1] ?? $this->virtualPath;
$this->addresses = $data[2] ?? $this->addresses;
$this->refName = $data[3] ?? $this->refName;
$this->refId = $data[4] ?? $this->refId;
$this->endpoint = $data[5] ?? $this->endpoint;
return parent::render();
}

4
Theme/Backend/Components/AddressEditor/addresses.tpl.php
View File

@ -24,13 +24,13 @@ $types = AddressType::getConstants();
<div class="row">
<div class="col-xs-12 col-md-6">
<section class="portlet">
<form id="addressForm" action="<?= UriFactory::build('{api}account/address?csrf={$CSRF}'); ?>" method="post"
<form id="addressForm" action="<?= UriFactory::build($this->endpoint); ?>" method="post"
data-ui-container="#addressTable tbody"
data-add-form="addressForm"
data-add-tpl="#addressTable tbody .oms-add-tpl-address">
<div class="portlet-head"><?= $this->getHtml('Address', 'Admin', 'Backend'); ?></div>
<div class="portlet-body">
<input type="hidden" id="iAddressRef" name="account" value="<?= $this->refId; ?>" disabled>
<input type="hidden" id="iAddressRef" name="<?= $this->refName; ?>" value="<?= $this->refId; ?>" disabled>
<div class="form-group">
<label for="iAddressId"><?= $this->getHtml('ID', '0', '0'); ?></label>

7
Theme/Backend/Components/ContactEditor/ContactView.php
View File

@ -60,7 +60,7 @@ class ContactView extends View
* @var string
* @since 1.0.0
*/
public string $name = '';
public string $refName = 'account';
/**
* API Uri for attribute actions
@ -68,7 +68,7 @@ class ContactView extends View
* @var string
* @since 1.0.0
*/
public string $apiUri = '';
public string $endpoint = '{/api}account/contact?csrf={$CSRF}';
/**
* Reference id
@ -96,6 +96,9 @@ class ContactView extends View
$this->form = $data[0];
$this->virtualPath = $data[1] ?? $this->virtualPath;
$this->contacts = $data[2] ?? $this->contacts;
$this->refName = $data[3] ?? $this->refName;
$this->refId = $data[4] ?? $this->refId;
$this->endpoint = $data[5] ?? $this->endpoint;
return parent::render();
}

4
Theme/Backend/Components/ContactEditor/contacts.tpl.php
View File

@ -26,13 +26,13 @@ $subtypes = AddressType::getConstants();
<div class="row">
<div class="col-xs-12 col-md-6">
<section class="portlet">
<form id="contactForm" action="<?= UriFactory::build('{api}account/contact?csrf={$CSRF}'); ?>" method="post"
<form id="contactForm" action="<?= UriFactory::build($this->endpoint); ?>" method="post"
data-ui-container="#contactTable tbody"
data-add-form="contactForm"
data-add-tpl="#contactTable tbody .oms-add-tpl-contact">
<div class="portlet-head"><?= $this->getHtml('Contact', 'Admin', 'Backend'); ?></div>
<div class="portlet-body">
<input type="hidden" id="iContactRef" name="account" value="<?= $this->refId; ?>" disabled>
<input type="hidden" id="iContactRef" name="<?= $this->refName; ?>" value="<?= $this->refId; ?>" disabled>
<div class="form-group">
<label for="iContactId"><?= $this->getHtml('ID', '0', '0'); ?></label>

43
Theme/Backend/accounts-view.tpl.php
View File

@ -163,7 +163,11 @@ echo $this->data['nav']->render(); ?>
<div class="row">
<div class="col-xs-12 col-md-6">
<section class="portlet">
<form id="iAddGroupToAccount" action="<?= UriFactory::build('{/api}admin/account/group?csrf={$CSRF}'); ?>" method="put">
<form id="iAddGroupToAccount"
action="<?= UriFactory::build('{/api}admin/account/group?csrf={$CSRF}'); ?>"
method="put"
data-redirect="<?= UriFactory::build('{%}'); ?>"
>
<div class="portlet-head"><?= $this->getHtml('Groups'); ?></div>
<div class="portlet-body">
<div class="form-group">
@ -171,7 +175,7 @@ echo $this->data['nav']->render(); ?>
<div id="iGroupSelector" class="smart-input-wrapper" data-src="<?= UriFactory::build('{/api}admin/group/find?csrf={$CSRF}'); ?>">
<div
data-value=""
data-name="search"
data-name="group"
data-limit="10"
data-container=""
class="input-div"
@ -195,13 +199,31 @@ echo $this->data['nav']->render(); ?>
<div class="col-xs-12">
<section class="portlet">
<div class="portlet-head"><?= $this->getHtml('Groups'); ?><i class="g-icon download btn end-xs">download</i></div>
<table id="groupTable" class="default sticky">
<table id="groupTable" class="default sticky"
data-tag="form"
data-ui-element="tr"
data-add-tpl=".oms-add-tpl-group"
data-delete-form="iAddGroupToAccount">
<thead>
<tr>
<td>
<td><?= $this->getHtml('ID', '0', '0'); ?><i class="sort-asc g-icon">expand_less</i><i class="sort-desc g-icon">expand_more</i>
<td class="wf-100"><?= $this->getHtml('Name'); ?><i class="sort-asc g-icon">expand_less</i><i class="sort-desc g-icon">expand_more</i>
<tbody>
<template class="oms-add-tpl-group">
<tr data-id="" draggable="false">
<td>
<i class="g-icon btn remove-form">close</i>
<input id="groupTable-remove-0" type="checkbox" class="vh">
<label for="groupTable-remove-0" class="checked-visibility-alt"><i class="g-icon btn form-action">close</i></label>
<span class="checked-visibility">
<label for="groupTable-remove-0" class="link default"><?= $this->getHtml('Cancel', '0', '0'); ?></label>
<label for="groupTable-remove-0" class="remove-form link cancel"><?= $this->getHtml('Delete', '0', '0'); ?></label>
</span>
<td data-tpl-text="/id" data-tpl-value="/id"></td>
<td data-tpl-text="/name/0" data-tpl-value="/name/0"></td>
</tr>
</template>
<?php
$c = 0;
$groups = $account->getGroups();
@ -209,7 +231,12 @@ echo $this->data['nav']->render(); ?>
$url = UriFactory::build('{/base}/admin/group/view?{?}&id=' . $value->id);
?>
<tr data-href="<?= $url; ?>">
<td><a href="#"><i class="g-icon">close</i></a>
<td><input id="groupTable-remove-<?= $value->id; ?>" type="checkbox" class="vh">
<label for="groupTable-remove-<?= $value->id; ?>" class="checked-visibility-alt"><i class="g-icon btn form-action">close</i></label>
<span class="checked-visibility">
<label for="groupTable-remove-<?= $value->id; ?>" class="link default"><?= $this->getHtml('Cancel', '0', '0'); ?></label>
<label for="groupTable-remove-<?= $value->id; ?>" class="remove-form link cancel"><?= $this->getHtml('Delete', '0', '0'); ?></label>
</span>
<td><a href="<?= $url; ?>"><?= $value->id; ?></a>
<td><a href="<?= $url; ?>"><?= $this->printHtml($value->name); ?></a>
<?php endforeach; ?>
@ -237,7 +264,8 @@ echo $this->data['nav']->render(); ?>
<div class="portlet-body">
<div class="form-group">
<label for="iPermissionId"><?= $this->getHtml('ID', '0', '0'); ?></label>
<input id="iPermissionId" name="permissionref" type="text" data-tpl-text="/id" data-tpl-value="/id" disabled>
<input id="iPermissionId" name="id" type="text" data-tpl-text="/id" data-tpl-value="/id" disabled>
<input id="iPermissionRef" name="permissionref" type="hidden" value="<?= $account->id; ?>">
</div>
<div class="form-group">
@ -332,7 +360,7 @@ echo $this->data['nav']->render(); ?>
</div>
</div>
<div class="portlet-foot">
<input type="hidden" name="permissionowner" value="<?= PermissionOwner::GROUP; ?>">
<input type="hidden" name="permissionowner" value="<?= PermissionOwner::ACCOUNT; ?>">
<input id="bPermissionAdd" formmethod="put" type="submit" class="add-form" value="<?= $this->getHtml('Add', '0', '0'); ?>">
<input id="bPermissionSave" formmethod="post" type="submit" class="save-form vh button save" value="<?= $this->getHtml('Update', '0', '0'); ?>">
@ -350,7 +378,8 @@ echo $this->data['nav']->render(); ?>
data-tag="form"
data-ui-element="tr"
data-add-tpl=".oms-add-tpl-permission"
data-update-form="permissionForm">
data-update-form="permissionForm"
data-delete-form="permissionForm">
<thead>
<tr>
<td>

1
Theme/Backend/groups-create.tpl.php
View File

@ -24,6 +24,7 @@ echo $this->data['nav']->render(); ?>
<form id="fGroupCreate"
action="<?= UriFactory::build('{/api}admin/group?csrf={$CSRF}'); ?>"
method="put"
data-redirect="<?= UriFactory::build('{/base}/admin/group/view'); ?>?id={/0/response/id}"
autocomplete="off">
<div class="portlet-head"><?= $this->getHtml('Group'); ?></div>
<div class="portlet-body">

8
Theme/Backend/groups-view.tpl.php
View File

@ -125,7 +125,7 @@ echo $this->data['nav']->render(); ?>
data-tag="form"
data-ui-element="tr"
data-add-tpl=".oms-add-tpl-account"
data-delete-form="accountForm">
data-delete-form="iAddAccountToGroup">
<thead>
<tr>
<td>
@ -184,7 +184,8 @@ echo $this->data['nav']->render(); ?>
<div class="portlet-body">
<div class="form-group">
<label for="iPermissionId"><?= $this->getHtml('ID', '0', '0'); ?></label>
<input id="iPermissionId" name="permissionref" type="text" data-tpl-text="/id" data-tpl-value="/id" disabled>
<input id="iPermissionId" name="id" type="text" data-tpl-text="/id" data-tpl-value="/id" disabled>
<input id="iPermissionRef" name="permissionref" type="hidden" value="<?= $group->id; ?>">
</div>
<div class="form-group">
<label for="iPermissionUnit"><?= $this->getHtml('Unit'); ?></label>
@ -290,7 +291,8 @@ echo $this->data['nav']->render(); ?>
data-tag="form"
data-ui-element="tr"
data-add-tpl=".oms-add-tpl-permission"
data-update-form="permissionForm">
data-update-form="permissionForm"
data-delete-form="permissionForm">
<thead>
<tr>
<td>

20
Theme/Backend/modules-info.tpl.php
View File

@ -57,18 +57,21 @@ if (isset($installed[$id])) {
</div>
<div class="portlet-foot">
<?php if (isset($active[$id])) : ?>
<form id="fModuleDeactivate" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST">
<form id="fModuleDeactivate" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST"
data-redirect="<?= UriFactory::build('{%}'); ?>">
<button id="fModuleDeactivateButton" name="status" type="submit" value="<?= ModuleStatusUpdateType::DEACTIVATE; ?>"><?= $this->getHtml('Deactivate'); ?></button>
</form>
<?php elseif (isset($installed[$id])) : ?>
<div class="ipt-wrap">
<div class="ipt-first">
<form id="fModuleUninstall" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST">
<form id="fModuleUninstall" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST"
data-redirect="<?= UriFactory::build('{%}'); ?>">
<button id="fModuleUninstallButton" name="status" type="submit" value="<?= ModuleStatusUpdateType::UNINSTALL; ?>"><?= $this->getHtml('Uninstall'); ?></button>
</form>
</div>
<div class="ipt-second">
<form id="fModuleActivate" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST">
<form id="fModuleActivate" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST"
data-redirect="<?= UriFactory::build('{%}'); ?>">
<button id="fModuleActivateButton" name="status" type="submit" value="<?= ModuleStatusUpdateType::ACTIVATE; ?>"><?= $this->getHtml('Activate'); ?></button>
</form>
</div>
@ -76,12 +79,17 @@ if (isset($installed[$id])) {
<?php elseif (isset($module)) : ?>
<div class="ipt-wrap">
<div class="ipt-first">
<form id="fModuleInstall" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST">
<button id="fModuleInstallButton" name="status" type="submit" value="<?= ModuleStatusUpdateType::INSTALL; ?>"><?= $this->getHtml('Install'); ?></button>
<form id="fModuleInstall" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>"
method="POST"
data-redirect="<?= UriFactory::build('{%}'); ?>">
<button id="fModuleInstallButton" name="status" type="submit" value="<?= ModuleStatusUpdateType::INSTALL; ?>">
<?= $this->getHtml('Install'); ?>
</button>
</form>
</div>
<div class="ipt-second">
<form id="fModuleDelete" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST">
<form id="fModuleDelete" action="<?= UriFactory::build('{/api}admin/module/status?module=' . $id . '&csrf={$CSRF}'); ?>" method="POST"
data-redirect="<?= UriFactory::build('{%}'); ?>">
<button id="fModuleDeleteButton" name="status" type="submit" value="<?= ModuleStatusUpdateType::DELETE; ?>"><?= $this->getHtml('Delete'); ?></button>
</form>
</div>