diff --git a/Admin/Installer.php b/Admin/Installer.php
index 376b88e..4d6a187 100755
--- a/Admin/Installer.php
+++ b/Admin/Installer.php
@@ -153,7 +153,7 @@ final class Installer extends InstallerAbstract
$request->header->account = 1;
$request->setData('name', $attribute['name'] ?? '');
- $request->setData('title', \reset($attribute['l11n']));
+ $request->setData('content', \reset($attribute['l11n']));
$request->setData('language', \array_keys($attribute['l11n'])[0] ?? 'en');
$request->setData('is_required', $attribute['is_required'] ?? false);
$request->setData('repeatable', $attribute['repeatable'] ?? false);
@@ -184,9 +184,9 @@ final class Installer extends InstallerAbstract
$request = new HttpRequest();
$request->header->account = 1;
- $request->setData('title', $l11n);
+ $request->setData('content', $l11n);
$request->setData('language', $language);
- $request->setData('type', $clientAttrType[$attribute['name']]['id']);
+ $request->setData('ref', $clientAttrType[$attribute['name']]['id']);
$module->apiClientAttributeTypeL11nCreate($request, $response);
}
@@ -233,7 +233,7 @@ final class Installer extends InstallerAbstract
$request->setData('type', $clientAttrType[$attribute['name']]['id']);
if (isset($value['l11n']) && !empty($value['l11n'])) {
- $request->setData('title', \reset($value['l11n']));
+ $request->setData('content', \reset($value['l11n']));
$request->setData('language', \array_keys($value['l11n'])[0] ?? 'en');
}
@@ -261,9 +261,9 @@ final class Installer extends InstallerAbstract
$request = new HttpRequest();
$request->header->account = 1;
- $request->setData('title', $l11n);
+ $request->setData('content', $l11n);
$request->setData('language', $language);
- $request->setData('value', $attrValue['id']);
+ $request->setData('ref', $attrValue['id']);
$module->apiClientAttributeValueL11nCreate($request, $response);
}
diff --git a/Admin/Routes/Web/Api.php b/Admin/Routes/Web/Api.php
index df51988..3616f84 100644
--- a/Admin/Routes/Web/Api.php
+++ b/Admin/Routes/Web/Api.php
@@ -55,6 +55,57 @@ return [
],
],
],
+
+ '^.*/client/file(\?.*|$)$' => [
+ [
+ 'dest' => '\Modules\ClientManagement\Controller\ApiController:apiFileCreate',
+ 'verb' => RouteVerb::PUT,
+ 'csrf' => true,
+ 'active' => true,
+ 'permission' => [
+ 'module' => ApiController::NAME,
+ 'type' => PermissionType::CREATE,
+ 'state' => PermissionCategory::CLIENT,
+ ],
+ ],
+ ],
+
+ '^.*/client/note(\?.*|$)$' => [
+ [
+ 'dest' => '\Modules\ClientManagement\Controller\ApiController:apiNoteCreate',
+ 'verb' => RouteVerb::PUT,
+ 'csrf' => true,
+ 'active' => true,
+ 'permission' => [
+ 'module' => ApiController::NAME,
+ 'type' => PermissionType::CREATE,
+ 'state' => PermissionCategory::CLIENT,
+ ],
+ ],
+ [
+ 'dest' => '\Modules\ClientManagement\Controller\ApiController:apiNoteUpdate',
+ 'verb' => RouteVerb::SET,
+ 'csrf' => true,
+ 'active' => true,
+ 'permission' => [
+ 'module' => ApiController::NAME,
+ 'type' => PermissionType::MODIFY,
+ 'state' => PermissionCategory::CLIENT,
+ ],
+ ],
+ [
+ 'dest' => '\Modules\ClientManagement\Controller\ApiController:apiNoteDelete',
+ 'verb' => RouteVerb::DELETE,
+ 'csrf' => true,
+ 'active' => true,
+ 'permission' => [
+ 'module' => ApiController::NAME,
+ 'type' => PermissionType::DELETE,
+ 'state' => PermissionCategory::CLIENT,
+ ],
+ ],
+ ],
+
'^.*/client/attribute(\?.*|$)$' => [
[
'dest' => '\Modules\ClientManagement\Controller\ApiAttributeController:apiClientAttributeCreate',
diff --git a/Controller/ApiController.php b/Controller/ApiController.php
index 5af7cb4..b274b3e 100755
--- a/Controller/ApiController.php
+++ b/Controller/ApiController.php
@@ -507,10 +507,10 @@ final class ApiController extends Controller
private function createClientL11nFromRequest(RequestAbstract $request) : BaseStringL11n
{
$clientL11n = new BaseStringL11n();
- $clientL11n->ref = $request->getDataInt('client') ?? 0;
+ $clientL11n->ref = $request->getDataInt('ref') ?? 0;
$clientL11n->type = new NullBaseStringL11nType($request->getDataInt('type') ?? 0);
$clientL11n->language = ISO639x1Enum::tryFromValue($request->getDataString('language')) ?? $request->header->l11n->language;
- $clientL11n->content = $request->getDataString('description') ?? '';
+ $clientL11n->content = $request->getDataString('content') ?? '';
return $clientL11n;
}
@@ -527,9 +527,9 @@ final class ApiController extends Controller
private function validateClientL11nCreate(RequestAbstract $request) : array
{
$val = [];
- if (($val['client'] = !$request->hasData('client'))
+ if (($val['ref'] = !$request->hasData('ref'))
|| ($val['type'] = !$request->hasData('type'))
- || ($val['description'] = !$request->hasData('description'))
+ || ($val['content'] = !$request->hasData('content'))
) {
return $val;
}
@@ -629,10 +629,10 @@ final class ApiController extends Controller
files: $request->files,
account: $request->header->account,
basePath: __DIR__ . '/../../../Modules/Media/Files/Modules/ClientManagement/Clients/' . ($request->getData('client') ?? '0'),
- virtualPath: '/Modules/ClientManagement/Clients/' . ($request->getData('client') ?? '0'),
+ virtualPath: '/Modules/ClientManagement/Clients/' . ($request->getData('ref') ?? '0'),
pathSettings: PathSettings::FILE_PATH,
tag: $request->getDataInt('tag'),
- rel: (int) $request->getData('client'),
+ rel: (int) $request->getData('ref'),
mapper: ClientMapper::class,
field: 'files'
);
@@ -661,7 +661,7 @@ final class ApiController extends Controller
*/
public function apiNoteCreate(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
{
- $request->setData('virtualpath', '/Modules/ClientManagement/Clients/' . ((int) $request->getData('id')), true);
+ $request->setData('virtualpath', '/Modules/ClientManagement/Clients/' . ((int) $request->getData('ref')), true);
$this->app->moduleManager->get('Editor')->apiEditorCreate($request, $response, $data);
$responseData = $response->getDataArray($request->uri->__toString());
@@ -670,7 +670,7 @@ final class ApiController extends Controller
}
$model = $responseData['response'];
- $this->createModelRelation($request->header->account, (int) $request->getData('id'), $model->id, ClientMapper::class, 'notes', '', $request->getOrigin());
+ $this->createModelRelation($request->header->account, (int) $request->getData('ref'), $model->id, ClientMapper::class, 'notes', '', $request->getOrigin());
}
/**
@@ -692,7 +692,12 @@ final class ApiController extends Controller
if (!$this->app->accountManager->get($accountId)->hasPermission(
PermissionType::MODIFY, $this->app->unitId, $this->app->appId, self::NAME, PermissionCategory::CLIENT_NOTE, $request->getDataInt('id'))
) {
- $this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
+ $this->fillJsonResponse(
+ $request, $response,
+ NotificationLevel::ERROR, '',
+ $this->app->l11nManager->getText($response->header->l11n->language, '0', '0', 'InvalidPermission'),
+ []
+ );
$response->header->status = RequestStatusCode::R_403;
return;
@@ -720,7 +725,12 @@ final class ApiController extends Controller
if (!$this->app->accountManager->get($accountId)->hasPermission(
PermissionType::DELETE, $this->app->unitId, $this->app->appId, self::NAME, PermissionCategory::CLIENT_NOTE, $request->getDataInt('id'))
) {
- $this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
+ $this->fillJsonResponse(
+ $request, $response,
+ NotificationLevel::ERROR, '',
+ $this->app->l11nManager->getText($response->header->l11n->language, '0', '0', 'InvalidPermission'),
+ []
+ );
$response->header->status = RequestStatusCode::R_403;
return;
diff --git a/Theme/Backend/client-view.tpl.php b/Theme/Backend/client-view.tpl.php
index ba156dd..a9c921a 100644
--- a/Theme/Backend/client-view.tpl.php
+++ b/Theme/Backend/client-view.tpl.php
@@ -1036,7 +1036,7 @@ echo $this->data['nav']->render();
request->uri->fragment === 'c-tab-8' ? ' checked' : ''; ?>>
- data['media-upload']->render('client-file', 'files', '', $client->files); ?>
+ data['media-upload']->render('client-file', 'files', '', $client->files, '{/api}client/file?csrf={$CSRF}', (string) $client->id); ?>
request->uri->fragment === 'c-tab-9' ? ' checked' : ''; ?>>
@@ -1294,7 +1294,7 @@ echo $this->data['nav']->render();
- data['note']->render('client-note', 'notes', $client->notes); ?>
+ data['note']->render('client-note', 'notes', $client->notes, '{/api}client/note?csrf={$CSRF}', (string) $client->id); ?>
diff --git a/tests/Controller/Api/ApiControllerAttributeTrait.php b/tests/Controller/Api/ApiControllerAttributeTrait.php
index 4836730..e947a96 100755
--- a/tests/Controller/Api/ApiControllerAttributeTrait.php
+++ b/tests/Controller/Api/ApiControllerAttributeTrait.php
@@ -50,8 +50,8 @@ trait ApiControllerAttributeTrait
$request = new HttpRequest();
$request->header->account = 1;
- $request->setData('title', 'DE:2');
- $request->setData('type', '1');
+ $request->setData('content', 'DE:2');
+ $request->setData('ref', '1');
$request->setData('language', ISO639x1Enum::_DE);
$this->attrModule->apiClientAttributeTypeL11nCreate($request, $response);
diff --git a/tests/Controller/Api/ApiControllerClientTrait.php b/tests/Controller/Api/ApiControllerClientTrait.php
index a569671..8b158e8 100755
--- a/tests/Controller/Api/ApiControllerClientTrait.php
+++ b/tests/Controller/Api/ApiControllerClientTrait.php
@@ -86,7 +86,7 @@ trait ApiControllerClientTrait
$request->header->account = 1;
$request->setData('name', '123456 backend');
- $request->setData('client', 1);
+ $request->setData('ref', 1);
$request->setData('tag', '1');
TestUtils::setMember($request, 'files', [
@@ -117,7 +117,7 @@ trait ApiControllerClientTrait
$request->header->account = 1;
$request->setData('name', 'test file backend');
- $request->setData('client', 1);
+ $request->setData('ref', 1);
TestUtils::setMember($request, 'files', [
'file1' => [
@@ -147,7 +147,7 @@ trait ApiControllerClientTrait
$MARKDOWN = "# Test Title\n\nThis is **some** text.";
- $request->setData('id', 1);
+ $request->setData('ref', 1);
$request->setData('title', \trim(\strtok($MARKDOWN, "\n"), ' #'));
$request->setData('plain', \preg_replace('/^.+\n/', '', $MARKDOWN));