From 79ce5a03be8ce03b2c45e74e57af754392630811 Mon Sep 17 00:00:00 2001
From: Dennis Eichhorn <spl1nes.com@googlemail.com>
Date: Sat, 23 Apr 2022 16:30:55 +0200
Subject: [PATCH] fixes

---
 .github/workflows/main.yml   | 44 +-----------------------------------
 CONTRIBUTING.md              |  2 +-
 Controller/ApiController.php | 20 ++++++++++++----
 3 files changed, 18 insertions(+), 48 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 01f0653..80098e9 100755
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -217,7 +217,7 @@ jobs:
     - name: Setup Composer
       run: composer install
     - name: phpcs
-      run: vendor/bin/phpcs ./ --standard="Build/Config/phpcs.xml" -s --report=full
+      run: vendor/bin/phpcs --severity=1 ./ --standard="Build/Config/phpcs.xml" -s --report=full
     - name: Install NPM
       uses: actions/setup-node@v3
       with:
@@ -245,45 +245,3 @@ jobs:
         VALIDATE_ALL_CODEBASE: false
         DEFAULT_BRANCH: develop
         GITHUB_TOKEN: ${{ secrets.GH_PAT }}
-  custom:
-    runs-on: ubuntu-latest
-    if: "!contains(github.event.head_commit.message, 'NO_CI')"
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        php-versions: ['8.0']
-    steps:
-    - name: Checkout Repository
-      uses: actions/checkout@main
-      with:
-        fetch-depth: 1
-    - name: Checkout Build Repository
-      uses: actions/checkout@main
-      with:
-          fetch-depth: 1
-          ref: develop
-          repository: Karaka-Management/Build
-          path: Build
-    - name: Setup PHP, with composer and extensions
-      uses: shivammathur/setup-php@master
-      with:
-          php-version: ${{ matrix.php-versions }}
-          extensions: mbstring, gd, zip, dom, mysql, pgsql, sqlite, imap, bcmath, redis, memcached
-          ini-values: opcache.jit_buffer_size=256M, opcache.jit=1235, pcre.jit=1
-    - name: PHP linting
-      run: find ./ -type f -name '*.php' -print0 | xargs -0 -n1 -P4 php -l -n | (! grep -v "No syntax errors detected" )
-    - name: Php strict
-      run: if [[ $(grep -r -L "declare(strict_types=1);" --include=*.php --exclude={*.tpl.php,*Hooks.php,*Routes.php,*SearchCommands.php} ./) -ne "" ]]; then exit 1; fi
-    - name: Html inspection
-      run: |
-        if [[ $(find ./ -name "*tpl.php" | xargs grep -E '=\"[\#\$\%\^\&\*\(\)\\/\ ]*\"') -ne "" ]]; then exit 1; fi
-        if [[ $(find ./ -name "*tpl.php" | xargs grep -P '(\<img)((?!.*?alt=).)*(>)') -ne "" ]]; then exit 1; fi
-        if [[ $(find ./ -name "*tpl.php" | xargs grep -P '(<input)((?!.*?type=).)*(>)') -ne "" ]]; then exit 1; fi
-        if [[ $(find ./ -name "*tpl.php" | xargs grep -P '(<input|<select|<textarea)((?!.*?name=).)*(>)') -ne "" ]]; then exit 1; fi
-        if [[ $(find ./ -name "*tpl.php" | xargs grep -P '(style=)') -ne "" ]]; then exit 1; fi
-        if [[ $(find ./ -name "*tpl.php" | xargs grep -P '(value|title|alt|aria\-label)(=\")((?!\<\?).)*(>)') -ne "" ]]; then exit 1; fi
-        if [[ $(find ./ -name "*tpl.php" | xargs grep -P '(\<td\>|\<th\>|\<caption\>|\<label.*?(\"|l)\>)) -ne "" ]]; then exit 1; fi
-    - name: Js inspection
-      run: |
-        if [[ $(grep -rlni "onafterprint=\|onbeforeprint=\|onbeforeunload=\|onerror=\|onhaschange=\|onload=\|onmessage=\|onoffline=\|ononline=\|onpagehide=\|onpageshow=\|onpopstate=\|onredo=\|onresize=\|onstorage=\|onund=o\|onunload=\|onblur=\|onchage=\|oncontextmenu=\|onfocus=\|onformchange=\|onforminput=\|oninput=\|oninvalid=\|onreset=\|onselect=\|onsubmit=\|onkeydown=\|onkeypress=\|onkeyup=\|onclick=\|ondblclic=k\|ondrag=\|ondragend=\|ondragenter=\|ondragleave=\|ondragover=\|ondragstart=\|ondrop=\|onmousedown=\|onmousemove=\|onmouseout=\|onmouseover=\|onmouseup=\|onmousewheel=\|onscroll=\|onabor=t\|oncanplay=\|oncanplaythrough=\|ondurationchange=\|onemptied=\|onended=\|onerror=\|onloadeddata=\|onloadedmetadata=\|onloadstart=\|onpause=\|onplay=\|onplaying=\|onprogress=\|onratechange=\|onreadystatechange=\|onseeked=\|onseeking=\|onstalled=\|onsuspend=\|ontimeupdate=\|onvolumechange=" --include=*.js ./) -ne "" ]]; then exit 1; fi
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 4bbb819..e237dc9 100755
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -31,7 +31,7 @@ In rare  cases errors, failures or warnings during the automatic inspection are
 Automated checks which are run during the review process:
 
 ```sh
-php ./vendor/bin/phpcs ./ --standard="Build/Config/phpcs.xml"
+php ./vendor/bin/phpcs --severity=1 ./ --standard="Build/Config/phpcs.xml"
 npx eslint ./ -c ./Build/Config/.eslintrc.json
 ```
 
diff --git a/Controller/ApiController.php b/Controller/ApiController.php
index d3b30ab..f4875f0 100644
--- a/Controller/ApiController.php
+++ b/Controller/ApiController.php
@@ -158,8 +158,12 @@ final class ApiController extends Controller
         $isExport  = \in_array($request->getData('type'), ['xlsx', 'pdf', 'docx', 'pptx', 'csv', 'json']);
 
         // is allowed to read
-        if (!$this->app->accountManager->get($accountId)->hasPermission(PermissionType::READ, $this->app->orgId, null, self::NAME, PermissionCategory::INSTANCE, $instance->getId())
-            || ($isExport && !$this->app->accountManager->get($accountId)->hasPermission(PermissionType::READ, $this->app->orgId, $this->app->appName, self::NAME, PermissionCategory::EXPORT))
+        if (!$this->app->accountManager->get($accountId)->hasPermission(
+                PermissionType::READ, $this->app->orgId, null, self::NAME, PermissionCategory::INSTANCE, $instance->getId()
+            )
+            || ($isExport && !$this->app->accountManager->get($accountId)->hasPermission(
+                    PermissionType::READ, $this->app->orgId, $this->app->appName, self::NAME, PermissionCategory::EXPORT
+            ))
         ) {
             $response->header->status = RequestStatusCode::R_403;
 
@@ -397,7 +401,9 @@ final class ApiController extends Controller
         }
 
         // is allowed to create
-        if (!$this->app->accountManager->get($request->header->account)->hasPermission(PermissionType::CREATE, $this->app->orgId, null, self::NAME, PermissionCategory::TEMPLATE)) {
+        if (!$this->app->accountManager->get($request->header->account)->hasPermission(
+                PermissionType::CREATE, $this->app->orgId, null, self::NAME, PermissionCategory::TEMPLATE)
+        ) {
             $response->header->status = RequestStatusCode::R_403;
 
             return;
@@ -604,7 +610,13 @@ final class ApiController extends Controller
 
         require_once $template->findFile('WorkflowInstanceMapper.php')->getPath();
 
-        $this->createModel($request->header->account, $instance, \Modules\Workflow\Models\WorkflowInstanceMapper::class, 'instance', $request->getOrigin());
+        $this->createModel(
+            $request->header->account,
+            $instance,
+            \Modules\Workflow\Models\WorkflowInstanceMapper::class,
+            'instance',
+            $request->getOrigin()
+        );
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Instance', 'Instance successfully created', $instance);
     }