Permissions for fingerprint endpoints created
This commit is contained in:
parent
39d14451b2
commit
37f220b561
@ -17,6 +17,10 @@ final class FingerprintDeleteController extends AbstractController
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
if (!$this->isUserLoggedIn()) {
|
||||
return;
|
||||
}
|
||||
|
||||
parent::handle();
|
||||
|
||||
if ($this->response->getStatus() !== ServerStatus::OK) {
|
||||
@ -25,16 +29,21 @@ final class FingerprintDeleteController extends AbstractController
|
||||
|
||||
try {
|
||||
$db = new MySqlDatabase();
|
||||
$this->response = new ApiJsonResponse();
|
||||
|
||||
$db->startTransaction();
|
||||
|
||||
$fingerprint = new Fingerprint($this->fingerprintId, $db);
|
||||
|
||||
if (!$this->hasUserPermission($fingerprint->getUserId())) {
|
||||
return;
|
||||
}
|
||||
|
||||
$qrCode = new QrCode($fingerprint->getFingerprintId(), $fingerprint->getFingerprint());
|
||||
$fingerprint->Delete();
|
||||
$qrCode->delete();
|
||||
|
||||
$db->commit();
|
||||
|
||||
$this->response = new ApiJsonResponse();
|
||||
} catch (Throwable $e) {
|
||||
$this->response = new ApiJsonResponse(ServerStatus::BAD_REQUEST);
|
||||
$this->response->setParameter('success', false);
|
||||
|
@ -18,8 +18,16 @@ final class FingerprintGetController extends AbstractController
|
||||
public function handle(): void
|
||||
{
|
||||
try {
|
||||
if (!$this->isUserLoggedIn()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$fingerprint = new Fingerprint($this->fingerprintId);
|
||||
|
||||
if (!$this->hasUserPermission($fingerprint->getUserId())) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->response = new ApiJsonResponse();
|
||||
$this->response->setResult($fingerprint);
|
||||
} catch (Throwable $e) {
|
||||
|
@ -12,6 +12,10 @@ final class FingerprintPostController extends AbstractController
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
if (!$this->isUserLoggedIn()) {
|
||||
return;
|
||||
}
|
||||
|
||||
parent::handle();
|
||||
|
||||
$db = new MySqlDatabase();
|
||||
@ -20,8 +24,12 @@ final class FingerprintPostController extends AbstractController
|
||||
$this->response = new ApiJsonResponse();
|
||||
|
||||
try {
|
||||
$fingerprint->setFingerprint($json->fingerprint);
|
||||
$fingerprint->setUserId($json->userId);
|
||||
if (!$this->hasUserPermission((int)$json->userId)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$fingerprint->setFingerprint((string)$json->fingerprint);
|
||||
$fingerprint->setUserId((int)$json->userId);
|
||||
|
||||
if (!$db->hasTransaction()) {
|
||||
$db->startTransaction();
|
||||
|
@ -20,6 +20,10 @@ final class FingerprintPutController extends AbstractController
|
||||
|
||||
public function handle(): void
|
||||
{
|
||||
if (!$this->isUserLoggedIn()) {
|
||||
return;
|
||||
}
|
||||
|
||||
parent::handle();
|
||||
|
||||
if ($this->response->getStatus() !== ServerStatus::OK) {
|
||||
@ -30,9 +34,10 @@ final class FingerprintPutController extends AbstractController
|
||||
|
||||
try {
|
||||
$json = json_decode($this->requestBody, true);
|
||||
|
||||
$fingerprint = new Fingerprint($this->fingerprintId);
|
||||
|
||||
if ($this->handleFingerprint($fingerprint, $json)) {
|
||||
if ($this->hasUserPermission($fingerprint->getUserId()) || $this->handleFingerprint($fingerprint, $json)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user