Skip to content
This repository was archived by the owner on Sep 10, 2021. It is now read-only.

Commit 7851e62

Browse files
zachmullenzachmullen
committed
ENH: refs #236. Fix folder.create method
1 parent 068da12 commit 7851e62

File tree

1 file changed

+14
-14
lines changed

1 file changed

+14
-14
lines changed

modules/api/controllers/components/ApiComponent.php

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -413,6 +413,10 @@ function communityCreate($args)
413413
}
414414
if($record != false && $record instanceof CommunityDao)
415415
{
416+
if(!$communityModel->policyCheck($record, $userDao, MIDAS_POLICY_WRITE))
417+
{
418+
throw new Exception('Invalid policy', MIDAS_INVALID_POLICY);
419+
}
416420
$record->setName($name);
417421
if(isset($args['description']))
418422
{
@@ -431,7 +435,8 @@ function communityCreate($args)
431435
}
432436
else
433437
{
434-
$description = "";
438+
// Policy check to make sure the user can create top level communities (admins only?)
439+
$description = '';
435440
$privacy = MIDAS_COMMUNITY_PUBLIC;
436441
$canJoin = MIDAS_COMMUNITY_CAN_JOIN;
437442
if(isset($args['description']))
@@ -595,7 +600,7 @@ function folderCreate($args)
595600
$userDao = $this->_getUser($args);
596601
if($userDao == false)
597602
{
598-
throw new Exception('Unable to find user', MIDAS_INVALID_TOKEN);
603+
throw new Exception('Cannot create folder anonymously', MIDAS_INVALID_POLICY);
599604
}
600605

601606
$modelLoader = new MIDAS_ModelLoader();
@@ -610,13 +615,13 @@ function folderCreate($args)
610615
$componentLoader = new MIDAS_ComponentLoader();
611616
$uuidComponent = $componentLoader->loadComponent('Uuid');
612617
$record = $uuidComponent->getByUid($uuid);
613-
if($record === false || !$folderModel->policyCheck($record, $userDao, MIDAS_POLICY_WRITE))
614-
{
615-
throw new Exception("This folder doesn't exist or you don't have the permissions.", MIDAS_INVALID_POLICY);
616-
}
617618
}
618619
if($record != false && $record instanceof FolderDao)
619620
{
621+
if(!$folderModel->policyCheck($record, $userDao, MIDAS_POLICY_WRITE))
622+
{
623+
throw new Exception('Invalid policy', MIDAS_INVALID_POLICY);
624+
}
620625
$record->setName($name);
621626
if(isset($args['description']))
622627
{
@@ -635,8 +640,7 @@ function folderCreate($args)
635640
{
636641
throw new Exception('Parameter parentid is not defined', MIDAS_INVALID_PARAMETER);
637642
}
638-
$parentid = $args['parentid'];
639-
$folder = $folderModel->load($parentid);
643+
$folder = $folderModel->load($args['parentid']);
640644
if($folder == false)
641645
{
642646
throw new Exception('Parent doesn\'t exist', MIDAS_INVALID_PARAMETER);
@@ -650,15 +654,11 @@ function folderCreate($args)
650654
$policyUser = $folder->getFolderpolicyuser();
651655
foreach($policyGroup as $policy)
652656
{
653-
$group = $policy->getGroup();
654-
$policyValue = $policy->getPolicy();
655-
$folderModelpolicygroup->createPolicy($group, $new_folder, $policyValue);
657+
$folderModelpolicygroup->createPolicy($policy->getGroup(), $new_folder, $policy->getPolicy());
656658
}
657659
foreach($policyUser as $policy)
658660
{
659-
$user = $policy->getUser();
660-
$policyValue = $policy->getPolicy();
661-
$folderModelpolicyuser->createPolicy($user, $new_folder, $policyValue);
661+
$folderModelpolicyuser->createPolicy($policy->getUser(), $new_folder, $policy->getPolicy());
662662
}
663663

664664
return $new_folder->toArray();

0 commit comments

Comments
 (0)