Add the missing "only" filtering to the backend controllers.

This commit is contained in:
Alex Tselegidis 2023-01-21 12:51:06 +01:00
parent b447751c39
commit f8925ddb0d
3 changed files with 82 additions and 4 deletions

View file

@ -184,6 +184,20 @@ class Customers extends EA_Controller {
$customer = request('customer'); $customer = request('customer');
$this->customers_model->only($customer, [
'first_name',
'last_name',
'email',
'phone_number',
'address',
'city',
'state',
'zip_code',
'notes',
'timezone',
'language',
]);
$customer_id = $this->customers_model->save($customer); $customer_id = $this->customers_model->save($customer);
$customer = $this->customers_model->find($customer_id); $customer = $this->customers_model->find($customer_id);
@ -222,6 +236,21 @@ class Customers extends EA_Controller {
abort(403, 'Forbidden'); abort(403, 'Forbidden');
} }
$this->customers_model->only($customer, [
'id',
'first_name',
'last_name',
'email',
'phone_number',
'address',
'city',
'state',
'zip_code',
'notes',
'timezone',
'language',
]);
$customer_id = $this->customers_model->save($customer); $customer_id = $this->customers_model->save($customer);
$customer = $this->customers_model->find($customer_id); $customer = $this->customers_model->find($customer_id);

View file

@ -123,6 +123,24 @@ class Services extends EA_Controller {
$service['id_categories'] = $service['id_categories'] ?: NULL; $service['id_categories'] = $service['id_categories'] ?: NULL;
$this->services_model->only($service, [
'name',
'duration',
'price',
'currency',
'description',
'color',
'location',
'availabilities_type',
'attendants_number',
'is_private',
'id_categories',
]);
$this->services_model->optional($service, [
'id_categories' => NULL
]);
$service_id = $this->services_model->save($service); $service_id = $this->services_model->save($service);
$service = $this->services_model->find($service_id); $service = $this->services_model->find($service_id);
@ -154,7 +172,24 @@ class Services extends EA_Controller {
$service = request('service'); $service = request('service');
$service['id_categories'] = $service['id_categories'] ?: NULL; $this->services_model->only($service, [
'id',
'name',
'duration',
'price',
'currency',
'description',
'color',
'location',
'availabilities_type',
'attendants_number',
'is_private',
'id_categories',
]);
$this->services_model->optional($service, [
'id_categories' => NULL
]);
$service_id = $this->services_model->save($service); $service_id = $this->services_model->save($service);

View file

@ -78,6 +78,20 @@ class Unavailabilities extends EA_Controller {
$unavailability = request('unavailability'); $unavailability = request('unavailability');
$this->unavailabilities_model->only($unavailability, [
'first_name',
'last_name',
'email',
'phone_number',
'address',
'city',
'state',
'zip_code',
'notes',
'timezone',
'language',
]);
$unavailability_id = $this->unavailabilities_model->save($unavailability); $unavailability_id = $this->unavailabilities_model->save($unavailability);
$unavailability = $this->unavailabilities_model->find($unavailability_id); $unavailability = $this->unavailabilities_model->find($unavailability_id);