From 5a52bde05a26ab2830508528944b2224977651ec Mon Sep 17 00:00:00 2001 From: Alex Tselegidis Date: Thu, 17 Dec 2020 16:49:04 +0200 Subject: [PATCH] Additional check for the provided user props via the API --- application/controllers/api/v1/Admins.php | 7 ++++++- application/controllers/api/v1/Providers.php | 17 ++++++++++++++++- application/controllers/api/v1/Secretaries.php | 12 +++++++++++- 3 files changed, 33 insertions(+), 3 deletions(-) diff --git a/application/controllers/api/v1/Admins.php b/application/controllers/api/v1/Admins.php index 1a3cbe91..4b5dff26 100644 --- a/application/controllers/api/v1/Admins.php +++ b/application/controllers/api/v1/Admins.php @@ -87,11 +87,16 @@ class Admins extends API_V1_Controller { $admin = $request->get_body(); $this->parser->decode($admin); - if (isset($admin['id'])) + if (array_key_exists('id', $admin)) { unset($admin['id']); } + if ( ! array_key_exists('settings', $admin)) + { + throw new Exception('No settings property provided.'); + } + $id = $this->admins_model->add($admin); // Fetch the new object from the database and return it to the client. diff --git a/application/controllers/api/v1/Providers.php b/application/controllers/api/v1/Providers.php index 5d163b18..a3739968 100644 --- a/application/controllers/api/v1/Providers.php +++ b/application/controllers/api/v1/Providers.php @@ -87,11 +87,26 @@ class Providers extends API_V1_Controller { $provider = $request->get_body(); $this->parser->decode($provider); - if (isset($provider['id'])) + if (array_key_exists('id', $provider)) { unset($provider['id']); } + if ( ! array_key_exists('services', $provider)) + { + throw new Exception('No services property provided.'); + } + + if ( ! array_key_exists('settings', $provider)) + { + throw new Exception('No settings property provided.'); + } + + if ( ! array_key_exists('working_plan', $provider['settings']['working_plan'])) + { + $provider['settings']['working_plan'] = $this->settings_model->get_setting('company_working_plan'); + } + $id = $this->providers_model->add($provider); // Fetch the new object from the database and return it to the client. diff --git a/application/controllers/api/v1/Secretaries.php b/application/controllers/api/v1/Secretaries.php index d25001cc..2cff1720 100644 --- a/application/controllers/api/v1/Secretaries.php +++ b/application/controllers/api/v1/Secretaries.php @@ -87,11 +87,21 @@ class Secretaries extends API_V1_Controller { $secretary = $request->get_body(); $this->parser->decode($secretary); - if (isset($secretary['id'])) + if (array_key_exists('id', $secretary)) { unset($secretary['id']); } + if ( ! array_key_exists('providers', $secretary)) + { + throw new Exception('No providers property provided.'); + } + + if ( ! array_key_exists('settings', $secretary)) + { + throw new Exception('No settings property provided.'); + } + $id = $this->secretaries_model->add($secretary); // Fetch the new object from the database and return it to the client.