/**
* This block is added to deal with the possibility that a requested filter is not an allowable option on the
* database table. If the requested field filter is not a valid field on this table then we completely skip
* the query because no results will be expected if the field does not exist. The exception to this is if the field
* is part of an OR query then we remove the missing field from the stack but still allow the other fields through.
*
* @param array $queryParams
* @param Repository $repo
*
* @return bool|array $cleanParams
*/
public function whitelistParameters(array $queryParams, Repository $repo)
{
$metadata = $repo->getClassMetadata();
$allowedParams = array_keys($metadata->getFieldMappings());
$cleanParams = [];
foreach ($queryParams as $fieldSelect => $valueSelect) {
$stack = preg_split('/ *(\\|\\|\\|) */', $fieldSelect);
$valueStack = preg_split('/ *(\\|\\|\\|) */', $valueSelect);
if (count($stack) > 1) {
$allowedKeys = [];
$allowedVals = [];
foreach ($stack as $i => $stackItem) {
if (in_array($stackItem, $allowedParams)) {
$allowedKeys[] = $stackItem;
$allowedVals[] = $valueStack[$i];
}
}
if (!count($allowedKeys)) {
return false;
}
$allowed = join(' ||| ', $allowedKeys);
$cleanParams[$allowed] = join(' ||| ', $allowedVals);
} else {
if (!in_array($fieldSelect, $allowedParams)) {
return false;
}
$cleanParams[$fieldSelect] = $valueSelect;
}
}
return $cleanParams;
}
public function createQueryBuilder($alias = 'content')
{
return parent::createQueryBuilder($alias);
}
/**
* {@inheritdoc}
*/
public function update($entity, $exclusions = [])
{
$password = $entity->getPassword();
// PHP 5.4 compatibility
if (empty($password) || $entity->getPassword() === '**dontchange**') {
$result = parent::update($entity, ['password']);
} else {
$result = parent::update($entity);
}
return $result;
}
/**
* {@inheritdoc}
*/
public function update($entity, $exclusions = [])
{
// Forget remembered users.
$this->userEntities = [];
if ($entity->getPassword() === null) {
$result = parent::update($entity, ['password']);
} else {
$result = parent::update($entity);
}
return $result;
}
/**
* Execute the deletion of a record.
*
* @param Repository $repo
* @param Content $entity
*
* @return boolean
*/
protected function deleteRecord(Repository $repo, Content $entity)
{
$recordId = $entity->getId();
$contentTypeName = (string) $entity->getContenttype();
if (!$this->users->isAllowed("contenttype:{$contentTypeName}:delete:{$recordId}")) {
$this->loggerFlash->error(Trans::__('general.access-denied.content-not-modified', ['%title%' => $entity->getTitle()]));
return;
}
return $repo->delete($entity);
}
/**
* {@inheritdoc}
*/
public function getRepository($className)
{
/** @var Repository $repo */
$repo = null;
$className = (string) $className;
if (array_key_exists($className, $this->aliases)) {
$className = $this->aliases[$className];
}
try {
$classMetadata = $this->getMapper()->loadMetadataForClass($className);
} catch (StorageException $e) {
throw new InvalidRepositoryException("Attempted to load repository for invalid class or alias: {$className}. Check that the class, alias or contenttype definition is correct.");
}
if (array_key_exists($classMetadata->getName(), $this->repositories)) {
$repoClass = $this->repositories[$classMetadata->getName()];
if (is_callable($repoClass)) {
$repo = call_user_func_array($repoClass, [$this, $classMetadata]);
} else {
$repo = new $repoClass($this, $classMetadata);
}
}
if ($repo === null) {
foreach ($this->aliases as $alias => $namespace) {
$full = str_replace($alias, $namespace, $className);
if (array_key_exists($full, $this->repositories)) {
$classMetadata = $this->getMapper()->loadMetadataForClass($full);
$repoClass = $this->repositories[$full];
$repo = new $repoClass($this, $classMetadata);
}
}
}
/*
* The metadata driver can also attempt to resolve an alias for us.
* For now we are hardcoding the link between a content entity and
* the content repository, but in time this should be a metadata level
* configuration.
*/
if ($repo === null && $this->getMapper()->resolveClassName($className) === 'Bolt\\Storage\\Entity\\Content') {
$repo = $this->getDefaultRepositoryFactory($classMetadata);
}
/*
* If the fetched metadata isn't mapped to a specific entity then we treat
* it as a generic Content repo
*/
if ($repo === null && in_array($className, $this->getMapper()->getUnmapped())) {
$repo = $this->getDefaultRepositoryFactory($classMetadata);
}
if ($repo === null) {
$repo = new Repository($this, $classMetadata);
}
if ($repo instanceof Repository\ContentRepository) {
/** @var ContentRepository $repo */
$repo->setLegacyService($this->legacyService);
}
return $repo;
}
/**
* Saves a single object that already exists.
*
* @param object $entity The entity to save.
*
* @return boolean
*/
public function update($entity)
{
$password = $entity->getPassword();
// PHP 5.4 compatibility
if (empty($password) || $entity->getPassword() === '**dontchange**') {
$this->getPersister()->disableField('password');
$result = parent::update($entity);
$this->getPersister()->enableField('password');
} else {
$result = parent::update($entity);
}
return $result;
}
