/** * @param Insert $insert * @return mixed * @throws \Directus\Acl\Exception\UnauthorizedTableAddException * @throws \Directus\Acl\Exception\UnauthorizedFieldWriteException */ protected function executeInsert(Insert $insert) { /** * ACL Enforcement */ $insertState = $insert->getRawState(); $insertTable = $this->getRawTableNameFromQueryStateTable($insertState['table']); if (!$this->acl->hasTablePrivilege($insertTable, 'add')) { $aclErrorPrefix = $this->acl->getErrorMessagePrefix(); throw new UnauthorizedTableAddException($aclErrorPrefix . "Table add access forbidden on table {$insertTable}"); } // Enforce write field blacklist (if user lacks bigedit privileges on this table) if (!$this->acl->hasTablePrivilege($insertTable, 'bigedit')) { $this->acl->enforceBlacklist($insertTable, $insertState['columns'], Acl::FIELD_WRITE_BLACKLIST); } try { return parent::executeInsert($insert); } catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) { if ('production' !== DIRECTUS_ENV) { if (strpos(strtolower($e->getMessage()), 'duplicate entry') !== FALSE) { throw new DuplicateEntryException($e->getMessage()); } throw new \RuntimeException("This query failed: " . $this->dumpSql($insert), 0, $e); } // @todo send developer warning throw $e; } }
/** * @param Insert $insert * @return mixed * @throws \Directus\Acl\Exception\UnauthorizedTableAddException * @throws \Directus\Acl\Exception\UnauthorizedFieldWriteException */ protected function executeInsert(Insert $insert) { /** * ACL Enforcement */ $insertState = $insert->getRawState(); $insertTable = $this->getRawTableNameFromQueryStateTable($insertState['table']); $insertData = $insertState['values']; if (!$this->acl->hasTablePrivilege($insertTable, 'add')) { $aclErrorPrefix = $this->acl->getErrorMessagePrefix(); throw new UnauthorizedTableAddException($aclErrorPrefix . 'Table add access forbidden on table ' . $insertTable); } // Enforce write field blacklist $this->acl->enforceBlacklist($insertTable, $insertState['columns'], Acl::FIELD_WRITE_BLACKLIST); try { // Data to be inserted with the column name as assoc key. $insertDataAssoc = array_combine($insertState['columns'], $insertData); $this->emitter->run('table.insert:before', [$insertTable, $insertDataAssoc]); $this->emitter->run('table.insert.' . $insertTable . ':before', [$insertDataAssoc]); $result = parent::executeInsert($insert); $insertTableGateway = new self($this->acl, $insertTable, $this->adapter); $resultData = $insertTableGateway->find($this->getLastInsertValue()); $this->emitter->run('table.insert', [$insertTable, $resultData]); $this->emitter->run('table.insert.' . $insertTable, [$resultData]); $this->emitter->run('table.insert:after', [$insertTable, $resultData]); $this->emitter->run('table.insert.' . $insertTable . ':after', [$resultData]); return $result; } catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) { // @todo send developer warning if (strpos(strtolower($e->getMessage()), 'duplicate entry') !== FALSE) { throw new DuplicateEntryException($e->getMessage()); } if ('production' !== DIRECTUS_ENV) { throw new \RuntimeException('This query failed: ' . $this->dumpSql($insert), 0, $e); } throw $e; } }