/** * This block is added to deal with the possibility that a requested filter is not an allowable option on the * database table. If the requested field filter is not a valid field on this table then we completely skip * the query because no results will be expected if the field does not exist. The exception to this is if the field * is part of an OR query then we remove the missing field from the stack but still allow the other fields through. * * @param array $queryParams * @param Repository $repo * * @return bool|array $cleanParams */ public function whitelistParameters(array $queryParams, Repository $repo) { $metadata = $repo->getClassMetadata(); $allowedParams = array_keys($metadata->getFieldMappings()); $cleanParams = []; foreach ($queryParams as $fieldSelect => $valueSelect) { $stack = preg_split('/ *(\\|\\|\\|) */', $fieldSelect); $valueStack = preg_split('/ *(\\|\\|\\|) */', $valueSelect); if (count($stack) > 1) { $allowedKeys = []; $allowedVals = []; foreach ($stack as $i => $stackItem) { if (in_array($stackItem, $allowedParams)) { $allowedKeys[] = $stackItem; $allowedVals[] = $valueStack[$i]; } } if (!count($allowedKeys)) { return false; } $allowed = join(' ||| ', $allowedKeys); $cleanParams[$allowed] = join(' ||| ', $allowedVals); } else { if (!in_array($fieldSelect, $allowedParams)) { return false; } $cleanParams[$fieldSelect] = $valueSelect; } } return $cleanParams; }
public function createQueryBuilder($alias = 'content') { return parent::createQueryBuilder($alias); }
/** * {@inheritdoc} */ public function update($entity, $exclusions = []) { $password = $entity->getPassword(); // PHP 5.4 compatibility if (empty($password) || $entity->getPassword() === '**dontchange**') { $result = parent::update($entity, ['password']); } else { $result = parent::update($entity); } return $result; }
/** * {@inheritdoc} */ public function update($entity, $exclusions = []) { // Forget remembered users. $this->userEntities = []; if ($entity->getPassword() === null) { $result = parent::update($entity, ['password']); } else { $result = parent::update($entity); } return $result; }
/** * Execute the deletion of a record. * * @param Repository $repo * @param Content $entity * * @return boolean */ protected function deleteRecord(Repository $repo, Content $entity) { $recordId = $entity->getId(); $contentTypeName = (string) $entity->getContenttype(); if (!$this->users->isAllowed("contenttype:{$contentTypeName}:delete:{$recordId}")) { $this->loggerFlash->error(Trans::__('general.access-denied.content-not-modified', ['%title%' => $entity->getTitle()])); return; } return $repo->delete($entity); }
/** * {@inheritdoc} */ public function getRepository($className) { /** @var Repository $repo */ $repo = null; $className = (string) $className; if (array_key_exists($className, $this->aliases)) { $className = $this->aliases[$className]; } try { $classMetadata = $this->getMapper()->loadMetadataForClass($className); } catch (StorageException $e) { throw new InvalidRepositoryException("Attempted to load repository for invalid class or alias: {$className}. Check that the class, alias or contenttype definition is correct."); } if (array_key_exists($classMetadata->getName(), $this->repositories)) { $repoClass = $this->repositories[$classMetadata->getName()]; if (is_callable($repoClass)) { $repo = call_user_func_array($repoClass, [$this, $classMetadata]); } else { $repo = new $repoClass($this, $classMetadata); } } if ($repo === null) { foreach ($this->aliases as $alias => $namespace) { $full = str_replace($alias, $namespace, $className); if (array_key_exists($full, $this->repositories)) { $classMetadata = $this->getMapper()->loadMetadataForClass($full); $repoClass = $this->repositories[$full]; $repo = new $repoClass($this, $classMetadata); } } } /* * The metadata driver can also attempt to resolve an alias for us. * For now we are hardcoding the link between a content entity and * the content repository, but in time this should be a metadata level * configuration. */ if ($repo === null && $this->getMapper()->resolveClassName($className) === 'Bolt\\Storage\\Entity\\Content') { $repo = $this->getDefaultRepositoryFactory($classMetadata); } /* * If the fetched metadata isn't mapped to a specific entity then we treat * it as a generic Content repo */ if ($repo === null && in_array($className, $this->getMapper()->getUnmapped())) { $repo = $this->getDefaultRepositoryFactory($classMetadata); } if ($repo === null) { $repo = new Repository($this, $classMetadata); } if ($repo instanceof Repository\ContentRepository) { /** @var ContentRepository $repo */ $repo->setLegacyService($this->legacyService); } return $repo; }
/** * Saves a single object that already exists. * * @param object $entity The entity to save. * * @return boolean */ public function update($entity) { $password = $entity->getPassword(); // PHP 5.4 compatibility if (empty($password) || $entity->getPassword() === '**dontchange**') { $this->getPersister()->disableField('password'); $result = parent::update($entity); $this->getPersister()->enableField('password'); } else { $result = parent::update($entity); } return $result; }