/** * * Intial validation of incoming CMS requests before we do anything useful. * * @return SS_HTTPResponse * @todo Refactor into single static. There are v.close dupes of this in the other controllers. */ public function initValidate() { $folderId = SecuredFilesystem::get_numeric_identifier($this, 'ID'); if ($folderId) { $folder = DataObject::get_by_id("Folder", $folderId); if ($folder && $folder->exists()) { if ($folder->Secured) { $message = _t('SecuredFilesystem.messages.ERROR_ACCESS_ONLY_IN_SECURED_FILES'); return SecuredFilesystem::show_access_message($this, $message); } } else { $message = _t('SecuredFilesystem.messages.ERROR_FOLDER_NOT_EXISTS'); return SecuredFilesystem::show_access_message($this, $message); } } }
/** * * {@inheritdoc} * * @param SS_HTTPRequest $request * @return HTMLText */ public function addfolder($request) { $parentId = SecuredFilesystem::get_numeric_identifier($this, 'ParentID'); $folder = DataObject::get_by_id("Folder", $parentId); if ($folder && $folder->exists()) { if (!$folder->Secured) { $message = _t('SecuredFilesystem.messages.ERROR_ACCESS_ONLY_IN_FILES'); return SecuredFilesystem::show_access_message($this, $message); } return parent::addfolder($request); } else { $message = _t('SecuredFilesystem.messages.ERROR_FOLDER_NOT_EXISTS'); return SecuredFilesystem::show_access_message($this, $message); } }
/** * Exercises SecuredFilesystem::get_numeric_identifier() with both types of expected controller * Ensures expected outputs given a variety of inputs * * @todo Add 'ParentID' ensure this works as expected * @todo Test with "unexpected" class, assert exedcption or error thrown as expecced (Zero is returned) */ public function testGetNumericIdentifierPost() { $controller = $this->getTestController(array('ID' => '40'), 'POST', AssetAdmin::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ID'); $this->assertInternalType('integer', $result); $this->assertEquals(40, $result); $controller = $this->getTestController(array('ID' => '40'), 'POST', CMSFileAddController::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ID'); $this->assertInternalType('integer', $result); $this->assertEquals(40, $result); $controller = $this->getTestController(array('ID' => '0'), 'POST', AssetAdmin::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ID'); $this->assertInternalType('integer', $result); $this->assertEquals(0, $result); $controller = $this->getTestController(array('ID' => '0'), 'POST', CMSFileAddController::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ID'); $this->assertInternalType('integer', $result); $this->assertEquals(0, $result); $controller = $this->getTestController(array('ParentID' => '40'), 'POST', AssetAdmin::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ParentID'); $this->assertInternalType('integer', $result); $this->assertEquals(40, $result); $controller = $this->getTestController(array('ParentID' => '40'), 'POST', CMSFileAddController::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ParentID'); $this->assertInternalType('integer', $result); $this->assertEquals(40, $result); $controller = $this->getTestController(array('ParentID' => '0'), 'POST', AssetAdmin::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ParentID'); $this->assertInternalType('integer', $result); $this->assertEquals(0, $result); $controller = $this->getTestController(array('ParentID' => '0'), 'POST', CMSFileAddController::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ParentID'); $this->assertInternalType('integer', $result); $this->assertEquals(0, $result); $controller = $this->getTestController(array('DUMMY' => '40'), 'POST', AssetAdmin::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ID'); $this->assertInternalType('integer', $result); $this->assertEquals(0, $result); $controller = $this->getTestController(array('DUMMY' => '40'), 'POST', CMSFileAddController::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ID'); $this->assertInternalType('integer', $result); $this->assertEquals(0, $result); $controller = $this->getTestController(array('ID' => '40'), 'POST', Controller::create()); $result = SecuredFilesystem::get_numeric_identifier($controller, 'ID'); $this->assertInternalType('integer', $result); $this->assertEquals(0, $result); }