mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-16 06:23:18 +00:00
Fix #1085 : Feed load with a deleted publisher fails
This commit is contained in:
Romain Neutron
@@ -87,7 +87,7 @@ class Feed implements ControllerProviderInterface
|
|||||||
|
|
||||||
$entry = \Feed_Entry_Adapter::load_from_id($appbox, $id);
|
$entry = \Feed_Entry_Adapter::load_from_id($appbox, $id);
|
||||||
|
|
||||||
if ($entry->get_publisher()->get_user()->get_id() !== $user->get_id()) {
|
if (!$entry->is_publisher($user)) {
|
||||||
throw new \Exception_UnauthorizedAction();
|
throw new \Exception_UnauthorizedAction();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -107,7 +107,7 @@ class Feed implements ControllerProviderInterface
|
|||||||
|
|
||||||
$entry = \Feed_Entry_Adapter::load_from_id($appbox, $id);
|
$entry = \Feed_Entry_Adapter::load_from_id($appbox, $id);
|
||||||
|
|
||||||
if ($entry->get_publisher()->get_user()->get_id() !== $user->get_id()) {
|
if (!$entry->is_publisher($user)) {
|
||||||
throw new \Exception_UnauthorizedAction();
|
throw new \Exception_UnauthorizedAction();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -186,7 +186,7 @@ class Feed implements ControllerProviderInterface
|
|||||||
|
|
||||||
$entry = \Feed_Entry_Adapter::load_from_id($appbox, $id);
|
$entry = \Feed_Entry_Adapter::load_from_id($appbox, $id);
|
||||||
|
|
||||||
if ($entry->get_publisher()->get_user()->get_id() !== $user->get_id()
|
if (!$entry->is_publisher($user)
|
||||||
&& $entry->get_feed()->is_owner($user) === false) {
|
&& $entry->get_feed()->is_owner($user) === false) {
|
||||||
throw new \Exception_UnauthorizedAction(_('Action Forbidden : You are not the publisher'));
|
throw new \Exception_UnauthorizedAction(_('Action Forbidden : You are not the publisher'));
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -224,7 +224,11 @@ class Feed_Adapter extends Feed_Abstract implements Feed_Interface, cache_cachea
|
|||||||
{
|
{
|
||||||
$this->load_publishers();
|
$this->load_publishers();
|
||||||
|
|
||||||
return $this->owner->get_user()->get_id() === $user->get_id();
|
if ($this->owner) {
|
||||||
|
return $this->owner->get_user()->get_id() === $user->get_id();
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -318,10 +322,15 @@ class Feed_Adapter extends Feed_Abstract implements Feed_Interface, cache_cachea
|
|||||||
$stmt->closeCursor();
|
$stmt->closeCursor();
|
||||||
|
|
||||||
foreach ($rs as $row) {
|
foreach ($rs as $row) {
|
||||||
$publisher = new Feed_Publisher_Adapter($this->appbox, $row['id']);
|
try {
|
||||||
|
$publisher = new Feed_Publisher_Adapter($this->appbox, $row['id']);
|
||||||
|
} catch (\Exception_Feed_PublisherNotFound $e) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
$this->publishers[$row['usr_id']] = $publisher;
|
$this->publishers[$row['usr_id']] = $publisher;
|
||||||
if ($publisher->is_owner())
|
if ($publisher->is_owner()) {
|
||||||
$this->owner = $publisher;
|
$this->owner = $publisher;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->publishers;
|
return $this->publishers;
|
||||||
|
|||||||
@@ -373,8 +373,13 @@ class Feed_Entry_Adapter implements Feed_Entry_Interface, cache_cacheableInterfa
|
|||||||
*/
|
*/
|
||||||
public function get_publisher()
|
public function get_publisher()
|
||||||
{
|
{
|
||||||
if ( ! $this->publisher instanceof Feed_Publisher_Adapter)
|
if ( ! $this->publisher instanceof Feed_Publisher_Adapter) {
|
||||||
$this->publisher = new Feed_Publisher_Adapter($this->appbox, $this->publisher_id);
|
try {
|
||||||
|
$this->publisher = new Feed_Publisher_Adapter($this->appbox, $this->publisher_id);
|
||||||
|
} catch (\Exception_Feed_PublisherNotFound $e) {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return $this->publisher;
|
return $this->publisher;
|
||||||
}
|
}
|
||||||
@@ -386,7 +391,13 @@ class Feed_Entry_Adapter implements Feed_Entry_Interface, cache_cacheableInterfa
|
|||||||
*/
|
*/
|
||||||
public function is_publisher(User_adapter $user)
|
public function is_publisher(User_adapter $user)
|
||||||
{
|
{
|
||||||
return $user->get_id() === $this->get_publisher()->get_user()->get_id();
|
$publisher = $this->get_publisher();
|
||||||
|
|
||||||
|
if ($publisher instanceof Feed_Publisher_Interface) {
|
||||||
|
return $user->get_id() === $publisher->get_user()->get_id();
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -95,7 +95,7 @@ class Feed_Publisher_Adapter implements Feed_Publisher_Interface, cache_cacheabl
|
|||||||
$stmt->closeCursor();
|
$stmt->closeCursor();
|
||||||
|
|
||||||
if ( ! $row)
|
if ( ! $row)
|
||||||
throw new Exception_Feed_PublisherNotFound();
|
throw new Exception_Feed_PublisherNotFound('Publisher is not Found');
|
||||||
|
|
||||||
$this->user = User_Adapter::getInstance($row['usr_id'], $this->appbox);
|
$this->user = User_Adapter::getInstance($row['usr_id'], $this->appbox);
|
||||||
$this->owner = ! ! $row['owner'];
|
$this->owner = ! ! $row['owner'];
|
||||||
|
|||||||
Reference in New Issue
Block a user