Better handle permissions with bad data
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe
parent
b5c79624c6
commit
6c6b37000a
2 changed files with 37 additions and 21 deletions
|
|
@ -76,7 +76,7 @@ class Group extends SnipeModel
|
||||||
*
|
*
|
||||||
* @author A. Gianotto <snipe@snipe.net>
|
* @author A. Gianotto <snipe@snipe.net>
|
||||||
* @since [v1.0]
|
* @since [v1.0]
|
||||||
* @return array
|
* @return array | \stdClass
|
||||||
*/
|
*/
|
||||||
public function decodePermissions()
|
public function decodePermissions()
|
||||||
{
|
{
|
||||||
|
|
@ -84,20 +84,24 @@ class Group extends SnipeModel
|
||||||
if (is_array($this->permissions)) {
|
if (is_array($this->permissions)) {
|
||||||
$this->permissions = json_encode($this->permissions);
|
$this->permissions = json_encode($this->permissions);
|
||||||
}
|
}
|
||||||
|
|
||||||
$permissions = json_decode($this->permissions ?? '{}', JSON_OBJECT_AS_ARRAY);
|
$permissions = json_decode($this->permissions ?? '{}', JSON_OBJECT_AS_ARRAY);
|
||||||
|
|
||||||
// If there are no permissions, return an empty array
|
|
||||||
if (!$permissions) {
|
|
||||||
return [];
|
|
||||||
}
|
|
||||||
|
|
||||||
// Otherwise, loop through the permissions and cast the values as integers
|
// Otherwise, loop through the permissions and cast the values as integers
|
||||||
foreach ($permissions as $permission => $value) {
|
if ((is_array($permissions)) && ($permissions)) {
|
||||||
$permissions[$permission] = (int) $value;
|
foreach ($permissions as $permission => $value) {
|
||||||
|
|
||||||
|
if (!is_integer($permission)) {
|
||||||
|
$permissions[$permission] = (int) $value;
|
||||||
|
} else {
|
||||||
|
\Log::info('Weird data here - skipping it');
|
||||||
|
unset($permissions[$permission]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $permissions ?: new \stdClass;
|
||||||
}
|
}
|
||||||
|
return new \stdClass;
|
||||||
|
|
||||||
|
|
||||||
return $permissions;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -746,24 +746,36 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Decode JSON permissions into array
|
||||||
|
*
|
||||||
|
* @author A. Gianotto <snipe@snipe.net>
|
||||||
|
* @since [v1.0]
|
||||||
|
* @return array | \stdClass
|
||||||
|
*/
|
||||||
public function decodePermissions()
|
public function decodePermissions()
|
||||||
{
|
{
|
||||||
// Set default to empty JSON if the value is null
|
// Set default to empty JSON if the value is null
|
||||||
|
if (is_array($this->permissions)) {
|
||||||
|
$this->permissions = json_encode($this->permissions);
|
||||||
|
}
|
||||||
|
|
||||||
$permissions = json_decode($this->permissions ?? '{}', JSON_OBJECT_AS_ARRAY);
|
$permissions = json_decode($this->permissions ?? '{}', JSON_OBJECT_AS_ARRAY);
|
||||||
|
|
||||||
// If there are no permissions, return an empty array
|
|
||||||
if (!$permissions) {
|
|
||||||
return [];
|
|
||||||
}
|
|
||||||
|
|
||||||
// Otherwise, loop through the permissions and cast the values as integers
|
// Otherwise, loop through the permissions and cast the values as integers
|
||||||
foreach ($permissions as $permission => $value) {
|
if ((is_array($permissions)) && ($permissions)) {
|
||||||
$permissions[$permission] = (int) $value;
|
foreach ($permissions as $permission => $value) {
|
||||||
|
|
||||||
|
if (!is_integer($permission)) {
|
||||||
|
$permissions[$permission] = (int) $value;
|
||||||
|
} else {
|
||||||
|
\Log::info('Weird data here - skipping it');
|
||||||
|
unset($permissions[$permission]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $permissions ?: new \stdClass;
|
||||||
}
|
}
|
||||||
|
return new \stdClass;
|
||||||
|
|
||||||
return $permissions;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue