maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

corrected Backups.listingCount() for admins/reseller/customers accordingly to listing(); minor fixes

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2023-06-08 17:30:12 +02:00
parent a2fca3fe69
commit f9f1048477
1 changed files with 54 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
lib/Froxlor/Api/Commands/Backups.php
View File

@@ -30,12 +30,6 @@ use Froxlor\Api\ApiCommand;
use Froxlor\Api\ResourceEntity; use Froxlor\Api\ResourceEntity;
use Froxlor\Database\Database; use Froxlor\Database\Database;
use Froxlor\FroxlorLogger; use Froxlor\FroxlorLogger;
use Froxlor\Idna\IdnaWrapper;
use Froxlor\Settings;
use Froxlor\System\Crypt;
use Froxlor\UI\Response;
use Froxlor\User;
use Froxlor\Validate\Validate;
use PDO; use PDO;
/** /**
@@ -97,11 +91,11 @@ class Backups extends ApiCommand implements ResourceEntity
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backups"); $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backups");
$query_fields = []; $query_fields = [];
$result_stmt = Database::prepare(" $result_stmt = Database::prepare("
SELECT `b`.*, `a`.`loginname` as `adminname` SELECT `b`.*, `a`.`loginname` as `adminname`
FROM `" . TABLE_PANEL_BACKUPS . "` `b` FROM `" . TABLE_PANEL_BACKUPS . "` `b`
LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`) LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`)
WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ") WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ")
"); ");
Database::pexecute($result_stmt, $query_fields, true, true); Database::pexecute($result_stmt, $query_fields, true, true);
$result = []; $result = [];
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -111,8 +105,6 @@ class Backups extends ApiCommand implements ResourceEntity
'count' => count($result), 'count' => count($result),
'list' => $result 'list' => $result
]); ]);
throw new Exception("Not allowed to execute given command.", 403);
} }
/** /**
@@ -125,77 +117,94 @@ class Backups extends ApiCommand implements ResourceEntity
public function listingCount() public function listingCount()
{ {
if ($this->isAdmin()) { if ($this->isAdmin()) {
$result_stmt = Database::prepare(" // if we're an admin, list all backups of all the admins customers
SELECT COUNT(*) as num_backups // or optionally for one specific customer identified by id or loginname
FROM `" . TABLE_PANEL_BACKUPS . "` $customerid = $this->getParam('customerid', true, 0);
"); $loginname = $this->getParam('loginname', true, '');
$result = Database::pexecute_first($result_stmt, null, true, true);
if ($result) { if (!empty($customerid) || !empty($loginname)) {
return $this->response($result['num_backups']); $result = $this->apiCall('Customers.get', [
'id' => $customerid,
'loginname' => $loginname
]);
$custom_list_result = [
$result
];
} else {
$_custom_list_result = $this->apiCall('Customers.listing');
$custom_list_result = $_custom_list_result['list'];
} }
$this->response(0); $customer_ids = [];
foreach ($custom_list_result as $customer) {
$customer_ids[] = $customer['customerid'];
}
if (empty($customer_ids)) {
throw new Exception("Required resource unsatisfied.", 405);
}
} else {
$customer_ids = [
$this->getUserDetail('customerid')
];
} }
throw new Exception("Not allowed to execute given command.", 403); $result_stmt = Database::prepare("
SELECT COUNT(*) as num_backups
FROM `" . TABLE_PANEL_BACKUPS . "` `b`
WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ")
");
$result = Database::pexecute_first($result_stmt, null, true, true);
if ($result) {
return $this->response($result['num_backups']);
}
$this->response(0);
} }
/** /**
* create a new admin user * You cannot add a backup entry
* *
* @param string $name
*
* @access admin
* @return string json-encoded array
* @throws Exception * @throws Exception
*/ */
public function add() public function add()
{ {
throw new Exception("Not allowed to execute given command.", 403); throw new Exception('You cannot add a backup entry', 303);
} }
/** /**
* return an admin entry by either id or loginname * return a backup entry by id
* *
* @param int $id * @param int $id
* optional, the admin-id * optional, the backup-entry-id
* @param string $loginname
* optional, the loginname
* *
* @access admin * @access admin, customers
* @return string json-encoded array * @return string json-encoded array
* @throws Exception * @throws Exception
*/ */
public function get() public function get()
{ {
throw new Exception("Not allowed to execute given command.", 403); throw new Exception("@TODO", 303);
} }
/** /**
* update an admin user by given id or loginname * You cannot update a backup entry
* *
* @param int $id
* required, the admin-id
*
* @access admin
* @return string json-encoded array
* @throws Exception * @throws Exception
*/ */
public function update() public function update()
{ {
throw new Exception("Not allowed to execute given command.", 403); throw new Exception('You cannot update a backup entry', 303);
} }
/** /**
* delete a admin entry by either id or loginname * delete a backup entry by id
* *
* @param int $id * @param int $id
* required, the admin-id * required, the backup-entry-id
* *
* @access admin * @access admin, customer
* @return string json-encoded array * @return string json-encoded array
* @throws Exception * @throws Exception
*/ */
public function delete() public function delete()
{ {
throw new Exception("Not allowed to execute given command.", 403); throw new Exception("@TODO", 303);
} }
} }