HOR-4829
This commit is contained in:
Roly Rudy Gutierrez Pinto
@@ -22,6 +22,7 @@ return [
|
||||
'pptx' => 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
|
||||
'pm' => 'text/plain',
|
||||
'pmt' => 'text/plain',
|
||||
'pmx' => 'application/xml',
|
||||
'po' => 'text/x-po',
|
||||
'pdf' => 'application/pdf',
|
||||
'png' => 'image/png',
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
*/
|
||||
|
||||
use ProcessMaker\Core\System;
|
||||
use ProcessMaker\Validation\Exception429;
|
||||
use ProcessMaker\Validation\ExceptionRestApi;
|
||||
use ProcessMaker\Validation\ValidationUploadedFiles;
|
||||
|
||||
header("Content-type: text/html;charset=utf-8");
|
||||
@@ -726,7 +726,7 @@ class pmTablesProxy extends HttpProxyController
|
||||
|
||||
try {
|
||||
ValidationUploadedFiles::getValidationUploadedFiles()->dispach(function($validator) {
|
||||
throw new Exception429($validator->getMessage());
|
||||
throw new ExceptionRestApi($validator->getMessage());
|
||||
});
|
||||
$result = new stdClass();
|
||||
$errors = '';
|
||||
@@ -896,7 +896,7 @@ class pmTablesProxy extends HttpProxyController
|
||||
}
|
||||
|
||||
$result->message = $msg;
|
||||
} catch (Exception429 $e) {
|
||||
} catch (ExceptionRestApi $e) {
|
||||
$result = new stdClass();
|
||||
$result->success = false;
|
||||
$result->errorType = 'notice';
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
use ProcessMaker\Core\System;
|
||||
use ProcessMaker\Plugins\PluginRegistry;
|
||||
use ProcessMaker\Validation\Exception429;
|
||||
use ProcessMaker\Validation\ExceptionRestApi;
|
||||
use ProcessMaker\Validation\ValidationUploadedFiles;
|
||||
|
||||
function runBgProcessmaker($task, $log)
|
||||
@@ -19,7 +19,7 @@ function runBgProcessmaker($task, $log)
|
||||
|
||||
try {
|
||||
ValidationUploadedFiles::getValidationUploadedFiles()->dispach(function($validator) {
|
||||
throw new Exception429($validator->getMessage());
|
||||
throw new ExceptionRestApi($validator->getMessage());
|
||||
});
|
||||
if (isset($_REQUEST["action"])) {
|
||||
$action = $_REQUEST["action"];
|
||||
@@ -317,7 +317,7 @@ try {
|
||||
$result["addons"] = array();
|
||||
}
|
||||
G::outRes(G::json_encode($result));
|
||||
} catch (Exception429 $e) {
|
||||
} catch (ExceptionRestApi $e) {
|
||||
$token = strtotime("now");
|
||||
PMException::registerErrorLog($e, $token);
|
||||
G::outRes(
|
||||
|
||||
@@ -32,6 +32,8 @@ use ProcessMaker\Core\RoutingScreen;
|
||||
use ProcessMaker\Core\System;
|
||||
use ProcessMaker\Services\Api\Project\Activity\Step as ActivityStep;
|
||||
use ProcessMaker\Util\DateTime;
|
||||
use ProcessMaker\Validation\ExceptionRestApi;
|
||||
use ProcessMaker\Validation\Validator;
|
||||
use ProcessPeer;
|
||||
use Propel;
|
||||
use RBAC;
|
||||
@@ -1061,7 +1063,7 @@ class Light
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
public function documentUploadFiles($userUid, $app_uid, $app_doc_uid, $request_data)
|
||||
public function documentUploadFiles($userUid, $app_uid, $app_doc_uid)
|
||||
{
|
||||
$response = array("status" => "fail");
|
||||
if (isset($_FILES["form"]["name"]) && count($_FILES["form"]["name"]) > 0) {
|
||||
@@ -1097,6 +1099,58 @@ class Light
|
||||
}
|
||||
}
|
||||
if (count($arrayField) > 0) {
|
||||
//rule validation
|
||||
$appDocument = new AppDocument();
|
||||
$appDocument->load($app_doc_uid);
|
||||
$inputDocument = new InputDocument();
|
||||
$ifInputExist = $inputDocument->InputExists($appDocument->getDocUid());
|
||||
if ($ifInputExist) {
|
||||
$inputProperties = $inputDocument->load($appDocument->getDocUid());
|
||||
$inpDocTypeFile = $inputProperties['INP_DOC_TYPE_FILE'];
|
||||
$inpDocMaxFilesize = (int) $inputProperties["INP_DOC_MAX_FILESIZE"];
|
||||
$inpDocMaxFilesizeUnit = $inputProperties["INP_DOC_MAX_FILESIZE_UNIT"];
|
||||
}
|
||||
|
||||
for ($i = 0; $ifInputExist && $i < count($arrayField); $i++) {
|
||||
$file = [
|
||||
'filename' => $arrayFileName[$i],
|
||||
'path' => $arrayFileTmpName[$i]
|
||||
];
|
||||
$validator = new Validator();
|
||||
//rule: extension
|
||||
$validator->addRule()
|
||||
->validate($file, function($file) use($inpDocTypeFile) {
|
||||
$result = G::verifyInputDocExtension($inpDocTypeFile, $file->filename, $file->path);
|
||||
return $result->status === false;
|
||||
})
|
||||
->status(415)
|
||||
->message(G::LoadTranslation('ID_UPLOAD_ERR_NOT_ALLOWED_EXTENSION'))
|
||||
->log(function($rule) {
|
||||
Bootstrap::registerMonologPhpUploadExecution('phpUpload', 250, $rule->getMessage(), $rule->getData()->filename);
|
||||
});
|
||||
|
||||
//rule: maximum file size
|
||||
$validator->addRule()
|
||||
->validate($file, function($file) use($inpDocMaxFilesize, $inpDocMaxFilesizeUnit) {
|
||||
if ($inpDocMaxFilesize > 0) {
|
||||
$totalMaxFileSize = $inpDocMaxFilesize * ($inpDocMaxFilesizeUnit == "MB" ? 1024 * 1024 : 1024);
|
||||
$fileSize = filesize($file->path);
|
||||
if ($fileSize > $totalMaxFileSize) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
})
|
||||
->status(413)
|
||||
->message(G::LoadTranslation("ID_SIZE_VERY_LARGE_PERMITTED"))
|
||||
->log(function($rule) {
|
||||
Bootstrap::registerMonologPhpUploadExecution('phpUpload', 250, $rule->getMessage(), $rule->getData()->filename);
|
||||
});
|
||||
$validator->validate();
|
||||
if ($validator->fails()) {
|
||||
throw new ExceptionRestApi($validator->getMessage(), $validator->getStatus());
|
||||
}
|
||||
}
|
||||
for ($i = 0; $i <= count($arrayField) - 1; $i++) {
|
||||
if ($arrayFileError[$i] == 0) {
|
||||
$indocUid = null;
|
||||
|
||||
@@ -23,7 +23,7 @@ use ProcessMaker\Project\Adapter;
|
||||
use ProcessMaker\Services\Api;
|
||||
use ProcessMaker\Services\Api\Project\Activity\Step;
|
||||
use ProcessMaker\Util\DateTime;
|
||||
use ProcessMaker\Validation\Exception429;
|
||||
use ProcessMaker\Validation\ExceptionRestApi;
|
||||
use RBAC;
|
||||
use stdclass;
|
||||
use StepPeer;
|
||||
@@ -1467,8 +1467,8 @@ class Light extends Api
|
||||
$userUid = $this->getUserId();
|
||||
$oMobile = new BusinessModelLight();
|
||||
$filesUids = $oMobile->postUidUploadFiles($userUid, $app_uid, $request_data);
|
||||
} catch (Exception429 $e) {
|
||||
throw new RestException($e->getStatus());
|
||||
} catch (ExceptionRestApi $e) {
|
||||
throw new RestException($e->getCode(), $e->getMessage());
|
||||
} catch (Exception $e) {
|
||||
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
|
||||
}
|
||||
@@ -1502,9 +1502,9 @@ class Light extends Api
|
||||
try {
|
||||
$userUid = $this->getUserId();
|
||||
$oMobile = new BusinessModelLight();
|
||||
$response = $oMobile->documentUploadFiles($userUid, $app_uid, $app_doc_uid, $request_data);
|
||||
} catch (Exception429 $e) {
|
||||
throw new RestException($e->getStatus());
|
||||
$response = $oMobile->documentUploadFiles($userUid, $app_uid, $app_doc_uid);
|
||||
} catch (ExceptionRestApi $e) {
|
||||
throw new RestException($e->getCode(), $e->getMessage());
|
||||
} catch (Exception $e) {
|
||||
throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
|
||||
}
|
||||
|
||||
@@ -5,7 +5,7 @@ use Exception;
|
||||
use Luracast\Restler\RestException;
|
||||
use ProcessMaker\BusinessModel\FilesManager as FilesManagerBusinessModel;
|
||||
use ProcessMaker\Services\Api;
|
||||
use ProcessMaker\Validation\Exception429;
|
||||
use ProcessMaker\Validation\ExceptionRestApi;
|
||||
|
||||
/**
|
||||
* Project\ProjectUsers Api Controller
|
||||
@@ -64,8 +64,8 @@ class FilesManager extends Api
|
||||
$arrayData = $filesManager->addProcessFilesManager($prj_uid, $userUid, $request_data);
|
||||
//Response
|
||||
$response = $arrayData;
|
||||
} catch (Exception429 $e) {
|
||||
throw new RestException($e->getStatus());
|
||||
} catch (ExceptionRestApi $e) {
|
||||
throw new RestException($e->getCode(), $e->getMessage());
|
||||
} catch (Exception $e) {
|
||||
//response
|
||||
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
|
||||
@@ -94,8 +94,8 @@ class FilesManager extends Api
|
||||
$sData = $filesManager->uploadProcessFilesManager($prj_uid, $prf_uid);
|
||||
//Response
|
||||
$response = $sData;
|
||||
} catch (Exception429 $e) {
|
||||
throw new RestException($e->getStatus());
|
||||
} catch (ExceptionRestApi $e) {
|
||||
throw new RestException($e->getCode(), $e->getMessage());
|
||||
} catch (Exception $e) {
|
||||
//response
|
||||
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace ProcessMaker\Validation;
|
||||
|
||||
use Exception;
|
||||
|
||||
class Exception429 extends Exception
|
||||
{
|
||||
/**
|
||||
* Status code: too many requests.
|
||||
* @var int
|
||||
*/
|
||||
private $status = 429;
|
||||
|
||||
/**
|
||||
* Get status code.
|
||||
* @return int
|
||||
*/
|
||||
function getStatus()
|
||||
{
|
||||
return $this->status;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,10 @@
|
||||
<?php
|
||||
|
||||
namespace ProcessMaker\Validation;
|
||||
|
||||
use Exception;
|
||||
|
||||
class ExceptionRestApi extends Exception
|
||||
{
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user