From 8d4c60da546904f23ed4ebd1ea6f7f0529ecbb05 Mon Sep 17 00:00:00 2001 From: Ryuji AMANO Date: Sun, 27 Nov 2022 14:52:58 +0900 Subject: [PATCH 1/2] fix: edit problem --- Controller/CircularNoticesController.php | 6 ++++++ Test/Case/Controller/CircularNoticesController/EditTest.php | 4 +++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Controller/CircularNoticesController.php b/Controller/CircularNoticesController.php index 176c647..42e0a3c 100644 --- a/Controller/CircularNoticesController.php +++ b/Controller/CircularNoticesController.php @@ -355,10 +355,16 @@ public function edit() { $key = $this->request->params['key']; $content = $this->CircularNoticeContent->getCircularNoticeContent($key, $userId); + // フレームから取得したCircularNoticeSetting.keyとコンテンツのcircularnotice_setting_keyが一致しない場合はBadRequest if (! $content) { return $this->throwBadRequest(); } + $settingKey = $this->viewVars['circularNoticeSetting']['CircularNoticeSetting']['key'] ?? null; + if ($content['CircularNoticeContent']['circular_notice_setting_key'] !== $settingKey) { + return $this->throwBadRequest(); + } + if ($this->CircularNoticeContent->canEditWorkflowContent($content) === false) { return $this->throwBadRequest(); } diff --git a/Test/Case/Controller/CircularNoticesController/EditTest.php b/Test/Case/Controller/CircularNoticesController/EditTest.php index 5c48253..0f52d19 100644 --- a/Test/Case/Controller/CircularNoticesController/EditTest.php +++ b/Test/Case/Controller/CircularNoticesController/EditTest.php @@ -93,6 +93,7 @@ public function dataProviderEdit() { $results[0] = array( 'urlOptions' => Hash::insert($data, 'frame_id', ''), 'assert' => null, + 'exception' => 'BadRequestException' ); $results[1] = array( 'urlOptions' => Hash::insert($data, 'key', 'A'), @@ -105,7 +106,8 @@ public function dataProviderEdit() { ); $results[3] = array( 'urlOptions' => Hash::insert($data, 'key', 'circular_notice_content_4'), - 'assert' => array('method' => 'assertNotEmpty'), + 'assert' => null, + 'exception' => 'BadRequestException' ); return $results; From eb801d15e9a4288c652e76b7117444cb2be6d462 Mon Sep 17 00:00:00 2001 From: Ryuji AMANO Date: Sun, 27 Nov 2022 16:28:44 +0900 Subject: [PATCH 2/2] =?UTF-8?q?comment:=20phpmd=E6=8A=91=E6=AD=A2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Controller/CircularNoticesController.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Controller/CircularNoticesController.php b/Controller/CircularNoticesController.php index 42e0a3c..f7f9b8a 100644 --- a/Controller/CircularNoticesController.php +++ b/Controller/CircularNoticesController.php @@ -347,6 +347,7 @@ public function add() { * edit action * * @return void + * @SuppressWarnings(PHPMD.CyclomaticComplexity) */ public function edit() { $userId = Current::read('User.id'); @@ -355,11 +356,11 @@ public function edit() { $key = $this->request->params['key']; $content = $this->CircularNoticeContent->getCircularNoticeContent($key, $userId); - // フレームから取得したCircularNoticeSetting.keyとコンテンツのcircularnotice_setting_keyが一致しない場合はBadRequest if (! $content) { return $this->throwBadRequest(); } + // フレームから取得したCircularNoticeSetting.keyとコンテンツのcircular_notice_setting_keyが一致しない場合はBadRequest $settingKey = $this->viewVars['circularNoticeSetting']['CircularNoticeSetting']['key'] ?? null; if ($content['CircularNoticeContent']['circular_notice_setting_key'] !== $settingKey) { return $this->throwBadRequest();