sdsd
This commit is contained in:
@@ -1863,6 +1863,7 @@ class ApiKernel
|
||||
private function getCustomerSettings(int $customerId): array
|
||||
{
|
||||
if ($customerId <= 0) return [];
|
||||
$this->ensureCustomerSettingsTableExists();
|
||||
$table = $this->customerSettingsTable();
|
||||
$stmt = $this->pdo->prepare("SELECT * FROM `$table` WHERE `customer_id` = :id LIMIT 1");
|
||||
$stmt->execute([':id' => $customerId]);
|
||||
@@ -1873,6 +1874,7 @@ class ApiKernel
|
||||
private function saveCustomerSettings(int $customerId, array $data): array
|
||||
{
|
||||
if ($customerId <= 0) return [];
|
||||
$this->ensureCustomerSettingsTableExists();
|
||||
$allowed = ['bridge_url', 'bridge_token', 'sender_token', 'external_api_token', 'bridge_tables'];
|
||||
$fields = array_intersect_key($data, array_flip($allowed));
|
||||
if (!$fields) return $this->getCustomerSettings($customerId);
|
||||
@@ -1990,6 +1992,29 @@ class ApiKernel
|
||||
return 'emailtemplate_customer_settings';
|
||||
}
|
||||
|
||||
private function ensureCustomerSettingsTableExists(): void
|
||||
{
|
||||
$table = $this->customerSettingsTable();
|
||||
if ($this->tableExists($table)) {
|
||||
return;
|
||||
}
|
||||
$sql = <<<SQL
|
||||
CREATE TABLE IF NOT EXISTS `$table` (
|
||||
`customer_id` int(10) unsigned NOT NULL,
|
||||
`bridge_url` varchar(500) DEFAULT NULL,
|
||||
`bridge_token` varchar(255) DEFAULT NULL,
|
||||
`sender_token` varchar(255) DEFAULT NULL,
|
||||
`external_api_token` varchar(255) DEFAULT NULL,
|
||||
`bridge_tables` text DEFAULT NULL,
|
||||
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
`updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
||||
PRIMARY KEY (`customer_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci
|
||||
SQL;
|
||||
$this->pdo->exec($sql);
|
||||
$this->tableExistsCache[$table] = true;
|
||||
}
|
||||
|
||||
private function generateToken(int $length = 48): string
|
||||
{
|
||||
return rtrim(strtr(base64_encode(random_bytes($length)), '+/', '-_'), '=');
|
||||
@@ -2215,13 +2240,14 @@ class ApiKernel
|
||||
return password_hash($password, PASSWORD_DEFAULT);
|
||||
}
|
||||
|
||||
private function ensureOwner(array $user): void
|
||||
private function ensureOwner(array &$user): void
|
||||
{
|
||||
$this->ensureRole($user, ['owner']);
|
||||
}
|
||||
|
||||
private function ensureRole(array $user, array $roles): void
|
||||
private function ensureRole(array &$user, array $roles): void
|
||||
{
|
||||
$user = $this->ensureAuthUserHydrated($user);
|
||||
$role = strtolower((string)($user['role'] ?? ''));
|
||||
$allowed = array_values(array_unique(array_map('strtolower', $roles)));
|
||||
if (!in_array($role, $allowed, true)) {
|
||||
|
||||
Reference in New Issue
Block a user