Skip to content

Commit 5b86cd5

Browse files
smarcetsmarcet
committed
fix: data permissions issues
1 parent fc686ac commit 5b86cd5

3 files changed

Lines changed: 82 additions & 62 deletions

File tree

app/ModelSerializers/PublicMemberSerializer.php

Lines changed: 19 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -18,21 +18,13 @@
1818
*/
1919
final class PublicMemberSerializer extends AbstractMemberSerializer
2020
{
21+
2122
/**
22-
* @param null $expand
23-
* @param array $fields
24-
* @param array $relations
25-
* @param array $params
23+
* @param Member $member
24+
* @param array $values
2625
* @return array
2726
*/
28-
public function serialize($expand = null, array $fields = [], array $relations = [], array $params = [])
29-
{
30-
$member = $this->object;
31-
if(!$member instanceof Member) return [];
32-
$values = parent::serialize($expand, $fields, $relations, $params);
33-
34-
// permissions check
35-
27+
protected function checkDataPermissions(Member $member, array $values):array{
3628
if(!$member->isPublicProfileShowBio())
3729
{
3830
unset($values['bio']);
@@ -61,6 +53,20 @@ public function serialize($expand = null, array $fields = [], array $relations =
6153
unset($values['last_name']);
6254
}
6355

64-
return $values;
56+
}
57+
/**
58+
* @param null $expand
59+
* @param array $fields
60+
* @param array $relations
61+
* @param array $params
62+
* @return array
63+
*/
64+
public function serialize($expand = null, array $fields = [], array $relations = [], array $params = [])
65+
{
66+
$member = $this->object;
67+
if(!$member instanceof Member) return [];
68+
$values = parent::serialize($expand, $fields, $relations, $params);
69+
70+
return $this->checkDataPermissions($member, $values);
6571
}
6672
}

app/ModelSerializers/Summit/Speakers/AdminPresentationSpeakerSerializer.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,11 @@ final class AdminPresentationSpeakerSerializer extends PresentationSpeakerSerial
3434
'summit_assistance',
3535
'registration_code',
3636
];
37+
38+
protected function checkDataPermissions(PresentationSpeaker $speaker, array $values):array{
39+
return $values;
40+
}
41+
3742

3843
protected function getMemberSerializerType():string{
3944
return SerializerRegistry::SerializerType_Admin;

app/ModelSerializers/Summit/Speakers/PresentationSpeakerSerializer.php

Lines changed: 58 additions & 49 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,63 @@ protected function getMemberSerializerType():string {
4242
return SerializerRegistry::SerializerType_Public;
4343
}
4444

45+
/**
46+
* @param PresentationSpeaker $speaker
47+
* @param array $values
48+
* @return array
49+
*/
50+
protected function checkDataPermissions(PresentationSpeaker $speaker, array $values):array{
51+
// permissions check
52+
53+
if(!$speaker->isPublicProfileShowBio())
54+
{
55+
unset($values['bio']);
56+
unset($values['gender']);
57+
unset($values['company']);
58+
unset($values['state']);
59+
unset($values['country']);
60+
unset($values['title']);
61+
unset($values['affiliations']);
62+
unset($values['languages']);
63+
unset($values['other_presentation_links']);
64+
unset($values['areas_of_expertise']);
65+
unset($values['travel_preferences']);
66+
unset($values['active_involvements']);
67+
unset($values['organizational_roles']);
68+
unset($values['badge_features']);
69+
}
70+
71+
if(!$speaker->isPublicProfileShowEmail())
72+
{
73+
unset($values['email']);
74+
}
75+
76+
if(!$speaker->isPublicProfileShowSocialMediaInfo())
77+
{
78+
unset($values['irc']);
79+
unset($values['twitter']);
80+
}
81+
82+
if(!$speaker->isPublicProfileShowPhoto())
83+
{
84+
unset($values['pic']);
85+
unset($values['big_pic']);
86+
}
87+
88+
if(!$speaker->isPublicProfileShowFullname())
89+
{
90+
unset($values['first_name']);
91+
unset($values['last_name']);
92+
}
93+
94+
if(!$speaker->isPublicProfileShowTelephoneNumber())
95+
{
96+
unset($values['phone_number']);
97+
}
98+
99+
return $values;
100+
}
101+
45102
/**
46103
* @param null $expand
47104
* @param array $fields
@@ -318,54 +375,6 @@ public function serialize($expand = null, array $fields = [], array $relations =
318375
}
319376
}
320377

321-
// permissions check
322-
323-
if(!$speaker->isPublicProfileShowBio())
324-
{
325-
unset($values['bio']);
326-
unset($values['gender']);
327-
unset($values['company']);
328-
unset($values['state']);
329-
unset($values['country']);
330-
unset($values['title']);
331-
unset($values['affiliations']);
332-
unset($values['languages']);
333-
unset($values['other_presentation_links']);
334-
unset($values['areas_of_expertise']);
335-
unset($values['travel_preferences']);
336-
unset($values['active_involvements']);
337-
unset($values['organizational_roles']);
338-
unset($values['badge_features']);
339-
}
340-
341-
if(!$speaker->isPublicProfileShowEmail())
342-
{
343-
unset($values['email']);
344-
}
345-
346-
if(!$speaker->isPublicProfileShowSocialMediaInfo())
347-
{
348-
unset($values['irc']);
349-
unset($values['twitter']);
350-
}
351-
352-
if(!$speaker->isPublicProfileShowPhoto())
353-
{
354-
unset($values['pic']);
355-
unset($values['big_pic']);
356-
}
357-
358-
if(!$speaker->isPublicProfileShowFullname())
359-
{
360-
unset($values['first_name']);
361-
unset($values['last_name']);
362-
}
363-
364-
if(!$speaker->isPublicProfileShowTelephoneNumber())
365-
{
366-
unset($values['phone_number']);
367-
}
368-
369-
return $values;
378+
return $this->checkDataPermissions($speaker, $values);
370379
}
371380
}

0 commit comments

Comments
 (0)