jjimenez/safekat
1
0
Fork 0
mirror of https://git.imnavajas.es/jjimenez/safekat.git synced 2025-07-25 22:52:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implementado control de permiso de borrado

Browse Source
This commit is contained in:
Ignacio Martinez Navajas
2025-07-19 21:54:09 +02:00
parent 1d7f2e044f
commit e3c4cf48ed
21 changed files with 57 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
ci4/app/Controllers/BaseResourceController.php
View File

@ -77,6 +77,14 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
*/
public $alertStyle = 'alerts';
/**
* Permiso requerido para borrar. Si es false/null, no se valida.
* Si es un string (nombre del permiso), se valida.
*
* @var string|false|null
*/
protected $deletePermission = false;
/**
* An array of helpers to be loaded automatically upon
@ -222,6 +230,13 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
*/
public function delete($id = null)
{
// 🔒 Verificar permiso solo si está definido como string
if (is_string($this->deletePermission) && !auth()->user()->can($this->deletePermission)) {
$message = lang('Basic.global.permissionDenied'); // O el mensaje que uses
return $this->failWithNewToken($message, 403); // Estilo coherente con tu clase
}
if (!empty(static::$pluralObjectNameCc) && !empty(static::$singularObjectNameCc)) {
$objName = mb_strtolower(lang(ucfirst(static::$pluralObjectNameCc) . '.' . static::$singularObjectNameCc));
} else {
@ -236,8 +251,10 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
} else {
$datetime = (new \CodeIgniter\I18n\Time("now"));
$rawResult = $this->model->where('id', $id)
->set(['deleted_at' => $datetime->format('Y-m-d H:i:s'),
'is_deleted' => $this->delete_flag])
->set([
'deleted_at' => $datetime->format('Y-m-d H:i:s'),
'is_deleted' => $this->delete_flag
])
->update();
if (!$rawResult) {
return $this->failNotFound(lang('Basic.global.deleteError', [$objName]));
@ -270,7 +287,8 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
}
if ($customValidationMessages == null) {
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;;
$validationErrorMessages = $this->model->validationMessages ?? $this->formValidationErrorMessagess ?? null;
;
} else {
$validationErrorMessages = $customValidationMessages;
}
@ -366,12 +384,12 @@ abstract class BaseResourceController extends \CodeIgniter\RESTful\ResourceContr
$queryStr = !is_null($query) ? $query->getQuery() : '';
$dbError = $this->model->db->error();
$userFriendlyErrMsg = lang('Basic.global.persistErr1', [static::$singularObjectNameCc]);
if (isset($dbError['code']) && $dbError['code'] == 1062) :
if (isset($dbError['code']) && $dbError['code'] == 1062):
$userFriendlyErrMsg .= PHP_EOL . lang('Basic.global.persistDuplErr', [static::$singularObjectNameCc]);
endif;
// $userFriendlyErrMsg = str_replace("'", "\'", $userFriendlyErrMsg); // Uncomment if experiencing unescaped single quote errors
log_message('error', $userFriendlyErrMsg . PHP_EOL . $e->getMessage() . PHP_EOL . $queryStr);
if (isset($dbError['message']) && !empty($dbError['message'])) :
if (isset($dbError['message']) && !empty($dbError['message'])):
log_message('error', $dbError['code'] . ' : ' . $dbError['message']);
endif;
$this->viewData['errorMessage'] = $userFriendlyErrMsg;