Don't allow access if user has already taken part
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
This commit is contained in:
Marcel Klehr
parent
2e3be4d460
commit
c03647a1c4
|
|
@ -438,6 +438,7 @@ class ApiController extends Controller {
|
|||
$newEvent->setDescription($event['description']);
|
||||
|
||||
$newEvent->setIsAnonymous($event['isAnonymous']);
|
||||
$newEvent->setUnique($event['unique']);
|
||||
|
||||
if ($event['access'] === 'select') {
|
||||
$shareAccess = '';
|
||||
|
|
|
|||
|
|
@ -527,6 +527,13 @@ class PageController extends Controller {
|
|||
return false;
|
||||
}
|
||||
if ($access === 'registered') {
|
||||
if ($form->getUnique()) {
|
||||
$participants = $this->voteMapper->findParticipantsByForm($form->getId());
|
||||
foreach($participants as $participant) {
|
||||
// Don't allow access if user has already taken part
|
||||
if ($participant->getUserId() === $this->userId) return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
if ($owner === $this->userId) {
|
||||
|
|
|
|||
|
|
@ -45,6 +45,8 @@ use OCP\AppFramework\Db\Entity;
|
|||
* @method void setHash(string $value)
|
||||
* @method integer getIsAnonymous()
|
||||
* @method void setIsAnonymous(integer $value)
|
||||
* @method integer getUnique()
|
||||
* @method void setUnique(boolean $value)
|
||||
*/
|
||||
class Event extends Entity {
|
||||
protected $title;
|
||||
|
|
@ -57,6 +59,7 @@ class Event extends Entity {
|
|||
protected $isAnonymous;
|
||||
protected $fullAnonymous;
|
||||
protected $allowMaybe;
|
||||
protected $unique;
|
||||
|
||||
/**
|
||||
* Event constructor.
|
||||
|
|
@ -91,6 +94,7 @@ class Event extends Entity {
|
|||
'expired' => $expired,
|
||||
'expirationDate' => $this->getExpire(),
|
||||
'isAnonymous' => $this->getIsAnonymous(),
|
||||
'unique' => $this->getUnique()
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
77
lib/Migration/Version0010Date20190000000007.php
Normal file
77
lib/Migration/Version0010Date20190000000007.php
Normal file
|
|
@ -0,0 +1,77 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2017 René Gieling <github@dartcafe.de>
|
||||
*
|
||||
* @author Marcel Klehr <mklehr@gmx.net>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\Forms\Migration;
|
||||
|
||||
use Doctrine\DBAL\Exception\TableNotFoundException;
|
||||
use Doctrine\DBAL\Platforms\PostgreSqlPlatform;
|
||||
use Doctrine\DBAL\Types\Type;
|
||||
use OCP\DB\ISchemaWrapper;
|
||||
use OCP\DB\QueryBuilder\IQueryBuilder;
|
||||
use OCP\IConfig;
|
||||
use OCP\IDBConnection;
|
||||
use OCP\Migration\SimpleMigrationStep;
|
||||
use OCP\Migration\IOutput;
|
||||
|
||||
/**
|
||||
* Installation class for the forms app.
|
||||
* Initial db creation
|
||||
*/
|
||||
class Version0010Date20190000000007 extends SimpleMigrationStep {
|
||||
|
||||
/** @var IDBConnection */
|
||||
protected $connection;
|
||||
|
||||
/** @var IConfig */
|
||||
protected $config;
|
||||
|
||||
/**
|
||||
* @param IDBConnection $connection
|
||||
* @param IConfig $config
|
||||
*/
|
||||
public function __construct(IDBConnection $connection, IConfig $config) {
|
||||
$this->connection = $connection;
|
||||
$this->config = $config;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param IOutput $output
|
||||
* @param \Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper`
|
||||
* @param array $options
|
||||
* @return null|ISchemaWrapper
|
||||
* @since 13.0.0
|
||||
*/
|
||||
public function changeSchema(IOutput $output, \Closure $schemaClosure, array $options) {
|
||||
/** @var ISchemaWrapper $schema */
|
||||
$schema = $schemaClosure();
|
||||
|
||||
if ($schema->hasTable('forms_events')) {
|
||||
$schema->getTable('forms_events')->addColumn('unique', Type::INTEGER, [
|
||||
'notnull' => false,
|
||||
'default' => 0,
|
||||
]);
|
||||
} else {
|
||||
}
|
||||
return $schema;
|
||||
}
|
||||
}
|
||||
|
|
@ -126,6 +126,13 @@
|
|||
{{ t('forms', 'Anonymous form') }}
|
||||
</label>
|
||||
|
||||
<input id="unique" v-model="form.event.unique" :disabled="form.event.access !== 'registered' || form.event.isAnonymous"
|
||||
type="checkbox" class="checkbox"
|
||||
>
|
||||
<label for="unique" class="title">
|
||||
<span>{{ t('forms', 'Only allow one submission per user') }}</span>
|
||||
</label>
|
||||
|
||||
<input v-show="form.event.isAnonymous" id="trueAnonymous" v-model="form.event.fullAnonymous"
|
||||
:disabled="protect" type="checkbox" class="checkbox"
|
||||
>
|
||||
|
|
@ -217,6 +224,7 @@ export default {
|
|||
description: '',
|
||||
created: '',
|
||||
access: 'public',
|
||||
unique: false,
|
||||
expiration: false,
|
||||
expirationDate: '',
|
||||
expired: false,
|
||||
|
|
|
|||
Loading…
Reference in a new issue