From a1756949e046e3f7209fc8a8ea0e142933c7fd8e Mon Sep 17 00:00:00 2001 From: Benn Oshrin Date: Sat, 20 Sep 2025 18:10:33 -0400 Subject: [PATCH] Temporary patch of RegistryAuthComponent to avoid stack traces (NOJIRA) --- .../Component/RegistryAuthComponent.php | 113 ++++++++++-------- 1 file changed, 60 insertions(+), 53 deletions(-) diff --git a/app/src/Controller/Component/RegistryAuthComponent.php b/app/src/Controller/Component/RegistryAuthComponent.php index d8c3f8d74..a6b0f9682 100644 --- a/app/src/Controller/Component/RegistryAuthComponent.php +++ b/app/src/Controller/Component/RegistryAuthComponent.php @@ -1036,73 +1036,80 @@ public function isPlatformAdmin(): bool { */ public function isSelf(?int $coId, ?int $id): bool { - // We might get called in some contexts without a coId, in which case there - // are no members. - - if(!$coId - || empty($this->cache['isCoMember'][$coId]) - // API Users can't be self and getPersonID() will throw errors if called by one - || $this->isApiUser() - ) { - return false; - } + try { + // We might get called in some contexts without a coId, in which case there + // are no members. - if(isset($this->cache['isSelf'][$coId])) { - return $this->cache['isSelf'][$coId]; - } + if(!$coId + || empty($this->cache['isCoMember'][$coId]) + // API Users can't be self and getPersonID() will throw errors if called by one + || $this->isApiUser() + ) { + return false; + } - $this->cache['isSelf'][$coId] = false; + if(isset($this->cache['isSelf'][$coId])) { + return $this->cache['isSelf'][$coId]; + } - $controller = $this->getController(); - $request = $controller->getRequest(); - $controllerName = $controller->getName(); - $personId = $this->getPersonID($coId); + $this->cache['isSelf'][$coId] = false; - /* EDIT/VIEW */ + $controller = $this->getController(); + $request = $controller->getRequest(); + $controllerName = $controller->getName(); + $personId = $this->getPersonID($coId); + + /* EDIT/VIEW */ + + if ($request->getParam('action') == 'view' && $id !== null) { + $modelTable = TableRegistry::getTableLocator()->get($controllerName); + // We need to allow archived gets for viewing archived records + $modelEntity = $modelTable->get($id, ['archived' => true]); + // Associated Models, e.g. MVEAs + $primaryLinks = $modelTable->getPrimaryLinks(); + + if (in_array('person_id', $primaryLinks) && $modelEntity->person_id !== null) { + $this->cache['isSelf'][$coId] = $personId == $modelEntity->person_id; + return $this->cache['isSelf'][$coId]; + } elseif (in_array('external_identity_id', $primaryLinks) && $modelEntity->external_identity_id !== null) { + $externalIdentityId = $modelEntity->external_identity_id; + $extIdentTable = TableRegistry::getTableLocator()->get('ExternalIdentities'); + $extIdentEntity = $extIdentTable->get($externalIdentityId); + $extIdentityPersonId = $extIdentEntity->person_id; + $this->cache['isSelf'][$coId] = $personId == $extIdentityPersonId; + return $this->cache['isSelf'][$coId]; + } + } - if ($request->getParam('action') == 'view' && $id !== null) { - $modelTable = TableRegistry::getTableLocator()->get($controllerName); - // We need to allow archived gets for viewing archived records - $modelEntity = $modelTable->get($id, ['archived' => true]); - // Associated Models, e.g. MVEAs - $primaryLinks = $modelTable->getPrimaryLinks(); + /* INDEX VIEWS */ + // View self or filter by the person_id + $queryPersonIdParam = $request->getQuery('person_id'); + // Associated Model for External Identity Link to Person + $externalIdentityIdParam = $request->getQuery('external_identity_id'); - if (in_array('person_id', $primaryLinks) && $modelEntity->person_id !== null) { - $this->cache['isSelf'][$coId] = $personId == $modelEntity->person_id; - return $this->cache['isSelf'][$coId]; - } elseif (in_array('external_identity_id', $primaryLinks) && $modelEntity->external_identity_id !== null) { - $externalIdentityId = $modelEntity->external_identity_id; + if (!empty($externalIdentityIdParam)) { $extIdentTable = TableRegistry::getTableLocator()->get('ExternalIdentities'); - $extIdentEntity = $extIdentTable->get($externalIdentityId); + $extIdentEntity = $extIdentTable->get($externalIdentityIdParam); $extIdentityPersonId = $extIdentEntity->person_id; $this->cache['isSelf'][$coId] = $personId == $extIdentityPersonId; return $this->cache['isSelf'][$coId]; } - } - /* INDEX VIEWS */ - // View self or filter by the person_id - $queryPersonIdParam = $request->getQuery('person_id'); - // Associated Model for External Identity Link to Person - $externalIdentityIdParam = $request->getQuery('external_identity_id'); - - if (!empty($externalIdentityIdParam)) { - $extIdentTable = TableRegistry::getTableLocator()->get('ExternalIdentities'); - $extIdentEntity = $extIdentTable->get($externalIdentityIdParam); - $extIdentityPersonId = $extIdentEntity->person_id; - $this->cache['isSelf'][$coId] = $personId == $extIdentityPersonId; + if ( + // Canvas page + ($controllerName == 'People' && $id == $personId) + // Any page that we query with the person_id + || (isset($queryPersonIdParam) && $queryPersonIdParam == $personId) + ) { + $this->cache['isSelf'][$coId] = true; + } + return $this->cache['isSelf'][$coId]; } - - if ( - // Canvas page - ($controllerName == 'People' && $id == $personId) - // Any page that we query with the person_id - || (isset($queryPersonIdParam) && $queryPersonIdParam == $personId) - ) { - $this->cache['isSelf'][$coId] = true; + catch(\Exception $e) { + // Generic catchall since, eg, $modelTable doesn't know how to handle plugins + + return false; } - - return $this->cache['isSelf'][$coId]; } } \ No newline at end of file