steve
/
sunrise-cms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

check if prints are allowed

deepsource-autofix-76c6eb20
Dan Gowans 2022-11-22 15:00:10 -05:00
parent 8af17ca30d
commit a06186ede0
4 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
handlers/print-get/pdf.js
View File

@ -9,6 +9,11 @@ import camelcase from "camelcase";
const attachmentOrInline = configFunctions.getProperty("settings.printPdf.contentDisposition"); const attachmentOrInline = configFunctions.getProperty("settings.printPdf.contentDisposition");
export const handler = async (request, response, next) => { export const handler = async (request, response, next) => {
const printName = request.params.printName; const printName = request.params.printName;
if (!configFunctions.getProperty("settings.lotOccupancy.prints").includes("pdf/" + printName) &&
!configFunctions.getProperty("settings.workOrders.prints").includes("pdf/" + printName)) {
return response.redirect(configFunctions.getProperty("reverseProxy.urlPrefix") +
"/dashboard/?error=printConfigNotAllowed");
}
const printConfig = getPdfPrintConfig(printName); const printConfig = getPdfPrintConfig(printName);
if (!printConfig) { if (!printConfig) {
return response.redirect(configFunctions.getProperty("reverseProxy.urlPrefix") + return response.redirect(configFunctions.getProperty("reverseProxy.urlPrefix") +

10
handlers/print-get/pdf.ts
View File

@ -17,6 +17,16 @@ const attachmentOrInline = configFunctions.getProperty("settings.printPdf.conten
export const handler: RequestHandler = async (request, response, next) => { export const handler: RequestHandler = async (request, response, next) => {
const printName = request.params.printName; const printName = request.params.printName;
if (
!configFunctions.getProperty("settings.lotOccupancy.prints").includes("pdf/" + printName) &&
!configFunctions.getProperty("settings.workOrders.prints").includes("pdf/" + printName)
) {
return response.redirect(
configFunctions.getProperty("reverseProxy.urlPrefix") +
"/dashboard/?error=printConfigNotAllowed"
);
}
const printConfig = getPdfPrintConfig(printName); const printConfig = getPdfPrintConfig(printName);
if (!printConfig) { if (!printConfig) {

4
handlers/print-get/screen.js
View File

@ -2,8 +2,8 @@ import * as configFunctions from "../../helpers/functions.config.js";
import { getReportData, getScreenPrintConfig } from "../../helpers/functions.print.js"; import { getReportData, getScreenPrintConfig } from "../../helpers/functions.print.js";
export const handler = (request, response) => { export const handler = (request, response) => {
const printName = request.params.printName; const printName = request.params.printName;
if (!configFunctions.getProperty("settings.lotOccupancy.prints").includes(printName) && if (!configFunctions.getProperty("settings.lotOccupancy.prints").includes("screen/" + printName) &&
!configFunctions.getProperty("settings.workOrders.prints").includes(printName)) { !configFunctions.getProperty("settings.workOrders.prints").includes("screen/" + printName)) {
return response.redirect(configFunctions.getProperty("reverseProxy.urlPrefix") + return response.redirect(configFunctions.getProperty("reverseProxy.urlPrefix") +
"/dashboard/?error=printConfigNotAllowed"); "/dashboard/?error=printConfigNotAllowed");
} }

4
handlers/print-get/screen.ts
View File

@ -7,8 +7,8 @@ export const handler: RequestHandler = (request, response) => {
const printName = request.params.printName; const printName = request.params.printName;
if ( if (
!configFunctions.getProperty("settings.lotOccupancy.prints").includes(printName) && !configFunctions.getProperty("settings.lotOccupancy.prints").includes("screen/" + printName) &&
!configFunctions.getProperty("settings.workOrders.prints").includes(printName) !configFunctions.getProperty("settings.workOrders.prints").includes("screen/" + printName)
) { ) {
return response.redirect( return response.redirect(
configFunctions.getProperty("reverseProxy.urlPrefix") + configFunctions.getProperty("reverseProxy.urlPrefix") +