[DEV-260] Make modal in CSV import actually check if the password entered is correct (#1155)

* check for correct password when uploading csv file

* allow to import only csv files

* add validation for password in csv import
This commit is contained in:
Joel Elias Méndez 2022-04-19 13:18:04 -03:00 committed by GitHub
parent b3c8819d83
commit 81cc579d57
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 5 deletions

View File

@ -321,8 +321,8 @@ class AdminPanelAdvancedSettings extends React.Component {
path: '/system/csv-import',
dataAsForm: true,
data: {
file: file,
password: password
file,
password
}
})
.then((result) => this.setState({
@ -338,7 +338,14 @@ class AdminPanelAdvancedSettings extends React.Component {
</div>
) : null
}))
.catch(() => this.setState({messageType: 'error', showMessage: true, messageTitle: null, messageContent: i18n('INVALID_FILE')}));
.catch((error) => {
this.setState({
messageType: 'error',
showMessage: true,
messageTitle: null,
messageContent: i18n(error.message)
})
});
}
onBackupDatabase() {

View File

@ -15,6 +15,7 @@
* @apiParam {String} file A csv file with this content format: email, password, name.
*
* @apiUse NO_PERMISSION
* @apiUse INVALID_PASSWORD
* @apiUse INVALID_FILE
*
* @apiSuccess {String[]} data Array of errors found
@ -28,11 +29,21 @@ class CSVImportController extends Controller {
public function validations() {
return [
'permission' => 'staff_3',
'requestData' => []
'requestData' => [],
'password' => [
'validation' => DataValidator::notBlank()->length(LengthConfig::MIN_LENGTH_PASSWORD, LengthConfig::MAX_LENGTH_PASSWORD),
'error' => ERRORS::INVALID_PASSWORD
]
];
}
public function handler() {
$password = Controller::request('password');
if(!Hashing::verifyPassword($password, Controller::getLoggedUser()->password)) {
throw new RequestException(ERRORS::INVALID_PASSWORD);
}
$fileUploader = $this->uploadFile(true);
if(!$fileUploader instanceof FileUploader) {
@ -69,7 +80,6 @@ class CSVImportController extends Controller {
fclose($file);
unlink($fileUploader->getFullFilePath());
Response::respondSuccess($errors);
}
}