adding operator ajax delete

2025-12-13 07:45:54 +00:00 · 2019-09-17 13:10:26 +00:00 · 2019-09-17 13:10:26 +00:00 · 410927e5b2
commit 410927e5b2
parent 53b2b02e97
2 changed files with 40 additions and 2 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 6da1128ca99ba7f74877089504a4ad43247ad436
+Subproject commit a37f26ae9ce3bd3c25cfeb9b51bef3f2a4a6ebeb
--- a/src/Controller/OperatorsController.php
+++ b/src/Controller/OperatorsController.php
@ -18,7 +18,7 @@ class OperatorsController extends AppController
    public function initialize()
    {
        parent::initialize();
-        $this->Auth->allow(['ajaxSave', 'ajaxLoad']);
+        $this->Auth->allow(['ajaxSave', 'ajaxLoad', 'ajaxDelete']);
    }
    /**
     * Index method
@ -113,6 +113,44 @@ class OperatorsController extends AppController
      }
      return $this->returnJson(['state' => 'error', 'msg' => 'no post request']);
    }
+    
+    function ajaxDelete() {
+      if ($this->request->is('delete')) {
+        $operatorTypeName = $this->request->getData('operator_type_name');
+        $username = $this->request->getData('username');
+        $pubkey_bin = base64_decode($this->request->getData('user_pubkey'));
+        $sign = base64_decode($this->request->getData('sign'));
+
+        $operatorTypeId = $this->Operators->OperatorTypes->
+                find()
+                ->where(['name' => $operatorTypeName])
+                ->select(['id'])
+                ->first();
+        
+        // load operator from db if already exist
+        $operator = $this->Operators
+                ->find()
+                ->where([
+                    'operator_type_id' => $operatorTypeId->id,
+                    'username' => $username,
+                    'user_pubkey' => $pubkey_bin])
+                ->first();
+        if(!$operator) {
+          return $this->returnJson(['state' => 'error', 'msg' => 'not found']);
+        } else {
+          $data = base64_decode($operator->data_base64);
+          // check if request has valid signature
+          if(!sodium_crypto_sign_verify_detached($sign, $data, $pubkey_bin)) {
+            return $this->returnJson(['state' => 'error', 'msg' => 'wrong signature']);
+          }
+        }
+        if ($this->Operators->delete($operator)) {
+          return $this->returnJson(['state' => 'success']);
+        }
+        return $this->returnJson(['state' => 'error', 'details' => $operator->getErrors()]);
+      }
+      return $this->returnJson(['state' => 'error', 'msg' => 'no post request']);
+    }

    /**
     * View method