fix(controller): manipulate index only if possible

KennethTrecy · Jan 28, 2024 · 5bcc1bc · 5bcc1bc
1 parent bab46b1
commit 5bcc1bc
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 20 deletions.
diff --git a/app/Controllers/BaseOwnedResourceController.php b/app/Controllers/BaseOwnedResourceController.php
@@ -14,6 +14,7 @@
 use App\Exceptions\MissingResource;
 use App\Exceptions\UnauthorizedRequest;
 use App\Exceptions\ServerFailure;
+use App\Model\BaseResourceModel;
 use Config\Database;
 
 abstract class BaseOwnedResourceController extends BaseController
@@ -79,29 +80,31 @@ public function index()
         $current_user = auth()->user();
         $request = $this->request;
 
-        $model = static::getModel();
-        $scoped_model = $model->limitSearchToUser($model, $current_user);
-
+        $scoped_model = static::getModel();
         $filter = $request->getVar("filter") ?? [];
-        $scoped_model = $scoped_model->filterList($scoped_model, $filter);
-
         $sort = $request->getVar("sort") ?? [];
-        $scoped_model = $scoped_model->sortList($scoped_model, $sort);
-
         $page = $request->getVar("page") ?? [];
         $offset = $page["offset"] ?? 0;
         $limit = min($page["limit"] ?? 100, 100);
-        $scoped_model = $scoped_model->paginateList($scoped_model, $page);
+
+        if ($scoped_model instanceof BaseResourceModel) {
+            $scoped_model = $scoped_model->limitSearchToUser($scoped_model, $current_user);
+            $scoped_model = $scoped_model->filterList($scoped_model, $filter);
+            $scoped_model = $scoped_model->sortList($scoped_model, $sort);
+            $scoped_model = $scoped_model->paginateList($scoped_model, $page);
+        }
 
         $overall_filtered_count = model(static::getModelName(), false);
-        $overall_filtered_count = $overall_filtered_count->limitSearchToUser(
-            $overall_filtered_count,
-            $current_user
-        );
-        $overall_filtered_count = $overall_filtered_count->filterList(
-            $overall_filtered_count,
-            $filter
-        );
+        if ($overall_filtered_count instanceof BaseResourceModel) {
+            $overall_filtered_count = $overall_filtered_count->limitSearchToUser(
+                $overall_filtered_count,
+                $current_user
+            );
+            $overall_filtered_count = $overall_filtered_count->filterList(
+                $overall_filtered_count,
+                $filter
+            );
+        }
         $overall_filtered_count = $overall_filtered_count->countAllResults();
 
         $response_document = [

diff --git a/app/Models/AccessTokenModel.php b/app/Models/AccessTokenModel.php
@@ -28,14 +28,14 @@ public function isOwnedBy(User $user, string $search_mode, int $resource_id): bo
         return !is_null($match);
     }
 
+    public function limitSearchToUser(OwnedResource $query_builder, User $user) {
+        return $query_builder->where("user_id", $user->id);
+    }
+
     private function getSearchQuery(string $search_mode) {
         if ($search_mode === SEARCH_WITH_DELETED) return $this->withDeleted();
         else if ($search_mode === SEARCH_ONLY_DELETED) return $this->onlyDeleted();
 
         return $this;
     }
-
-    public function limitSearchToUser(OwnedResource $query_builder, User $user) {
-        return $query_builder->where("user_id", $user->id);
-    }
 }