Skip to content

Commit

Permalink
fix: managed tickets
Browse files Browse the repository at this point in the history 
get extra questions
  • Loading branch information
@smarcet
smarcet committed Aug 28, 2024
1 parent e0abad2 commit d11136e
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 5 deletions.
13 changes: 9 additions & 4 deletions ...ttp/Controllers/Apis/Protected/Summit/OAuth2SummitOrderExtraQuestionTypeApiController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,10 +483,10 @@ public function getOwnAttendeeAllowedExtraQuestions($summit_id)
public function getAttendeeExtraQuestions($summit_id, $attendee_id)
{
$summit = SummitFinderStrategyFactory::build($this->getSummitRepository(), $this->getResourceServerContext())->find($summit_id);
if (is_null($summit)) return $this->error404("Summit not found");
if (is_null($summit)) return $this->error404("Summit not found.");

$attendee = $summit->getAttendeeById(intval($attendee_id));
if (is_null($attendee)) return $this->error404("Attendee not found");
if (is_null($attendee)) return $this->error404("Attendee not found.");

// authz
// check that we have a current member ( not service account )
Expand All @@ -499,7 +499,12 @@ public function getAttendeeExtraQuestions($summit_id, $attendee_id)

if(!$auth){
// check if current member is the attendee
$auth = $attendee->getEmail() == $current_member->getEmail() || $attendee->getMemberId() == $current_member->getId();
$auth = (
$attendee->getEmail() == $current_member->getEmail()
|| $attendee->getMemberId() == $current_member->getId()
|| $attendee->isManagedBy($current_member)
);

if(!$auth){
// check if the attendee is under some order of the current member
foreach($current_member->getPadRegistrationOrdersForSummit($summit) as $order){
Expand All @@ -513,7 +518,7 @@ public function getAttendeeExtraQuestions($summit_id, $attendee_id)
}

if(!$auth)
return $this->error401();
return $this->error403("You are not Authorized.");

return $this->_getAll(
function () {
Expand Down
2 changes: 1 addition & 1 deletion app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitOrdersApiController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -468,7 +468,7 @@ public function getMyTicketById($order_id, $ticket_id)
$current_user = $this->getResourceServerContext()->getCurrentUser();

if (is_null($current_user))
return $this->error403();
return $this->error401();

if (!$order instanceof SummitOrder)
throw new EntityNotFoundException("Order not found.");
Expand Down

0 comments on commit d11136e

Please sign in to comment.