Add API calls to manage tags

author: Frederic Guillot <fred@kanboard.net> 2016-12-17 17:02:29 -0500
committer: Frederic Guillot <fred@kanboard.net> 2016-12-17 17:02:29 -0500
commit: 11861044695e5a6553e5ca2b4db8f2fd57702f7f (patch)
tree: 08ef63bd6d0a3f8e625f14e616088775f7d0bf61 /app/Api/Authorization
parent: ddeb89e2c6622f197d1b7738042182b34d5054ed (diff)
3 files changed, 27 insertions, 4 deletions
diff --git a/app/Api/Authorization/ProjectAuthorization.php b/app/Api/Authorization/ProjectAuthorization.php
index 21ecf311..7dcdc445 100644
--- a/app/Api/Authorization/ProjectAuthorization.php
+++ b/app/Api/Authorization/ProjectAuthorization.php
@@ -23,13 +23,13 @@ class ProjectAuthorization extends Base
     protected function checkProjectPermission($class, $method, $project_id)
     {
         if (empty($project_id)) {
-            throw new AccessDeniedException('Project not found');
+            throw new AccessDeniedException('Project Not Found');
         }
         
         $role = $this->projectUserRoleModel->getUserRole($project_id, $this->userSession->getId());
 
         if (! $this->apiProjectAuthorization->isAllowed($class, $method, $role)) {
-            throw new AccessDeniedException('Project access denied');
+            throw new AccessDeniedException('Project Access Denied');
         }
     }
 }
diff --git a/app/Api/Authorization/TagAuthorization.php b/app/Api/Authorization/TagAuthorization.php
new file mode 100644
index 00000000..247f57db
--- /dev/null
+++ b/app/Api/Authorization/TagAuthorization.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace Kanboard\Api\Authorization;
+
+/**
+ * Class TagAuthorization
+ *
+ * @package Kanboard\Api\Authorization
+ * @author  Frederic Guillot
+ */
+class TagAuthorization extends ProjectAuthorization
+{
+    public function check($class, $method, $tag_id)
+    {
+        if ($this->userSession->isLogged()) {
+            $tag = $this->tagModel->getById($tag_id);
+
+            if (! empty($tag)) {
+                $this->checkProjectPermission($class, $method, $tag['project_id']);
+            }
+        }
+    }
+}
diff --git a/app/Api/Authorization/TaskAuthorization.php b/app/Api/Authorization/TaskAuthorization.php
index db93b76b..6e044211 100644
--- a/app/Api/Authorization/TaskAuthorization.php
+++ b/app/Api/Authorization/TaskAuthorization.php
@@ -10,10 +10,10 @@ namespace Kanboard\Api\Authorization;
  */
 class TaskAuthorization extends ProjectAuthorization
 {
-    public function check($class, $method, $category_id)
+    public function check($class, $method, $task_id)
     {
         if ($this->userSession->isLogged()) {
-            $this->checkProjectPermission($class, $method, $this->taskFinderModel->getProjectId($category_id));
+            $this->checkProjectPermission($class, $method, $this->taskFinderModel->getProjectId($task_id));
         }
     }
 }
author	Frederic Guillot <fred@kanboard.net>	2016-12-17 17:02:29 -0500
committer	Frederic Guillot <fred@kanboard.net>	2016-12-17 17:02:29 -0500
commit	11861044695e5a6553e5ca2b4db8f2fd57702f7f (patch)
tree	08ef63bd6d0a3f8e625f14e616088775f7d0bf61 /app/Api/Authorization
parent	ddeb89e2c6622f197d1b7738042182b34d5054ed (diff)