Added application and project roles validation for API procedure calls

author: Frederic Guillot <fred@kanboard.net> 2016-06-26 10:25:13 -0400
committer: Frederic Guillot <fred@kanboard.net> 2016-06-26 10:25:13 -0400
commit: 4a230d331ec220fc32a48525afb308af0d9787fa (patch)
tree: 514aa3d703155b7f97a2c77147c9fd74cef60f84 /app/Api/Procedure/CategoryProcedure.php
parent: 922e0fb6de06a98774418612e0b0f75af72b6dbb (diff)
1 files changed, 59 insertions, 0 deletions
diff --git a/app/Api/Procedure/CategoryProcedure.php b/app/Api/Procedure/CategoryProcedure.php
new file mode 100644
index 00000000..3ebbd908
--- /dev/null
+++ b/app/Api/Procedure/CategoryProcedure.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace Kanboard\Api\Procedure;
+
+use Kanboard\Api\Authorization\CategoryAuthorization;
+use Kanboard\Api\Authorization\ProjectAuthorization;
+
+/**
+ * Category API controller
+ *
+ * @package  Kanboard\Api\Procedure
+ * @author   Frederic Guillot
+ */
+class CategoryProcedure extends BaseProcedure
+{
+    public function getCategory($category_id)
+    {
+        CategoryAuthorization::getInstance($this->container)->check($this->getClassName(), 'getCategory', $category_id);
+        return $this->categoryModel->getById($category_id);
+    }
+
+    public function getAllCategories($project_id)
+    {
+        ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllCategories', $project_id);
+        return $this->categoryModel->getAll($project_id);
+    }
+
+    public function removeCategory($category_id)
+    {
+        CategoryAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeCategory', $category_id);
+        return $this->categoryModel->remove($category_id);
+    }
+
+    public function createCategory($project_id, $name)
+    {
+        ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'createCategory', $project_id);
+
+        $values = array(
+            'project_id' => $project_id,
+            'name' => $name,
+        );
+
+        list($valid, ) = $this->categoryValidator->validateCreation($values);
+        return $valid ? $this->categoryModel->create($values) : false;
+    }
+
+    public function updateCategory($id, $name)
+    {
+        CategoryAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateCategory', $id);
+
+        $values = array(
+            'id' => $id,
+            'name' => $name,
+        );
+
+        list($valid, ) = $this->categoryValidator->validateModification($values);
+        return $valid && $this->categoryModel->update($values);
+    }
+}
author	Frederic Guillot <fred@kanboard.net>	2016-06-26 10:25:13 -0400
committer	Frederic Guillot <fred@kanboard.net>	2016-06-26 10:25:13 -0400
commit	4a230d331ec220fc32a48525afb308af0d9787fa (patch)
tree	514aa3d703155b7f97a2c77147c9fd74cef60f84 /app/Api/Procedure/CategoryProcedure.php
parent	922e0fb6de06a98774418612e0b0f75af72b6dbb (diff)