diff options
| author | Frederic Guillot <fred@kanboard.net> | 2016-06-26 10:25:13 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2016-06-26 10:25:13 -0400 |
| commit | 4a230d331ec220fc32a48525afb308af0d9787fa (patch) | |
| tree | 514aa3d703155b7f97a2c77147c9fd74cef60f84 /app/Api/Procedure/CommentProcedure.php | |
| parent | 922e0fb6de06a98774418612e0b0f75af72b6dbb (diff) | |
Added application and project roles validation for API procedure calls
Diffstat (limited to 'app/Api/Procedure/CommentProcedure.php')
| -rw-r--r-- | app/Api/Procedure/CommentProcedure.php | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/app/Api/Procedure/CommentProcedure.php b/app/Api/Procedure/CommentProcedure.php new file mode 100644 index 00000000..019a49bb --- /dev/null +++ b/app/Api/Procedure/CommentProcedure.php @@ -0,0 +1,62 @@ +<?php + +namespace Kanboard\Api\Procedure; + +use Kanboard\Api\Authorization\CommentAuthorization; +use Kanboard\Api\Authorization\TaskAuthorization; + +/** + * Comment API controller + * + * @package Kanboard\Api\Procedure + * @author Frederic Guillot + */ +class CommentProcedure extends BaseProcedure +{ + public function getComment($comment_id) + { + CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'getComment', $comment_id); + return $this->commentModel->getById($comment_id); + } + + public function getAllComments($task_id) + { + TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllComments', $task_id); + return $this->commentModel->getAll($task_id); + } + + public function removeComment($comment_id) + { + CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeComment', $comment_id); + return $this->commentModel->remove($comment_id); + } + + public function createComment($task_id, $user_id, $content, $reference = '') + { + TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createComment', $task_id); + + $values = array( + 'task_id' => $task_id, + 'user_id' => $user_id, + 'comment' => $content, + 'reference' => $reference, + ); + + list($valid, ) = $this->commentValidator->validateCreation($values); + + return $valid ? $this->commentModel->create($values) : false; + } + + public function updateComment($id, $content) + { + CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateComment', $id); + + $values = array( + 'id' => $id, + 'comment' => $content, + ); + + list($valid, ) = $this->commentValidator->validateModification($values); + return $valid && $this->commentModel->update($values); + } +} |