diff options
author | Frederic Guillot <fred@kanboard.net> | 2016-06-26 10:25:13 -0400 |
---|---|---|
committer | Frederic Guillot <fred@kanboard.net> | 2016-06-26 10:25:13 -0400 |
commit | 4a230d331ec220fc32a48525afb308af0d9787fa (patch) | |
tree | 514aa3d703155b7f97a2c77147c9fd74cef60f84 /app/Api/Procedure/SubtaskProcedure.php | |
parent | 922e0fb6de06a98774418612e0b0f75af72b6dbb (diff) |
Added application and project roles validation for API procedure calls
Diffstat (limited to 'app/Api/Procedure/SubtaskProcedure.php')
-rw-r--r-- | app/Api/Procedure/SubtaskProcedure.php | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/app/Api/Procedure/SubtaskProcedure.php b/app/Api/Procedure/SubtaskProcedure.php new file mode 100644 index 00000000..e2400912 --- /dev/null +++ b/app/Api/Procedure/SubtaskProcedure.php @@ -0,0 +1,74 @@ +<?php + +namespace Kanboard\Api\Procedure; + +use Kanboard\Api\Authorization\SubtaskAuthorization; +use Kanboard\Api\Authorization\TaskAuthorization; + +/** + * Subtask API controller + * + * @package Kanboard\Api\Procedure + * @author Frederic Guillot + */ +class SubtaskProcedure extends BaseProcedure +{ + public function getSubtask($subtask_id) + { + SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getSubtask', $subtask_id); + return $this->subtaskModel->getById($subtask_id); + } + + public function getAllSubtasks($task_id) + { + TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllSubtasks', $task_id); + return $this->subtaskModel->getAll($task_id); + } + + public function removeSubtask($subtask_id) + { + SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeSubtask', $subtask_id); + return $this->subtaskModel->remove($subtask_id); + } + + public function createSubtask($task_id, $title, $user_id = 0, $time_estimated = 0, $time_spent = 0, $status = 0) + { + TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createSubtask', $task_id); + + $values = array( + 'title' => $title, + 'task_id' => $task_id, + 'user_id' => $user_id, + 'time_estimated' => $time_estimated, + 'time_spent' => $time_spent, + 'status' => $status, + ); + + list($valid, ) = $this->subtaskValidator->validateCreation($values); + return $valid ? $this->subtaskModel->create($values) : false; + } + + public function updateSubtask($id, $task_id, $title = null, $user_id = null, $time_estimated = null, $time_spent = null, $status = null) + { + TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateSubtask', $task_id); + + $values = array( + 'id' => $id, + 'task_id' => $task_id, + 'title' => $title, + 'user_id' => $user_id, + 'time_estimated' => $time_estimated, + 'time_spent' => $time_spent, + 'status' => $status, + ); + + foreach ($values as $key => $value) { + if (is_null($value)) { + unset($values[$key]); + } + } + + list($valid, ) = $this->subtaskValidator->validateApiModification($values); + return $valid && $this->subtaskModel->update($values); + } +} |