summaryrefslogtreecommitdiff
path: root/app/Api/Authorization
diff options
context:
space:
mode:
Diffstat (limited to 'app/Api/Authorization')
-rw-r--r--app/Api/Authorization/ProjectAuthorization.php4
-rw-r--r--app/Api/Authorization/TagAuthorization.php23
-rw-r--r--app/Api/Authorization/TaskAuthorization.php4
3 files changed, 27 insertions, 4 deletions
diff --git a/app/Api/Authorization/ProjectAuthorization.php b/app/Api/Authorization/ProjectAuthorization.php
index 21ecf311..7dcdc445 100644
--- a/app/Api/Authorization/ProjectAuthorization.php
+++ b/app/Api/Authorization/ProjectAuthorization.php
@@ -23,13 +23,13 @@ class ProjectAuthorization extends Base
protected function checkProjectPermission($class, $method, $project_id)
{
if (empty($project_id)) {
- throw new AccessDeniedException('Project not found');
+ throw new AccessDeniedException('Project Not Found');
}
$role = $this->projectUserRoleModel->getUserRole($project_id, $this->userSession->getId());
if (! $this->apiProjectAuthorization->isAllowed($class, $method, $role)) {
- throw new AccessDeniedException('Project access denied');
+ throw new AccessDeniedException('Project Access Denied');
}
}
}
diff --git a/app/Api/Authorization/TagAuthorization.php b/app/Api/Authorization/TagAuthorization.php
new file mode 100644
index 00000000..247f57db
--- /dev/null
+++ b/app/Api/Authorization/TagAuthorization.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace Kanboard\Api\Authorization;
+
+/**
+ * Class TagAuthorization
+ *
+ * @package Kanboard\Api\Authorization
+ * @author Frederic Guillot
+ */
+class TagAuthorization extends ProjectAuthorization
+{
+ public function check($class, $method, $tag_id)
+ {
+ if ($this->userSession->isLogged()) {
+ $tag = $this->tagModel->getById($tag_id);
+
+ if (! empty($tag)) {
+ $this->checkProjectPermission($class, $method, $tag['project_id']);
+ }
+ }
+ }
+}
diff --git a/app/Api/Authorization/TaskAuthorization.php b/app/Api/Authorization/TaskAuthorization.php
index db93b76b..6e044211 100644
--- a/app/Api/Authorization/TaskAuthorization.php
+++ b/app/Api/Authorization/TaskAuthorization.php
@@ -10,10 +10,10 @@ namespace Kanboard\Api\Authorization;
*/
class TaskAuthorization extends ProjectAuthorization
{
- public function check($class, $method, $category_id)
+ public function check($class, $method, $task_id)
{
if ($this->userSession->isLogged()) {
- $this->checkProjectPermission($class, $method, $this->taskFinderModel->getProjectId($category_id));
+ $this->checkProjectPermission($class, $method, $this->taskFinderModel->getProjectId($task_id));
}
}
}