diff options
Diffstat (limited to 'app/Api/Authorization')
-rw-r--r-- | app/Api/Authorization/ProjectAuthorization.php | 4 | ||||
-rw-r--r-- | app/Api/Authorization/TagAuthorization.php | 23 | ||||
-rw-r--r-- | app/Api/Authorization/TaskAuthorization.php | 4 |
3 files changed, 27 insertions, 4 deletions
diff --git a/app/Api/Authorization/ProjectAuthorization.php b/app/Api/Authorization/ProjectAuthorization.php index 21ecf311..7dcdc445 100644 --- a/app/Api/Authorization/ProjectAuthorization.php +++ b/app/Api/Authorization/ProjectAuthorization.php @@ -23,13 +23,13 @@ class ProjectAuthorization extends Base protected function checkProjectPermission($class, $method, $project_id) { if (empty($project_id)) { - throw new AccessDeniedException('Project not found'); + throw new AccessDeniedException('Project Not Found'); } $role = $this->projectUserRoleModel->getUserRole($project_id, $this->userSession->getId()); if (! $this->apiProjectAuthorization->isAllowed($class, $method, $role)) { - throw new AccessDeniedException('Project access denied'); + throw new AccessDeniedException('Project Access Denied'); } } } diff --git a/app/Api/Authorization/TagAuthorization.php b/app/Api/Authorization/TagAuthorization.php new file mode 100644 index 00000000..247f57db --- /dev/null +++ b/app/Api/Authorization/TagAuthorization.php @@ -0,0 +1,23 @@ +<?php + +namespace Kanboard\Api\Authorization; + +/** + * Class TagAuthorization + * + * @package Kanboard\Api\Authorization + * @author Frederic Guillot + */ +class TagAuthorization extends ProjectAuthorization +{ + public function check($class, $method, $tag_id) + { + if ($this->userSession->isLogged()) { + $tag = $this->tagModel->getById($tag_id); + + if (! empty($tag)) { + $this->checkProjectPermission($class, $method, $tag['project_id']); + } + } + } +} diff --git a/app/Api/Authorization/TaskAuthorization.php b/app/Api/Authorization/TaskAuthorization.php index db93b76b..6e044211 100644 --- a/app/Api/Authorization/TaskAuthorization.php +++ b/app/Api/Authorization/TaskAuthorization.php @@ -10,10 +10,10 @@ namespace Kanboard\Api\Authorization; */ class TaskAuthorization extends ProjectAuthorization { - public function check($class, $method, $category_id) + public function check($class, $method, $task_id) { if ($this->userSession->isLogged()) { - $this->checkProjectPermission($class, $method, $this->taskFinderModel->getProjectId($category_id)); + $this->checkProjectPermission($class, $method, $this->taskFinderModel->getProjectId($task_id)); } } } |