diff options
Diffstat (limited to 'app/Api/BaseApi.php')
| -rw-r--r-- | app/Api/BaseApi.php | 59 |
1 files changed, 7 insertions, 52 deletions
diff --git a/app/Api/BaseApi.php b/app/Api/BaseApi.php index 37e11030..9f69aa65 100644 --- a/app/Api/BaseApi.php +++ b/app/Api/BaseApi.php @@ -13,54 +13,9 @@ use Kanboard\Core\Base; */ abstract class BaseApi extends Base { - private $user_allowed_procedures = array( - 'getMe', - 'getMyDashboard', - 'getMyActivityStream', - 'createMyPrivateProject', - 'getMyProjectsList', - 'getMyProjects', - 'getMyOverdueTasks', - ); - - private $both_allowed_procedures = array( - 'getTimezone', - 'getVersion', - 'getDefaultTaskColor', - 'getDefaultTaskColors', - 'getColorList', - 'getProjectById', - 'getTask', - 'getTaskByReference', - 'getAllTasks', - 'openTask', - 'closeTask', - 'moveTaskPosition', - 'createTask', - 'updateTask', - 'getBoard', - 'getProjectActivity', - 'getOverdueTasksByProject', - 'searchTasks', - ); - - public function checkProcedurePermission($is_user, $procedure) - { - $is_both_procedure = in_array($procedure, $this->both_allowed_procedures); - $is_user_procedure = in_array($procedure, $this->user_allowed_procedures); - - if ($is_user && ! $is_both_procedure && ! $is_user_procedure) { - throw new AccessDeniedException('Permission denied'); - } elseif (! $is_user && ! $is_both_procedure && $is_user_procedure) { - throw new AccessDeniedException('Permission denied'); - } - - $this->logger->debug('API call: '.$procedure); - } - public function checkProjectPermission($project_id) { - if ($this->userSession->isLogged() && ! $this->projectPermission->isUserAllowed($project_id, $this->userSession->getId())) { + if ($this->userSession->isLogged() && ! $this->projectPermissionModel->isUserAllowed($project_id, $this->userSession->getId())) { throw new AccessDeniedException('Permission denied'); } } @@ -68,15 +23,15 @@ abstract class BaseApi extends Base public function checkTaskPermission($task_id) { if ($this->userSession->isLogged()) { - $this->checkProjectPermission($this->taskFinder->getProjectId($task_id)); + $this->checkProjectPermission($this->taskFinderModel->getProjectId($task_id)); } } protected function formatTask($task) { if (! empty($task)) { - $task['url'] = $this->helper->url->to('task', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id']), '', true); - $task['color'] = $this->color->getColorProperties($task['color_id']); + $task['url'] = $this->helper->url->to('TaskViewController', 'show', array('task_id' => $task['id'], 'project_id' => $task['project_id']), '', true); + $task['color'] = $this->colorModel->getColorProperties($task['color_id']); } return $task; @@ -97,9 +52,9 @@ abstract class BaseApi extends Base { if (! empty($project)) { $project['url'] = array( - 'board' => $this->helper->url->to('board', 'show', array('project_id' => $project['id']), '', true), - 'calendar' => $this->helper->url->to('calendar', 'show', array('project_id' => $project['id']), '', true), - 'list' => $this->helper->url->to('listing', 'show', array('project_id' => $project['id']), '', true), + 'board' => $this->helper->url->to('BoardViewController', 'show', array('project_id' => $project['id']), '', true), + 'calendar' => $this->helper->url->to('CalendarController', 'show', array('project_id' => $project['id']), '', true), + 'list' => $this->helper->url->to('TaskListController', 'show', array('project_id' => $project['id']), '', true), ); } |