zep/kanboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

看板初始化提交

Browse Source
This commit is contained in:
zephyr
2026-06-01 21:23:12 -07:00
commit 27411ebedc
1827 changed files with 192340 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Api/Authorization/ActionAuthorization.php
+19
View File
@@ -0,0 +1,19 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class ActionAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class ActionAuthorization extends ProjectAuthorization
{
public function check($class, $method, $action_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->actionModel->getProjectId($action_id));
}
}
}
app/Api/Authorization/CategoryAuthorization.php
+19
View File
@@ -0,0 +1,19 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class CategoryAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class CategoryAuthorization extends ProjectAuthorization
{
public function check($class, $method, $category_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->categoryModel->getProjectId($category_id));
}
}
}
app/Api/Authorization/ColumnAuthorization.php
+19
View File
@@ -0,0 +1,19 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class ColumnAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class ColumnAuthorization extends ProjectAuthorization
{
public function check($class, $method, $column_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->columnModel->getProjectId($column_id));
}
}
}
app/Api/Authorization/CommentAuthorization.php
+46
View File
@@ -0,0 +1,46 @@
<?php
namespace Kanboard\Api\Authorization;
use JsonRPC\Exception\AccessDeniedException;
use Kanboard\Core\Security\Role;
/**
* Class CommentAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class CommentAuthorization extends ProjectAuthorization
{
public function check($class, $method, $comment_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->commentModel->getProjectId($comment_id));
$this->checkCommentAccess($comment_id);
}
}
/**
* @param $comment_id ID of the comment to check
* @return void
* @throws AccessDeniedException
*/
protected function checkCommentAccess($comment_id)
{
if (empty($comment_id)) {
throw new AccessDeniedException('Comment Not Found');
}
$commentVisibility = $this->commentModel->getVisibility($comment_id);
$userRole = $this->userSession->getRole();
if ($userRole === Role::APP_MANAGER && $commentVisibility === Role::APP_ADMIN) {
throw new AccessDeniedException('Comment Access Denied');
}
if ($userRole === Role::APP_USER && $commentVisibility !== Role::APP_USER) {
throw new AccessDeniedException('Comment Access Denied');
}
}
}
app/Api/Authorization/ProcedureAuthorization.php
+32
View File
@@ -0,0 +1,32 @@
<?php
namespace Kanboard\Api\Authorization;
use JsonRPC\Exception\AccessDeniedException;
use Kanboard\Core\Base;
/**
* Class ProcedureAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class ProcedureAuthorization extends Base
{
private $userSpecificProcedures = array(
'getMe',
'getMyDashboard',
'getMyActivityStream',
'createMyPrivateProject',
'getMyProjectsList',
'getMyProjects',
'getMyOverdueTasks',
);
public function check($procedure)
{
if (! $this->userSession->isLogged() && in_array($procedure, $this->userSpecificProcedures)) {
throw new AccessDeniedException('This procedure is not available with the API credentials');
}
}
}
app/Api/Authorization/ProjectAuthorization.php
+35
View File
@@ -0,0 +1,35 @@
<?php
namespace Kanboard\Api\Authorization;
use JsonRPC\Exception\AccessDeniedException;
use Kanboard\Core\Base;
/**
* Class ProjectAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class ProjectAuthorization extends Base
{
public function check($class, $method, $project_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $project_id);
}
}
protected function checkProjectPermission($class, $method, $project_id)
{
if (empty($project_id)) {
throw new AccessDeniedException('Project Not Found');
}
$role = $this->projectUserRoleModel->getUserRole($project_id, $this->userSession->getId());
if (! $this->apiProjectAuthorization->isAllowed($class, $method, $role)) {
throw new AccessDeniedException('Project Access Denied');
}
}
}
app/Api/Authorization/SubtaskAuthorization.php
+19
View File
@@ -0,0 +1,19 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class SubtaskAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class SubtaskAuthorization extends ProjectAuthorization
{
public function check($class, $method, $subtask_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->subtaskModel->getProjectId($subtask_id));
}
}
}
app/Api/Authorization/TagAuthorization.php
+23
View File
@@ -0,0 +1,23 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class TagAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class TagAuthorization extends ProjectAuthorization
{
public function check($class, $method, $tag_id)
{
if ($this->userSession->isLogged()) {
$tag = $this->tagModel->getById($tag_id);
if (! empty($tag)) {
$this->checkProjectPermission($class, $method, $tag['project_id']);
}
}
}
}
app/Api/Authorization/TaskAuthorization.php
+19
View File
@@ -0,0 +1,19 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class TaskAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class TaskAuthorization extends ProjectAuthorization
{
public function check($class, $method, $task_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->taskFinderModel->getProjectId($task_id));
}
}
}
app/Api/Authorization/TaskFileAuthorization.php
+19
View File
@@ -0,0 +1,19 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class TaskFileAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class TaskFileAuthorization extends ProjectAuthorization
{
public function check($class, $method, $file_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->taskFileModel->getProjectId($file_id));
}
}
}
app/Api/Authorization/TaskLinkAuthorization.php
+19
View File
@@ -0,0 +1,19 @@
<?php
namespace Kanboard\Api\Authorization;
/**
* Class TaskLinkAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class TaskLinkAuthorization extends ProjectAuthorization
{
public function check($class, $method, $task_link_id)
{
if ($this->userSession->isLogged()) {
$this->checkProjectPermission($class, $method, $this->taskLinkModel->getProjectId($task_link_id));
}
}
}
app/Api/Authorization/UserAuthorization.php
+22
View File
@@ -0,0 +1,22 @@
<?php
namespace Kanboard\Api\Authorization;
use JsonRPC\Exception\AccessDeniedException;
use Kanboard\Core\Base;
/**
* Class UserAuthorization
*
* @package Kanboard\Api\Authorization
* @author Frederic Guillot
*/
class UserAuthorization extends Base
{
public function check($class, $method)
{
if ($this->userSession->isLogged() && ! $this->apiAuthorization->isAllowed($class, $method, $this->userSession->getRole())) {
throw new AccessDeniedException('You are not allowed to access to this resource');
}
}
}
app/Api/Middleware/AuthenticationMiddleware.php
+101
View File
@@ -0,0 +1,101 @@
<?php
namespace Kanboard\Api\Middleware;
use JsonRPC\Exception\AccessDeniedException;
use JsonRPC\Exception\AuthenticationFailureException;
use JsonRPC\MiddlewareInterface;
use Kanboard\Auth\ApiAccessTokenAuth;
use Kanboard\Core\Base;
use Symfony\Contracts\EventDispatcher\Event;
/**
* Class AuthenticationApiMiddleware
*
* @package Kanboard\Api\Middleware
* @author Frederic Guillot
*/
class AuthenticationMiddleware extends Base implements MiddlewareInterface
{
/**
* Execute Middleware
*
* @access public
* @param string $username
* @param string $password
* @param string $procedureName
* @throws AccessDeniedException
* @throws AuthenticationFailureException
*/
public function execute($username, $password, $procedureName)
{
$this->dispatcher->dispatch(new Event, 'app.bootstrap');
session_set('scope', 'API');
if ($this->isUserAuthenticated($username, $password)) {
$this->userSession->initialize($this->userCacheDecorator->getByUsername($username));
} elseif (! $this->isAppAuthenticated($username, $password)) {
$this->logger->error('API authentication failure for '.$username);
throw new AuthenticationFailureException('Wrong credentials');
}
}
/**
* Check user credentials
*
* @access public
* @param string $username
* @param string $password
* @return boolean
*/
private function isUserAuthenticated($username, $password)
{
if ($username === 'jsonrpc') {
return false;
}
if ($this->userLockingModel->isLocked($username)) {
return false;
}
if ($this->userModel->has2FA($username)) {
$this->logger->info('This API user ('.$username.') as 2FA enabled: only API keys are authorized');
$this->authenticationManager->reset();
$this->authenticationManager->register(new ApiAccessTokenAuth($this->container));
}
return $this->authenticationManager->passwordAuthentication($username, $password);
}
/**
* Check administrative credentials
*
* @access public
* @param string $username
* @param string $password
* @return boolean
*/
private function isAppAuthenticated($username, $password)
{
return $username === 'jsonrpc' && hash_equals($this->getApiToken(), $password);
}
/**
* Get API Token
*
* @access private
* @return string
*/
private function getApiToken()
{
if (defined('API_AUTHENTICATION_TOKEN')) {
return API_AUTHENTICATION_TOKEN;
}
if (getenv('API_AUTHENTICATION_TOKEN')) {
return getenv('API_AUTHENTICATION_TOKEN');
}
return $this->configModel->get('api_token');
}
}
app/Api/Procedure/ActionProcedure.php
+91
View File
@@ -0,0 +1,91 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ActionAuthorization;
use Kanboard\Api\Authorization\ProjectAuthorization;
/**
* Action API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class ActionProcedure extends BaseProcedure
{
public function getAvailableActions()
{
return (object) $this->actionManager->getAvailableActions();
}
public function getAvailableActionEvents()
{
return (object) $this->eventManager->getAll();
}
public function getCompatibleActionEvents($action_name)
{
return (object) $this->actionManager->getCompatibleEvents($action_name);
}
public function removeAction($action_id)
{
ActionAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeAction', $action_id);
return $this->actionModel->remove($action_id);
}
public function getActions($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getActions', $project_id);
return $this->actionModel->getAllByProject($project_id);
}
public function createAction($project_id, $event_name, $action_name, array $params)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'createAction', $project_id);
$values = array(
'project_id' => $project_id,
'event_name' => $event_name,
'action_name' => $action_name,
'params' => $params,
);
list($valid, ) = $this->actionValidator->validateCreation($values);
if (! $valid) {
return false;
}
// Check if the action exists
$actions = $this->actionManager->getAvailableActions();
if (! isset($actions[$action_name])) {
return false;
}
// Check the event
$action = $this->actionManager->getAction($action_name);
if (! in_array($event_name, $action->getEvents())) {
return false;
}
$required_params = $action->getActionRequiredParameters();
// Check missing parameters
foreach ($required_params as $param => $value) {
if (! isset($params[$param])) {
return false;
}
}
// Check extra parameters
foreach ($params as $param => $value) {
if (! isset($required_params[$param])) {
return false;
}
}
return $this->actionModel->create($values);
}
}
app/Api/Procedure/AppProcedure.php
+47
View File
@@ -0,0 +1,47 @@
<?php
namespace Kanboard\Api\Procedure;
/**
* App API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class AppProcedure extends BaseProcedure
{
public function getTimezone()
{
return $this->timezoneModel->getCurrentTimezone();
}
public function getVersion()
{
return APP_VERSION;
}
public function getDefaultTaskColor()
{
return $this->colorModel->getDefaultColor();
}
public function getDefaultTaskColors()
{
return $this->colorModel->getDefaultColors();
}
public function getColorList()
{
return $this->colorModel->getList();
}
public function getApplicationRoles()
{
return $this->role->getApplicationRoles();
}
public function getProjectRoles()
{
return $this->role->getProjectRoles();
}
}
app/Api/Procedure/BaseProcedure.php
+40
View File
@@ -0,0 +1,40 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProcedureAuthorization;
use Kanboard\Api\Authorization\UserAuthorization;
use Kanboard\Core\Base;
use ReflectionClass;
/**
* Base class
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
abstract class BaseProcedure extends Base
{
public function beforeProcedure($procedure)
{
ProcedureAuthorization::getInstance($this->container)->check($procedure);
UserAuthorization::getInstance($this->container)->check($this->getClassName(), $procedure);
}
protected function filterValues(array $values)
{
foreach ($values as $key => $value) {
if (is_null($value)) {
unset($values[$key]);
}
}
return $values;
}
protected function getClassName()
{
$reflection = new ReflectionClass(get_called_class());
return $reflection->getShortName();
}
}
app/Api/Procedure/BoardProcedure.php
+24
View File
@@ -0,0 +1,24 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
/**
* Board API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class BoardProcedure extends BaseProcedure
{
public function getBoard($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getBoard', $project_id);
return $this->boardFormatter
->withProjectId($project_id)
->withQuery($this->taskFinderModel->getExtendedQuery())
->format();
}
}
app/Api/Procedure/CategoryProcedure.php
+61
View File
@@ -0,0 +1,61 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\CategoryAuthorization;
use Kanboard\Api\Authorization\ProjectAuthorization;
/**
* Category API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class CategoryProcedure extends BaseProcedure
{
public function getCategory($category_id)
{
CategoryAuthorization::getInstance($this->container)->check($this->getClassName(), 'getCategory', $category_id);
return $this->categoryModel->getById($category_id);
}
public function getAllCategories($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllCategories', $project_id);
return $this->categoryModel->getAll($project_id);
}
public function removeCategory($category_id)
{
CategoryAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeCategory', $category_id);
return $this->categoryModel->remove($category_id);
}
public function createCategory($project_id, $name, $color_id = null)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'createCategory', $project_id);
$values = array(
'project_id' => $project_id,
'name' => $name,
'color_id' => $color_id,
);
list($valid, ) = $this->categoryValidator->validateCreation($values);
return $valid ? $this->categoryModel->create($values) : false;
}
public function updateCategory($id, $name, $color_id = null)
{
CategoryAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateCategory', $id);
$values = array(
'id' => $id,
'name' => $name,
'color_id' => $color_id,
);
list($valid, ) = $this->categoryValidator->validateModification($values);
return $valid && $this->categoryModel->update($values);
}
}
app/Api/Procedure/ColumnProcedure.php
+66
View File
@@ -0,0 +1,66 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ColumnAuthorization;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Model\TaskModel;
/**
* Column API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class ColumnProcedure extends BaseProcedure
{
public function getColumns($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getColumns', $project_id);
return $this->columnModel->getAll($project_id);
}
public function getColumn($column_id)
{
ColumnAuthorization::getInstance($this->container)->check($this->getClassName(), 'getColumn', $column_id);
return $this->columnModel->getById($column_id);
}
public function updateColumn($column_id, $title, $task_limit = 0, $description = '')
{
ColumnAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateColumn', $column_id);
return $this->columnModel->update($column_id, $title, $task_limit, $description);
}
public function addColumn($project_id, $title, $task_limit = 0, $description = '')
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'addColumn', $project_id);
return $this->columnModel->create($project_id, $title, $task_limit, $description);
}
public function removeColumn($column_id)
{
ColumnAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeColumn', $column_id);
$projectId = $this->columnModel->getProjectId($column_id);
$nbTasks = $this->taskFinderModel->countByColumnId($projectId, $column_id, array(TaskModel::STATUS_OPEN, TaskModel::STATUS_CLOSED));
if ($nbTasks > 0) {
$this->logger->error(__METHOD__.': This column cannot be removed because it contains '.$nbTasks.' tasks');
return false;
}
return $this->columnModel->remove($column_id);
}
public function changeColumnPosition($project_id, $column_id, $position)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'changeColumnPosition', $project_id);
if ((int) $this->columnModel->getProjectId($column_id) !== (int) $project_id) {
return false;
}
return $this->columnModel->changePosition($project_id, $column_id, $position);
}
}
app/Api/Procedure/CommentProcedure.php
+113
View File
@@ -0,0 +1,113 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\CommentAuthorization;
use Kanboard\Api\Authorization\TaskAuthorization;
use Kanboard\Core\Security\Role;
/**
* Comment API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class CommentProcedure extends BaseProcedure
{
public function getComment($comment_id)
{
CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'getComment', $comment_id);
return $this->commentModel->getById($comment_id);
}
public function getAllComments($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllComments', $task_id);
$comments = $this->commentModel->getAll($task_id);
$filteredComments = [];
$userRole = $this->userSession->getRole();
foreach ($comments as $comment) {
if ($userRole === Role::APP_MANAGER && $comment['visibility'] === Role::APP_ADMIN) {
continue;
}
if ($userRole === Role::APP_USER && $comment['visibility'] !== Role::APP_USER) {
continue;
}
$filteredComments[] = $comment;
}
return $filteredComments;
}
public function removeComment($comment_id)
{
CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeComment', $comment_id);
if ($this->userSession->isLogged()) {
$loggedUserID = $this->userSession->getId();
$comment = $this->commentModel->getById($comment_id);
if ($comment['user_id'] != $loggedUserID) {
return false;
}
}
return $this->commentModel->remove($comment_id);
}
public function createComment($task_id, $user_id, $content, $reference = '', $visibility = Role::APP_USER)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createComment', $task_id);
if ($this->userSession->isLogged()) {
$loggedUserID = $this->userSession->getId();
if ($user_id != $loggedUserID) {
return false;
}
$userRole = $this->userSession->getRole();
if ($userRole === Role::APP_MANAGER && $visibility === Role::APP_ADMIN) {
return false;
}
if ($userRole === Role::APP_USER && $visibility !== Role::APP_USER) {
return false;
}
}
$values = array(
'task_id' => $task_id,
'user_id' => $user_id,
'comment' => $content,
'reference' => $reference,
'visibility' => $visibility,
);
list($valid, ) = $this->commentValidator->validateCreation($values);
return $valid ? $this->commentModel->create($values) : false;
}
public function updateComment($id, $content)
{
CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateComment', $id);
if ($this->userSession->isLogged()) {
$loggedUserID = $this->userSession->getId();
$comment = $this->commentModel->getById($id);
if ($comment['user_id'] != $loggedUserID) {
return false;
}
}
$values = array(
'id' => $id,
'comment' => $content,
);
list($valid, ) = $this->commentValidator->validateModification($values);
return $valid && $this->commentModel->update($values);
}
}
app/Api/Procedure/GroupMemberProcedure.php
+37
View File
@@ -0,0 +1,37 @@
<?php
namespace Kanboard\Api\Procedure;
/**
* Group Member API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class GroupMemberProcedure extends BaseProcedure
{
public function getMemberGroups($user_id)
{
return $this->groupMemberModel->getGroups($user_id);
}
public function getGroupMembers($group_id)
{
return $this->groupMemberModel->getMembers($group_id);
}
public function addGroupMember($group_id, $user_id)
{
return $this->groupMemberModel->addUser($group_id, $user_id);
}
public function removeGroupMember($group_id, $user_id)
{
return $this->groupMemberModel->removeUser($group_id, $user_id);
}
public function isGroupMember($group_id, $user_id)
{
return $this->groupMemberModel->isMember($group_id, $user_id);
}
}
app/Api/Procedure/GroupProcedure.php
+49
View File
@@ -0,0 +1,49 @@
<?php
namespace Kanboard\Api\Procedure;
/**
* Group API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class GroupProcedure extends BaseProcedure
{
public function createGroup($name, $external_id = '')
{
return $this->groupModel->create($name, $external_id);
}
public function updateGroup($group_id, $name = null, $external_id = null)
{
$values = array(
'id' => $group_id,
'name' => $name,
'external_id' => $external_id,
);
foreach ($values as $key => $value) {
if (is_null($value)) {
unset($values[$key]);
}
}
return $this->groupModel->update($values);
}
public function removeGroup($group_id)
{
return $this->groupModel->remove($group_id);
}
public function getGroup($group_id)
{
return $this->groupModel->getById($group_id);
}
public function getAllGroups()
{
return $this->groupModel->getAll();
}
}
app/Api/Procedure/LinkProcedure.php
+111
View File
@@ -0,0 +1,111 @@
<?php
namespace Kanboard\Api\Procedure;
/**
* Link API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class LinkProcedure extends BaseProcedure
{
/**
* Get a link by id
*
* @access public
* @param integer $link_id Link id
* @return array
*/
public function getLinkById($link_id)
{
return $this->linkModel->getById($link_id);
}
/**
* Get a link by name
*
* @access public
* @param string $label
* @return array
*/
public function getLinkByLabel($label)
{
return $this->linkModel->getByLabel($label);
}
/**
* Get the opposite link id
*
* @access public
* @param integer $link_id Link id
* @return integer
*/
public function getOppositeLinkId($link_id)
{
return $this->linkModel->getOppositeLinkId($link_id);
}
/**
* Get all links
*
* @access public
* @return array
*/
public function getAllLinks()
{
return $this->linkModel->getAll();
}
/**
* Create a new link label
*
* @access public
* @param string $label
* @param string $opposite_label
* @return boolean|integer
*/
public function createLink($label, $opposite_label = '')
{
$values = array(
'label' => $label,
'opposite_label' => $opposite_label,
);
list($valid, ) = $this->linkValidator->validateCreation($values);
return $valid ? $this->linkModel->create($label, $opposite_label) : false;
}
/**
* Update a link
*
* @access public
* @param integer $link_id
* @param integer $opposite_link_id
* @param string $label
* @return boolean
*/
public function updateLink($link_id, $opposite_link_id, $label)
{
$values = array(
'id' => $link_id,
'opposite_id' => $opposite_link_id,
'label' => $label,
);
list($valid, ) = $this->linkValidator->validateModification($values);
return $valid && $this->linkModel->update($values);
}
/**
* Remove a link a the relation to its opposite
*
* @access public
* @param integer $link_id
* @return boolean
*/
public function removeLink($link_id)
{
return $this->linkModel->remove($link_id);
}
}
app/Api/Procedure/MeProcedure.php
+67
View File
@@ -0,0 +1,67 @@
<?php
namespace Kanboard\Api\Procedure;
/**
* Me API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class MeProcedure extends BaseProcedure
{
public function getMe()
{
return session_get('user');
}
public function getMyDashboard()
{
$userId = $this->userSession->getId();
return $this->taskListSubtaskAssigneeFormatter
->withQuery($this->taskFinderModel->getUserQuery($userId))
->withUserId($userId)
->format();
}
public function getMyActivityStream()
{
$project_ids = $this->projectPermissionModel->getActiveProjectIds($this->userSession->getId());
return $this->helper->projectActivity->getProjectsEvents($project_ids, 100);
}
public function createMyPrivateProject($name, $description = null)
{
if ($this->configModel->get('disable_private_project', 0) == 1) {
return false;
}
$values = array(
'name' => $name,
'description' => $description,
'is_private' => 1,
);
list($valid, ) = $this->projectValidator->validateCreation($values);
return $valid ? $this->projectModel->create($values, $this->userSession->getId(), true) : false;
}
public function getMyProjectsList()
{
return (object) $this->projectUserRoleModel->getProjectsByUser($this->userSession->getId());
}
public function getMyOverdueTasks()
{
return $this->taskFinderModel->getOverdueTasksByUser($this->userSession->getId());
}
public function getMyProjects()
{
$project_ids = $this->projectPermissionModel->getActiveProjectIds($this->userSession->getId());
$projects = $this->projectModel->getAllByIds($project_ids);
return $this->projectsApiFormatter->withProjects($projects)->format();
}
}
app/Api/Procedure/ProjectFileProcedure.php
+80
View File
@@ -0,0 +1,80 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Core\ObjectStorage\ObjectStorageException;
/**
* Project File API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class ProjectFileProcedure extends BaseProcedure
{
public function getProjectFile($project_id, $file_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectFile', $project_id);
$file = $this->projectFileModel->getById($file_id);
if (empty($file) || (int) $file['project_id'] !== (int) $project_id) {
return false;
}
return $file;
}
public function getAllProjectFiles($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllProjectFiles', $project_id);
return $this->projectFileModel->getAll($project_id);
}
public function downloadProjectFile($project_id, $file_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'downloadProjectFile', $project_id);
try {
$file = $this->projectFileModel->getById($file_id);
if (! empty($file) && (int) $file['project_id'] === (int) $project_id) {
return base64_encode($this->objectStorage->get($file['path']));
}
} catch (ObjectStorageException $e) {
$this->logger->error($e->getMessage());
}
return '';
}
public function createProjectFile($project_id, $filename, $blob)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'createProjectFile', $project_id);
try {
return $this->projectFileModel->uploadContent($project_id, $filename, $blob);
} catch (ObjectStorageException $e) {
$this->logger->error(__METHOD__.': '.$e->getMessage());
return false;
}
}
public function removeProjectFile($project_id, $file_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeProjectFile', $project_id);
$file = $this->projectFileModel->getById($file_id);
if (empty($file) || (int) $file['project_id'] !== (int) $project_id) {
return false;
}
return $this->projectFileModel->remove($file_id);
}
public function removeAllProjectFiles($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeAllProjectFiles', $project_id);
return $this->projectFileModel->removeAll($project_id);
}
}
app/Api/Procedure/ProjectMetaDataProcedure.php
+38
View File
@@ -0,0 +1,38 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
/**
* Class ProjectMetadataProcedure
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class ProjectMetadataProcedure extends BaseProcedure
{
public function getProjectMetadata($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectMetadata', $project_id);
return (object) $this->projectMetadataModel->getAll($project_id);
}
public function getProjectMetadataByName($project_id, $name)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectMetadataByName', $project_id);
return $this->projectMetadataModel->get($project_id, $name);
}
public function saveProjectMetadata($project_id, array $values)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'saveProjectMetadata', $project_id);
return $this->projectMetadataModel->save($project_id, $values);
}
public function removeProjectMetadata($project_id, $name)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeProjectMetadata', $project_id);
return $this->projectMetadataModel->remove($project_id, $name);
}
}
app/Api/Procedure/ProjectPermissionProcedure.php
+69
View File
@@ -0,0 +1,69 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Core\Security\Role;
/**
* Project Permission API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class ProjectPermissionProcedure extends BaseProcedure
{
public function getProjectUsers($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectUsers', $project_id);
return (object) $this->projectUserRoleModel->getAllUsers($project_id);
}
public function getAssignableUsers($project_id, $prepend_unassigned = false)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAssignableUsers', $project_id);
return (object) $this->projectUserRoleModel->getAssignableUsersList($project_id, $prepend_unassigned);
}
public function addProjectUser($project_id, $user_id, $role = Role::PROJECT_MEMBER)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'addProjectUser', $project_id);
return $this->projectUserRoleModel->addUser($project_id, $user_id, $role);
}
public function addProjectGroup($project_id, $group_id, $role = Role::PROJECT_MEMBER)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'addProjectGroup', $project_id);
return $this->projectGroupRoleModel->addGroup($project_id, $group_id, $role);
}
public function removeProjectUser($project_id, $user_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeProjectUser', $project_id);
return $this->projectUserRoleModel->removeUser($project_id, $user_id);
}
public function removeProjectGroup($project_id, $group_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeProjectGroup', $project_id);
return $this->projectGroupRoleModel->removeGroup($project_id, $group_id);
}
public function changeProjectUserRole($project_id, $user_id, $role)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'changeProjectUserRole', $project_id);
return $this->projectUserRoleModel->changeUserRole($project_id, $user_id, $role);
}
public function changeProjectGroupRole($project_id, $group_id, $role)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'changeProjectGroupRole', $project_id);
return $this->projectGroupRoleModel->changeGroupRole($project_id, $group_id, $role);
}
public function getProjectUserRole($project_id, $user_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectUserRole', $project_id);
return $this->projectUserRoleModel->getUserRole($project_id, $user_id);
}
}
app/Api/Procedure/ProjectProcedure.php
+152
View File
@@ -0,0 +1,152 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
/**
* Project API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class ProjectProcedure extends BaseProcedure
{
public function getProjectById($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectById', $project_id);
$project = $this->projectModel->getById($project_id);
return $this->projectApiFormatter->withProject($project)->format();
}
public function getProjectByName($name)
{
$project = $this->projectModel->getByName($name);
if (empty($project)) {
return false;
}
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectByName', $project['id']);
return $this->projectApiFormatter->withProject($project)->format();
}
public function getProjectByIdentifier($identifier)
{
$project = $this->projectModel->getByIdentifier($identifier);
if (empty($project)) {
return false;
}
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectByIdentifier', $project['id']);
return $this->projectApiFormatter->withProject($project)->format();
}
public function getProjectByEmail($email)
{
$project = $this->projectModel->getByEmail($email);
if (empty($project)) {
return false;
}
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectByEmail', $project['id']);
return $this->projectApiFormatter->withProject($project)->format();
}
public function getAllProjects()
{
return $this->projectsApiFormatter->withProjects($this->projectModel->getAll())->format();
}
public function removeProject($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeProject', $project_id);
return $this->projectModel->remove($project_id);
}
public function enableProject($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'enableProject', $project_id);
return $this->projectModel->enable($project_id);
}
public function disableProject($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'disableProject', $project_id);
return $this->projectModel->disable($project_id);
}
public function enableProjectPublicAccess($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'enableProjectPublicAccess', $project_id);
return $this->projectModel->enablePublicAccess($project_id);
}
public function disableProjectPublicAccess($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'disableProjectPublicAccess', $project_id);
return $this->projectModel->disablePublicAccess($project_id);
}
public function getProjectActivities(array $project_ids)
{
foreach ($project_ids as $project_id) {
ProjectAuthorization::getInstance($this->container)
->check($this->getClassName(), 'getProjectActivities', $project_id);
}
return $this->helper->projectActivity->getProjectsEvents($project_ids);
}
public function getProjectActivity($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getProjectActivity', $project_id);
return $this->helper->projectActivity->getProjectEvents($project_id);
}
public function createProject($name, $description = null, $owner_id = 0, $identifier = null, $start_date = null, $end_date = null, $priority_default = null, $priority_start = null, $priority_end = null, $email = null)
{
if ($owner_id === 0 && $this->userSession->isLogged()) {
$owner_id = $this->userSession->getId();
}
$values = $this->filterValues(array(
'name' => $name,
'description' => $description,
'identifier' => $identifier,
'start_date' => $start_date,
'end_date' => $end_date,
'priority_default' => $priority_default,
'priority_start' => $priority_start,
'priority_end' => $priority_end,
'email' => $email,
));
list($valid, ) = $this->projectValidator->validateCreation($values);
return $valid ? $this->projectModel->create($values, $owner_id, $this->userSession->isLogged()) : false;
}
public function updateProject($project_id, $name = null, $description = null, $owner_id = null, $identifier = null, $start_date = null, $end_date = null, $priority_default = null, $priority_start = null, $priority_end = null, $email = null)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateProject', $project_id);
$values = $this->filterValues(array(
'id' => $project_id,
'name' => $name,
'description' => $description,
'owner_id' => $owner_id,
'identifier' => $identifier,
'start_date' => $start_date,
'end_date' => $end_date,
'priority_default' => $priority_default,
'priority_start' => $priority_start,
'priority_end' => $priority_end,
'email' => $email,
));
list($valid, ) = $this->projectValidator->validateModification($values);
return $valid && $this->projectModel->update($values);
}
}
app/Api/Procedure/SubtaskProcedure.php
+80
View File
@@ -0,0 +1,80 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\SubtaskAuthorization;
use Kanboard\Api\Authorization\TaskAuthorization;
/**
* Subtask API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class SubtaskProcedure extends BaseProcedure
{
public function getSubtask($subtask_id)
{
SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getSubtask', $subtask_id);
return $this->subtaskModel->getById($subtask_id);
}
public function getAllSubtasks($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllSubtasks', $task_id);
return $this->subtaskModel->getAll($task_id);
}
public function removeSubtask($subtask_id)
{
SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeSubtask', $subtask_id);
return $this->subtaskModel->remove($subtask_id);
}
public function createSubtask($task_id, $title, $user_id = 0, $time_estimated = 0, $time_spent = 0, $status = 0)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createSubtask', $task_id);
$values = array(
'title' => $title,
'task_id' => $task_id,
'user_id' => $user_id,
'time_estimated' => $time_estimated,
'time_spent' => $time_spent,
'status' => $status,
);
list($valid, ) = $this->subtaskValidator->validateCreation($values);
return $valid ? $this->subtaskModel->create($values) : false;
}
public function updateSubtask($id, $task_id, $title = null, $user_id = null, $time_estimated = null, $time_spent = null, $status = null, $position = null)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateSubtask', $task_id);
$subtask = $this->subtaskModel->getById($id);
if (empty($subtask) || (int) $subtask['task_id'] !== (int) $task_id) {
return false;
}
$values = array(
'id' => $id,
'task_id' => $task_id,
'title' => $title,
'user_id' => $user_id,
'time_estimated' => $time_estimated,
'time_spent' => $time_spent,
'status' => $status,
'position' => $position
);
foreach ($values as $key => $value) {
if (is_null($value)) {
unset($values[$key]);
}
}
list($valid, ) = $this->subtaskValidator->validateApiModification($values);
return $valid && $this->subtaskModel->update($values);
}
}
app/Api/Procedure/SubtaskTimeTrackingProcedure.php
+39
View File
@@ -0,0 +1,39 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\SubtaskAuthorization;
/**
* Subtask Time Tracking API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
* @author Nikolaos Georgakis
*/
class SubtaskTimeTrackingProcedure extends BaseProcedure
{
public function hasSubtaskTimer($subtask_id, $user_id)
{
SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'hasSubtaskTimer', $subtask_id);
return $this->subtaskTimeTrackingModel->hasTimer($subtask_id, $user_id);
}
public function setSubtaskStartTime($subtask_id, $user_id)
{
SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'setSubtaskStartTime', $subtask_id);
return $this->subtaskTimeTrackingModel->logStartTime($subtask_id, $user_id);
}
public function setSubtaskEndTime($subtask_id, $user_id)
{
SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'setSubtaskEndTime', $subtask_id);
return $this->subtaskTimeTrackingModel->logEndTime($subtask_id, $user_id);
}
public function getSubtaskTimeSpent($subtask_id, $user_id)
{
SubtaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getSubtaskTimeSpent', $subtask_id);
return $this->subtaskTimeTrackingModel->getTimeSpent($subtask_id, $user_id);
}
}
app/Api/Procedure/SwimlaneProcedure.php
+121
View File
@@ -0,0 +1,121 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Model\SwimlaneModel;
/**
* Swimlane API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class SwimlaneProcedure extends BaseProcedure
{
public function getActiveSwimlanes($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getActiveSwimlanes', $project_id);
return $this->swimlaneModel->getAllByStatus($project_id, SwimlaneModel::ACTIVE);
}
public function getAllSwimlanes($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllSwimlanes', $project_id);
return $this->swimlaneModel->getAll($project_id);
}
public function getSwimlaneById($swimlane_id)
{
$swimlane = $this->swimlaneModel->getById($swimlane_id);
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getSwimlaneById', $swimlane['project_id']);
return $swimlane;
}
public function getSwimlaneByName($project_id, $name)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getSwimlaneByName', $project_id);
return $this->swimlaneModel->getByName($project_id, $name);
}
public function getSwimlane($swimlane_id)
{
$swimlane = $this->swimlaneModel->getById($swimlane_id);
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getSwimlane', $swimlane['project_id']);
return $swimlane;
}
public function addSwimlane($project_id, $name, $description = '')
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'addSwimlane', $project_id);
return $this->swimlaneModel->create($project_id, $name, $description);
}
public function updateSwimlane($project_id, $swimlane_id, $name, $description = null)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateSwimlane', $project_id);
$swimlane = $this->swimlaneModel->getById($swimlane_id);
if (empty($swimlane) || (int) $swimlane['project_id'] !== (int) $project_id) {
return false;
}
$values = array(
'project_id' => $project_id,
'id' => $swimlane_id,
'name' => $name,
);
if (! is_null($description)) {
$values['description'] = $description;
}
list($valid, $errors) = $this->swimlaneValidator->validateModification($values);
if (! $valid) {
$this->logger->debug(__METHOD__.': Validation error: '.var_export($errors, true));
return false;
}
return $this->swimlaneModel->update($swimlane_id, $values);
}
public function removeSwimlane($project_id, $swimlane_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeSwimlane', $project_id);
$swimlane = $this->swimlaneModel->getById($swimlane_id);
if (empty($swimlane) || (int) $swimlane['project_id'] !== (int) $project_id) {
return false;
}
return $this->swimlaneModel->remove($project_id, $swimlane_id);
}
public function disableSwimlane($project_id, $swimlane_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'disableSwimlane', $project_id);
return $this->swimlaneModel->disable($project_id, $swimlane_id);
}
public function enableSwimlane($project_id, $swimlane_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'enableSwimlane', $project_id);
return $this->swimlaneModel->enable($project_id, $swimlane_id);
}
public function changeSwimlanePosition($project_id, $swimlane_id, $position)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'changeSwimlanePosition', $project_id);
$swimlane = $this->swimlaneModel->getById($swimlane_id);
if (empty($swimlane) || (int) $swimlane['project_id'] !== (int) $project_id) {
return false;
}
return $this->swimlaneModel->changePosition($project_id, $swimlane_id, $position);
}
}
app/Api/Procedure/TagProcedure.php
+49
View File
@@ -0,0 +1,49 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Api\Authorization\TagAuthorization;
/**
* Class TagProcedure
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class TagProcedure extends BaseProcedure
{
public function getAllTags()
{
if ($this->userSession->isLogged() && ! $this->userSession->isAdmin()) {
$project_ids = $this->projectPermissionModel->getActiveProjectIds($this->userSession->getId());
return $this->tagModel->getAllByProjectIds($project_ids);
}
return $this->tagModel->getAll();
}
public function getTagsByProject($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTagsByProject', $project_id);
return $this->tagModel->getAllByProject($project_id);
}
public function createTag($project_id, $tag, $color_id = null)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'createTag', $project_id);
return $this->tagModel->create($project_id, $tag, $color_id);
}
public function updateTag($tag_id, $tag, $color_id = null)
{
TagAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateTag', $tag_id);
return $this->tagModel->update($tag_id, $tag, $color_id);
}
public function removeTag($tag_id)
{
TagAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeTag', $tag_id);
return $this->tagModel->remove($tag_id);
}
}
app/Api/Procedure/TaskExternalLinkProcedure.php
+123
View File
@@ -0,0 +1,123 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\TaskAuthorization;
use Kanboard\Core\ExternalLink\ExternalLinkManager;
use Kanboard\Core\ExternalLink\ExternalLinkProviderNotFound;
/**
* Task External Link API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class TaskExternalLinkProcedure extends BaseProcedure
{
public function getExternalTaskLinkTypes()
{
return $this->externalLinkManager->getTypes();
}
public function getExternalTaskLinkProviderDependencies($providerName)
{
try {
return $this->externalLinkManager->getProvider($providerName)->getDependencies();
} catch (ExternalLinkProviderNotFound $e) {
$this->logger->error(__METHOD__.': '.$e->getMessage());
return false;
}
}
public function getExternalTaskLinkById($task_id, $link_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getExternalTaskLink', $task_id);
$link = $this->taskExternalLinkModel->getById($link_id);
if (empty($link) || (int) $link['task_id'] !== (int) $task_id) {
return false;
}
return $link;
}
public function getAllExternalTaskLinks($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getExternalTaskLinks', $task_id);
return $this->taskExternalLinkModel->getAll($task_id);
}
public function createExternalTaskLink($task_id, $url, $dependency, $type = ExternalLinkManager::TYPE_AUTO, $title = '')
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createExternalTaskLink', $task_id);
try {
$provider = $this->externalLinkManager
->setUserInputText($url)
->setUserInputType($type)
->find();
$link = $provider->getLink();
$values = array(
'task_id' => $task_id,
'title' => $title ?: $link->getTitle(),
'url' => $link->getUrl(),
'link_type' => $provider->getType(),
'dependency' => $dependency,
);
list($valid, $errors) = $this->externalLinkValidator->validateCreation($values);
if (! $valid) {
$this->logger->error(__METHOD__.': '.var_export($errors));
return false;
}
return $this->taskExternalLinkModel->create($values);
} catch (ExternalLinkProviderNotFound $e) {
$this->logger->error(__METHOD__.': '.$e->getMessage());
}
return false;
}
public function updateExternalTaskLink($task_id, $link_id, $title = null, $url = null, $dependency = null)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateExternalTaskLink', $task_id);
$link = $this->taskExternalLinkModel->getById($link_id);
if (empty($link) || (int) $link['task_id'] !== (int) $task_id) {
return false;
}
$values = $this->filterValues(array(
'title' => $title,
'url' => $url,
'dependency' => $dependency,
));
$values = array_merge($link, $values);
list($valid, $errors) = $this->externalLinkValidator->validateModification($values);
if (! $valid) {
$this->logger->error(__METHOD__.': '.var_export($errors));
return false;
}
return $this->taskExternalLinkModel->update($values);
}
public function removeExternalTaskLink($task_id, $link_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeExternalTaskLink', $task_id);
$link = $this->taskExternalLinkModel->getById($link_id);
if (empty($link) || (int) $link['task_id'] !== (int) $task_id) {
return false;
}
return $this->taskExternalLinkModel->remove($link_id);
}
}
app/Api/Procedure/TaskFileProcedure.php
+81
View File
@@ -0,0 +1,81 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Api\Authorization\TaskAuthorization;
use Kanboard\Api\Authorization\TaskFileAuthorization;
use Kanboard\Core\ObjectStorage\ObjectStorageException;
/**
* Task File API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class TaskFileProcedure extends BaseProcedure
{
public function getTaskFile($file_id)
{
TaskFileAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTaskFile', $file_id);
return $this->taskFileModel->getById($file_id);
}
public function getAllTaskFiles($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllTaskFiles', $task_id);
return $this->taskFileModel->getAll($task_id);
}
public function downloadTaskFile($file_id)
{
TaskFileAuthorization::getInstance($this->container)->check($this->getClassName(), 'downloadTaskFile', $file_id);
try {
$file = $this->taskFileModel->getById($file_id);
if (! empty($file)) {
return base64_encode($this->objectStorage->get($file['path']));
}
} catch (ObjectStorageException $e) {
$this->logger->error($e->getMessage());
}
return '';
}
public function createTaskFile($project_id, $task_id, $filename, $blob)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'createTaskFile', $project_id);
if (!$this->taskFinderModel->exists($task_id)) {
return false;
}
$taskProjectID = $this->taskFinderModel->getProjectId($task_id);
if ($taskProjectID != $project_id) {
return false;
}
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createTaskFile', $task_id);
try {
return $this->taskFileModel->uploadContent($task_id, $filename, $blob);
} catch (ObjectStorageException $e) {
$this->logger->error(__METHOD__.': '.$e->getMessage());
return false;
}
}
public function removeTaskFile($file_id)
{
TaskFileAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeTaskFile', $file_id);
return $this->taskFileModel->remove($file_id);
}
public function removeAllTaskFiles($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeAllTaskFiles', $task_id);
return $this->taskFileModel->removeAll($task_id);
}
}
app/Api/Procedure/TaskLinkProcedure.php
+109
View File
@@ -0,0 +1,109 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\TaskAuthorization;
use Kanboard\Api\Authorization\TaskLinkAuthorization;
/**
* TaskLink API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class TaskLinkProcedure extends BaseProcedure
{
/**
* Get a task link
*
* @access public
* @param integer $task_link_id Task link id
* @return array
*/
public function getTaskLinkById($task_link_id)
{
TaskLinkAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTaskLinkById', $task_link_id);
return $this->taskLinkModel->getById($task_link_id);
}
/**
* Get all links attached to a task
*
* @access public
* @param integer $task_id Task id
* @return array
*/
public function getAllTaskLinks($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllTaskLinks', $task_id);
return $this->taskLinkModel->getAll($task_id);
}
/**
* Create a new link
*
* @access public
* @param integer $task_id Task id
* @param integer $opposite_task_id Opposite task id
* @param integer $link_id Link id
* @return integer Task link id
*/
public function createTaskLink($task_id, $opposite_task_id, $link_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createTaskLink', $task_id);
if ($this->userSession->isLogged()) {
$opposite_task = $this->taskFinderModel->getById($opposite_task_id);
if (! $this->projectPermissionModel->isUserAllowed($opposite_task['project_id'], $this->userSession->getId())) {
return false;
}
}
return $this->taskLinkModel->create($task_id, $opposite_task_id, $link_id);
}
/**
* Update a task link
*
* @access public
* @param integer $task_link_id Task link id
* @param integer $task_id Task id
* @param integer $opposite_task_id Opposite task id
* @param integer $link_id Link id
* @return boolean
*/
public function updateTaskLink($task_link_id, $task_id, $opposite_task_id, $link_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateTaskLink', $task_id);
$taskLink = $this->taskLinkModel->getById($task_link_id);
if (empty($taskLink) || (int) $taskLink['task_id'] !== (int) $task_id) {
return false;
}
if ($this->userSession->isLogged()) {
$opposite_task = $this->taskFinderModel->getById($opposite_task_id);
if (! $this->projectPermissionModel->isUserAllowed($opposite_task['project_id'], $this->userSession->getId())) {
return false;
}
}
return $this->taskLinkModel->update($task_link_id, $task_id, $opposite_task_id, $link_id);
}
/**
* Remove a link between two tasks
*
* @access public
* @param integer $task_link_id
* @return boolean
*/
public function removeTaskLink($task_link_id)
{
TaskLinkAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeTaskLink', $task_link_id);
return $this->taskLinkModel->remove($task_link_id);
}
}
app/Api/Procedure/TaskMetadataProcedure.php
+38
View File
@@ -0,0 +1,38 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\TaskAuthorization;
/**
* Class TaskMetadataProcedure
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class TaskMetadataProcedure extends BaseProcedure
{
public function getTaskMetadata($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTaskMetadata', $task_id);
return (object) $this->taskMetadataModel->getAll($task_id);
}
public function getTaskMetadataByName($task_id, $name)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTaskMetadataByName', $task_id);
return $this->taskMetadataModel->get($task_id, $name);
}
public function saveTaskMetadata($task_id, array $values)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'saveTaskMetadata', $task_id);
return $this->taskMetadataModel->save($task_id, $values);
}
public function removeTaskMetadata($task_id, $name)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeTaskMetadata', $task_id);
return $this->taskMetadataModel->remove($task_id, $name);
}
}
app/Api/Procedure/TaskProcedure.php
+222
View File
@@ -0,0 +1,222 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Api\Authorization\TaskAuthorization;
use Kanboard\Filter\TaskProjectFilter;
use Kanboard\Model\TaskModel;
/**
* Task API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class TaskProcedure extends BaseProcedure
{
public function searchTasks($project_id, $query)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'searchTasks', $project_id);
return $this->taskLexer->build($query)->withFilter(new TaskProjectFilter($project_id))->toArray();
}
public function getTask($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTask', $task_id);
$task = $this->taskFinderModel->getById($task_id);
return $this->taskApiFormatter->withTask($task)->format();
}
public function getTaskByReference($project_id, $reference)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTaskByReference', $project_id);
$task = $this->taskFinderModel->getByReference($project_id, $reference);
return $this->taskApiFormatter->withTask($task)->format();
}
public function getAllTasks($project_id, $status_id = TaskModel::STATUS_OPEN)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllTasks', $project_id);
$tasks = $this->taskFinderModel->getAll($project_id, $status_id);
return $this->tasksApiFormatter->withTasks($tasks)->format();
}
public function getOverdueTasks()
{
return $this->taskFinderModel->getOverdueTasks();
}
public function getOverdueTasksByProject($project_id)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'getOverdueTasksByProject', $project_id);
return $this->taskFinderModel->getOverdueTasksByProject($project_id);
}
public function openTask($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'openTask', $task_id);
return $this->taskStatusModel->open($task_id);
}
public function closeTask($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'closeTask', $task_id);
return $this->taskStatusModel->close($task_id);
}
public function removeTask($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeTask', $task_id);
return $this->taskModel->remove($task_id);
}
public function moveTaskPosition($project_id, $task_id, $column_id, $position, $swimlane_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'moveTaskPosition', $task_id);
$taskProjectId = $this->taskFinderModel->getProjectId($task_id);
if ($taskProjectId !== (int) $project_id) {
return false;
}
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'moveTaskPosition', $project_id);
return $this->taskPositionModel->movePosition($project_id, $task_id, $column_id, $position, $swimlane_id, true, false);
}
public function moveTaskToProject($task_id, $project_id, $swimlane_id = null, $column_id = null, $category_id = null, $owner_id = null)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'moveTaskToProject', $task_id);
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'moveTaskToProject', $project_id);
return $this->taskProjectMoveModel->moveToProject($task_id, $project_id, $swimlane_id, $column_id, $category_id, $owner_id);
}
public function duplicateTaskToProject($task_id, $project_id, $swimlane_id = null, $column_id = null, $category_id = null, $owner_id = null)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'duplicateTaskToProject', $task_id);
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'duplicateTaskToProject', $project_id);
return $this->taskProjectDuplicationModel->duplicateToProject($task_id, $project_id, $swimlane_id, $column_id, $category_id, $owner_id);
}
public function createTask(
$title,
$project_id,
$color_id = '',
$column_id = 0,
$owner_id = 0,
$creator_id = 0,
$date_due = '',
$description = '',
$category_id = 0,
$score = 0,
$swimlane_id = null,
$priority = 0,
$recurrence_status = 0,
$recurrence_trigger = 0,
$recurrence_factor = 0,
$recurrence_timeframe = 0,
$recurrence_basedate = 0,
$reference = '',
array $tags = array(),
$date_started = '',
$time_spent = null,
$time_estimated = null
) {
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'createTask', $project_id);
if ($owner_id !== 0 && ! $this->projectPermissionModel->isAssignable($project_id, $owner_id)) {
return false;
}
if ($creator_id !== 0 && ! $this->projectPermissionModel->isAssignable($project_id, $creator_id)) {
return false;
}
$values = array(
'title' => $title,
'project_id' => $project_id,
'color_id' => $color_id,
'column_id' => $column_id,
'owner_id' => $owner_id,
'creator_id' => $creator_id,
'date_due' => $date_due,
'description' => $description,
'category_id' => $category_id,
'score' => $score,
'swimlane_id' => $swimlane_id,
'recurrence_status' => $recurrence_status,
'recurrence_trigger' => $recurrence_trigger,
'recurrence_factor' => $recurrence_factor,
'recurrence_timeframe' => $recurrence_timeframe,
'recurrence_basedate' => $recurrence_basedate,
'reference' => $reference,
'priority' => $priority,
'tags' => $tags,
'date_started' => $date_started,
'time_spent' => $time_spent,
'time_estimated' => $time_estimated,
);
list($valid, ) = $this->taskValidator->validateCreation($values);
return $valid ? $this->taskCreationModel->create($values) : false;
}
public function updateTask(
$id,
$title = null,
$color_id = null,
$owner_id = null,
$date_due = null,
$description = null,
$category_id = null,
$score = null,
$priority = null,
$recurrence_status = null,
$recurrence_trigger = null,
$recurrence_factor = null,
$recurrence_timeframe = null,
$recurrence_basedate = null,
$reference = null,
$tags = null,
$date_started = null,
$time_spent = null,
$time_estimated = null
) {
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateTask', $id);
$project_id = $this->taskFinderModel->getProjectId($id);
if ($project_id === 0) {
return false;
}
if ($owner_id !== null && $owner_id != 0 && ! $this->projectPermissionModel->isAssignable($project_id, $owner_id)) {
return false;
}
$values = $this->filterValues(array(
'id' => $id,
'title' => $title,
'color_id' => $color_id,
'owner_id' => $owner_id,
'date_due' => $date_due,
'description' => $description,
'category_id' => $category_id,
'score' => $score,
'recurrence_status' => $recurrence_status,
'recurrence_trigger' => $recurrence_trigger,
'recurrence_factor' => $recurrence_factor,
'recurrence_timeframe' => $recurrence_timeframe,
'recurrence_basedate' => $recurrence_basedate,
'reference' => $reference,
'priority' => $priority,
'tags' => $tags,
'date_started' => $date_started,
'time_spent' => $time_spent,
'time_estimated' => $time_estimated,
));
list($valid) = $this->taskValidator->validateApiModification($values);
return $valid && $this->taskModificationModel->update($values);
}
}
app/Api/Procedure/TaskTagProcedure.php
+28
View File
@@ -0,0 +1,28 @@
<?php
namespace Kanboard\Api\Procedure;
use Kanboard\Api\Authorization\ProjectAuthorization;
use Kanboard\Api\Authorization\TaskAuthorization;
/**
* Class TaskTagProcedure
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class TaskTagProcedure extends BaseProcedure
{
public function setTaskTags($project_id, $task_id, array $tags)
{
ProjectAuthorization::getInstance($this->container)->check($this->getClassName(), 'setTaskTags', $project_id);
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'setTaskTags', $task_id);
return $this->taskTagModel->save($project_id, $task_id, $tags);
}
public function getTaskTags($task_id)
{
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getTaskTags', $task_id);
return (object) $this->taskTagModel->getList($task_id);
}
}
app/Api/Procedure/UserProcedure.php
+147
View File
@@ -0,0 +1,147 @@
<?php
namespace Kanboard\Api\Procedure;
use LogicException;
use Kanboard\Core\Security\Role;
use Kanboard\Core\Ldap\Client as LdapClient;
use Kanboard\Core\Ldap\ClientException as LdapException;
use Kanboard\Core\Ldap\User as LdapUser;
use Kanboard\Notification\MailNotification;
use Kanboard\Notification\WebNotification;
/**
* User API controller
*
* @package Kanboard\Api\Procedure
* @author Frederic Guillot
*/
class UserProcedure extends BaseProcedure
{
public function getUser($user_id)
{
return $this->userModel->getById($user_id);
}
public function getUserByName($username)
{
return $this->userModel->getByUsername($username);
}
public function getAllUsers()
{
return $this->userModel->getAll();
}
public function removeUser($user_id)
{
return $this->userModel->remove($user_id);
}
public function disableUser($user_id)
{
return $this->userModel->disable($user_id);
}
public function enableUser($user_id)
{
return $this->userModel->enable($user_id);
}
public function isActiveUser($user_id)
{
return $this->userModel->isActive($user_id);
}
public function createUser($username, $password, $name = '', $email = '', $role = Role::APP_USER)
{
$values = array(
'username' => $username,
'password' => $password,
'confirmation' => $password,
'name' => $name,
'email' => $email,
'role' => $role,
);
list($valid, ) = $this->userValidator->validateCreation($values);
if ($valid) {
$user_id = $this->userModel->create($values);
if ($user_id !== false && $this->configModel->get('notifications_enabled', 0) == 1) {
$this->userNotificationTypeModel->saveSelectedTypes($user_id, [MailNotification::TYPE, WebNotification::TYPE]);
}
return $user_id;
}
return false;
}
/**
* Create LDAP user in the database
*
* Only "anonymous" and "proxy" LDAP authentication are supported by this method
*
* User information will be fetched from the LDAP server
*
* @access public
* @param string $username
* @return bool|int
*/
public function createLdapUser($username)
{
if (LDAP_BIND_TYPE === 'user') {
$this->logger->error('LDAP authentication "user" is not supported by this API call');
return false;
}
try {
$ldap = LdapClient::connect();
$ldap->setLogger($this->logger);
$user = LdapUser::getUser($ldap, $username);
if ($user === null) {
$this->logger->info('User not found in LDAP server');
return false;
}
if ($user->getUsername() === '') {
throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME');
}
$values = array(
'username' => $user->getUsername(),
'name' => $user->getName(),
'email' => $user->getEmail(),
'role' => $user->getRole() ?: Role::APP_USER,
'is_ldap_user' => 1,
);
$user_id = $this->userModel->create($values);
if ($user_id !== false && $this->configModel->get('notifications_enabled', 0) == 1) {
$this->userNotificationTypeModel->saveSelectedTypes($user_id, [MailNotification::TYPE, WebNotification::TYPE]);
}
return $user_id;
} catch (LdapException $e) {
$this->logger->error($e->getMessage());
return false;
}
}
public function updateUser($id, $username = null, $name = null, $email = null, $role = null)
{
$values = $this->filterValues(array(
'id' => $id,
'username' => $username,
'name' => $name,
'email' => $email,
'role' => $role,
));
list($valid, ) = $this->userValidator->validateApiModification($values);
return $valid && $this->userModel->update($values);
}
}