看板初始化提交
This commit is contained in:
zephyr
@@ -0,0 +1,113 @@
|
||||
<?php
|
||||
|
||||
namespace Kanboard\Api\Procedure;
|
||||
|
||||
use Kanboard\Api\Authorization\CommentAuthorization;
|
||||
use Kanboard\Api\Authorization\TaskAuthorization;
|
||||
use Kanboard\Core\Security\Role;
|
||||
|
||||
/**
|
||||
* Comment API controller
|
||||
*
|
||||
* @package Kanboard\Api\Procedure
|
||||
* @author Frederic Guillot
|
||||
*/
|
||||
class CommentProcedure extends BaseProcedure
|
||||
{
|
||||
public function getComment($comment_id)
|
||||
{
|
||||
CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'getComment', $comment_id);
|
||||
return $this->commentModel->getById($comment_id);
|
||||
}
|
||||
|
||||
public function getAllComments($task_id)
|
||||
{
|
||||
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'getAllComments', $task_id);
|
||||
$comments = $this->commentModel->getAll($task_id);
|
||||
$filteredComments = [];
|
||||
$userRole = $this->userSession->getRole();
|
||||
|
||||
foreach ($comments as $comment) {
|
||||
if ($userRole === Role::APP_MANAGER && $comment['visibility'] === Role::APP_ADMIN) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if ($userRole === Role::APP_USER && $comment['visibility'] !== Role::APP_USER) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$filteredComments[] = $comment;
|
||||
}
|
||||
|
||||
return $filteredComments;
|
||||
}
|
||||
|
||||
public function removeComment($comment_id)
|
||||
{
|
||||
CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'removeComment', $comment_id);
|
||||
|
||||
if ($this->userSession->isLogged()) {
|
||||
$loggedUserID = $this->userSession->getId();
|
||||
$comment = $this->commentModel->getById($comment_id);
|
||||
if ($comment['user_id'] != $loggedUserID) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->commentModel->remove($comment_id);
|
||||
}
|
||||
|
||||
public function createComment($task_id, $user_id, $content, $reference = '', $visibility = Role::APP_USER)
|
||||
{
|
||||
TaskAuthorization::getInstance($this->container)->check($this->getClassName(), 'createComment', $task_id);
|
||||
|
||||
if ($this->userSession->isLogged()) {
|
||||
$loggedUserID = $this->userSession->getId();
|
||||
if ($user_id != $loggedUserID) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$userRole = $this->userSession->getRole();
|
||||
if ($userRole === Role::APP_MANAGER && $visibility === Role::APP_ADMIN) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($userRole === Role::APP_USER && $visibility !== Role::APP_USER) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$values = array(
|
||||
'task_id' => $task_id,
|
||||
'user_id' => $user_id,
|
||||
'comment' => $content,
|
||||
'reference' => $reference,
|
||||
'visibility' => $visibility,
|
||||
);
|
||||
|
||||
list($valid, ) = $this->commentValidator->validateCreation($values);
|
||||
|
||||
return $valid ? $this->commentModel->create($values) : false;
|
||||
}
|
||||
|
||||
public function updateComment($id, $content)
|
||||
{
|
||||
CommentAuthorization::getInstance($this->container)->check($this->getClassName(), 'updateComment', $id);
|
||||
|
||||
if ($this->userSession->isLogged()) {
|
||||
$loggedUserID = $this->userSession->getId();
|
||||
$comment = $this->commentModel->getById($id);
|
||||
if ($comment['user_id'] != $loggedUserID) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$values = array(
|
||||
'id' => $id,
|
||||
'comment' => $content,
|
||||
);
|
||||
|
||||
list($valid, ) = $this->commentValidator->validateModification($values);
|
||||
return $valid && $this->commentModel->update($values);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user