ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Merge pull request #33 from juliushaertl/fix-acl-create

Browse Source 
Use integer values for Acl type
This commit is contained in:
Julius Härtl
2017-02-06 22:53:05 +01:00
committed by GitHub
parent f8c2d86e4f f604f2f779
commit 198e443a24
3 changed files with 9 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/Db/Acl.php
View File

@@ -74,7 +74,7 @@ class Acl extends RelationalEntity implements \JsonSerializable {
return [ return [
'id' => $this->id, 'id' => $this->id,
'participant' => $this->participant, 'participant' => $this->participant,
'type' => $this->getType(), 'type' => $this->getTypeString(),
'boardId' => $this->boardId, 'boardId' => $this->boardId,
'permissionEdit' => $this->getPermissionEdit(), 'permissionEdit' => $this->getPermissionEdit(),
'permissionShare' => $this->getPermissionShare(), 'permissionShare' => $this->getPermissionShare(),
@@ -83,11 +83,7 @@ class Acl extends RelationalEntity implements \JsonSerializable {
]; ];
} }
/* public function getTypeString() {
* FIXME: migrate other code to const PERMISSION_TYPE_ instead of strings
* iirc js uses those strings as well
*/
public function getType() {
if ($this->type === Acl::PERMISSION_TYPE_GROUP) { if ($this->type === Acl::PERMISSION_TYPE_GROUP) {
return 'group'; return 'group';
} }

8
lib/Db/BoardMapper.php
View File

@@ -77,8 +77,8 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
public function findAllByUser($userId, $limit = null, $offset = null) { public function findAllByUser($userId, $limit = null, $offset = null) {
$sql = 'SELECT id, title, owner, color, archived, 0 as shared FROM oc_deck_boards WHERE owner = ? UNION ' . $sql = 'SELECT id, title, owner, color, archived, 0 as shared FROM oc_deck_boards WHERE owner = ? UNION ' .
'SELECT boards.id, title, owner, color, archived, 1 as shared FROM oc_deck_boards as boards ' . 'SELECT boards.id, title, owner, color, archived, 1 as shared FROM oc_deck_boards as boards ' .
'JOIN oc_deck_board_acl as acl ON boards.id=acl.board_id WHERE acl.participant=? AND acl.type=\'user\' AND boards.owner != ?'; 'JOIN oc_deck_board_acl as acl ON boards.id=acl.board_id WHERE acl.participant=? AND acl.type=? AND boards.owner != ?';
$entries = $this->findEntities($sql, [$userId, $userId, $userId], $limit, $offset); $entries = $this->findEntities($sql, [$userId, $userId, Acl::PERMISSION_TYPE_USER, $userId], $limit, $offset);
/* @var Board $entry */ /* @var Board $entry */
foreach ($entries as $entry) { foreach ($entries as $entry) {
$acl = $this->aclMapper->findAll($entry->id); $acl = $this->aclMapper->findAll($entry->id);
@@ -101,7 +101,7 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
return []; return [];
} }
$sql = 'SELECT boards.id, title, owner, color, archived, 2 as shared FROM oc_deck_boards as boards ' . $sql = 'SELECT boards.id, title, owner, color, archived, 2 as shared FROM oc_deck_boards as boards ' .
'INNER JOIN oc_deck_board_acl as acl ON boards.id=acl.board_id WHERE owner != ? AND type=\'group\' AND ('; 'INNER JOIN oc_deck_board_acl as acl ON boards.id=acl.board_id WHERE owner != ? AND type=? AND (';
for ($i = 0; $i < count($groups); $i++) { for ($i = 0; $i < count($groups); $i++) {
$sql .= 'acl.participant = ? '; $sql .= 'acl.participant = ? ';
if (count($groups) > 1 && $i < count($groups) - 1) { if (count($groups) > 1 && $i < count($groups) - 1) {
@@ -109,7 +109,7 @@ class BoardMapper extends DeckMapper implements IPermissionMapper {
} }
} }
$sql .= ');'; $sql .= ');';
$entries = $this->findEntities($sql, array_merge([$userId], $groups), $limit, $offset); $entries = $this->findEntities($sql, array_merge([$userId, Acl::PERMISSION_TYPE_GROUP], $groups), $limit, $offset);
/* @var Board $entry */ /* @var Board $entry */
foreach ($entries as $entry) { foreach ($entries as $entry) {
$acl = $this->aclMapper->findAll($entry->id); $acl = $this->aclMapper->findAll($entry->id);

4
lib/Service/PermissionService.php
View File

@@ -127,14 +127,14 @@ class PermissionService {
public function userCan(array $acls, $permission) { public function userCan(array $acls, $permission) {
// check for users // check for users
foreach ($acls as $acl) { foreach ($acls as $acl) {
if ($acl->getType() === "user" && $acl->getParticipant() === $this->userId) { if ($acl->getType() === Acl::PERMISSION_TYPE_USER && $acl->getParticipant() === $this->userId) {
return $acl->getPermission($permission); return $acl->getPermission($permission);
} }
} }
// check for groups // check for groups
$hasGroupPermission = false; $hasGroupPermission = false;
foreach ($acls as $acl) { foreach ($acls as $acl) {
if (!$hasGroupPermission && $acl->getType() === "group" && $this->groupManager->isInGroup($this->userId, $acl->getParticipant())) { if (!$hasGroupPermission && $acl->getType() === Acl::PERMISSION_TYPE_GROUP && $this->groupManager->isInGroup($this->userId, $acl->getParticipant())) {
$hasGroupPermission = $acl->getPermission($permission); $hasGroupPermission = $acl->getPermission($permission);
} }
} }