ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

check user-permsisions when assigning to cloned card

Browse Source 
Signed-off-by: grnd-alt <salimbelakkaf@outlook.de>
This commit is contained in:
grnd-alt
2024-11-07 10:50:20 +01:00
committed by Julius Knorr
parent 838b648ef6
commit 1fe20dcc1d
1 changed files with 32 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
lib/Service/CardService.php
View File

@@ -37,70 +37,33 @@ use OCP\IUserManager;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
class CardService { class CardService {
private CardMapper $cardMapper;
private StackMapper $stackMapper; private string $currentUser;
private BoardMapper $boardMapper;
private LabelMapper $labelMapper;
private LabelService $labelService;
private PermissionService $permissionService;
private BoardService $boardService;
private NotificationHelper $notificationHelper;
private AssignmentMapper $assignedUsersMapper;
private AttachmentService $attachmentService;
private ?string $currentUser;
private ActivityManager $activityManager;
private ICommentsManager $commentsManager;
private ChangeHelper $changeHelper;
private IEventDispatcher $eventDispatcher;
private IUserManager $userManager;
private IURLGenerator $urlGenerator;
private LoggerInterface $logger;
private IRequest $request;
private CardServiceValidator $cardServiceValidator;
public function __construct( public function __construct(
CardMapper $cardMapper, private CardMapper $cardMapper,
StackMapper $stackMapper, private StackMapper $stackMapper,
BoardMapper $boardMapper, private BoardMapper $boardMapper,
LabelMapper $labelMapper, private LabelMapper $labelMapper,
LabelService $labelService, private LabelService $labelService,
PermissionService $permissionService, private PermissionService $permissionService,
BoardService $boardService, private BoardService $boardService,
NotificationHelper $notificationHelper, private NotificationHelper $notificationHelper,
AssignmentMapper $assignedUsersMapper, private AssignmentMapper $assignedUsersMapper,
AttachmentService $attachmentService, private AttachmentService $attachmentService,
ActivityManager $activityManager, private ActivityManager $activityManager,
ICommentsManager $commentsManager, private ICommentsManager $commentsManager,
IUserManager $userManager, private IUserManager $userManager,
ChangeHelper $changeHelper, private ChangeHelper $changeHelper,
IEventDispatcher $eventDispatcher, private IEventDispatcher $eventDispatcher,
IURLGenerator $urlGenerator, private IURLGenerator $urlGenerator,
LoggerInterface $logger, private LoggerInterface $logger,
IRequest $request, private IRequest $request,
CardServiceValidator $cardServiceValidator, private CardServiceValidator $cardServiceValidator,
private AssignmentService $assignmentService, private AssignmentService $assignmentService,
?string $userId, ?string $userId,
) { ) {
$this->cardMapper = $cardMapper;
$this->stackMapper = $stackMapper;
$this->boardMapper = $boardMapper;
$this->labelMapper = $labelMapper;
$this->labelService = $labelService;
$this->permissionService = $permissionService;
$this->boardService = $boardService;
$this->notificationHelper = $notificationHelper;
$this->assignedUsersMapper = $assignedUsersMapper;
$this->attachmentService = $attachmentService;
$this->activityManager = $activityManager;
$this->commentsManager = $commentsManager;
$this->userManager = $userManager;
$this->changeHelper = $changeHelper;
$this->eventDispatcher = $eventDispatcher;
$this->currentUser = $userId; $this->currentUser = $userId;
$this->urlGenerator = $urlGenerator;
$this->logger = $logger;
$this->request = $request;
$this->cardServiceValidator = $cardServiceValidator;
} }
public function enrichCards($cards) { public function enrichCards($cards) {
@@ -395,7 +358,7 @@ class CardService {
public function cloneCard(int $id, ?int $targetStackId = null):Card { public function cloneCard(int $id, ?int $targetStackId = null):Card {
$this->permissionService->checkPermission($this->cardMapper, $id, Acl::PERMISSION_READ); $this->permissionService->checkPermission($this->cardMapper, $id, Acl::PERMISSION_READ);
$originCard = $this->cardMapper->find($id); $originCard = $this->cardMapper->find($id);
if ($targetStackId == null) { if ($targetStackId === null) {
$targetStackId = $originCard->getStackId(); $targetStackId = $originCard->getStackId();
} }
$this->permissionService->checkPermission($this->stackMapper, $targetStackId, Acl::PERMISSION_EDIT); $this->permissionService->checkPermission($this->stackMapper, $targetStackId, Acl::PERMISSION_EDIT);
@@ -403,11 +366,20 @@ class CardService {
$boardId = $this->stackMapper->findBoardId($targetStackId); $boardId = $this->stackMapper->findBoardId($targetStackId);
foreach ($this->labelMapper->findAssignedLabelsForCard($id) as $label) { foreach ($this->labelMapper->findAssignedLabelsForCard($id) as $label) {
if ($boardId != $this->stackMapper->findBoardId($originCard->getStackId())) { if ($boardId != $this->stackMapper->findBoardId($originCard->getStackId())) {
try {
$label = $this->labelService->cloneLabelIfNotExists($label->getId(), $boardId); $label = $this->labelService->cloneLabelIfNotExists($label->getId(), $boardId);
} catch (NoPermissionException $e) {
break;
}
} }
$this->assignLabel($newCard->getId(), $label->getId()); $this->assignLabel($newCard->getId(), $label->getId());
} }
foreach ($this->assignedUsersMapper->findAll($id) as $assignement) { foreach ($this->assignedUsersMapper->findAll($id) as $assignement) {
try {
$this->permissionService->checkPermission($this->cardMapper, $newCard->getId(), Acl::PERMISSION_READ, $assignement->getParticipant());
} catch (NoPermissionException $e) {
continue;
}
$this->assignmentService->assignUser($newCard->getId(), $assignement->getParticipant()); $this->assignmentService->assignUser($newCard->getId(), $assignement->getParticipant());
} }
$newCard->setDescription($originCard->getDescription()); $newCard->setDescription($originCard->getDescription());