ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Add SharingMiddleware for permission checks and small fixes

Browse Source
This commit is contained in:
Julius Haertl
2016-08-24 01:22:45 +02:00
parent 33e99b9e7c
commit 2deffacd98
21 changed files with 452 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
lib/Controller/BoardController.php
View File

@@ -63,16 +63,14 @@ class BoardController extends Controller {
* @NoAdminRequired
*/
public function index() {
return $this->boardService->findAll($this->userInfo);
}
/**
* @NoAdminRequired
* @RequireReadPermission
*/
public function read($boardId) {
// FIXME: Remove as this is just for testing if loading animation works out nicely
//usleep(2000);
return $this->boardService->find($this->userId, $boardId);
}
@@ -85,6 +83,7 @@ class BoardController extends Controller {
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function update($id, $title, $color) {
return $this->boardService->update($id, $title, $this->userId, $color);
@@ -92,21 +91,40 @@ class BoardController extends Controller {
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function delete($boardId) {
return $this->boardService->delete($this->userId, $boardId);
}
/**
* @NoAdminRequired
* @RequireReadPermission
*/
public function labels($boardId) {
return $this->boardService->labels($this->boardId);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function addAcl($boardId, $type, $participant, $write, $invite, $manage) {
return $this->boardService->addAcl($boardId, $type, $participant, $write, $invite, $manage);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function updateAcl($id, $permissionWrite, $permissionInvite, $permissionManage) {
return $this->boardService->updateAcl($id, $permissionWrite, $permissionInvite, $permissionManage);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function deleteAcl($id) {
return $this->boardService->deleteAcl($id);
}

18
lib/Controller/CardController.php
View File

@@ -41,42 +41,42 @@ class CardController extends Controller {
}
/**
* @NoAdminRequired
*/
public function index($cardId) {
return $this->cardService->findAll($boardId);
}
/**
* @NoAdminRequired
* @RequireReadPermission
*/
public function read($cardId) {
return $this->cardService->find($this->userId, $cardId);
}
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function reorder($cardId, $stackId, $order) {
return $this->cardService->reorder($cardId, $stackId, $order);
}
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function rename($cardId, $title) {
return $this->cardService->rename($cardId, $title);
}
/**
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function create($title, $stackId, $type, $order=999) {
return $this->cardService->create($title, $stackId, $type, $order, $this->userId);
}
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function update($id, $title, $stackId, $type, $order, $description) {
return $this->cardService->update($id, $title, $stackId, $type, $order, $description, $this->userId);
}
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function delete($cardId) {
return $this->cardService->delete($this->userId, $cardId);
@@ -84,24 +84,28 @@ class CardController extends Controller {
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function archive($cardId) {
return $this->cardService->archive($cardId);
}
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function unarchive($cardId) {
return $this->cardService->unarchive($cardId);
}
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function assignLabel($cardId, $labelId) {
return $this->cardService->assignLabel($this->userId, $cardId, $labelId);
}
/**
* @NoAdminRequired
* @RequireEditPermission
*/
public function removeLabel($cardId, $labelId) {
return $this->cardService->removeLabel($this->userId, $cardId, $labelId);

3
lib/Controller/LabelController.php
View File

@@ -44,18 +44,21 @@ class LabelController extends Controller {
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function create($title, $color, $boardId) {
return $this->labelService->create($title, $this->userId, $color, $boardId);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function update($id, $title, $color) {
return $this->labelService->update($id, $title, $this->userId, $color);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function delete($labelId) {
return $this->labelService->delete($this->userId, $labelId);

2
lib/Controller/ShareController.php
View File

@@ -47,8 +47,6 @@ class ShareController extends Controller {
}
/**
* FIXME: REMOVE, just for testing
* @NoCSRFRequired
* @NoAdminRequired
*/
public function searchUser($search) {

6
lib/Controller/StackController.php
View File

@@ -43,36 +43,42 @@ class StackController extends Controller {
}
/**
* @NoAdminRequired
* @RequireReadPermission
*/
public function index($boardId) {
return $this->stackService->findAll($boardId);
}
/**
* @NoAdminRequired
* @RequireReadPermission
*/
public function archived($boardId) {
return $this->stackService->findAllArchived($boardId);
}
/**
* @NoAdminRequired
* @RequireReadPermission
*/
public function read($boardId) {
return $this->stackService->find($this->userId, $boardId);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function create($title, $boardId, $order=999) {
return $this->stackService->create($title, $boardId, $order);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function update($id, $title, $boardId, $order) {
return $this->stackService->update($id, $title, $boardId, $order);
}
/**
* @NoAdminRequired
* @RequireManagePermission
*/
public function delete($stackId) {
return $this->stackService->delete($this->userId, $stackId);

46
lib/Controller/StyleController.php
View File

@@ -1,46 +0,0 @@
<?php
/**
* @copyright Copyright (c) 2016 Julius Härtl <jus@bitgrid.net>
*
* @author Julius Härtl <jus@bitgrid.net>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\Deck\Controller;
use OCP\IRequest;
use OCP\AppFramework\ApiController as BaseApiController;
class StyleController extends Controller {
private $defaults;
public function __construct($appName,
IRequest $request, OC_Defaults $defaults){
parent::__construct($appName, $request);
$this->defaults = $defaults;
}
/**
* @PublicPage
* @NoCSRFRequired
*/
public function generateCss() {
$color = $this->config->getAppValue($this->appName, 'color');
$responseCss .= '';
$response = new Http\DataDownloadResponse($responseCss, 'style', 'text/css');
}
}