From 6c1fe18f921fe04e6994f59e631ee1572118d66a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Wed, 27 Mar 2019 18:31:40 +0100 Subject: [PATCH] Add acl endpoints to REST API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- appinfo/routes.php | 6 +++- lib/Controller/BoardApiController.php | 50 +++++++++++++++++++++------ 2 files changed, 45 insertions(+), 11 deletions(-) diff --git a/appinfo/routes.php b/appinfo/routes.php index 5899c005a..707f9ba0c 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -87,7 +87,11 @@ return [ ['name' => 'board_api#delete', 'url' => '/api/v1.0/boards/{boardId}', 'verb' => 'DELETE'], ['name' => 'board_api#update', 'url' => '/api/v1.0/boards/{boardId}', 'verb' => 'PUT'], ['name' => 'board_api#undo_delete', 'url' => '/api/v1.0/boards/{boardId}/undo_delete', 'verb' => 'POST'], - + ['name' => 'board_api#addAcl', 'url' => '/api/v1.0/boards/{boardId}/acl', 'verb' => 'POST'], + ['name' => 'board_api#deleteAcl', 'url' => '/api/v1.0/boards/{boardId}/acl', 'verb' => 'DELETE'], + ['name' => 'board_api#updateAcl', 'url' => '/api/v1.0/boards/{boardId}/acl', 'verb' => 'PUT'], + + ['name' => 'stack_api#index', 'url' => '/api/v1.0/boards/{boardId}/stacks', 'verb' => 'GET'], ['name' => 'stack_api#getArchived', 'url' => '/api/v1.0/boards/{boardId}/stacks/archived', 'verb' => 'GET'], ['name' => 'stack_api#get', 'url' => '/api/v1.0/boards/{boardId}/stacks/{stackId}', 'verb' => 'GET'], diff --git a/lib/Controller/BoardApiController.php b/lib/Controller/BoardApiController.php index 68389b307..e195606f2 100644 --- a/lib/Controller/BoardApiController.php +++ b/lib/Controller/BoardApiController.php @@ -40,7 +40,7 @@ use Sabre\HTTP\Util; */ class BoardApiController extends ApiController { - private $service; + private $boardService; /** * @param string $appName @@ -50,7 +50,7 @@ class BoardApiController extends ApiController { */ public function __construct($appName, IRequest $request, BoardService $service, $userId) { parent::__construct($appName, $request); - $this->service = $service; + $this->boardService = $service; $this->userId = $userId; } @@ -62,16 +62,16 @@ class BoardApiController extends ApiController { * Return all of the boards that the current user has access to. * @throws StatusException */ - public function index() { + public function index($details = null) { $modified = $this->request->getHeader('If-Modified-Since'); if ($modified === null || $modified === '') { - $boards = $this->service->findAll(); + $boards = $this->boardService->findAll(0, $details); } else { $date = Util::parseHTTPDate($modified); if (!$date) { throw new StatusException('Invalid If-Modified-Since header provided.'); } - $boards = $this->service->findAll($date->getTimestamp()); + $boards = $this->boardService->findAll($date->getTimestamp(), $details); } return new DataResponse($boards, HTTP::STATUS_OK); } @@ -85,7 +85,7 @@ class BoardApiController extends ApiController { * Return the board specified by $this->request->getParam('boardId'). */ public function get() { - $board = $this->service->find($this->request->getParam('boardId')); + $board = $this->boardService->find($this->request->getParam('boardId')); return new DataResponse($board, HTTP::STATUS_OK); } @@ -100,7 +100,7 @@ class BoardApiController extends ApiController { * Create a board with the specified title and color. */ public function create($title, $color) { - $board = $this->service->create($title, $this->userId, $color); + $board = $this->boardService->create($title, $this->userId, $color); return new DataResponse($board, HTTP::STATUS_OK); } @@ -116,7 +116,7 @@ class BoardApiController extends ApiController { * Update a board with the specified boardId, title and color, and archived state. */ public function update($title, $color, $archived = false) { - $board = $this->service->update($this->request->getParam('boardId'), $title, $color, $archived); + $board = $this->boardService->update($this->request->getParam('boardId'), $title, $color, $archived); return new DataResponse($board, HTTP::STATUS_OK); } @@ -129,7 +129,7 @@ class BoardApiController extends ApiController { * Delete the board specified by $boardId. Return the board that was deleted. */ public function delete() { - $board = $this->service->delete($this->request->getParam('boardId')); + $board = $this->boardService->delete($this->request->getParam('boardId')); return new DataResponse($board, HTTP::STATUS_OK); } @@ -142,8 +142,38 @@ class BoardApiController extends ApiController { * Undo the deletion of the board specified by $boardId. */ public function undoDelete() { - $board = $this->service->deleteUndo($this->request->getParam('boardId')); + $board = $this->boardService->deleteUndo($this->request->getParam('boardId')); return new DataResponse($board, HTTP::STATUS_OK); } + /** + * @NoAdminRequired + * @CORS + * @NoCSRFRequired + */ + public function addAcl($boardId, $type, $participant, $permissionEdit, $permissionShare, $permissionManage) { + $acl = $this->boardService->addAcl($boardId, $type, $participant, $permissionEdit, $permissionShare, $permissionManage); + return new DataResponse($acl, HTTP::STATUS_OK); + } + + /** + * @NoAdminRequired + * @CORS + * @NoCSRFRequired + */ + public function updateAcl($id, $permissionEdit, $permissionShare, $permissionManage) { + $acl = $this->boardService->updateAcl($id, $permissionEdit, $permissionShare, $permissionManage); + return new DataResponse($acl, HTTP::STATUS_OK); + } + + /** + * @NoAdminRequired + * @CORS + * @NoCSRFRequired + */ + public function deleteAcl($aclId) { + $acl = $this->boardService->deleteAcl($aclId); + return new DataResponse($acl, HTTP::STATUS_OK); + } + }