From a57d270a93e07da4b81d66d0a3dd52b909d4c790 Mon Sep 17 00:00:00 2001
From: Julius Haertl <jus@bitgrid.net>
Date: Tue, 16 Aug 2016 13:13:54 +0200
Subject: [PATCH] Check for archived cards before action in backend

---
 appinfo/routes.php                     |  2 -
 controller/apicontroller.php           | 23 -----------
 controller/boardapicontroller.php      | 55 --------------------------
 db/aclmapper.php                       | 12 +++++-
 db/cardmapper.php                      |  1 +
 service/cardarchivedexception.php      | 13 ++++++
 service/cardservice.php                | 18 +++++++++
 service/servicepermissionexception.php | 13 ++++++
 8 files changed, 56 insertions(+), 81 deletions(-)
 delete mode 100644 controller/apicontroller.php
 delete mode 100644 controller/boardapicontroller.php
 create mode 100644 service/cardarchivedexception.php
 create mode 100644 service/servicepermissionexception.php

diff --git a/appinfo/routes.php b/appinfo/routes.php
index d3a6f64bd..771bec943 100644
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@@ -58,8 +58,6 @@ return [
         ['name' => 'public#board', 'url' => '/public/board/ajax/:hash', 'verb' => 'GET'],
 
         // TODO: API for external access
-        //['name' => 'api#index', 'url' => '/api/', 'verb' => 'GET'],
-        // ['name' => 'note_api#preflighted_cors', 'url' => '/api/v1/{path}/', 'verb' => 'OPTIONS', 'requirements' => ['path' => '.+']]
 
     ]
 ];
diff --git a/controller/apicontroller.php b/controller/apicontroller.php
deleted file mode 100644
index e3d23e903..000000000
--- a/controller/apicontroller.php
+++ /dev/null
@@ -1,23 +0,0 @@
-<?php
-
-namespace OCA\Deck\Controller;
-
-use OCP\IRequest;
-use OCP\AppFramework\ApiController as BaseApiController;
-
-class ApiController extends BaseApiController {
-    public function __construct($appName,
-                                IRequest $request){
-        parent::__construct($appName, $request);
-    }
-    /**
-     * @PublicPage
-     * @NoCSRFRequired
-     * @CORS
-     */
-    public function index() {
-        return [
-            'apiLevels' => ['v1']
-        ];
-    }
-}
diff --git a/controller/boardapicontroller.php b/controller/boardapicontroller.php
deleted file mode 100644
index c2b4f1391..000000000
--- a/controller/boardapicontroller.php
+++ /dev/null
@@ -1,55 +0,0 @@
-<?php
-
-// TODO: Implement LATER
-namespace OCA\Deck\Controller;
-
-use OCA\Deck\Service\BoardService;
-
-use OCP\IRequest;
-use OCP\AppFramework\Http\DataResponse;
-
-use OCP\AppFramework\ApiController as BaseApiController;
-
-class BoardApiController extends BaseApiController {
-    private $userId;
-    public function __construct($appName,
-                                IRequest $request,
-                                BoardService $cardService,
-                                $userId){
-        parent::__construct($appName, $request);
-        $this->userId = $userId;
-        $this->boardService = $cardService;
-    }
-    /**
-     * @NoAdminRequired
-     * @NoCSRFRequired
-     * @CORS
-     */
-    public function index() {
-        return new DataResponse($this->boardService->findAll($this->userId));
-    }
-    /**
-     * @NoAdminRequired
-     * @NoCSRFRequired
-     * @CORS
-     */
-    public function create($title, $color) {
-        return new DataResponse($this->boardService->create($title, $this->userId, $color));
-    }
-    /**
-     * @NoAdminRequired
-     * @NoCSRFRequired
-     * @CORS
-     */
-    public function update($id, $title, $color) {
-        return new DataResponse($this->boardService->create($title, $this->userId, $color));
-    }
-    /**
-     * @NoAdminRequired
-     * @NoCSRFRequired
-     * @CORS
-     */
-    public function delete($id) {
-        return new DataResponse($this->boardService->create($title, $this->userId, $color));
-    }
-}
diff --git a/db/aclmapper.php b/db/aclmapper.php
index 09d61d5a7..e8e187028 100644
--- a/db/aclmapper.php
+++ b/db/aclmapper.php
@@ -17,5 +17,15 @@ class AclMapper extends DeckMapper {
         $sql = 'SELECT id, board_id, type, participant, permission_write, permission_invite, permission_manage, 0 as owner FROM `*PREFIX*deck_board_acl` WHERE `board_id` = ? UNION SELECT 0, id, \'user\', owner, 1, 1, 1, 1 FROM `*PREFIX*deck_boards` WHERE `id` = ? ';
         return $this->findEntities($sql, [$boardId, $boardId], $limit, $offset);
     }
-    
+
+    public function findAllForCard($cardId, $userId) {
+        $findBoardId = "(SELECT board_id from oc_deck_stacks WHERE id IN (SELECT stack_id from oc_deck_cards WHERE id = 15))";
+        $sql = "SELECT 0, id, 'user', owner, 1, 1, 1, 1 as owner FROM `oc_deck_boards` WHERE `id` IN (SELECT board_id from oc_deck_stacks WHERE id IN (SELECT stack_id from oc_deck_cards WHERE id = 15))
+UNION
+SELECT id, board_id, type, participant, permission_write, permission_invite, permission_manage, 0 FROM oc_deck_board_acl 
+WHERE participant = 'admin' AND board_id IN (SELECT board_id from oc_deck_stacks WHERE id IN (SELECT stack_id from oc_deck_cards WHERE id = 15));";
+
+    }
+
+
 }
diff --git a/db/cardmapper.php b/db/cardmapper.php
index 38b5828cd..8c1b77954 100644
--- a/db/cardmapper.php
+++ b/db/cardmapper.php
@@ -86,4 +86,5 @@ class CardMapper extends Mapper {
         $stmt->execute();
     }
 
+
 }
\ No newline at end of file
diff --git a/service/cardarchivedexception.php b/service/cardarchivedexception.php
new file mode 100644
index 000000000..d0d47cceb
--- /dev/null
+++ b/service/cardarchivedexception.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace OCA\Deck\Service;
+
+class CardArchivedException extends \Exception {
+	/**
+	 * Constructor
+	 * @param string $msg the error message
+	 */
+	public function __construct($msg){
+		parent::__construct($msg);
+	}
+}
\ No newline at end of file
diff --git a/service/cardservice.php b/service/cardservice.php
index 7f098ec1d..b4d449853 100644
--- a/service/cardservice.php
+++ b/service/cardservice.php
@@ -2,6 +2,7 @@
 
 namespace OCA\Deck\Service;
 
+use OC\OCS\Exception;
 use OCP\ILogger;
 use OCP\IL10N;
 use OCP\AppFramework\Db\DoesNotExistException;
@@ -41,6 +42,9 @@ class CardService  {
 
     public function update($id, $title, $stackId, $type, $order, $description, $owner) {
         $card = $this->cardMapper->find($id);
+        if($card->getArchived()) {
+            throw new CardArchivedException();
+        }
         $card->setTitle($title);
         $card->setStackId($stackId);
         $card->setType($type);
@@ -52,6 +56,9 @@ class CardService  {
 
     public function rename($id, $title) {
         $card = $this->cardMapper->find($id);
+        if($card->getArchived()) {
+            throw new CardArchivedException();
+        }
         $card->setTitle($title);
         return $this->cardMapper->update($card);
     }
@@ -59,6 +66,9 @@ class CardService  {
         $cards = $this->cardMapper->findAll($stackId);
         $i = 0;
         foreach ($cards as $card) {
+            if($card->getArchived()) {
+                throw new CardArchivedException();
+            }
             if($card->id === $id) {
                 $card->setOrder($order);
             }
@@ -90,10 +100,18 @@ class CardService  {
     }
 
     public function assignLabel($userId, $cardId, $labelId) {
+        $card = $this->cardMapper->find($cardId);
+        if($card->getArchived()) {
+            throw new CardArchivedException();
+        }
         $this->cardMapper->assignLabel($cardId, $labelId);
     }
 
     public function removeLabel($userId, $cardId, $labelId) {
+        $card = $this->cardMapper->find($cardId);
+        if($card->getArchived()) {
+            throw new CardArchivedException();
+        }
         $this->cardMapper->removeLabel($cardId, $labelId);
     }
 }
\ No newline at end of file
diff --git a/service/servicepermissionexception.php b/service/servicepermissionexception.php
new file mode 100644
index 000000000..9518d2733
--- /dev/null
+++ b/service/servicepermissionexception.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace OCA\Deck\Service;
+
+class ServicePermissionException extends \Exception {
+	/**
+	 * Constructor
+	 * @param string $msg the error message
+	 */
+	public function __construct($msg){
+		parent::__construct($msg);
+	}
+}
\ No newline at end of file