Remove dark magic middleware and check permission in services

lib/Controller/BoardController.php

@@ -55,6 +55,10 @@ class BoardController extends Controller {
 		$this->userInfo = $this->getBoardPrerequisites();
 	}
 
+    /**
+     * TODO: move to boardservice
+     * @return array
+     */
 	private function getBoardPrerequisites() {
 		$groups = $this->groupManager->getUserGroupIds(
 			$this->userManager->get($this->userId)
@@ -67,7 +71,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireNoPermission
 	 */
 	public function index() {
 		return $this->boardService->findAll($this->userInfo);
@@ -75,7 +78,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireReadPermission
 	 * @param $boardId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */
@@ -85,7 +87,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireNoPermission
 	 * @param $title
 	 * @param $color
 	 * @return \OCP\AppFramework\Db\Entity
@@ -96,7 +97,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $id
 	 * @param $title
 	 * @param $color
@@ -108,7 +108,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $boardId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */
@@ -118,7 +117,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireReadPermission
 	 * @param $boardId
 	 * @return array|bool
 	 * @internal param $userId
@@ -135,7 +133,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $boardId
 	 * @param $type
 	 * @param $participant
@@ -150,7 +147,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $id
 	 * @param $permissionWrite
 	 * @param $permissionInvite
@@ -163,7 +159,6 @@ class BoardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $aclId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */

lib/Controller/CardController.php

@@ -42,7 +42,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireReadPermission
 	 * @param $cardId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */
@@ -52,7 +51,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $cardId
 	 * @param $stackId
 	 * @param $order
@@ -64,7 +62,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $cardId
 	 * @param $title
 	 * @return \OCP\AppFramework\Db\Entity
@@ -75,7 +72,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $title
 	 * @param $stackId
 	 * @param $type
@@ -88,7 +84,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $id
 	 * @param $title
 	 * @param $stackId
@@ -103,7 +98,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $cardId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */
@@ -113,7 +107,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $cardId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */
@@ -123,7 +116,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $cardId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */
@@ -133,7 +125,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $cardId
 	 * @param $labelId
 	 */
@@ -143,7 +134,6 @@ class CardController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireEditPermission
 	 * @param $cardId
 	 * @param $labelId
 	 */

lib/Controller/LabelController.php

@@ -44,7 +44,6 @@ class LabelController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $title
 	 * @param $color
 	 * @param $boardId
@@ -56,7 +55,6 @@ class LabelController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $id
 	 * @param $title
 	 * @param $color
@@ -68,7 +66,6 @@ class LabelController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $labelId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */

lib/Controller/ShareController.php

@@ -55,7 +55,6 @@ class ShareController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireNoPermission
 	 * @param $search
 	 * @return array
 	 */

lib/Controller/StackController.php

@@ -44,7 +44,6 @@ class StackController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireReadPermission
 	 * @param $boardId
 	 * @return array
 	 */
@@ -54,7 +53,6 @@ class StackController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireReadPermission
 	 * @param $boardId
 	 * @return array
 	 */
@@ -64,7 +62,6 @@ class StackController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireReadPermission
 	 * @param $boardId
 	 * @return
 	 */
@@ -74,7 +71,6 @@ class StackController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $title
 	 * @param $boardId
 	 * @param int $order
@@ -86,7 +82,6 @@ class StackController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $id
 	 * @param $title
 	 * @param $boardId
@@ -99,7 +94,6 @@ class StackController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @RequireManagePermission
 	 * @param $stackId
 	 * @return \OCP\AppFramework\Db\Entity
 	 */