ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Check permissions in frontend

Browse Source
This commit is contained in:
Julius Haertl
2016-11-06 22:06:11 +01:00
parent 00e4eb9c47
commit c0c4010cf1
10 changed files with 219 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
lib/Controller/BoardController.php
View File

@@ -23,14 +23,10 @@
namespace OCA\Deck\Controller;
use OCA\Deck\Db\Acl;
use OCA\Deck\Service\BoardService;
use OCA\Deck\Service\PermissionService;
use OCP\IRequest;
use OCP\AppFramework\Controller;
use OCP\IUserManager;
use OCP\IGroupManager;
@@ -127,24 +123,7 @@ class BoardController extends Controller {
* @internal param $userId
*/
public function getUserPermissions($boardId) {
$this->permissionService->getPermissions($boardId);
$board = $this->boardService->find($boardId);
if ($this->userId === $board->getOwner()) {
return [
'PERMISSION_READ' => true,
'PERMISSION_EDIT' => true,
'PERMISSION_MANAGE' => true,
'PERMISSION_SHARE' => true,
];
}
return [
'PERMISSION_READ' => $this->boardService->getPermission($boardId, $this->userId, Acl::PERMISSION_READ),
'PERMISSION_EDIT' => $this->boardService->getPermission($boardId, $this->userId, Acl::PERMISSION_EDIT),
'PERMISSION_MANAGE' => $this->boardService->getPermission($boardId, $this->userId, Acl::PERMISSION_MANAGE),
'PERMISSION_SHARE' => $this->boardService->getPermission($boardId, $this->userId, Acl::PERMISSION_SHARE),
];
return $this->permissionService->getPermissions($boardId);
}
/**

4
lib/Db/AclMapper.php
View File

@@ -26,17 +26,17 @@ namespace OCA\Deck\Db;
use OCP\IDb;
use OCP\IDBConnection;
class AclMapper extends DeckMapper implements IPermissionMapper {
public function __construct(IDb $db) {
public function __construct(IDBConnection $db) {
parent::__construct($db, 'deck_board_acl', '\OCA\Deck\Db\Acl');
}
public function findAll($boardId, $limit=null, $offset=null) {
$sql = 'SELECT id, board_id, type, participant, permission_write, permission_invite, permission_manage FROM `*PREFIX*deck_board_acl` WHERE `board_id` = ? ';
//'UNION SELECT 0, id, \'user\', owner, 1, 1, 1, 1 FROM `*PREFIX*deck_boards` WHERE `id` = ? ';
return $this->findEntities($sql, [$boardId], $limit, $offset);
}

3
lib/Db/LabelMapper.php
View File

@@ -23,7 +23,6 @@
namespace OCA\Deck\Db;
use OCP\AppFramework\Db\Entity;
use OCP\IDb;
@@ -38,7 +37,7 @@ class LabelMapper extends DeckMapper implements IPermissionMapper {
return $this->findEntities($sql, [$boardId], $limit, $offset);
}
public function delete(Entity $entity) {
public function delete(\OCP\AppFramework\Db\Entity $entity) {
// delete assigned labels
$this->deleteLabelAssignments($entity->getId());
// delete label

5
lib/Middleware/SharingMiddleware.php
View File

@@ -59,7 +59,8 @@ class SharingMiddleware extends Middleware {
IRequest $request,
IUserSession $userSession,
ControllerMethodReflector $reflector,
PermissionService $permissionService) {
PermissionService $permissionService
) {
$this->container = $container;
$this->request = $request;
$this->userSession = $userSession;
@@ -178,7 +179,7 @@ class SharingMiddleware extends Middleware {
}
$boardId = $mapper->findBoardId($id);
if(!$boardId) {
if (!$boardId) {
throw new NotFoundException("Entity not found");
}

34
lib/Service/BoardService.php
View File

@@ -30,11 +30,9 @@ use OCP\IGroupManager;
use OCP\ILogger;
use OCP\IL10N;
use \OCA\Deck\Db\Board;
use \OCA\Deck\Db\BoardMapper;
use \OCA\Deck\Db\LabelMapper;
use OCP\IUserManager;
class BoardService {
@@ -50,26 +48,23 @@ class BoardService {
IL10N $l10n,
LabelMapper $labelMapper,
AclMapper $aclMapper,
IUserManager $userManager,
IGroupManager $groupManager) {
$this->boardMapper = $boardMapper;
$this->labelMapper = $labelMapper;
$this->aclMapper = $aclMapper;
$this->logger = $logger;
$this->l10n = $l10n;
$this->userManager = $userManager;
$this->groupManager = $groupManager;
}
public function findAll($userInfo) {
$userBoards = $this->boardMapper->findAllByUser($userInfo['user']);
$groupBoards = $this->boardMapper->findAllByGroups($userInfo['user'], $userInfo['groups']);
return array_merge($userBoards, $groupBoards);
return array_unique(array_merge($userBoards, $groupBoards));
}
public function find($boardId) {
$board = $this->boardMapper->find($boardId, true, true);
return $board;
return $this->boardMapper->find($boardId, true, true);
}
public function create($title, $userId, $color) {
@@ -84,7 +79,7 @@ class BoardService {
'31CC7C' => $this->l10n->t('Finished'),
'317CCC' => $this->l10n->t('To review'),
'FF7A66' => $this->l10n->t('Action needed'),
'F1DB50' => $this->l10n->t('Maybe')];
'F1DB50' => $this->l10n->t('Later')];
$labels = [];
foreach ($default_labels as $color=>$title) {
$label = new Label();
@@ -134,27 +129,4 @@ class BoardService {
return $this->aclMapper->delete($acl);
}
/**
* @param $boardId
* @param $user
* @param $permission
* @return bool
*/
public function getPermission($boardId, $user, $permission) {
$acls = $this->aclMapper->findAll($boardId);
// check for users
foreach ($acls as $acl) {
if ($acl->getType() === "user" && $acl->getParticipant() === $user) {
return $acl->getPermission($permission);
}
}
// check for groups
$hasGroupPermission = false;
foreach ($acls as $acl) {
if (!$hasGroupPermission && $acl->getType() === "group" && $this->groupManager->isInGroup($user, $acl->getParticipant())) {
$hasGroupPermission = $acl->getPermission($permission);
}
}
return $hasGroupPermission;
}
}

2
lib/StatusException.php
View File

@@ -24,7 +24,7 @@
namespace OCA\Deck;
abstract class StatusException extends \Exception {
class StatusException extends \Exception {
public function __construct($message) {
parent::__construct($message);