fix: Only query boards not marked for deletion unless we want to undo
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl
@@ -108,7 +108,7 @@ class ResourceProvider implements IProvider {
|
|||||||
|
|
||||||
private function getBoard(IResource $resource) {
|
private function getBoard(IResource $resource) {
|
||||||
try {
|
try {
|
||||||
return $this->boardMapper->find($resource->getId(), false, true);
|
return $this->boardMapper->find((int)$resource->getId(), false, true);
|
||||||
} catch (DoesNotExistException $e) {
|
} catch (DoesNotExistException $e) {
|
||||||
} catch (MultipleObjectsReturnedException $e) {
|
} catch (MultipleObjectsReturnedException $e) {
|
||||||
return null;
|
return null;
|
||||||
|
|||||||
@@ -79,12 +79,14 @@ class BoardMapper extends QBMapper implements IPermissionMapper {
|
|||||||
* @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException
|
* @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException
|
||||||
* @throws DoesNotExistException
|
* @throws DoesNotExistException
|
||||||
*/
|
*/
|
||||||
public function find($id, $withLabels = false, $withAcl = false): Board {
|
public function find(int $id, bool $withLabels = false, bool $withAcl = false, bool $allowDeleted = false): Board {
|
||||||
if (!isset($this->boardCache[$id])) {
|
if (!isset($this->boardCache[$id])) {
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
|
$deletedWhere = $allowDeleted ? $qb->expr()->gte('deleted_at', $qb->createNamedParameter(0, IQueryBuilder::PARAM_INT)) : $qb->expr()->eq('deleted_at', $qb->createNamedParameter(0, IQueryBuilder::PARAM_INT));
|
||||||
$qb->select('*')
|
$qb->select('*')
|
||||||
->from('deck_boards')
|
->from('deck_boards')
|
||||||
->where($qb->expr()->eq('id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)))
|
->where($qb->expr()->eq('id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)))
|
||||||
|
->andWhere($deletedWhere)
|
||||||
->orderBy('id');
|
->orderBy('id');
|
||||||
$this->boardCache[$id] = $this->findEntity($qb);
|
$this->boardCache[$id] = $this->findEntity($qb);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -181,7 +181,7 @@ class BoardService {
|
|||||||
* @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException
|
* @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException
|
||||||
* @throws BadRequestException
|
* @throws BadRequestException
|
||||||
*/
|
*/
|
||||||
public function find($boardId) {
|
public function find($boardId, bool $allowDeleted = false) {
|
||||||
$this->boardServiceValidator->check(compact('boardId'));
|
$this->boardServiceValidator->check(compact('boardId'));
|
||||||
if ($this->boardsCache && isset($this->boardsCache[$boardId])) {
|
if ($this->boardsCache && isset($this->boardsCache[$boardId])) {
|
||||||
return $this->boardsCache[$boardId];
|
return $this->boardsCache[$boardId];
|
||||||
@@ -192,7 +192,7 @@ class BoardService {
|
|||||||
|
|
||||||
$this->permissionService->checkPermission($this->boardMapper, $boardId, Acl::PERMISSION_READ);
|
$this->permissionService->checkPermission($this->boardMapper, $boardId, Acl::PERMISSION_READ);
|
||||||
/** @var Board $board */
|
/** @var Board $board */
|
||||||
$board = $this->boardMapper->find($boardId, true, true);
|
$board = $this->boardMapper->find($boardId, true, true, $allowDeleted);
|
||||||
$this->boardMapper->mapOwner($board);
|
$this->boardMapper->mapOwner($board);
|
||||||
if ($board->getAcl() !== null) {
|
if ($board->getAcl() !== null) {
|
||||||
foreach ($board->getAcl() as $acl) {
|
foreach ($board->getAcl() as $acl) {
|
||||||
@@ -367,7 +367,7 @@ class BoardService {
|
|||||||
$this->boardServiceValidator->check(compact('id'));
|
$this->boardServiceValidator->check(compact('id'));
|
||||||
|
|
||||||
$this->permissionService->checkPermission($this->boardMapper, $id, Acl::PERMISSION_MANAGE);
|
$this->permissionService->checkPermission($this->boardMapper, $id, Acl::PERMISSION_MANAGE);
|
||||||
$board = $this->find($id);
|
$board = $this->find($id, true);
|
||||||
$board->setDeletedAt(0);
|
$board->setDeletedAt(0);
|
||||||
$board = $this->boardMapper->update($board);
|
$board = $this->boardMapper->update($board);
|
||||||
$this->activityManager->triggerEvent(ActivityManager::DECK_OBJECT_BOARD, $board, ActivityManager::SUBJECT_BOARD_RESTORE);
|
$this->activityManager->triggerEvent(ActivityManager::DECK_OBJECT_BOARD, $board, ActivityManager::SUBJECT_BOARD_RESTORE);
|
||||||
@@ -388,7 +388,7 @@ class BoardService {
|
|||||||
$this->boardServiceValidator->check(compact('id'));
|
$this->boardServiceValidator->check(compact('id'));
|
||||||
|
|
||||||
$this->permissionService->checkPermission($this->boardMapper, $id, Acl::PERMISSION_MANAGE);
|
$this->permissionService->checkPermission($this->boardMapper, $id, Acl::PERMISSION_MANAGE);
|
||||||
$board = $this->find($id);
|
$board = $this->find($id, true);
|
||||||
$delete = $this->boardMapper->delete($board);
|
$delete = $this->boardMapper->delete($board);
|
||||||
|
|
||||||
return $delete;
|
return $delete;
|
||||||
|
|||||||
@@ -274,6 +274,14 @@ class CardService {
|
|||||||
if ($archived !== null && $card->getArchived() && $archived === true) {
|
if ($archived !== null && $card->getArchived() && $archived === true) {
|
||||||
throw new StatusException('Operation not allowed. This card is archived.');
|
throw new StatusException('Operation not allowed. This card is archived.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($card->getDeletedAt() !== 0) {
|
||||||
|
if ($deletedAt === null) {
|
||||||
|
// Only allow operations when restoring the card
|
||||||
|
throw new StatusException('Operation not allowed. This card was deleted.');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$changes = new ChangeSet($card);
|
$changes = new ChangeSet($card);
|
||||||
if ($card->getLastEditor() !== $this->currentUser && $card->getLastEditor() !== null) {
|
if ($card->getLastEditor() !== $this->currentUser && $card->getLastEditor() !== null) {
|
||||||
$this->activityManager->triggerEvent(
|
$this->activityManager->triggerEvent(
|
||||||
|
|||||||
@@ -194,11 +194,11 @@ class PermissionService {
|
|||||||
* @throws MultipleObjectsReturnedException
|
* @throws MultipleObjectsReturnedException
|
||||||
* @throws DoesNotExistException
|
* @throws DoesNotExistException
|
||||||
*/
|
*/
|
||||||
private function getBoard($boardId): Board {
|
private function getBoard(int $boardId): Board {
|
||||||
if (!isset($this->boardCache[$boardId])) {
|
if (!isset($this->boardCache[(string)$boardId])) {
|
||||||
$this->boardCache[$boardId] = $this->boardMapper->find($boardId, false, true);
|
$this->boardCache[(string)$boardId] = $this->boardMapper->find($boardId, false, true);
|
||||||
}
|
}
|
||||||
return $this->boardCache[$boardId];
|
return $this->boardCache[(string)$boardId];
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -124,6 +124,7 @@ class ActivityManagerTest extends TestCase {
|
|||||||
|
|
||||||
public function testCreateEvent() {
|
public function testCreateEvent() {
|
||||||
$board = new Board();
|
$board = new Board();
|
||||||
|
$board->setId(123);
|
||||||
$board->setTitle('');
|
$board->setTitle('');
|
||||||
$this->boardMapper->expects($this->once())
|
$this->boardMapper->expects($this->once())
|
||||||
->method('find')
|
->method('find')
|
||||||
|
|||||||
Reference in New Issue
Block a user