Jingga/oms-Tasks
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Tasks.git synced 2026-02-04 17:58:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

More permission implementations

Browse Source
This commit is contained in:
Dennis Eichhorn 2017-09-15 19:09:52 +02:00
parent 35ad0adf57
commit b1fdcd3c7f
2 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
Controller.php
View File

@ -24,6 +24,7 @@ use Modules\Tasks\Models\TaskMapper;
use Modules\Tasks\Models\TaskStatus;
use Modules\Tasks\Models\TaskType;
use Modules\Tasks\Models\PermissionState;
use phpOMS\Message\Http\RequestStatusCode;
use phpOMS\Message\RequestAbstract;
use phpOMS\Message\ResponseAbstract;
use phpOMS\Module\ModuleAbstract;
@ -69,9 +70,9 @@ class Controller extends ModuleAbstract implements WebInterface
/* public */ const MODULE_NAME = 'Tasks';
/**
* Module name.
* Module id.
*
* @var string
* @var int
* @since 1.0.0
*/
/* public */ const MODULE_ID = 1001100000;
@ -158,9 +159,7 @@ class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
$task = TaskMapper::get((int) $request->getData('id'));
$view->addData('task', $task);
$task = TaskMapper::get((int) $request->getData('id'));
$accountId = $request->getHeader()->getAccount();
if (!($task->getCreatedBy()->getId() === $accountId
@ -174,6 +173,7 @@ class Controller extends ModuleAbstract implements WebInterface
}
$view->setTemplate('/Modules/Tasks/Theme/Backend/task-single');
$view->addData('task', $task);
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1001101001, $request, $response));
return $view;
@ -252,6 +252,13 @@ class Controller extends ModuleAbstract implements WebInterface
*/
public function apiTaskCreate(RequestAbstract $request, ResponseAbstract $response, $data = null)
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, 1, $this->app->appName, self::MODULE_ID, PermissionState::TASK)
) {
$response->set('task_create', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
}
if (!empty($val = $this->validateTaskCreate($request))) {
$response->set('task_create', new FormValidation($val));
@ -313,6 +320,13 @@ class Controller extends ModuleAbstract implements WebInterface
*/
public function apiTaskElementCreate(RequestAbstract $request, ResponseAbstract $response, $data = null)
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, 1, $this->app->appName, self::MODULE_ID, PermissionState::TASK)
) {
$response->set('task_element_create', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
}
if (!empty($val = $this->validateTaskElementCreate($request))) {
$response->set('task_element_create', new FormValidation($val));

1
Models/PermissionState.php
View File

@ -29,4 +29,5 @@ abstract class PermissionState extends Enum
{
/* public */ const DASHBOARD = 1;
/* public */ const TASK = 2;
/* public */ const TASKELEMENT = 3;
}