public string UpdateDescription(int boardId, int cardId, string description)
{
if (!User.CheckSecurity(boardId))
{
return(AccessDenied());
}
//check description for malicious input
if (Malicious.IsMalicious(description, Malicious.InputType.TextOnly) == true)
{
return(Error());
}
var query = new Query.Cards();
try
{
query.UpdateDescription(boardId, cardId, description);
return(GetCard(boardId, cardId));
}
catch (Exception)
{
return(Error());
}
}
public string UpdateDescription(int boardId, int cardId, string description)
{
//check security
var board = Query.Boards.GetInfo(boardId);
if (!User.CheckSecurity(board.orgId, new string[] { Security.Keys.CardFullAccess.ToString(), Security.Keys.CardCanUpdate.ToString() }, Models.Scope.Card, cardId) ||
!User.CheckSecurity(board.orgId, new string[] { Security.Keys.BoardsFullAccess.ToString(), Security.Keys.BoardCanUpdate.ToString() }, Models.Scope.Board, boardId)
)
{
return(AccessDenied());
}
//check description for malicious input
if (Malicious.IsMalicious(description, Malicious.InputType.TextOnly) == true)
{
return(Error());
}
//save description
try
{
Query.Cards.UpdateDescription(boardId, cardId, description);
return(GetCard(boardId, cardId));
}
catch (Exception)
{
return(Error());
}
}
public string UpdateName(int boardId, int cardId, string name)
{
if (!User.CheckSecurity(boardId))
{
return(AccessDenied());
}
//check description for malicious input
if (Malicious.IsMalicious(name, Malicious.InputType.TextOnly) == true)
{
return(Error());
}
try
{
Query.Cards.UpdateName(boardId, cardId, name);
return(GetCard(boardId, cardId));
}
catch (Exception)
{
return(Error());
}
}