public static bool HasEntityPermission(User user, int entityId, EntityType entityType) { if (!EntityUtils.IsEntityExists(entityId, entityType)) { return(false); } switch (entityType) { case EntityType.Project: var project = ProjectRepository.Find(entityId); if (project != null && ProjectTeamMemberRepository.IsExists(project, user)) { return(true); } break; case EntityType.Board: var board = BoardRepository.Find(entityId); if (board != null && ProjectTeamMemberRepository.IsExists(board.Project(), user)) { return(true); } break; case EntityType.BoardColumn: var column = BoardColumnRepository.Find(entityId); if (column != null && ProjectTeamMemberRepository.IsExists(column.Board().Project(), user)) { return(true); } break; case EntityType.Card: var card = CardRepository.Find(entityId); // TODO: optimize? if (card != null && ProjectTeamMemberRepository.IsExists(card.Column().Board().Project(), user)) { return(true); } break; } return(false); }
public void Delete_DataCorrect_BoardColumnDeleted() { var browser = new Browser(new DefaultNancyBootstrapper()); var me = UserFaker.Create(); var boardColumn = BoardColumnFaker.Create(me); Assert.NotNull(BoardColumnRepository.Find(boardColumn.id)); var result = browser.Delete("/api/v1/board_column/delete", with => { with.HttpRequest(); with.Query("api_token", Jwt.FromUserId(me.id)); with.Query("board_column_guid", boardColumn.guid); }).Result; Assert.AreEqual(HttpStatusCode.OK, result.StatusCode); Assert.IsNull(BoardColumnRepository.Find(boardColumn.id)); }
public BoardColumnCrudController() { Post("/api/v1/board_column/create", _ => { var me = UserRepository.Find(CurrentRequest.UserId); var board = BoardRepository.FindByGuid(GetRequestStr("board_guid")); var errors = ValidationProcessor.Process(Request, new IValidatorRule[] { new ShouldHaveParameters(new[] { "name", "board_guid", "board_order" }), new ExistsInTable("board_guid", "boards", "guid"), new HasPermission(me, board.Project().id, EntityType.Project) }, true); if (errors.Count > 0) { return(HttpResponse.Errors(errors)); } var boardOrder = (short)Request.Query["board_order"]; if (BoardColumnRepository.Find(board, boardOrder) != null) { return(HttpResponse.Error(HttpStatusCode.Conflict, "Board's column with this board's order already exists ")); } var boardColumn = BoardColumnRepository.CreateAndGet( (string)Request.Query["name"], board, boardOrder ); return(HttpResponse.Item( "board_column", new BoardColumnTransformer().Transform(boardColumn), HttpStatusCode.Created )); }); Patch("/api/v1/board_column/edit", _ => { var me = UserRepository.Find(CurrentRequest.UserId); var boardColumn = BoardColumnRepository.FindByGuid(GetRequestStr("board_column_guid")); var board = BoardRepository.Find(boardColumn.board_id); var errors = ValidationProcessor.Process(Request, new IValidatorRule[] { new ShouldHaveParameters(new[] { "board_column_guid" }), new ExistsInTable("board_column_guid", "board_columns", "guid"), new HasPermission(me, boardColumn.Board().id, EntityType.Board) }, true); if (errors.Count > 0) { return(HttpResponse.Errors(errors)); } if (BoardColumnRepository.Find(board, Convert.ToInt16(GetRequestStr("board_order"))) != null) { return(HttpResponse.Error(HttpStatusCode.Conflict, "Board's column with this board's order already exists ")); } boardColumn = BoardColumnRepository.UpdateAndRefresh(boardColumn, new JObject() { ["name"] = GetRequestStr("name"), ["board_order"] = GetRequestStr("board_order") }); return(HttpResponse.Item("board_column", new BoardColumnTransformer().Transform(boardColumn))); }); Delete("/api/v1/board_column/delete", _ => { var me = UserRepository.Find(CurrentRequest.UserId); var boardColumn = BoardColumnRepository.FindByGuid(GetRequestStr("board_column_guid")); var errors = ValidationProcessor.Process(Request, new IValidatorRule[] { new ShouldHaveParameters(new[] { "board_column_guid" }), new ExistsInTable("board_column_guid", "board_columns", "guid"), new HasPermission(me, boardColumn.Board().id, EntityType.Board) }, true); if (errors.Count > 0) { return(HttpResponse.Errors(errors)); } boardColumn.Delete(); return(HttpResponse.Item("board", new BoardColumnTransformer().Transform(boardColumn))); }); }