WIP - Will break build
This commit is contained in:
Matthew Ross
parent
16deb35442
commit
2d6b9d6c8b
@ -4,6 +4,22 @@ use Firebase\JWT\JWT;
|
||||
|
||||
class Auth extends BaseController {
|
||||
|
||||
public static function HasBoardAccess($container, $request, $boardId) {
|
||||
$hasAccess = false;
|
||||
|
||||
$userId = Auth::GetUserId($request);
|
||||
$board = new Board($container, $boardId);
|
||||
|
||||
foreach($board->users as $user) {
|
||||
if ($user->id === $userId) {
|
||||
$hasAccess = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return $hasAccess;
|
||||
}
|
||||
|
||||
public static function CreateInitialAdmin($container) {
|
||||
$admin = new User($container, 1);
|
||||
|
||||
|
||||
@ -12,8 +12,6 @@ class AutoActions extends BaseController {
|
||||
|
||||
$actionBeans = R::findAll('auto_action');
|
||||
|
||||
// TODO: Filter by boards user has access to
|
||||
|
||||
if(count($actionBeans)) {
|
||||
$this->apiJson->setSuccess();
|
||||
|
||||
@ -21,7 +19,10 @@ class AutoActions extends BaseController {
|
||||
$action = new AutoAction($this->container);
|
||||
$action->loadFromBean($bean);
|
||||
|
||||
$this->apiJson->addData($action);
|
||||
if (Auth::HasBoardAccess($this->container,
|
||||
$request, $action->board_id)) {
|
||||
$this->apiJson->addData($action);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$this->logger->addInfo('No automatic actions in database.');
|
||||
|
||||
@ -18,6 +18,9 @@ class AutoActionsTest extends PHPUnit_Framework_TestCase {
|
||||
$this->actions = new AutoActions(new ContainerMock());
|
||||
}
|
||||
|
||||
/**
|
||||
* @group single
|
||||
*/
|
||||
public function testGetAllActions() {
|
||||
$request = new RequestMock();
|
||||
$request->header = [DataMock::getJwt()];
|
||||
@ -32,11 +35,11 @@ class AutoActionsTest extends PHPUnit_Framework_TestCase {
|
||||
|
||||
$request->header = [DataMock::getJwt()];
|
||||
|
||||
$actions = $this->actions->getAllActions($request,
|
||||
$actual = $this->actions->getAllActions($request,
|
||||
new ResponseMock(), null);
|
||||
|
||||
$this->assertEquals(2, count($actions->data));
|
||||
$this->assertEquals('success', $actions->status);
|
||||
$this->assertEquals(2, count($actual->data));
|
||||
$this->assertEquals('success', $actual->status);
|
||||
}
|
||||
|
||||
public function testAddRemoveAction() {
|
||||
@ -124,6 +127,17 @@ class AutoActionsTest extends PHPUnit_Framework_TestCase {
|
||||
}
|
||||
|
||||
private function createAutoAction() {
|
||||
$board = DataMock::getBoard();
|
||||
$board->users = [];
|
||||
$board->users[] = new User(new ContainerMock(), 1);
|
||||
|
||||
$request = new RequestMock();
|
||||
$request->payload = $board;
|
||||
$request->header = [DataMock::getJwt()];
|
||||
|
||||
$boards = new Boards(new ContainerMock());
|
||||
$boards->addBoard($request, new ResponseMock(), null);
|
||||
|
||||
$request = new RequestMock();
|
||||
$request->header = [DataMock::getJwt()];
|
||||
|
||||
|
||||
Reference in New Issue
Block a user