/** * Delete a note given its id. * * @param string $p_username The name of the user trying to add a note to an issue. * @param string $p_password The password of the user. * @param integer $p_issue_note_id The id of the note to be deleted. * @return boolean true: success, false: failure */ function mc_issue_note_delete($p_username, $p_password, $p_issue_note_id) { global $g_project_override; $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if ((int) $p_issue_note_id < 1) { return SoapObjectsFactory::newSoapFault('Client', 'Invalid issue note id \'' . $p_issue_note_id . '\'.'); } if (!bugnote_exists($p_issue_note_id)) { return SoapObjectsFactory::newSoapFault('Client', 'Issue note \'' . $p_issue_note_id . '\' does not exist.'); } $t_issue_id = bugnote_get_field($p_issue_note_id, 'bug_id'); $t_project_id = bug_get_field($t_issue_id, 'project_id'); $g_project_override = $t_project_id; if (!mci_has_readwrite_access($t_user_id, $t_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_reporter_id = bugnote_get_field($p_issue_note_id, 'reporter_id'); # mirrors check from bugnote_delete.php if ($t_user_id == $t_reporter_id) { $t_threshold_config_name = 'bugnote_user_delete_threshold'; } else { $t_threshold_config_name = 'delete_bugnote_threshold'; } if (!access_has_bugnote_level(config_get($t_threshold_config_name), $p_issue_note_id)) { return mci_soap_fault_access_denied($t_user_id); } if (bug_is_readonly($t_issue_id)) { return mci_soap_fault_access_denied($t_user_id, 'Issue \'' . $t_issue_id . '\' is readonly'); } log_event(LOG_WEBSERVICE, 'deleting bugnote id \'' . $p_issue_note_id . '\''); return bugnote_delete($p_issue_note_id); }
/** * Delete a note given its id. * * @param string $p_username The name of the user trying to add a note to an issue. * @param string $p_password The password of the user. * @param integer $p_issue_note_id The id of the note to be deleted. * @return true: success, false: failure */ function mc_issue_note_delete( $p_username, $p_password, $p_issue_note_id ) { $t_user_id = mci_check_login( $p_username, $p_password ); if( $t_user_id === false ) { return mci_soap_fault_login_failed(); } if( (integer) $p_issue_note_id < 1 ) { return new soap_fault( 'Client', '', "Invalid issue note id '$p_issue_note_id'."); } if( !bugnote_exists( $p_issue_note_id ) ) { return new soap_fault( 'Client', '', "Issue note '$p_issue_note_id' does not exist."); } $t_issue_id = bugnote_get_field( $p_issue_note_id, 'bug_id' ); $t_project_id = bug_get_field( $t_issue_id, 'project_id' ); if( !mci_has_readwrite_access( $t_user_id, $t_project_id ) ) { return mci_soap_fault_access_denied( $t_user_id ); } return bugnote_delete( $p_issue_note_id ); }
/** * Delete a note given its id. * * @param string $p_username The name of the user trying to add a note to an issue. * @param string $p_password The password of the user. * @param integer $p_issue_note_id The id of the note to be deleted. * @return true: success, false: failure */ function mc_issue_note_delete($p_username, $p_password, $p_issue_note_id) { global $g_project_override; $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if ((int) $p_issue_note_id < 1) { return SoapObjectsFactory::newSoapFault('Client', "Invalid issue note id '{$p_issue_note_id}'."); } if (!bugnote_exists($p_issue_note_id)) { return SoapObjectsFactory::newSoapFault('Client', "Issue note '{$p_issue_note_id}' does not exist."); } $t_issue_id = bugnote_get_field($p_issue_note_id, 'bug_id'); $t_project_id = bug_get_field($t_issue_id, 'project_id'); $g_project_override = $t_project_id; if (!mci_has_readwrite_access($t_user_id, $t_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_reporter_id = bugnote_get_field($p_issue_note_id, 'reporter_id'); // mirrors check from bugnote_delete.php if ($t_user_id != $t_reporter_id || OFF == config_get('bugnote_allow_user_edit_delete')) { if (!access_has_bugnote_level(config_get('delete_bugnote_threshold'), $p_issue_note_id)) { return mci_soap_fault_access_denied($t_user_id); } } if (bug_is_readonly($t_issue_id)) { return mci_soap_fault_access_denied($t_user_id, "Issue '{$t_issue_id}' is readonly"); } return bugnote_delete($p_issue_note_id); }
require_api('constant_inc.php'); require_api('event_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('string_api.php'); form_security_validate('bugnote_delete'); $f_bugnote_id = gpc_get_int('bugnote_id'); $t_bug_id = bugnote_get_field($f_bugnote_id, 'bug_id'); $t_bug = bug_get($t_bug_id, true); if ($t_bug->project_id != helper_get_current_project()) { # in case the current project is not the same project of the bug we are viewing... # ... override the current project. This to avoid problems with categories and handlers lists etc. $g_project_override = $t_bug->project_id; } # Check if the current user is allowed to delete the bugnote $t_user_id = auth_get_current_user_id(); $t_reporter_id = bugnote_get_field($f_bugnote_id, 'reporter_id'); if ($t_user_id == $t_reporter_id) { access_ensure_bugnote_level(config_get('bugnote_user_delete_threshold'), $f_bugnote_id); } else { access_ensure_bugnote_level(config_get('delete_bugnote_threshold'), $f_bugnote_id); } helper_ensure_confirmed(lang_get('delete_bugnote_sure_msg'), lang_get('delete_bugnote_button')); bugnote_delete($f_bugnote_id); # Event integration event_signal('EVENT_BUGNOTE_DELETED', array($t_bug_id, $f_bugnote_id)); form_security_purge('bugnote_delete'); print_successful_redirect(string_get_bug_view_url($t_bug_id) . '#bugnotes');
/** * Delete a note given its id. * * @param string $p_username The name of the user trying to add a note to an issue. * @param string $p_password The password of the user. * @param integer $p_issue_note_id The id of the note to be deleted. * @return true: success, false: failure */ function mc_issue_note_delete($p_username, $p_password, $p_issue_note_id) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if ((int) $p_issue_note_id < 1) { return new soap_fault('Client', '', "Invalid issue note id '{$p_issue_note_id}'."); } if (!bugnote_exists($p_issue_note_id)) { return new soap_fault('Client', '', "Issue note '{$p_issue_note_id}' does not exist."); } $t_issue_id = bugnote_get_field($p_issue_note_id, 'bug_id'); $t_project_id = bug_get_field($t_issue_id, 'project_id'); if (!mci_has_readwrite_access($t_user_id, $t_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_reporter_id = bugnote_get_field($p_issue_note_id, 'reporter_id'); // mirrors check from bugnote_delete.php if ($t_user_id == $t_reporter_id) { $t_threshold_config_name = 'bugnote_user_delete_threshold'; } else { $t_threshold_config_name = 'delete_bugnote_threshold'; } if (!access_has_bugnote_level(config_get($t_threshold_config_name), $p_issue_note_id)) { return mci_soap_fault_access_denied($t_user_id); } return bugnote_delete($p_issue_note_id); }