public function validateUserOwnsTask($input) { if (array_key_exists('task_id', $input->errors())) { return; } $this->task_id = $input->task_id; $this->retrieveInfoFromDB(); $project = new Project_Model(); $project->project_id = $this->project_id; $project->retrieveInfoFromDB(); if ($project->user_id != $this->expectedUser_id) { $input->add_error('task_id', 'PermissionDenied'); } return; }
public function removeProject() { $user = $this->authenticate(); $emptyrequest = !isset($_GET) && !isset($_POST) || sizeof($_GET) == 0 && sizeof($_POST) == 0; $input; if (!$emptyrequest) { $input = new Validation(array_merge($_GET, $_POST)); $input->add_rules('project_id', 'required', 'numeric'); $validator = new ProjectValidation_Model(); $validator->expectedUser_id = $user->user_id; $input->add_callbacks('project_id', array($validator, "validateExists")); $input->add_callbacks('project_id', array($validator, "validateUserOwnsProject")); } else { $input = new Validation(array()); $input->add_error('project_id', 'required'); } if ($input->validate()) { $project = new Project_Model(); $project->project_id = $input->project_id; $project->retrieveInfoFromDB(); $project->removeFromDB(); Kohana::render($this->encode($project)); } else { //@TODO : make better error messages...... Kohana::render($this->encode(NULL, $input->errors("project_errors"))); } }