/** * Validate update API request * * @param Request $r * @throws InvalidDatabaseOperationException * @throws ForbiddenAccessException */ private static function validateUpdate(Request $r) { Validators::isNumber($r["clarification_id"], "clarificaion_id"); Validators::isStringNonEmpty($r["answer"], "answer", false); Validators::isInEnum($r["public"], "public", array('0', '1'), false); Validators::isStringNonEmpty($r["message"], "message", false); // Check that clarification exists try { $r['clarification'] = ClarificationsDAO::GetByPK($r["clarification_id"]); } catch (Exception $e) { throw new InvalidDatabaseOperationException($e); } if (!Authorization::CanEditClarification($r["current_user_id"], $r["clarification"])) { throw new ForbiddenAccessException(); } }