예제 #1
0
 /**
  * @throws 403
  * @throws 404
  *
  * @return Project
  */
 private function getProjectForUser($id)
 {
     $project = $this->project_manager->getProject($id);
     $user = $this->user_manager->getCurrentUser();
     ProjectAuthorization::userCanAccessProject($user, $project, new URLVerification());
     return $project;
 }
예제 #2
0
 /** @return Tracker_Report */
 private function getReportById(\PFUser $user, $id)
 {
     $store_in_session = false;
     $report = Tracker_ReportFactory::instance()->getReportById($id, $user->getId(), $store_in_session);
     if (!$report) {
         throw new RestException(404);
     }
     $tracker = $report->getTracker();
     if (!$tracker->userCanView($user)) {
         throw new RestException(403);
     }
     ProjectAuthorization::userCanAccessProject($user, $tracker->getProject(), new Tracker_URLVerification());
     return $report;
 }
예제 #3
0
 /**
  * @throws 403
  * @throws 404
  *
  * @return boolean
  */
 private function userCanSeeUserGroupMembers($project_id)
 {
     $project = $this->project_manager->getProject($project_id);
     $user = $this->user_manager->getCurrentUser();
     ProjectAuthorization::userCanAccessProjectAndIsProjectAdmin($user, $project);
     return true;
 }
예제 #4
0
 /**
  * @param int $fileinfo_id
  *
  * @return Tracker_Artifact
  */
 private function getArtifactByFileInfoId($fileinfo_id)
 {
     try {
         $artifact = $this->fileinfo_factory->getArtifactByFileInfoIdInLastChangeset($this->user, $fileinfo_id);
     } catch (InvalidFileInfoException $e) {
         $this->raiseError(404, $e->getMessage());
     } catch (UnauthorisedException $e) {
         $this->raiseError(403, $e->getMessage());
     }
     if ($artifact) {
         ProjectAuthorization::userCanAccessProject($this->user, $artifact->getTracker()->getProject(), new Tracker_URLVerification());
         return $artifact;
     }
 }
예제 #5
0
 /**
  * @param int $id
  *
  * @return Tracker_Artifact
  * @throws Project_AccessProjectNotFoundException 404
  * @throws Project_AccessException 403
  * @throws RestException 404
  */
 private function getArtifactById(PFUser $user, $id)
 {
     $artifact = $this->artifact_factory->getArtifactById($id);
     if ($artifact) {
         if (!$artifact->userCanView($user)) {
             throw new RestException(403);
         }
         ProjectAuthorization::userCanAccessProject($user, $artifact->getTracker()->getProject(), new Tracker_URLVerification());
         return $artifact;
     }
     throw new RestException(404);
 }
예제 #6
0
 private function getMilestoneById(PFUser $user, $id)
 {
     try {
         $milestone = $this->milestone_factory->getValidatedBareMilestoneByArtifactId($user, $id);
     } catch (\MilestonePermissionDeniedException $e) {
         if ($this->is_authenticated) {
             throw new RestException(403);
         }
         throw new RestException(401);
     }
     if (!$milestone) {
         throw new RestException(404);
     }
     ProjectAuthorization::userCanAccessProject($user, $milestone->getProject(), new URLVerification());
     return $milestone;
 }
예제 #7
0
 /**
  * @throws 403
  * @throws 404
  *
  * @return boolean
  */
 private function userCanSeeUserGroupMembers($project_id)
 {
     $user_manager = UserManager::instance();
     $project = ProjectManager::instance()->getProject($project_id);
     $user = $user_manager->getCurrentUser();
     ProjectAuthorization::userCanAccessProjectAndIsProjectAdmin($user, $project);
     return true;
 }
예제 #8
0
 /**
  * @return Tracker
  * @throws RestException
  */
 private function getTrackerById(\PFUser $user, $id)
 {
     $tracker = TrackerFactory::instance()->getTrackerById($id);
     if ($tracker) {
         if ($tracker->isDeleted()) {
             throw new RestException(404, 'this tracker is deleted');
         }
         if ($tracker->userCanView($user)) {
             ProjectAuthorization::userCanAccessProject($user, $tracker->getProject(), new Tracker_URLVerification());
             return $tracker;
         }
         throw new RestException(403);
     }
     throw new RestException(404);
 }
예제 #9
0
 /**
  * @param integer $id
  *
  * @return Planning
  */
 private function getPlanning($id)
 {
     $planning = PlanningFactory::build()->getPlanning($id);
     if (!$planning) {
         throw new RestException(404, 'Planning not found');
     }
     ProjectAuthorization::userCanAccessProject($this->getCurrentUser(), $planning->getPlanningTracker()->getProject(), new URLVerification());
     return $planning;
 }
예제 #10
0
 /**
  * @throws 403
  * @throws 404
  */
 private function checkUserCanAccessProject(PFUser $user, $project_id)
 {
     $project = $this->project_manager->getProject($project_id);
     ProjectAuthorization::userCanAccessProject($user, $project, new URLVerification());
 }
예제 #11
0
 private function getSingleCard(PFUser $user, $id)
 {
     try {
         $this->checkIdIsWellFormed($id);
         list($planning_id, $artifact_id) = explode('_', $id);
         $single_card = $this->single_card_builder->getSingleCard($user, $artifact_id, $planning_id);
         if ($single_card->getArtifact()->userCanView($user)) {
             ProjectAuthorization::userCanAccessProject($user, $single_card->getArtifact()->getTracker()->getProject(), new URLVerification());
             return $single_card;
         }
         throw new RestException(403);
     } catch (CardControllerBuilderRequestIdException $exception) {
         throw new RestException(404, $exception->getMessage());
     } catch (CardControllerBuilderRequestDataException $exception) {
         throw new RestException(404, $exception->getMessage());
     } catch (CardControllerBuilderRequestPlanningIdException $exception) {
         throw new RestException(404, $exception->getMessage());
     }
     throw new RestException(404);
 }