359b07dabb
BREAKING CHANGE: The bucket id of the task model is now only used internally and will not trigger a change in buckets when updating the task. This resolves a problem where the task update routine needs to know the view context it is in. Because that's not really what it should be used for, the extra endpoint takes all required parameters and handles the complexity of actually updating the bucket. This fixes a bug where it was impossible to move a task around between buckets of a saved filter view. In that case, the view of the bucket and the project the task was in would be different, hence the update failed.
61 lines
1.9 KiB
Go
61 lines
1.9 KiB
Go
// Vikunja is a to-do list application to facilitate your life.
|
|
// Copyright 2018-present Vikunja and contributors. All rights reserved.
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public Licensee as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public Licensee for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public Licensee
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
package models
|
|
|
|
import (
|
|
"code.vikunja.io/web"
|
|
"xorm.io/xorm"
|
|
)
|
|
|
|
// CanCreate checks if a user can create a new bucket
|
|
func (b *Bucket) CanCreate(s *xorm.Session, a web.Auth) (bool, error) {
|
|
pv, err := GetProjectViewByIDAndProject(s, b.ProjectViewID, b.ProjectID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
p := &Project{ID: pv.ProjectID}
|
|
return p.CanUpdate(s, a)
|
|
}
|
|
|
|
// CanUpdate checks if a user can update an existing bucket
|
|
func (b *Bucket) CanUpdate(s *xorm.Session, a web.Auth) (bool, error) {
|
|
return b.canDoBucket(s, a)
|
|
}
|
|
|
|
// CanDelete checks if a user can delete an existing bucket
|
|
func (b *Bucket) CanDelete(s *xorm.Session, a web.Auth) (bool, error) {
|
|
return b.canDoBucket(s, a)
|
|
}
|
|
|
|
// canDoBucket checks if the bucket exists and if the user has the right to act on it
|
|
func (b *Bucket) canDoBucket(s *xorm.Session, a web.Auth) (bool, error) {
|
|
bb, err := getBucketByID(s, b.ID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
pv, err := GetProjectViewByIDAndProject(s, bb.ProjectViewID, b.ProjectID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
// TODO saved filter check
|
|
|
|
p := &Project{ID: pv.ProjectID}
|
|
return p.CanUpdate(s, a)
|
|
}
|