diff --git a/api/BusinessLogic/Categories/CategoryHandler.php b/api/BusinessLogic/Categories/CategoryHandler.php index 895f1b34..dd68a176 100644 --- a/api/BusinessLogic/Categories/CategoryHandler.php +++ b/api/BusinessLogic/Categories/CategoryHandler.php @@ -117,4 +117,13 @@ class CategoryHandler { return $allCategories[$category->id]; } + + function deleteCategory($id, $userContext, $heskSettings) { + if (!$this->permissionChecker->doesUserHavePermission($userContext, UserPrivilege::CAN_MANAGE_CATEGORIES)) { + throw new AccessViolationException('User cannot manage categories!'); + } + + $this->categoryGateway->deleteCategory($id, $heskSettings); + $this->categoryGateway->resortAllCategories($heskSettings); + } } \ No newline at end of file diff --git a/api/Controllers/Categories/CategoryController.php b/api/Controllers/Categories/CategoryController.php index 90aa2882..cb63f050 100644 --- a/api/Controllers/Categories/CategoryController.php +++ b/api/Controllers/Categories/CategoryController.php @@ -34,7 +34,7 @@ class CategoryController { } function post() { - global $hesk_settings, $applicationContext; + global $hesk_settings, $userContext, $applicationContext; $data = JsonRetriever::getJsonData(); @@ -43,9 +43,9 @@ class CategoryController { /* @var $categoryHandler CategoryHandler */ $categoryHandler = $applicationContext->get[CategoryHandler::class]; - $category = $categoryHandler->createCategory($category, $hesk_settings); + $category = $categoryHandler->createCategory($category, $userContext, $hesk_settings); - return output($category); + return output($category, 201); } /** @@ -71,7 +71,7 @@ class CategoryController { } function put($id) { - global $hesk_settings, $applicationContext; + global $hesk_settings, $userContext, $applicationContext; $data = JsonRetriever::getJsonData(); @@ -81,12 +81,19 @@ class CategoryController { /* @var $categoryHandler CategoryHandler */ $categoryHandler = $applicationContext->get[CategoryHandler::class]; - $category = $categoryHandler->editCategory($category, $hesk_settings); + $category = $categoryHandler->editCategory($category, $userContext, $hesk_settings); return output($category); } function delete($id) { - //-- TODO: Delete category + global $hesk_settings, $userContext, $applicationContext; + + /* @var $categoryHandler CategoryHandler */ + $categoryHandler = $applicationContext->get[CategoryHandler::class]; + + $categoryHandler->deleteCategory($id, $userContext, $hesk_settings); + + return http_response_code(204); } } \ No newline at end of file diff --git a/api/DataAccess/Categories/CategoryGateway.php b/api/DataAccess/Categories/CategoryGateway.php index fbf518ec..5215a03b 100644 --- a/api/DataAccess/Categories/CategoryGateway.php +++ b/api/DataAccess/Categories/CategoryGateway.php @@ -116,4 +116,12 @@ class CategoryGateway extends CommonDao { $this->close(); } + + function deleteCategory($id, $heskSettings) { + $this->init(); + + hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` WHERE `id` = " . intval($id)); + + $this->close(); + } } \ No newline at end of file diff --git a/api/Link.php b/api/Link.php index 38b8c6e3..0e745ee3 100644 --- a/api/Link.php +++ b/api/Link.php @@ -82,6 +82,7 @@ class Link $handler = $routeDesc[0]; if( isset( $routeDesc[2] )) { $middleware = $routeDesc[2]; + $acceptedMethods = $routeDesc[3]; } } else diff --git a/api/index.php b/api/index.php index 78432bdd..a41b13fc 100644 --- a/api/index.php +++ b/api/index.php @@ -189,7 +189,7 @@ Link::all(array( // Categories '/v1/categories/all' => action(\Controllers\Categories\CategoryController::class . '::printAllCategories', [RequestMethod::GET]), '/v1/categories' => action(\Controllers\Categories\CategoryController::class, [RequestMethod::POST]), - '/v1/categories/{i}' => action(\Controllers\Categories\CategoryController::class), + '/v1/categories/{i}' => action(\Controllers\Categories\CategoryController::class, [RequestMethod::GET, RequestMethod::PUT, RequestMethod::DELETE]), // Tickets '/v1/tickets' => action(\Controllers\Tickets\CustomerTicketController::class), // Tickets - Staff