core/php-agentic
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
php-agentic/Models/Task.php

101 lines
2.5 KiB
PHP
Raw Normal View History

monorepo sepration
2026-01-27 00:28:29 +00:00
<?php
declare(strict_types=1);
refactor: rename namespace Core\Agentic to Core\Mod\Agentic Updates all classes to use the new modular namespace convention. Adds Service/ layer with Core\Service\Agentic for service definition. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-27 16:12:58 +00:00
namespace Core\Mod\Agentic\Models;
monorepo sepration
2026-01-27 00:28:29 +00:00
use Illuminate\Database\Eloquent\Model;
refactor: update namespaces for L1/L2 package convention - Core\Mod\Tenant -> Core\Tenant - Core\Service\Agentic -> Core\Mod\Agentic\Service Part of namespace restructure to align with L1/L2 module conventions. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-27 17:34:46 +00:00
use Core\Tenant\Concerns\BelongsToWorkspace;
monorepo sepration
2026-01-27 00:28:29 +00:00
class Task extends Model
{
use BelongsToWorkspace;
protected $fillable = [
'workspace_id',
'title',
'description',
'status',
'priority',
'category',
'file_ref',
'line_ref',
];
protected $casts = [
'line_ref' => 'integer',
];
public function scopePending($query)
{
return $query->where('status', 'pending');
}
public function scopeInProgress($query)
{
return $query->where('status', 'in_progress');
}
public function scopeDone($query)
{
return $query->where('status', 'done');
}
public function scopeActive($query)
{
return $query->whereIn('status', ['pending', 'in_progress']);
}
security: fix SQL injection and add workspace scoping to MCP tools - Replace orderByRaw with parameterised CASE statements - Add Task::scopeOrderByPriority() and scopeOrderByStatus() - Add AgentPlan::scopeOrderByStatus() - Add workspace validation to StateSet, StateGet, StateList tools - Add workspace validation to PlanGet, PlanList tools - Add SecurityTest.php with comprehensive isolation tests Fixes SEC-002, SEC-003 from security audit. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 12:21:01 +00:00
/**
* Order by priority using CASE statement with whitelisted values.
*
* This is a safe replacement for orderByRaw("FIELD(priority, ...)") which
* could be vulnerable to SQL injection if extended with user input.
*/
public function scopeOrderByPriority($query, string $direction = 'asc')
{
return $query->orderByRaw('CASE priority
WHEN ? THEN 1
WHEN ? THEN 2
WHEN ? THEN 3
WHEN ? THEN 4
ELSE 5
END ' . ($direction === 'desc' ? 'DESC' : 'ASC'), ['urgent', 'high', 'normal', 'low']);
}
/**
* Order by status using CASE statement with whitelisted values.
*
* This is a safe replacement for orderByRaw("FIELD(status, ...)") which
* could be vulnerable to SQL injection if extended with user input.
*/
public function scopeOrderByStatus($query, string $direction = 'asc')
{
return $query->orderByRaw('CASE status
WHEN ? THEN 1
WHEN ? THEN 2
WHEN ? THEN 3
ELSE 4
END ' . ($direction === 'desc' ? 'DESC' : 'ASC'), ['in_progress', 'pending', 'done']);
}
monorepo sepration
2026-01-27 00:28:29 +00:00
public function getStatusBadgeAttribute(): string
{
return match ($this->status) {
'done' => '✓',
'in_progress' => '→',
default => '○',
};
}
public function getPriorityBadgeAttribute(): string
{
return match ($this->priority) {
'urgent' => '🔴',
'high' => '🟠',
'low' => '🔵',
default => '',
};
}
}
Reference in a new issue Copy permalink