AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add column restrictions to custom project roles

Browse Source
This commit is contained in:
Frederic Guillot
2016-09-18 21:19:48 -04:00
parent 4bc83646b0
commit 3043163747
33 changed files with 1132 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
app/Model/ProjectRoleRestrictionModel.php
View File

@@ -17,15 +17,6 @@ class ProjectRoleRestrictionModel extends Base
const RULE_TASK_CREATION = 'task_creation';
const RULE_TASK_OPEN_CLOSE = 'task_open_close';
protected $ruleMapping = array(
self::RULE_TASK_CREATION => array(
array('controller' => 'TaskCreationController', 'method' => '*'),
),
self::RULE_TASK_OPEN_CLOSE => array(
array('controller' => 'TaskStatusController', 'method' => '*'),
)
);
/**
* Get rules
*
@@ -91,7 +82,7 @@ class ProjectRoleRestrictionModel extends Base
*/
public function getAllByRole($project_id, $role)
{
$rules = $this->db
return $this->db
->table(self::TABLE)
->columns(
self::TABLE.'.restriction_id',
@@ -104,12 +95,6 @@ class ProjectRoleRestrictionModel extends Base
->eq('role', $role)
->left(ProjectRoleModel::TABLE, 'pr', 'role_id', self::TABLE, 'role_id')
->findAll();
foreach ($rules as &$rule) {
$rule['acl'] = $this->ruleMapping[$rule['rule']];
}
return $rules;
}
/**
@@ -140,31 +125,4 @@ class ProjectRoleRestrictionModel extends Base
{
return $this->db->table(self::TABLE)->eq('restriction_id', $restriction_id)->remove();
}
/**
* Check if the controller/method is allowed
*
* @param array $restrictions
* @param string $controller
* @param string $method
* @return bool
*/
public function isAllowed(array $restrictions, $controller, $method)
{
$controller = strtolower($controller);
$method = strtolower($method);
foreach ($restrictions as $restriction) {
foreach ($restriction['acl'] as $acl) {
$acl['controller'] = strtolower($acl['controller']);
$acl['method'] = strtolower($acl['method']);
if ($acl['controller'] === $controller && ($acl['method'] === '*' || $acl['method'] === $method)) {
return false;
}
}
}
return true;
}
}