Add project owner support (allow user management to a regular user), see #316
This commit is contained in:
Frédéric Guillot
@@ -252,6 +252,20 @@ abstract class Base
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the current user is owner of the given project
|
||||
*
|
||||
* @access protected
|
||||
* @param integer $project_id Project id
|
||||
*/
|
||||
protected function checkProjectOwnerPermissions($project_id)
|
||||
{
|
||||
if (! $this->acl->isAdminUser() &&
|
||||
! ($this->acl->isRegularUser() && $this->projectPermission->isOwner($project_id, $this->acl->getUserId()))) {
|
||||
$this->forbidden();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Redirection when there is no project in the database
|
||||
*
|
||||
@@ -299,6 +313,7 @@ abstract class Base
|
||||
$params['project_content_for_layout'] = $content;
|
||||
$params['title'] = $params['project']['name'] === $params['title'] ? $params['title'] : $params['project']['name'].' > '.$params['title'];
|
||||
$params['board_selector'] = $this->projectPermission->getAllowedProjects($this->acl->getUserId());
|
||||
$params['is_owner'] = $this->projectPermission->isOwner($params['project']['id'], $this->acl->getUserId());
|
||||
|
||||
return $this->template->layout('project/layout', $params);
|
||||
}
|
||||
|
||||
@@ -244,11 +244,43 @@ class Project extends Base
|
||||
public function allow()
|
||||
{
|
||||
$values = $this->request->getValues();
|
||||
$this->checkProjectOwnerPermissions($values['project_id']);
|
||||
list($valid,) = $this->projectPermission->validateUserModification($values);
|
||||
|
||||
if ($valid) {
|
||||
|
||||
if ($this->projectPermission->allowUser($values['project_id'], $values['user_id'])) {
|
||||
if ($this->projectPermission->allowUser($values['project_id'], $values['user_id'], $values['is_owner'])) {
|
||||
$this->session->flash(t('Project updated successfully.'));
|
||||
}
|
||||
else {
|
||||
$this->session->flashError(t('Unable to update this project.'));
|
||||
}
|
||||
}
|
||||
|
||||
$this->response->redirect('?controller=project&action=users&project_id='.$values['project_id']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set ownership for a specific user (admin only)
|
||||
*
|
||||
* @access public
|
||||
*/
|
||||
public function setOwner()
|
||||
{
|
||||
$this->checkCSRFParam();
|
||||
|
||||
$values = array(
|
||||
'project_id' => $this->request->getIntegerParam('project_id'),
|
||||
'user_id' => $this->request->getIntegerParam('user_id'),
|
||||
'is_owner' => $this->request->getIntegerParam('is_owner'),
|
||||
);
|
||||
|
||||
$this->checkProjectOwnerPermissions($values['project_id']);
|
||||
list($valid,) = $this->projectPermission->validateUserModification($values);
|
||||
|
||||
if ($valid) {
|
||||
|
||||
if ($this->projectPermission->setOwner($values['project_id'], $values['user_id'], $values['is_owner'])) {
|
||||
$this->session->flash(t('Project updated successfully.'));
|
||||
}
|
||||
else {
|
||||
@@ -273,6 +305,7 @@ class Project extends Base
|
||||
'user_id' => $this->request->getIntegerParam('user_id'),
|
||||
);
|
||||
|
||||
$this->checkProjectOwnerPermissions($values['project_id']);
|
||||
list($valid,) = $this->projectPermission->validateUserModification($values);
|
||||
|
||||
if ($valid) {
|
||||
|
||||
Reference in New Issue
Block a user