AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Regular users are able to create private projects

Browse Source
This commit is contained in:
Frédéric Guillot
2014-10-05 19:40:57 -04:00
parent 7f5a871f84
commit d138834dcf
39 changed files with 379 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
app/Controller/Base.php
View File

@@ -209,11 +209,8 @@ abstract class Base
*/
protected function checkProjectPermissions($project_id)
{
if ($this->acl->isRegularUser()) {
if ($project_id > 0 && ! $this->projectPermission->isUserAllowed($project_id, $this->acl->getUserId())) {
$this->forbidden();
}
if ($this->acl->isRegularUser() && ! $this->projectPermission->isUserAllowed($project_id, $this->acl->getUserId())) {
$this->forbidden();
}
}
@@ -260,6 +257,7 @@ abstract class Base
{
$content = $this->template->load($template, $params);
$params['project_content_for_layout'] = $content;
$params['menu'] = 'projects';
return $this->template->layout('project_layout', $params);
}
@@ -304,4 +302,25 @@ abstract class Base
return $project;
}
/**
* Common method to get a project with administration rights
*
* @access protected
* @return array
*/
protected function getProjectManagement()
{
$project = $this->project->getById($this->request->getIntegerParam('project_id'));
if (! $project) {
$this->notfound();
}
if ($this->acl->isRegularUser() && ! $this->projectPermission->adminAllowed($project['id'], $this->acl->getUserId())) {
$this->forbidden();
}
return $project;
}
}