AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rewrite of the authentication and authorization system

Browse Source
This commit is contained in:
Frederic Guillot
2015-12-05 20:31:27 -05:00
parent 346b8312e5
commit e9fedf3e5c
255 changed files with 14114 additions and 9820 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/Template/project/dropdown.php
View File

@@ -2,10 +2,13 @@
<i class="fa fa-dashboard fa-fw"></i>&nbsp;
<?= $this->url->link(t('Activity'), 'activity', 'project', array('project_id' => $project['id'])) ?>
</li>
<?php if ($this->user->hasProjectAccess('customfilter', 'index', $project['id'])): ?>
<li>
<i class="fa fa-filter fa-fw"></i>&nbsp;
<?= $this->url->link(t('Custom filters'), 'customfilter', 'index', array('project_id' => $project['id'])) ?>
</li>
<?php endif ?>
<?php if ($project['is_public']): ?>
<li>
@@ -15,15 +18,21 @@
<?= $this->hook->render('template:project:dropdown', array('project' => $project)) ?>
<?php if ($this->user->isProjectManagementAllowed($project['id'])): ?>
<?php if ($this->user->hasProjectAccess('analytic', 'tasks', $project['id'])): ?>
<li>
<i class="fa fa-line-chart fa-fw"></i>&nbsp;
<?= $this->url->link(t('Analytics'), 'analytic', 'tasks', array('project_id' => $project['id'])) ?>
</li>
<?php endif ?>
<?php if ($this->user->hasProjectAccess('export', 'tasks', $project['id'])): ?>
<li>
<i class="fa fa-download fa-fw"></i>&nbsp;
<?= $this->url->link(t('Exports'), 'export', 'tasks', array('project_id' => $project['id'])) ?>
</li>
<?php endif ?>
<?php if ($this->user->hasProjectAccess('project', 'edit', $project['id'])): ?>
<li>
<i class="fa fa-cog fa-fw"></i>&nbsp;
<?= $this->url->link(t('Settings'), 'project', 'show', array('project_id' => $project['id'])) ?>

2
app/Template/project/edit.php
View File

@@ -19,7 +19,7 @@
<?= $this->form->label(t('End date'), 'end_date') ?>
<?= $this->form->text('end_date', $values, $errors, array('maxlength="10"'), 'form-date') ?>
<?php if ($this->user->isAdmin() || $this->user->isProjectAdministrationAllowed($project['id'])): ?>
<?php if ($this->user->hasProjectAccess('project', 'create', $project['id'])): ?>
<?= $this->form->checkbox('is_private', t('Private project'), 1, $project['is_private'] == 1) ?>
<?php endif ?>

2
app/Template/project/filters.php
View File

@@ -48,7 +48,7 @@
<i class="fa fa-list fa-fw"></i>
<?= $this->url->link(t('List'), 'listing', 'show', array('project_id' => $project['id'], 'search' => $filters['search']), false, 'view-listing', t('Keyboard shortcut: "%s"', 'v l')) ?>
</li>
<?php if ($this->user->isProjectManagementAllowed($project['id'])): ?>
<?php if ($this->user->hasProjectAccess('gantt', 'project', $project['id'])): ?>
<li <?= $filters['controller'] === 'gantt' ? 'class="active"' : '' ?>>
<i class="fa fa-sliders fa-fw"></i>
<?= $this->url->link(t('Gantt'), 'gantt', 'project', array('project_id' => $project['id'], 'search' => $filters['search']), false, 'view-gantt', t('Keyboard shortcut: "%s"', 'v g')) ?>

40
app/Template/project/index.php
View File

@@ -1,12 +1,14 @@
<section id="main">
<div class="page-header">
<ul>
<?php if ($this->user->isProjectAdmin() || $this->user->isAdmin()): ?>
<?php if ($this->user->hasAccess('project', 'create')): ?>
<li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New project'), 'project', 'create') ?></li>
<?php endif ?>
<li><i class="fa fa-lock fa-fw"></i><?= $this->url->link(t('New private project'), 'project', 'create', array('private' => 1)) ?></li>
<?php if ($this->user->isProjectAdmin() || $this->user->isAdmin()): ?>
<li><i class="fa fa-lock fa-fw"></i><?= $this->url->link(t('New private project'), 'project', 'createPrivate') ?></li>
<?php if ($this->user->hasAccess('projectuser', 'managers')): ?>
<li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('Users overview'), 'projectuser', 'managers') ?></li>
<?php endif ?>
<?php if ($this->user->hasAccess('gantt', 'projects')): ?>
<li><i class="fa fa-sliders fa-fw"></i><?= $this->url->link(t('Projects Gantt chart'), 'gantt', 'projects') ?></li>
<?php endif ?>
</ul>
@@ -21,7 +23,7 @@
<th class="column-15"><?= $paginator->order(t('Project'), 'name') ?></th>
<th class="column-8"><?= $paginator->order(t('Start date'), 'start_date') ?></th>
<th class="column-8"><?= $paginator->order(t('End date'), 'end_date') ?></th>
<?php if ($this->user->isAdmin() || $this->user->isProjectAdmin()): ?>
<?php if ($this->user->hasAccess('projectuser', 'managers')): ?>
<th class="column-12"><?= t('Managers') ?></th>
<th class="column-12"><?= t('Members') ?></th>
<?php endif ?>
@@ -64,25 +66,17 @@
<td>
<?= $project['end_date'] ?>
</td>
<?php if ($this->user->isAdmin() || $this->user->isProjectAdmin()): ?>
<td>
<ul class="no-bullet">
<?php foreach ($project['managers'] as $user_id => $user_name): ?>
<li><?= $this->url->link($this->e($user_name), 'projectuser', 'opens', array('user_id' => $user_id)) ?></li>
<?php endforeach ?>
</ul>
</td>
<td>
<?php if ($project['is_everybody_allowed'] == 1): ?>
<?= t('Everybody') ?>
<?php else: ?>
<ul class="no-bullet">
<?php foreach ($project['members'] as $user_id => $user_name): ?>
<li><?= $this->url->link($this->e($user_name), 'projectuser', 'opens', array('user_id' => $user_id)) ?></li>
<?php endforeach ?>
</ul>
<?php endif ?>
</td>
<?php if ($this->user->hasAccess('projectuser', 'managers')): ?>
<td>
<?= $this->render('project/roles', array('roles' => $project, 'role' => \Kanboard\Core\Security\Role::PROJECT_MANAGER)) ?>
</td>
<td>
<?php if ($project['is_everybody_allowed'] == 1): ?>
<?= t('Everybody') ?>
<?php else: ?>
<?= $this->render('project/roles', array('roles' => $project, 'role' => \Kanboard\Core\Security\Role::PROJECT_MEMBER)) ?>
<?php endif ?>
</td>
<?php endif ?>
<td class="dashboard-project-stats">
<?php foreach ($project['columns'] as $column): ?>

7
app/Template/project/roles.php Normal file
View File

@@ -0,0 +1,7 @@
<?php if (! empty($roles[$role])): ?>
<ul class="no-bullet">
<?php foreach ($roles[$role] as $user_id => $user_name): ?>
<li><?= $this->url->link($this->e($user_name), 'projectuser', 'opens', array('user_id' => $user_id)) ?></li>
<?php endforeach ?>
</ul>
<?php endif ?>

10
app/Template/project/sidebar.php
View File

@@ -8,7 +8,7 @@
<?= $this->url->link(t('Custom filters'), 'customfilter', 'index', array('project_id' => $project['id'])) ?>
</li>
<?php if ($this->user->isProjectManagementAllowed($project['id'])): ?>
<?php if ($this->user->hasProjectAccess('project', 'edit', $project['id'])): ?>
<li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'share' ? 'class="active"' : '' ?>>
<?= $this->url->link(t('Public access'), 'project', 'share', array('project_id' => $project['id'])) ?>
</li>
@@ -30,9 +30,9 @@
<li <?= $this->app->getRouterController() === 'category' ? 'class="active"' : '' ?>>
<?= $this->url->link(t('Categories'), 'category', 'index', array('project_id' => $project['id'])) ?>
</li>
<?php if ($this->user->isAdmin() || $project['is_private'] == 0): ?>
<li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'users' ? 'class="active"' : '' ?>>
<?= $this->url->link(t('Users'), 'project', 'users', array('project_id' => $project['id'])) ?>
<?php if ($project['is_private'] == 0): ?>
<li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'permissions' ? 'class="active"' : '' ?>>
<?= $this->url->link(t('Permissions'), 'ProjectPermission', 'index', array('project_id' => $project['id'])) ?>
</li>
<?php endif ?>
<li <?= $this->app->getRouterController() === 'action' ? 'class="active"' : '' ?>>
@@ -51,7 +51,7 @@
<li <?= $this->app->getRouterController() === 'taskImport' && $this->app->getRouterAction() === 'step1' ? 'class="active"' : '' ?>>
<?= $this->url->link(t('Import'), 'taskImport', 'step1', array('project_id' => $project['id'])) ?>
</li>
<?php if ($this->user->isProjectAdministrationAllowed($project['id'])): ?>
<?php if ($this->user->hasProjectAccess('project', 'remove', $project['id'])): ?>
<li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'remove' ? 'class="active"' : '' ?>>
<?= $this->url->link(t('Remove'), 'project', 'remove', array('project_id' => $project['id'])) ?>
</li>

82
app/Template/project/users.php
View File

@@ -1,82 +0,0 @@
<div class="page-header">
<h2><?= t('List of authorized users') ?></h2>
</div>
<?php if ($project['is_everybody_allowed']): ?>
<div class="alert"><?= t('Everybody have access to this project.') ?></div>
<?php else: ?>
<?php if (empty($users['allowed'])): ?>
<div class="alert alert-error"><?= t('Nobody have access to this project.') ?></div>
<?php else: ?>
<table>
<tr>
<th><?= t('User') ?></th>
<th><?= t('Role for this project') ?></th>
<?php if ($project['is_private'] == 0): ?>
<th><?= t('Actions') ?></th>
<?php endif ?>
</tr>
<?php foreach ($users['allowed'] as $user_id => $username): ?>
<tr>
<td><?= $this->e($username) ?></td>
<td><?= isset($users['managers'][$user_id]) ? t('Project manager') : t('Project member') ?></td>
<?php if ($project['is_private'] == 0): ?>
<td>
<ul>
<li><?= $this->url->link(t('Revoke'), 'project', 'revoke', array('project_id' => $project['id'], 'user_id' => $user_id), true) ?></li>
<li>
<?php if (isset($users['managers'][$user_id])): ?>
<?= $this->url->link(t('Set project member'), 'project', 'role', array('project_id' => $project['id'], 'user_id' => $user_id, 'is_owner' => 0), true) ?>
<?php else: ?>
<?= $this->url->link(t('Set project manager'), 'project', 'role', array('project_id' => $project['id'], 'user_id' => $user_id, 'is_owner' => 1), true) ?>
<?php endif ?>
</li>
</ul>
</td>
<?php endif ?>
</tr>
<?php endforeach ?>
</table>
<?php endif ?>
<?php if ($project['is_private'] == 0 && ! empty($users['not_allowed'])): ?>
<hr/>
<form method="post" action="<?= $this->url->href('project', 'allow', array('project_id' => $project['id'])) ?>" autocomplete="off">
<?= $this->form->csrf() ?>
<?= $this->form->hidden('project_id', array('project_id' => $project['id'])) ?>
<?= $this->form->label(t('User'), 'user_id') ?>
<?= $this->form->select('user_id', $users['not_allowed'], array(), array(), array('data-notfound="'.t('No results match:').'"'), 'chosen-select') ?><br/>
<div class="form-actions">
<input type="submit" value="<?= t('Allow this user') ?>" class="btn btn-blue"/>
</div>
</form>
<?php endif ?>
<?php endif ?>
<?php if ($project['is_private'] == 0): ?>
<hr/>
<form method="post" action="<?= $this->url->href('project', 'allowEverybody', array('project_id' => $project['id'])) ?>">
<?= $this->form->csrf() ?>
<?= $this->form->hidden('id', array('id' => $project['id'])) ?>
<?= $this->form->checkbox('is_everybody_allowed', t('Allow everybody to access to this project'), 1, $project['is_everybody_allowed']) ?>
<div class="form-actions">
<input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/>
</div>
</form>
<?php endif ?>
<div class="alert alert-info">
<ul>
<li><?= t('A project manager can change the settings of the project and have more privileges than a standard user.') ?></li>
<li><?= t('Don\'t forget that administrators have access to everything.') ?></li>
<li><?= $this->url->doc(t('Help with project permissions'), 'project-permissions') ?></li>
</ul>
</div>