diff options
| author | Frédéric Guillot <fred@kanboard.net> | 2014-09-27 21:40:47 -0400 |
|---|---|---|
| committer | Frédéric Guillot <fred@kanboard.net> | 2014-09-27 21:40:47 -0400 |
| commit | 4aa99e949224279ad64be26806e2657e66bf5adf (patch) | |
| tree | 0b727f03da6049a8e74738d180326eab41cd6aa0 | |
| parent | 3fa549352ca13d020a8cffaaad0db81b7c66c5b3 (diff) | |
Hide users menu for non-admins (pull-request #284)
| -rw-r--r-- | app/Model/Acl.php | 2 | ||||
| -rw-r--r-- | app/Templates/layout.php | 6 | ||||
| -rw-r--r-- | app/Templates/user_layout.php | 6 | ||||
| -rw-r--r-- | tests/units/AclTest.php | 2 |
4 files changed, 8 insertions, 8 deletions
diff --git a/app/Model/Acl.php b/app/Model/Acl.php index f92b3021..8c57425d 100644 --- a/app/Model/Acl.php +++ b/app/Model/Acl.php @@ -34,7 +34,7 @@ class Acl extends Base 'app' => array('index'), 'board' => array('index', 'show', 'save', 'check', 'changeassignee', 'updateassignee', 'changecategory', 'updatecategory'), 'project' => array('tasks', 'index', 'forbidden', 'search', 'export', 'show', 'activity'), - 'user' => array('index', 'edit', 'forbidden', 'logout', 'index', 'show', 'external', 'unlinkgoogle', 'unlinkgithub', 'sessions', 'removesession', 'last', 'notifications', 'password'), + 'user' => array('edit', 'forbidden', 'logout', 'show', 'external', 'unlinkgoogle', 'unlinkgithub', 'sessions', 'removesession', 'last', 'notifications', 'password'), 'comment' => array('create', 'save', 'confirm', 'remove', 'update', 'edit', 'forbidden'), 'file' => array('create', 'save', 'download', 'confirm', 'remove', 'open', 'image'), 'subtask' => array('create', 'save', 'edit', 'update', 'confirm', 'remove'), diff --git a/app/Templates/layout.php b/app/Templates/layout.php index c405777f..e0158dfb 100644 --- a/app/Templates/layout.php +++ b/app/Templates/layout.php @@ -56,10 +56,10 @@ <li <?= isset($menu) && $menu === 'projects' ? 'class="active"' : '' ?>> <a href="?controller=project"><?= t('Projects') ?></a> </li> - <li <?= isset($menu) && $menu === 'users' ? 'class="active"' : '' ?>> - <a href="?controller=user"><?= t('Users') ?></a> - </li> <?php if (Helper\is_admin()): ?> + <li <?= isset($menu) && $menu === 'users' ? 'class="active"' : '' ?>> + <a href="?controller=user"><?= t('Users') ?></a> + </li> <li class="hide-tablet <?= isset($menu) && $menu === 'config' ? 'active' : '' ?>"> <a href="?controller=config"><?= t('Settings') ?></a> </li> diff --git a/app/Templates/user_layout.php b/app/Templates/user_layout.php index 890b0c0a..7462b3f0 100644 --- a/app/Templates/user_layout.php +++ b/app/Templates/user_layout.php @@ -1,12 +1,12 @@ <section id="main"> <div class="page-header"> <h2><?= Helper\escape($user['name'] ?: $user['username']).' (#'.$user['id'].')' ?></h2> + <?php if (Helper\is_admin()): ?> <ul> <li><a href="?controller=user&action=index"><?= t('All users') ?></a></li> - <?php if (Helper\is_admin()): ?> - <li><a href="?controller=user&action=create"><?= t('New user') ?></a></li> - <?php endif ?> + <li><a href="?controller=user&action=create"><?= t('New user') ?></a></li> </ul> + <?php endif ?> </div> <section class="user-show" id="user-section"> diff --git a/tests/units/AclTest.php b/tests/units/AclTest.php index e532d96c..83351616 100644 --- a/tests/units/AclTest.php +++ b/tests/units/AclTest.php @@ -90,7 +90,7 @@ class AclTest extends Base $this->assertFalse($acl->isPageAccessAllowed('user', 'remove')); $this->assertFalse($acl->isPageAccessAllowed('user', 'confirm')); $this->assertTrue($acl->isPageAccessAllowed('app', 'index')); - $this->assertTrue($acl->isPageAccessAllowed('user', 'index')); + $this->assertFalse($acl->isPageAccessAllowed('user', 'index')); $this->assertTrue($acl->isPageAccessAllowed('user', 'login')); $this->assertTrue($acl->isPageAccessAllowed('user', 'check')); $this->assertTrue($acl->isPageAccessAllowed('webhook', 'task')); |