Rewrite of the authentication and authorization system

author: Frederic Guillot <fred@kanboard.net> 2015-12-05 20:31:27 -0500
committer: Frederic Guillot <fred@kanboard.net> 2015-12-05 20:31:27 -0500
commit: e9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch)
tree: abc2de5aebace4a2d7c94805552264dab6b10bc7 /app/Model/TaskPermission.php
parent: 346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/app/Model/TaskPermission.php b/app/Model/TaskPermission.php
index 4bbe6d1d..fac2153e 100644
--- a/app/Model/TaskPermission.php
+++ b/app/Model/TaskPermission.php
@@ -2,6 +2,8 @@
 
 namespace Kanboard\Model;
 
+use Kanboard\Core\Security\Role;
+
 /**
  * Task permission model
  *
@@ -20,7 +22,7 @@ class TaskPermission extends Base
      */
     public function canRemoveTask(array $task)
     {
-        if ($this->userSession->isAdmin() || $this->projectPermission->isManager($task['project_id'], $this->userSession->getId())) {
+        if ($this->userSession->isAdmin() || $this->projectUserRole->getUserRole($task['project_id'], $this->userSession->getId()) === Role::PROJECT_MANAGER) {
             return true;
         } elseif (isset($task['creator_id']) && $task['creator_id'] == $this->userSession->getId()) {
             return true;
author	Frederic Guillot <fred@kanboard.net>	2015-12-05 20:31:27 -0500
committer	Frederic Guillot <fred@kanboard.net>	2015-12-05 20:31:27 -0500
commit	e9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch)
tree	abc2de5aebace4a2d7c94805552264dab6b10bc7 /app/Model/TaskPermission.php
parent	346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff)