Regular users can remove only their own tasks

author: Frédéric Guillot <fred@kanboard.net> 2014-09-23 15:17:04 +0200
committer: Frédéric Guillot <fred@kanboard.net> 2014-09-23 15:17:04 +0200
commit: 484c9614d1ed325448bf3a6e97e00a9f4448dc93 (patch)
tree: 99848dbe2e088b67152c3def675a9253c1b5ce8a /app/Model
parent: 0bd0beba411991844d5a9b44b1b51a6eb903dff7 (diff)
1 files changed, 32 insertions, 0 deletions
diff --git a/app/Model/TaskPermission.php b/app/Model/TaskPermission.php
new file mode 100644
index 00000000..2ab154f4
--- /dev/null
+++ b/app/Model/TaskPermission.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace Model;
+
+/**
+ * Task permission model
+ *
+ * @package  model
+ * @author   Frederic Guillot
+ */
+class TaskPermission extends Base
+{
+    /**
+     * Return true if the user can remove a task
+     *
+     * Regular users can't remove tasks from other people
+     *
+     * @public
+     * @return boolean
+     */
+    public function canRemoveTask(array $task)
+    {
+        if ($this->acl->isAdminUser()) {
+            return true;
+        }
+        else if (isset($task['creator_id']) && $task['creator_id'] == $this->acl->getUserId()) {
+            return true;
+        }
+
+        return false;
+    }
+}
author	Frédéric Guillot <fred@kanboard.net>	2014-09-23 15:17:04 +0200
committer	Frédéric Guillot <fred@kanboard.net>	2014-09-23 15:17:04 +0200
commit	484c9614d1ed325448bf3a6e97e00a9f4448dc93 (patch)
tree	99848dbe2e088b67152c3def675a9253c1b5ce8a /app/Model
parent	0bd0beba411991844d5a9b44b1b51a6eb903dff7 (diff)