diff options
| author | Frederic Guillot <fred@kanboard.net> | 2015-12-05 20:31:27 -0500 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2015-12-05 20:31:27 -0500 |
| commit | e9fedf3e5cd63aea4da7a71f6647ee427c62fa49 (patch) | |
| tree | abc2de5aebace4a2d7c94805552264dab6b10bc7 /app/Template/project | |
| parent | 346b8312e5ac877ce3192c2db3a26b500018bbb5 (diff) | |
Rewrite of the authentication and authorization system
Diffstat (limited to 'app/Template/project')
| -rw-r--r-- | app/Template/project/dropdown.php | 11 | ||||
| -rw-r--r-- | app/Template/project/edit.php | 2 | ||||
| -rw-r--r-- | app/Template/project/filters.php | 2 | ||||
| -rw-r--r-- | app/Template/project/index.php | 40 | ||||
| -rw-r--r-- | app/Template/project/roles.php | 7 | ||||
| -rw-r--r-- | app/Template/project/sidebar.php | 10 | ||||
| -rw-r--r-- | app/Template/project/users.php | 82 |
7 files changed, 41 insertions, 113 deletions
diff --git a/app/Template/project/dropdown.php b/app/Template/project/dropdown.php index 1eb87b0e..9ef7cfb4 100644 --- a/app/Template/project/dropdown.php +++ b/app/Template/project/dropdown.php @@ -2,10 +2,13 @@ <i class="fa fa-dashboard fa-fw"></i> <?= $this->url->link(t('Activity'), 'activity', 'project', array('project_id' => $project['id'])) ?> </li> + +<?php if ($this->user->hasProjectAccess('customfilter', 'index', $project['id'])): ?> <li> <i class="fa fa-filter fa-fw"></i> <?= $this->url->link(t('Custom filters'), 'customfilter', 'index', array('project_id' => $project['id'])) ?> </li> +<?php endif ?> <?php if ($project['is_public']): ?> <li> @@ -15,15 +18,21 @@ <?= $this->hook->render('template:project:dropdown', array('project' => $project)) ?> -<?php if ($this->user->isProjectManagementAllowed($project['id'])): ?> +<?php if ($this->user->hasProjectAccess('analytic', 'tasks', $project['id'])): ?> <li> <i class="fa fa-line-chart fa-fw"></i> <?= $this->url->link(t('Analytics'), 'analytic', 'tasks', array('project_id' => $project['id'])) ?> </li> +<?php endif ?> + +<?php if ($this->user->hasProjectAccess('export', 'tasks', $project['id'])): ?> <li> <i class="fa fa-download fa-fw"></i> <?= $this->url->link(t('Exports'), 'export', 'tasks', array('project_id' => $project['id'])) ?> </li> +<?php endif ?> + +<?php if ($this->user->hasProjectAccess('project', 'edit', $project['id'])): ?> <li> <i class="fa fa-cog fa-fw"></i> <?= $this->url->link(t('Settings'), 'project', 'show', array('project_id' => $project['id'])) ?> diff --git a/app/Template/project/edit.php b/app/Template/project/edit.php index 8dcbb88f..188107d1 100644 --- a/app/Template/project/edit.php +++ b/app/Template/project/edit.php @@ -19,7 +19,7 @@ <?= $this->form->label(t('End date'), 'end_date') ?> <?= $this->form->text('end_date', $values, $errors, array('maxlength="10"'), 'form-date') ?> - <?php if ($this->user->isAdmin() || $this->user->isProjectAdministrationAllowed($project['id'])): ?> + <?php if ($this->user->hasProjectAccess('project', 'create', $project['id'])): ?> <?= $this->form->checkbox('is_private', t('Private project'), 1, $project['is_private'] == 1) ?> <?php endif ?> diff --git a/app/Template/project/filters.php b/app/Template/project/filters.php index 9e126291..0dbb52c9 100644 --- a/app/Template/project/filters.php +++ b/app/Template/project/filters.php @@ -48,7 +48,7 @@ <i class="fa fa-list fa-fw"></i> <?= $this->url->link(t('List'), 'listing', 'show', array('project_id' => $project['id'], 'search' => $filters['search']), false, 'view-listing', t('Keyboard shortcut: "%s"', 'v l')) ?> </li> - <?php if ($this->user->isProjectManagementAllowed($project['id'])): ?> + <?php if ($this->user->hasProjectAccess('gantt', 'project', $project['id'])): ?> <li <?= $filters['controller'] === 'gantt' ? 'class="active"' : '' ?>> <i class="fa fa-sliders fa-fw"></i> <?= $this->url->link(t('Gantt'), 'gantt', 'project', array('project_id' => $project['id'], 'search' => $filters['search']), false, 'view-gantt', t('Keyboard shortcut: "%s"', 'v g')) ?> diff --git a/app/Template/project/index.php b/app/Template/project/index.php index 4b62a27f..c7d74f8b 100644 --- a/app/Template/project/index.php +++ b/app/Template/project/index.php @@ -1,12 +1,14 @@ <section id="main"> <div class="page-header"> <ul> - <?php if ($this->user->isProjectAdmin() || $this->user->isAdmin()): ?> + <?php if ($this->user->hasAccess('project', 'create')): ?> <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New project'), 'project', 'create') ?></li> <?php endif ?> - <li><i class="fa fa-lock fa-fw"></i><?= $this->url->link(t('New private project'), 'project', 'create', array('private' => 1)) ?></li> - <?php if ($this->user->isProjectAdmin() || $this->user->isAdmin()): ?> + <li><i class="fa fa-lock fa-fw"></i><?= $this->url->link(t('New private project'), 'project', 'createPrivate') ?></li> + <?php if ($this->user->hasAccess('projectuser', 'managers')): ?> <li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('Users overview'), 'projectuser', 'managers') ?></li> + <?php endif ?> + <?php if ($this->user->hasAccess('gantt', 'projects')): ?> <li><i class="fa fa-sliders fa-fw"></i><?= $this->url->link(t('Projects Gantt chart'), 'gantt', 'projects') ?></li> <?php endif ?> </ul> @@ -21,7 +23,7 @@ <th class="column-15"><?= $paginator->order(t('Project'), 'name') ?></th> <th class="column-8"><?= $paginator->order(t('Start date'), 'start_date') ?></th> <th class="column-8"><?= $paginator->order(t('End date'), 'end_date') ?></th> - <?php if ($this->user->isAdmin() || $this->user->isProjectAdmin()): ?> + <?php if ($this->user->hasAccess('projectuser', 'managers')): ?> <th class="column-12"><?= t('Managers') ?></th> <th class="column-12"><?= t('Members') ?></th> <?php endif ?> @@ -64,25 +66,17 @@ <td> <?= $project['end_date'] ?> </td> - <?php if ($this->user->isAdmin() || $this->user->isProjectAdmin()): ?> - <td> - <ul class="no-bullet"> - <?php foreach ($project['managers'] as $user_id => $user_name): ?> - <li><?= $this->url->link($this->e($user_name), 'projectuser', 'opens', array('user_id' => $user_id)) ?></li> - <?php endforeach ?> - </ul> - </td> - <td> - <?php if ($project['is_everybody_allowed'] == 1): ?> - <?= t('Everybody') ?> - <?php else: ?> - <ul class="no-bullet"> - <?php foreach ($project['members'] as $user_id => $user_name): ?> - <li><?= $this->url->link($this->e($user_name), 'projectuser', 'opens', array('user_id' => $user_id)) ?></li> - <?php endforeach ?> - </ul> - <?php endif ?> - </td> + <?php if ($this->user->hasAccess('projectuser', 'managers')): ?> + <td> + <?= $this->render('project/roles', array('roles' => $project, 'role' => \Kanboard\Core\Security\Role::PROJECT_MANAGER)) ?> + </td> + <td> + <?php if ($project['is_everybody_allowed'] == 1): ?> + <?= t('Everybody') ?> + <?php else: ?> + <?= $this->render('project/roles', array('roles' => $project, 'role' => \Kanboard\Core\Security\Role::PROJECT_MEMBER)) ?> + <?php endif ?> + </td> <?php endif ?> <td class="dashboard-project-stats"> <?php foreach ($project['columns'] as $column): ?> diff --git a/app/Template/project/roles.php b/app/Template/project/roles.php new file mode 100644 index 00000000..d4cd43cb --- /dev/null +++ b/app/Template/project/roles.php @@ -0,0 +1,7 @@ +<?php if (! empty($roles[$role])): ?> + <ul class="no-bullet"> + <?php foreach ($roles[$role] as $user_id => $user_name): ?> + <li><?= $this->url->link($this->e($user_name), 'projectuser', 'opens', array('user_id' => $user_id)) ?></li> + <?php endforeach ?> + </ul> +<?php endif ?>
\ No newline at end of file diff --git a/app/Template/project/sidebar.php b/app/Template/project/sidebar.php index fb5dd3bd..b436c9e8 100644 --- a/app/Template/project/sidebar.php +++ b/app/Template/project/sidebar.php @@ -8,7 +8,7 @@ <?= $this->url->link(t('Custom filters'), 'customfilter', 'index', array('project_id' => $project['id'])) ?> </li> - <?php if ($this->user->isProjectManagementAllowed($project['id'])): ?> + <?php if ($this->user->hasProjectAccess('project', 'edit', $project['id'])): ?> <li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'share' ? 'class="active"' : '' ?>> <?= $this->url->link(t('Public access'), 'project', 'share', array('project_id' => $project['id'])) ?> </li> @@ -30,9 +30,9 @@ <li <?= $this->app->getRouterController() === 'category' ? 'class="active"' : '' ?>> <?= $this->url->link(t('Categories'), 'category', 'index', array('project_id' => $project['id'])) ?> </li> - <?php if ($this->user->isAdmin() || $project['is_private'] == 0): ?> - <li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'users' ? 'class="active"' : '' ?>> - <?= $this->url->link(t('Users'), 'project', 'users', array('project_id' => $project['id'])) ?> + <?php if ($project['is_private'] == 0): ?> + <li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'permissions' ? 'class="active"' : '' ?>> + <?= $this->url->link(t('Permissions'), 'ProjectPermission', 'index', array('project_id' => $project['id'])) ?> </li> <?php endif ?> <li <?= $this->app->getRouterController() === 'action' ? 'class="active"' : '' ?>> @@ -51,7 +51,7 @@ <li <?= $this->app->getRouterController() === 'taskImport' && $this->app->getRouterAction() === 'step1' ? 'class="active"' : '' ?>> <?= $this->url->link(t('Import'), 'taskImport', 'step1', array('project_id' => $project['id'])) ?> </li> - <?php if ($this->user->isProjectAdministrationAllowed($project['id'])): ?> + <?php if ($this->user->hasProjectAccess('project', 'remove', $project['id'])): ?> <li <?= $this->app->getRouterController() === 'project' && $this->app->getRouterAction() === 'remove' ? 'class="active"' : '' ?>> <?= $this->url->link(t('Remove'), 'project', 'remove', array('project_id' => $project['id'])) ?> </li> diff --git a/app/Template/project/users.php b/app/Template/project/users.php deleted file mode 100644 index 8863a1e4..00000000 --- a/app/Template/project/users.php +++ /dev/null @@ -1,82 +0,0 @@ -<div class="page-header"> - <h2><?= t('List of authorized users') ?></h2> -</div> - -<?php if ($project['is_everybody_allowed']): ?> - <div class="alert"><?= t('Everybody have access to this project.') ?></div> -<?php else: ?> - - <?php if (empty($users['allowed'])): ?> - <div class="alert alert-error"><?= t('Nobody have access to this project.') ?></div> - <?php else: ?> - <table> - <tr> - <th><?= t('User') ?></th> - <th><?= t('Role for this project') ?></th> - <?php if ($project['is_private'] == 0): ?> - <th><?= t('Actions') ?></th> - <?php endif ?> - </tr> - <?php foreach ($users['allowed'] as $user_id => $username): ?> - <tr> - <td><?= $this->e($username) ?></td> - <td><?= isset($users['managers'][$user_id]) ? t('Project manager') : t('Project member') ?></td> - <?php if ($project['is_private'] == 0): ?> - <td> - <ul> - <li><?= $this->url->link(t('Revoke'), 'project', 'revoke', array('project_id' => $project['id'], 'user_id' => $user_id), true) ?></li> - <li> - <?php if (isset($users['managers'][$user_id])): ?> - <?= $this->url->link(t('Set project member'), 'project', 'role', array('project_id' => $project['id'], 'user_id' => $user_id, 'is_owner' => 0), true) ?> - <?php else: ?> - <?= $this->url->link(t('Set project manager'), 'project', 'role', array('project_id' => $project['id'], 'user_id' => $user_id, 'is_owner' => 1), true) ?> - <?php endif ?> - </li> - </ul> - </td> - <?php endif ?> - </tr> - <?php endforeach ?> - </table> - <?php endif ?> - - <?php if ($project['is_private'] == 0 && ! empty($users['not_allowed'])): ?> - <hr/> - <form method="post" action="<?= $this->url->href('project', 'allow', array('project_id' => $project['id'])) ?>" autocomplete="off"> - - <?= $this->form->csrf() ?> - - <?= $this->form->hidden('project_id', array('project_id' => $project['id'])) ?> - - <?= $this->form->label(t('User'), 'user_id') ?> - <?= $this->form->select('user_id', $users['not_allowed'], array(), array(), array('data-notfound="'.t('No results match:').'"'), 'chosen-select') ?><br/> - - <div class="form-actions"> - <input type="submit" value="<?= t('Allow this user') ?>" class="btn btn-blue"/> - </div> - </form> - <?php endif ?> - -<?php endif ?> - -<?php if ($project['is_private'] == 0): ?> -<hr/> -<form method="post" action="<?= $this->url->href('project', 'allowEverybody', array('project_id' => $project['id'])) ?>"> - <?= $this->form->csrf() ?> - - <?= $this->form->hidden('id', array('id' => $project['id'])) ?> - <?= $this->form->checkbox('is_everybody_allowed', t('Allow everybody to access to this project'), 1, $project['is_everybody_allowed']) ?> - - <div class="form-actions"> - <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/> - </div> -</form> -<?php endif ?> - -<div class="alert alert-info"> - <ul> - <li><?= t('A project manager can change the settings of the project and have more privileges than a standard user.') ?></li> - <li><?= t('Don\'t forget that administrators have access to everything.') ?></li> - <li><?= $this->url->doc(t('Help with project permissions'), 'project-permissions') ?></li> - </ul> -</div> |