diff options
| author | Frederic Guillot <fred@kanboard.net> | 2015-12-06 17:39:21 -0500 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2015-12-06 17:39:21 -0500 |
| commit | f0651c48c14f44a21d01c2ee71ebdd0a5ffd81a6 (patch) | |
| tree | 51f1d6b6c2ad14f692e10e2d6bb44bf071a56301 /app/Template/task | |
| parent | bd849ff655f9b31f90425c07e5773c7a4e956c34 (diff) | |
Restrict actions for project viewers
Diffstat (limited to 'app/Template/task')
| -rw-r--r-- | app/Template/task/comments.php | 4 | ||||
| -rw-r--r-- | app/Template/task/details.php | 2 | ||||
| -rw-r--r-- | app/Template/task/public.php | 11 | ||||
| -rw-r--r-- | app/Template/task/show.php | 35 |
4 files changed, 40 insertions, 12 deletions
diff --git a/app/Template/task/comments.php b/app/Template/task/comments.php index 070de320..57fb305f 100644 --- a/app/Template/task/comments.php +++ b/app/Template/task/comments.php @@ -15,12 +15,12 @@ 'comment' => $comment, 'task' => $task, 'project' => $project, - 'not_editable' => isset($not_editable) && $not_editable, + 'editable' => $editable, 'is_public' => isset($is_public) && $is_public, )) ?> <?php endforeach ?> - <?php if (! isset($not_editable)): ?> + <?php if ($editable): ?> <?= $this->render('comment/create', array( 'skip_cancel' => true, 'values' => array( diff --git a/app/Template/task/details.php b/app/Template/task/details.php index 9cd10dda..74799b15 100644 --- a/app/Template/task/details.php +++ b/app/Template/task/details.php @@ -86,7 +86,7 @@ </li> <?php endif ?> - <?php if (! isset($not_editable) && $task['recurrence_status'] != \Kanboard\Model\Task::RECURRING_STATUS_NONE): ?> + <?php if ($editable && $task['recurrence_status'] != \Kanboard\Model\Task::RECURRING_STATUS_NONE): ?> <li> <strong><?= t('Recurring information') ?></strong> <?= $this->render('task/recurring_info', array( diff --git a/app/Template/task/public.php b/app/Template/task/public.php index e3105488..7edf097c 100644 --- a/app/Template/task/public.php +++ b/app/Template/task/public.php @@ -1,33 +1,34 @@ <section id="main" class="public-task"> - <?= $this->render('task/details', array('task' => $task, 'project' => $project, 'not_editable' => true)) ?> + <?= $this->render('task/details', array('task' => $task, 'project' => $project, 'editable' => false)) ?> <p class="pull-right"><?= $this->url->link(t('Back to the board'), 'board', 'readonly', array('token' => $project['token'])) ?></p> <?= $this->render('task/description', array( 'task' => $task, 'project' => $project, - 'is_public' => true + 'is_public' => true, )) ?> <?= $this->render('tasklink/show', array( 'task' => $task, 'links' => $links, 'project' => $project, - 'not_editable' => true + 'editable' => false, + 'is_public' => true, )) ?> <?= $this->render('subtask/show', array( 'task' => $task, 'subtasks' => $subtasks, - 'not_editable' => true + 'editable' => false )) ?> <?= $this->render('task/comments', array( 'task' => $task, 'comments' => $comments, 'project' => $project, - 'not_editable' => true, + 'editable' => false, 'is_public' => true, )) ?> diff --git a/app/Template/task/show.php b/app/Template/task/show.php index 713c2b3a..f6d47e53 100644 --- a/app/Template/task/show.php +++ b/app/Template/task/show.php @@ -4,6 +4,7 @@ 'recurrence_trigger_list' => $this->task->recurrenceTriggers(), 'recurrence_timeframe_list' => $this->task->recurrenceTimeframes(), 'recurrence_basedate_list' => $this->task->recurrenceBasedates(), + 'editable' => $this->user->hasProjectAccess('taskmodification', 'edit', $project['id']), )) ?> <?php if ($this->user->hasProjectAccess('taskmodification', 'edit', $project['id'])): ?> @@ -11,8 +12,34 @@ <?php endif ?> <?= $this->render('task/description', array('task' => $task)) ?> -<?= $this->render('tasklink/show', array('task' => $task, 'links' => $links, 'link_label_list' => $link_label_list)) ?> -<?= $this->render('subtask/show', array('task' => $task, 'subtasks' => $subtasks, 'project' => $project, 'users_list' => isset($users_list) ? $users_list : array())) ?> + +<?= $this->render('tasklink/show', array( + 'task' => $task, + 'links' => $links, + 'link_label_list' => $link_label_list, + 'editable' => $this->user->hasProjectAccess('tasklink', 'edit', $project['id']), + 'is_public' => false, +)) ?> + +<?= $this->render('subtask/show', array( + 'task' => $task, + 'subtasks' => $subtasks, + 'project' => $project, + 'users_list' => isset($users_list) ? $users_list : array(), + 'editable' => $this->user->hasProjectAccess('subtask', 'edit', $project['id']), +)) ?> + <?= $this->render('task/time_tracking_summary', array('task' => $task)) ?> -<?= $this->render('file/show', array('task' => $task, 'files' => $files, 'images' => $images)) ?> -<?= $this->render('task/comments', array('task' => $task, 'comments' => $comments, 'project' => $project)) ?> + +<?= $this->render('file/show', array( + 'task' => $task, + 'files' => $files, + 'images' => $images +)) ?> + +<?= $this->render('task/comments', array( + 'task' => $task, + 'comments' => $comments, + 'project' => $project, + 'editable' => $this->user->hasProjectAccess('comment', 'edit', $project['id']), +)) ?> |