diff options
author | Rafael de Camargo <rafaelcamargo@MacBook-Air-de-Rafael.local> | 2019-01-10 01:52:00 -0200 |
---|---|---|
committer | fguillot <fred@kanboard.net> | 2019-01-11 17:21:14 -0800 |
commit | f3b944c77f54e988de250acf30239010bdfa2399 (patch) | |
tree | ec7dac67a79ef92a1bfa1a91b439d8f58f297706 /app/Template | |
parent | f79a2ee5e7402419293796da4fd135837ec2d126 (diff) |
Hide edit button when user cannot edit task
Check for custom roles to show edit button
Fixes #4123
Diffstat (limited to 'app/Template')
-rw-r--r-- | app/Template/board/task_private.php | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/app/Template/board/task_private.php b/app/Template/board/task_private.php index 396184dd..c4e1c023 100644 --- a/app/Template/board/task_private.php +++ b/app/Template/board/task_private.php @@ -19,7 +19,9 @@ <div class="task-board-saving-icon" style="display: none;"><i class="fa fa-spinner fa-pulse"></i></div> <?php if ($this->user->hasProjectAccess('TaskModificationController', 'edit', $task['project_id'])): ?> <?= $this->render('task/dropdown', array('task' => $task, 'redirect' => 'board')) ?> - <?= $this->modal->large('edit', '', 'TaskModificationController', 'edit', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?> + <?php if ($this->projectRole->canUpdateTask($task)): ?> + <?= $this->modal->large('edit', '', 'TaskModificationController', 'edit', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?> + <?php endif ?> <?php else: ?> <strong><?= '#'.$task['id'] ?></strong> <?php endif ?> @@ -37,7 +39,9 @@ <div class="task-board-header"> <?php if ($this->user->hasProjectAccess('TaskModificationController', 'edit', $task['project_id'])): ?> <?= $this->render('task/dropdown', array('task' => $task, 'redirect' => 'board')) ?> - <?= $this->modal->large('edit', '', 'TaskModificationController', 'edit', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?> + <?php if ($this->projectRole->canUpdateTask($task)): ?> + <?= $this->modal->large('edit', '', 'TaskModificationController', 'edit', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?> + <?php endif ?> <?php else: ?> <strong><?= '#'.$task['id'] ?></strong> <?php endif ?> |