diff options
author | Frederic Guillot <fred@kanboard.net> | 2016-09-11 18:32:47 -0400 |
---|---|---|
committer | Frederic Guillot <fred@kanboard.net> | 2016-09-11 18:32:47 -0400 |
commit | c84df535b6bdc7260144872fc4e0c241a5a5ad61 (patch) | |
tree | d0e1dfe683fc338298f64e67e69cbbb26455e08c /app | |
parent | d8f6d8568396816a6bfaca1e01211384e803cf91 (diff) |
Improve column restrictions
Diffstat (limited to 'app')
-rw-r--r-- | app/Controller/TaskMovePositionController.php | 4 | ||||
-rw-r--r-- | app/Decorator/ColumnMoveRestrictionCacheDecorator.php | 7 | ||||
-rw-r--r-- | app/Formatter/BoardSwimlaneFormatter.php | 4 | ||||
-rw-r--r-- | app/Helper/ProjectRoleHelper.php | 55 | ||||
-rw-r--r-- | app/Model/ColumnMoveRestrictionModel.php | 29 | ||||
-rw-r--r-- | app/Template/board/table_tasks.php | 7 |
6 files changed, 62 insertions, 44 deletions
diff --git a/app/Controller/TaskMovePositionController.php b/app/Controller/TaskMovePositionController.php index 0db742c3..c6e8be0c 100644 --- a/app/Controller/TaskMovePositionController.php +++ b/app/Controller/TaskMovePositionController.php @@ -30,6 +30,10 @@ class TaskMovePositionController extends BaseController $task = $this->getTask(); $values = $this->request->getJson(); + if (! $this->helper->projectRole->canMoveTask($task['project_id'], $task['column_id'], $values['column_id'])) { + throw new AccessForbiddenException(e("You don't have the permission to move this task")); + } + $result = $this->taskPositionModel->movePosition( $task['project_id'], $task['id'], diff --git a/app/Decorator/ColumnMoveRestrictionCacheDecorator.php b/app/Decorator/ColumnMoveRestrictionCacheDecorator.php index cb5e860c..2a3e9c2a 100644 --- a/app/Decorator/ColumnMoveRestrictionCacheDecorator.php +++ b/app/Decorator/ColumnMoveRestrictionCacheDecorator.php @@ -38,17 +38,18 @@ class ColumnMoveRestrictionCacheDecorator } /** - * Proxy method to get column Ids + * Proxy method to get sortable columns + * * @param int $project_id * @return array|mixed */ - public function getAllSrcColumns($project_id, $role) + public function getSortableColumns($project_id, $role) { $key = $this->cachePrefix.$project_id.$role; $columnIds = $this->cache->get($key); if ($columnIds === null) { - $columnIds = $this->columnMoveRestrictionModel->getAllSrcColumns($project_id, $role); + $columnIds = $this->columnMoveRestrictionModel->getSortableColumns($project_id, $role); $this->cache->set($key, $columnIds); } diff --git a/app/Formatter/BoardSwimlaneFormatter.php b/app/Formatter/BoardSwimlaneFormatter.php index 9b2ad935..ce67c8a8 100644 --- a/app/Formatter/BoardSwimlaneFormatter.php +++ b/app/Formatter/BoardSwimlaneFormatter.php @@ -24,7 +24,7 @@ class BoardSwimlaneFormatter extends BaseFormatter implements FormatterInterface * @param array $swimlanes * @return $this */ - public function withSwimlanes($swimlanes) + public function withSwimlanes(array $swimlanes) { $this->swimlanes = $swimlanes; return $this; @@ -37,7 +37,7 @@ class BoardSwimlaneFormatter extends BaseFormatter implements FormatterInterface * @param array $columns * @return $this */ - public function withColumns($columns) + public function withColumns(array $columns) { $this->columns = $columns; return $this; diff --git a/app/Helper/ProjectRoleHelper.php b/app/Helper/ProjectRoleHelper.php index 34905b52..99fa82bc 100644 --- a/app/Helper/ProjectRoleHelper.php +++ b/app/Helper/ProjectRoleHelper.php @@ -26,25 +26,45 @@ class ProjectRoleHelper extends Base } /** - * Return true if the task can be moved by the connected user + * Return true if the task can be moved by the logged user * * @param array $task * @return bool */ - public function isDraggable(array $task) + public function isDraggable(array &$task) { if ($task['is_active'] == 1 && $this->helper->user->hasProjectAccess('BoardViewController', 'save', $task['project_id'])) { - $role = $this->getProjectUserRole($task['project_id']); + return $this->isSortableColumn($task['project_id'], $task['column_id'], 'src_column_id'); + } + + return false; + } + + /** + * Return true is the column is sortable + * + * @param int $project_id + * @param int $column_id + * @param string $field + * @return bool + */ + public function isSortableColumn($project_id, $column_id, $field) + { + $role = $this->getProjectUserRole($project_id); + + if ($this->role->isCustomProjectRole($role)) { + $sortableColumns = $this->columnMoveRestrictionCacheDecorator->getSortableColumns($project_id, $role); - if ($this->role->isCustomProjectRole($role)) { - $srcColumnIds = $this->columnMoveRestrictionCacheDecorator->getAllSrcColumns($task['project_id'], $role); - return isset($srcColumnIds[$task['column_id']]); + foreach ($sortableColumns as $column) { + if ($column[$field] == $column_id) { + return true; + } } - return true; + return empty($sortableColumns); } - return false; + return true; } /** @@ -60,12 +80,19 @@ class ProjectRoleHelper extends Base $role = $this->getProjectUserRole($project_id); if ($this->role->isCustomProjectRole($role)) { - return $this->columnMoveRestrictionModel->isAllowed( - $project_id, - $role, - $src_column_id, - $dst_column_id - ); + if ($src_column_id == $dst_column_id) { + return true; + } + + $sortableColumns = $this->columnMoveRestrictionCacheDecorator->getSortableColumns($project_id, $role); + + foreach ($sortableColumns as $column) { + if ($column['src_column_id'] == $src_column_id && $column['dst_column_id'] == $dst_column_id) { + return true; + } + } + + return empty($sortableColumns); } return true; diff --git a/app/Model/ColumnMoveRestrictionModel.php b/app/Model/ColumnMoveRestrictionModel.php index 27c9afab..c2603efd 100644 --- a/app/Model/ColumnMoveRestrictionModel.php +++ b/app/Model/ColumnMoveRestrictionModel.php @@ -15,26 +15,6 @@ class ColumnMoveRestrictionModel extends Base const TABLE = 'column_has_move_restrictions'; /** - * Check if the custom project role is allowed to move a task - * - * @param int $project_id - * @param string $role - * @param int $src_column_id - * @param int $dst_column_id - * @return int - */ - public function isAllowed($project_id, $role, $src_column_id, $dst_column_id) - { - return $this->db->table(self::TABLE) - ->left(ProjectRoleModel::TABLE, 'pr', 'role_id', self::TABLE, 'role_id') - ->eq(self::TABLE.'.project_id', $project_id) - ->eq(self::TABLE.'.src_column_id', $src_column_id) - ->eq(self::TABLE.'.dst_column_id', $dst_column_id) - ->eq('pr.role', $role) - ->exists(); - } - - /** * Fetch one restriction * * @param int $project_id @@ -91,20 +71,21 @@ class ColumnMoveRestrictionModel extends Base } /** - * Get all source column Ids + * Get all sortable column Ids * * @param int $project_id * @param string $role * @return array */ - public function getAllSrcColumns($project_id, $role) + public function getSortableColumns($project_id, $role) { return $this->db - ->hashtable(self::TABLE) + ->table(self::TABLE) + ->columns(self::TABLE.'.src_column_id', self::TABLE.'.dst_column_id') ->left(ProjectRoleModel::TABLE, 'pr', 'role_id', self::TABLE, 'role_id') ->eq(self::TABLE.'.project_id', $project_id) ->eq('pr.role', $role) - ->getAll('src_column_id', 'src_column_id'); + ->findAll(); } /** diff --git a/app/Template/board/table_tasks.php b/app/Template/board/table_tasks.php index 1651f5d6..a22f581b 100644 --- a/app/Template/board/table_tasks.php +++ b/app/Template/board/table_tasks.php @@ -8,7 +8,12 @@ > <!-- tasks list --> - <div class="board-task-list board-column-expanded" data-column-id="<?= $column['id'] ?>" data-swimlane-id="<?= $swimlane['id'] ?>" data-task-limit="<?= $column['task_limit'] ?>"> + <div + class="board-task-list board-column-expanded <?= $this->projectRole->isSortableColumn($column['project_id'], $column['id'], 'dst_column_id') ? 'sortable-column' : '' ?>" + data-column-id="<?= $column['id'] ?>" + data-swimlane-id="<?= $swimlane['id'] ?>" + data-task-limit="<?= $column['task_limit'] ?>"> + <?php foreach ($column['tasks'] as $task): ?> <?= $this->render($not_editable ? 'board/task_public' : 'board/task_private', array( 'project' => $project, |