diff options
-rw-r--r-- | app/Controller/Base.php | 4 | ||||
-rw-r--r-- | app/Model/Acl.php | 1 | ||||
-rw-r--r-- | app/Model/ProjectPermission.php | 2 | ||||
-rw-r--r-- | app/Model/TaskPermission.php | 2 | ||||
-rw-r--r-- | app/Template/task/layout.php | 2 | ||||
-rw-r--r-- | app/Template/task/sidebar.php | 2 | ||||
-rw-r--r-- | tests/units/AclTest.php | 4 |
7 files changed, 6 insertions, 11 deletions
diff --git a/app/Controller/Base.php b/app/Controller/Base.php index b5d59640..8a5354aa 100644 --- a/app/Controller/Base.php +++ b/app/Controller/Base.php @@ -244,10 +244,6 @@ abstract class Base */ protected function taskLayout($template, array $params) { - if (isset($params['task']) && $this->taskPermission->canRemoveTask($params['task']) === false) { - $params['hide_remove_menu'] = true; - } - $content = $this->template->render($template, $params); $params['task_content_for_layout'] = $content; $params['title'] = $params['task']['project_name'].' > '.$params['task']['title']; diff --git a/app/Model/Acl.php b/app/Model/Acl.php index d717e12f..9c3f5e06 100644 --- a/app/Model/Acl.php +++ b/app/Model/Acl.php @@ -52,7 +52,6 @@ class Acl extends Base 'category' => '*', 'project' => array('edit', 'update', 'exporttasks', 'exportdailyprojectsummary', 'share', 'integration', 'users', 'alloweverybody', 'allow', 'setowner', 'revoke', 'duplicate', 'disable', 'enable'), 'swimlane' => '*', - 'task' => array('remove'), ); /** diff --git a/app/Model/ProjectPermission.php b/app/Model/ProjectPermission.php index 0249b3b1..02f3b428 100644 --- a/app/Model/ProjectPermission.php +++ b/app/Model/ProjectPermission.php @@ -198,7 +198,7 @@ class ProjectPermission extends Base ->table(self::TABLE) ->eq('project_id', $project_id) ->eq('user_id', $user_id) - ->update(array('is_owner' => $is_owner)); + ->update(array('is_owner' => (int) $is_owner)); } /** diff --git a/app/Model/TaskPermission.php b/app/Model/TaskPermission.php index 53740a9a..e2420e10 100644 --- a/app/Model/TaskPermission.php +++ b/app/Model/TaskPermission.php @@ -20,7 +20,7 @@ class TaskPermission extends Base */ public function canRemoveTask(array $task) { - if ($this->userSession->isAdmin()) { + if ($this->userSession->isAdmin() || $this->projectPermission->isManager($task['project_id'], $this->userSession->getId())) { return true; } else if (isset($task['creator_id']) && $task['creator_id'] == $this->userSession->getId()) { diff --git a/app/Template/task/layout.php b/app/Template/task/layout.php index 776fdc78..dd36903d 100644 --- a/app/Template/task/layout.php +++ b/app/Template/task/layout.php @@ -6,7 +6,7 @@ </div> <section class="sidebar-container" id="task-section"> - <?= $this->render('task/sidebar', array('task' => $task, 'hide_remove_menu' => isset($hide_remove_menu))) ?> + <?= $this->render('task/sidebar', array('task' => $task)) ?> <div class="sidebar-content"> <?= $task_content_for_layout ?> diff --git a/app/Template/task/sidebar.php b/app/Template/task/sidebar.php index 4ee7ca8a..acddd52f 100644 --- a/app/Template/task/sidebar.php +++ b/app/Template/task/sidebar.php @@ -35,7 +35,7 @@ <?= $this->a(t('Open this task'), 'task', 'open', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?> <?php endif ?> </li> - <?php if (! $hide_remove_menu): ?> + <?php if ($this->taskPermission->canRemoveTask($task)): ?> <li> <?= $this->a(t('Remove'), 'task', 'remove', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?> </li> diff --git a/tests/units/AclTest.php b/tests/units/AclTest.php index 3c18beae..41af8950 100644 --- a/tests/units/AclTest.php +++ b/tests/units/AclTest.php @@ -59,7 +59,6 @@ class AclTest extends Base $this->assertTrue($acl->isManagerAction('project', 'disable')); $this->assertTrue($acl->isManagerAction('category', 'index')); $this->assertTrue($acl->isManagerAction('project', 'users')); - $this->assertTrue($acl->isManagerAction('task', 'remove')); $this->assertFalse($acl->isManagerAction('app', 'index')); } @@ -183,7 +182,8 @@ class AclTest extends Base $this->assertTrue($acl->isAllowed('project', 'show', 1)); $this->assertFalse($acl->isAllowed('config', 'application', 1)); $this->assertFalse($acl->isAllowed('project', 'users', 1)); - $this->assertFalse($acl->isAllowed('task', 'remove', 1)); + $this->assertTrue($acl->isAllowed('task', 'remove', 1)); + $this->assertFalse($acl->isAllowed('task', 'remove', 2)); $this->assertTrue($acl->isAllowed('app', 'index', 1)); } |