summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/Controller/Base.php4
-rw-r--r--app/Model/Acl.php1
-rw-r--r--app/Model/ProjectPermission.php2
-rw-r--r--app/Model/TaskPermission.php2
-rw-r--r--app/Template/task/layout.php2
-rw-r--r--app/Template/task/sidebar.php2
-rw-r--r--tests/units/AclTest.php4
7 files changed, 6 insertions, 11 deletions
diff --git a/app/Controller/Base.php b/app/Controller/Base.php
index b5d59640..8a5354aa 100644
--- a/app/Controller/Base.php
+++ b/app/Controller/Base.php
@@ -244,10 +244,6 @@ abstract class Base
*/
protected function taskLayout($template, array $params)
{
- if (isset($params['task']) && $this->taskPermission->canRemoveTask($params['task']) === false) {
- $params['hide_remove_menu'] = true;
- }
-
$content = $this->template->render($template, $params);
$params['task_content_for_layout'] = $content;
$params['title'] = $params['task']['project_name'].' > '.$params['task']['title'];
diff --git a/app/Model/Acl.php b/app/Model/Acl.php
index d717e12f..9c3f5e06 100644
--- a/app/Model/Acl.php
+++ b/app/Model/Acl.php
@@ -52,7 +52,6 @@ class Acl extends Base
'category' => '*',
'project' => array('edit', 'update', 'exporttasks', 'exportdailyprojectsummary', 'share', 'integration', 'users', 'alloweverybody', 'allow', 'setowner', 'revoke', 'duplicate', 'disable', 'enable'),
'swimlane' => '*',
- 'task' => array('remove'),
);
/**
diff --git a/app/Model/ProjectPermission.php b/app/Model/ProjectPermission.php
index 0249b3b1..02f3b428 100644
--- a/app/Model/ProjectPermission.php
+++ b/app/Model/ProjectPermission.php
@@ -198,7 +198,7 @@ class ProjectPermission extends Base
->table(self::TABLE)
->eq('project_id', $project_id)
->eq('user_id', $user_id)
- ->update(array('is_owner' => $is_owner));
+ ->update(array('is_owner' => (int) $is_owner));
}
/**
diff --git a/app/Model/TaskPermission.php b/app/Model/TaskPermission.php
index 53740a9a..e2420e10 100644
--- a/app/Model/TaskPermission.php
+++ b/app/Model/TaskPermission.php
@@ -20,7 +20,7 @@ class TaskPermission extends Base
*/
public function canRemoveTask(array $task)
{
- if ($this->userSession->isAdmin()) {
+ if ($this->userSession->isAdmin() || $this->projectPermission->isManager($task['project_id'], $this->userSession->getId())) {
return true;
}
else if (isset($task['creator_id']) && $task['creator_id'] == $this->userSession->getId()) {
diff --git a/app/Template/task/layout.php b/app/Template/task/layout.php
index 776fdc78..dd36903d 100644
--- a/app/Template/task/layout.php
+++ b/app/Template/task/layout.php
@@ -6,7 +6,7 @@
</div>
<section class="sidebar-container" id="task-section">
- <?= $this->render('task/sidebar', array('task' => $task, 'hide_remove_menu' => isset($hide_remove_menu))) ?>
+ <?= $this->render('task/sidebar', array('task' => $task)) ?>
<div class="sidebar-content">
<?= $task_content_for_layout ?>
diff --git a/app/Template/task/sidebar.php b/app/Template/task/sidebar.php
index 4ee7ca8a..acddd52f 100644
--- a/app/Template/task/sidebar.php
+++ b/app/Template/task/sidebar.php
@@ -35,7 +35,7 @@
<?= $this->a(t('Open this task'), 'task', 'open', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?>
<?php endif ?>
</li>
- <?php if (! $hide_remove_menu): ?>
+ <?php if ($this->taskPermission->canRemoveTask($task)): ?>
<li>
<?= $this->a(t('Remove'), 'task', 'remove', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?>
</li>
diff --git a/tests/units/AclTest.php b/tests/units/AclTest.php
index 3c18beae..41af8950 100644
--- a/tests/units/AclTest.php
+++ b/tests/units/AclTest.php
@@ -59,7 +59,6 @@ class AclTest extends Base
$this->assertTrue($acl->isManagerAction('project', 'disable'));
$this->assertTrue($acl->isManagerAction('category', 'index'));
$this->assertTrue($acl->isManagerAction('project', 'users'));
- $this->assertTrue($acl->isManagerAction('task', 'remove'));
$this->assertFalse($acl->isManagerAction('app', 'index'));
}
@@ -183,7 +182,8 @@ class AclTest extends Base
$this->assertTrue($acl->isAllowed('project', 'show', 1));
$this->assertFalse($acl->isAllowed('config', 'application', 1));
$this->assertFalse($acl->isAllowed('project', 'users', 1));
- $this->assertFalse($acl->isAllowed('task', 'remove', 1));
+ $this->assertTrue($acl->isAllowed('task', 'remove', 1));
+ $this->assertFalse($acl->isAllowed('task', 'remove', 2));
$this->assertTrue($acl->isAllowed('app', 'index', 1));
}