summaryrefslogtreecommitdiff
path: root/app/Controller/TaskMovePositionController.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Controller/TaskMovePositionController.php')
-rw-r--r--app/Controller/TaskMovePositionController.php4
1 files changed, 4 insertions, 0 deletions
diff --git a/app/Controller/TaskMovePositionController.php b/app/Controller/TaskMovePositionController.php
index 0db742c3..c6e8be0c 100644
--- a/app/Controller/TaskMovePositionController.php
+++ b/app/Controller/TaskMovePositionController.php
@@ -30,6 +30,10 @@ class TaskMovePositionController extends BaseController
$task = $this->getTask();
$values = $this->request->getJson();
+ if (! $this->helper->projectRole->canMoveTask($task['project_id'], $task['column_id'], $values['column_id'])) {
+ throw new AccessForbiddenException(e("You don't have the permission to move this task"));
+ }
+
$result = $this->taskPositionModel->movePosition(
$task['project_id'],
$task['id'],
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-26 03:37:13 +0000