summaryrefslogtreecommitdiff
path: root/app/Controller
diff options
context:
space:
mode:
Diffstat (limited to 'app/Controller')
-rw-r--r--app/Controller/BoardAjaxController.php8
-rw-r--r--app/Controller/ColumnMoveRestrictionController.php4
-rw-r--r--app/Controller/ProjectRoleRestrictionController.php96
-rw-r--r--app/Controller/TaskSuppressionController.php4
4 files changed, 101 insertions, 11 deletions
diff --git a/app/Controller/BoardAjaxController.php b/app/Controller/BoardAjaxController.php
index cc3b846e..484ef67d 100644
--- a/app/Controller/BoardAjaxController.php
+++ b/app/Controller/BoardAjaxController.php
@@ -28,14 +28,8 @@ class BoardAjaxController extends BaseController
}
$values = $this->request->getJson();
- $canMoveTask = $this->columnMoveRestrictionModel->isAllowed(
- $project_id,
- $this->helper->user->getProjectUserRole($project_id),
- $values['src_column_id'],
- $values['dst_column_id']
- );
- if (! $canMoveTask) {
+ if (! $this->helper->projectRole->canMoveTask($project_id, $values['src_column_id'], $values['dst_column_id'])) {
throw new AccessForbiddenException(e("You don't have the permission to move this task"));
}
diff --git a/app/Controller/ColumnMoveRestrictionController.php b/app/Controller/ColumnMoveRestrictionController.php
index 3f1b878f..b12f6b77 100644
--- a/app/Controller/ColumnMoveRestrictionController.php
+++ b/app/Controller/ColumnMoveRestrictionController.php
@@ -45,14 +45,14 @@ class ColumnMoveRestrictionController extends BaseController
list($valid, $errors) = $this->columnMoveRestrictionValidator->validateCreation($values);
if ($valid) {
- $role_id = $this->columnMoveRestrictionModel->create(
+ $restriction_id = $this->columnMoveRestrictionModel->create(
$project['id'],
$values['role_id'],
$values['src_column_id'],
$values['dst_column_id']
);
- if ($role_id !== false) {
+ if ($restriction_id !== false) {
$this->flash->success(t('The column restriction has been created successfully.'));
} else {
$this->flash->failure(t('Unable to create this column restriction.'));
diff --git a/app/Controller/ProjectRoleRestrictionController.php b/app/Controller/ProjectRoleRestrictionController.php
new file mode 100644
index 00000000..4fa9b13b
--- /dev/null
+++ b/app/Controller/ProjectRoleRestrictionController.php
@@ -0,0 +1,96 @@
+<?php
+
+namespace Kanboard\Controller;
+
+use Kanboard\Core\Controller\AccessForbiddenException;
+
+/**
+ * Class ProjectRoleRestrictionController
+ *
+ * @package Kanboard\Controller
+ * @author Frederic Guillot
+ */
+class ProjectRoleRestrictionController extends BaseController
+{
+ /**
+ * Show form to create a new project restriction
+ *
+ * @param array $values
+ * @param array $errors
+ * @throws AccessForbiddenException
+ */
+ public function create(array $values = array(), array $errors = array())
+ {
+ $project = $this->getProject();
+ $role_id = $this->request->getIntegerParam('role_id');
+ $role = $this->projectRoleModel->getById($project['id'], $role_id);
+
+ $this->response->html($this->template->render('project_role_restriction/create', array(
+ 'project' => $project,
+ 'role' => $role,
+ 'values' => $values + array('project_id' => $project['id'], 'role_id' => $role['role_id']),
+ 'errors' => $errors,
+ 'restrictions' => $this->projectRoleRestrictionModel->getRules(),
+ )));
+ }
+
+ /**
+ * Save new restriction
+ */
+ public function save()
+ {
+ $project = $this->getProject();
+ $values = $this->request->getValues();
+
+ $restriction_id = $this->projectRoleRestrictionModel->create(
+ $project['id'],
+ $values['role_id'],
+ $values['rule']
+ );
+
+ if ($restriction_id !== false) {
+ $this->flash->success(t('The project restriction has been created successfully.'));
+ } else {
+ $this->flash->failure(t('Unable to create this project restriction.'));
+ }
+
+ $this->response->redirect($this->helper->url->to('ProjectRoleController', 'show', array('project_id' => $project['id'])));
+ }
+
+ /**
+ * Confirm suppression
+ *
+ * @access public
+ */
+ public function confirm()
+ {
+ $project = $this->getProject();
+ $restriction_id = $this->request->getIntegerParam('restriction_id');
+
+ $this->response->html($this->helper->layout->project('project_role_restriction/remove', array(
+ 'project' => $project,
+ 'restriction' => $this->projectRoleRestrictionModel->getById($project['id'], $restriction_id),
+ 'restrictions' => $this->projectRoleRestrictionModel->getRules(),
+ )));
+ }
+
+ /**
+ * Remove a restriction
+ *
+ * @access public
+ */
+ public function remove()
+ {
+ $project = $this->getProject();
+ $this->checkCSRFParam();
+ $restriction_id = $this->request->getIntegerParam('restriction_id');
+
+ if ($this->projectRoleRestrictionModel->remove($restriction_id)) {
+ $this->flash->success(t('Project restriction removed successfully.'));
+ } else {
+ $this->flash->failure(t('Unable to remove this restriction.'));
+ }
+
+ $this->response->redirect($this->helper->url->to('ProjectRoleController', 'show', array('project_id' => $project['id'])));
+ }
+}
diff --git a/app/Controller/TaskSuppressionController.php b/app/Controller/TaskSuppressionController.php
index 600107c9..019bd97c 100644
--- a/app/Controller/TaskSuppressionController.php
+++ b/app/Controller/TaskSuppressionController.php
@@ -19,7 +19,7 @@ class TaskSuppressionController extends BaseController
{
$task = $this->getTask();
- if (! $this->helper->user->canRemoveTask($task)) {
+ if (! $this->helper->projectRole->canRemoveTask($task)) {
throw new AccessForbiddenException();
}
@@ -37,7 +37,7 @@ class TaskSuppressionController extends BaseController
$task = $this->getTask();
$this->checkCSRFParam();
- if (! $this->helper->user->canRemoveTask($task)) {
+ if (! $this->helper->projectRole->canRemoveTask($task)) {
throw new AccessForbiddenException();
}