1 files changed, 13 insertions, 21 deletions

diff --git a/app/ServiceProvider/AuthenticationProvider.php b/app/ServiceProvider/AuthenticationProvider.php
index a516cffe..5ed28fe1 100644
--- a/app/ServiceProvider/AuthenticationProvider.php
+++ b/app/ServiceProvider/AuthenticationProvider.php
@@ -11,9 +11,6 @@ use Kanboard\Core\Security\Role;
 use Kanboard\Auth\RememberMeAuth;
 use Kanboard\Auth\DatabaseAuth;
 use Kanboard\Auth\LdapAuth;
-use Kanboard\Auth\GitlabAuth;
-use Kanboard\Auth\GithubAuth;
-use Kanboard\Auth\GoogleAuth;
 use Kanboard\Auth\TotpAuth;
 use Kanboard\Auth\ReverseProxyAuth;
 
@@ -47,18 +44,6 @@ class AuthenticationProvider implements ServiceProviderInterface
             $container['authenticationManager']->register(new LdapAuth($container));
         }
 
-        if (GITLAB_AUTH) {
-            $container['authenticationManager']->register(new GitlabAuth($container));
-        }
-
-        if (GITHUB_AUTH) {
-            $container['authenticationManager']->register(new GithubAuth($container));
-        }
-
-        if (GOOGLE_AUTH) {
-            $container['authenticationManager']->register(new GoogleAuth($container));
-        }
-
         $container['projectAccessMap'] = $this->getProjectAccessMap();
         $container['applicationAccessMap'] = $this->getApplicationAccessMap();
 
@@ -82,6 +67,8 @@ class AuthenticationProvider implements ServiceProviderInterface
         $acl->setRoleHierarchy(Role::PROJECT_MEMBER, array(Role::PROJECT_VIEWER));
 
         $acl->add('Action', '*', Role::PROJECT_MANAGER);
+        $acl->add('ActionProject', '*', Role::PROJECT_MANAGER);
+        $acl->add('ActionCreation', '*', Role::PROJECT_MANAGER);
         $acl->add('Analytic', '*', Role::PROJECT_MANAGER);
         $acl->add('Board', 'save', Role::PROJECT_MEMBER);
         $acl->add('BoardPopover', '*', Role::PROJECT_MEMBER);
@@ -91,22 +78,28 @@ class AuthenticationProvider implements ServiceProviderInterface
         $acl->add('Comment', '*', Role::PROJECT_MEMBER);
         $acl->add('Customfilter', '*', Role::PROJECT_MEMBER);
         $acl->add('Export', '*', Role::PROJECT_MANAGER);
-        $acl->add('File', array('screenshot', 'create', 'save', 'remove', 'confirm'), Role::PROJECT_MEMBER);
+        $acl->add('TaskFile', array('screenshot', 'create', 'save', 'remove', 'confirm'), Role::PROJECT_MEMBER);
         $acl->add('Gantt', '*', Role::PROJECT_MANAGER);
         $acl->add('Project', array('share', 'integrations', 'notifications', 'duplicate', 'disable', 'enable', 'remove'), Role::PROJECT_MANAGER);
         $acl->add('ProjectPermission', '*', Role::PROJECT_MANAGER);
         $acl->add('ProjectEdit', '*', Role::PROJECT_MANAGER);
+        $acl->add('ProjectFile', '*', Role::PROJECT_MEMBER);
         $acl->add('Projectuser', '*', Role::PROJECT_MANAGER);
         $acl->add('Subtask', '*', Role::PROJECT_MEMBER);
+        $acl->add('SubtaskRestriction', '*', Role::PROJECT_MEMBER);
+        $acl->add('SubtaskStatus', '*', Role::PROJECT_MEMBER);
         $acl->add('Swimlane', '*', Role::PROJECT_MANAGER);
         $acl->add('Task', 'remove', Role::PROJECT_MEMBER);
         $acl->add('Taskcreation', '*', Role::PROJECT_MEMBER);
         $acl->add('Taskduplication', '*', Role::PROJECT_MEMBER);
+        $acl->add('TaskRecurrence', '*', Role::PROJECT_MEMBER);
         $acl->add('TaskImport', '*', Role::PROJECT_MANAGER);
         $acl->add('Tasklink', '*', Role::PROJECT_MEMBER);
+        $acl->add('Tasklink', array('show'), Role::PROJECT_VIEWER);
+        $acl->add('TaskExternalLink', '*', Role::PROJECT_MEMBER);
+        $acl->add('TaskExternalLink', array('show'), Role::PROJECT_VIEWER);
         $acl->add('Taskmodification', '*', Role::PROJECT_MEMBER);
         $acl->add('Taskstatus', '*', Role::PROJECT_MEMBER);
-        $acl->add('Timer', '*', Role::PROJECT_MEMBER);
         $acl->add('UserHelper', array('mention'), Role::PROJECT_MEMBER);
 
         return $acl;
@@ -126,7 +119,6 @@ class AuthenticationProvider implements ServiceProviderInterface
         $acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER, Role::APP_PUBLIC));
         $acl->setRoleHierarchy(Role::APP_USER, array(Role::APP_PUBLIC));
 
-        $acl->add('Oauth', array('google', 'github', 'gitlab'), Role::APP_PUBLIC);
         $acl->add('Auth', array('login', 'check'), Role::APP_PUBLIC);
         $acl->add('Captcha', '*', Role::APP_PUBLIC);
         $acl->add('PasswordReset', '*', Role::APP_PUBLIC);
@@ -141,12 +133,12 @@ class AuthenticationProvider implements ServiceProviderInterface
         $acl->add('Gantt', array('projects', 'saveProjectDate'), Role::APP_MANAGER);
         $acl->add('Group', '*', Role::APP_ADMIN);
         $acl->add('Link', '*', Role::APP_ADMIN);
-        $acl->add('Project', array('users', 'allowEverybody', 'allow', 'role', 'revoke', 'create'), Role::APP_MANAGER);
-        $acl->add('ProjectPermission', '*', Role::APP_USER);
+        $acl->add('ProjectCreation', 'create', Role::APP_MANAGER);
         $acl->add('Projectuser', '*', Role::APP_MANAGER);
         $acl->add('Twofactor', 'disable', Role::APP_ADMIN);
         $acl->add('UserImport', '*', Role::APP_ADMIN);
-        $acl->add('User', array('index', 'create', 'save', 'authentication', 'remove'), Role::APP_ADMIN);
+        $acl->add('User', array('index', 'create', 'save', 'authentication'), Role::APP_ADMIN);
+        $acl->add('UserStatus', '*', Role::APP_ADMIN);
 
         return $acl;
     }