diff options
Diffstat (limited to 'app/ServiceProvider/AuthenticationProvider.php')
| -rw-r--r-- | app/ServiceProvider/AuthenticationProvider.php | 25 |
1 files changed, 7 insertions, 18 deletions
diff --git a/app/ServiceProvider/AuthenticationProvider.php b/app/ServiceProvider/AuthenticationProvider.php index a516cffe..4196a470 100644 --- a/app/ServiceProvider/AuthenticationProvider.php +++ b/app/ServiceProvider/AuthenticationProvider.php @@ -11,9 +11,6 @@ use Kanboard\Core\Security\Role; use Kanboard\Auth\RememberMeAuth; use Kanboard\Auth\DatabaseAuth; use Kanboard\Auth\LdapAuth; -use Kanboard\Auth\GitlabAuth; -use Kanboard\Auth\GithubAuth; -use Kanboard\Auth\GoogleAuth; use Kanboard\Auth\TotpAuth; use Kanboard\Auth\ReverseProxyAuth; @@ -47,18 +44,6 @@ class AuthenticationProvider implements ServiceProviderInterface $container['authenticationManager']->register(new LdapAuth($container)); } - if (GITLAB_AUTH) { - $container['authenticationManager']->register(new GitlabAuth($container)); - } - - if (GITHUB_AUTH) { - $container['authenticationManager']->register(new GithubAuth($container)); - } - - if (GOOGLE_AUTH) { - $container['authenticationManager']->register(new GoogleAuth($container)); - } - $container['projectAccessMap'] = $this->getProjectAccessMap(); $container['applicationAccessMap'] = $this->getApplicationAccessMap(); @@ -98,12 +83,18 @@ class AuthenticationProvider implements ServiceProviderInterface $acl->add('ProjectEdit', '*', Role::PROJECT_MANAGER); $acl->add('Projectuser', '*', Role::PROJECT_MANAGER); $acl->add('Subtask', '*', Role::PROJECT_MEMBER); + $acl->add('SubtaskRestriction', '*', Role::PROJECT_MEMBER); + $acl->add('SubtaskStatus', '*', Role::PROJECT_MEMBER); $acl->add('Swimlane', '*', Role::PROJECT_MANAGER); $acl->add('Task', 'remove', Role::PROJECT_MEMBER); $acl->add('Taskcreation', '*', Role::PROJECT_MEMBER); $acl->add('Taskduplication', '*', Role::PROJECT_MEMBER); + $acl->add('TaskRecurrence', '*', Role::PROJECT_MEMBER); $acl->add('TaskImport', '*', Role::PROJECT_MANAGER); $acl->add('Tasklink', '*', Role::PROJECT_MEMBER); + $acl->add('Tasklink', array('show'), Role::PROJECT_VIEWER); + $acl->add('TaskExternalLink', '*', Role::PROJECT_MEMBER); + $acl->add('TaskExternalLink', array('show'), Role::PROJECT_VIEWER); $acl->add('Taskmodification', '*', Role::PROJECT_MEMBER); $acl->add('Taskstatus', '*', Role::PROJECT_MEMBER); $acl->add('Timer', '*', Role::PROJECT_MEMBER); @@ -126,7 +117,6 @@ class AuthenticationProvider implements ServiceProviderInterface $acl->setRoleHierarchy(Role::APP_MANAGER, array(Role::APP_USER, Role::APP_PUBLIC)); $acl->setRoleHierarchy(Role::APP_USER, array(Role::APP_PUBLIC)); - $acl->add('Oauth', array('google', 'github', 'gitlab'), Role::APP_PUBLIC); $acl->add('Auth', array('login', 'check'), Role::APP_PUBLIC); $acl->add('Captcha', '*', Role::APP_PUBLIC); $acl->add('PasswordReset', '*', Role::APP_PUBLIC); @@ -141,8 +131,7 @@ class AuthenticationProvider implements ServiceProviderInterface $acl->add('Gantt', array('projects', 'saveProjectDate'), Role::APP_MANAGER); $acl->add('Group', '*', Role::APP_ADMIN); $acl->add('Link', '*', Role::APP_ADMIN); - $acl->add('Project', array('users', 'allowEverybody', 'allow', 'role', 'revoke', 'create'), Role::APP_MANAGER); - $acl->add('ProjectPermission', '*', Role::APP_USER); + $acl->add('ProjectCreation', 'create', Role::APP_MANAGER); $acl->add('Projectuser', '*', Role::APP_MANAGER); $acl->add('Twofactor', 'disable', Role::APP_ADMIN); $acl->add('UserImport', '*', Role::APP_ADMIN); |