From 384b64b7fab59d9de0fea5adb89438c1192b6301 Mon Sep 17 00:00:00 2001
From: toomyem <toomyem@toomyem.net>
Date: Wed, 5 Mar 2014 09:40:06 +0100
Subject: Admin users are not allowed for a project

In function isUserAllowed() it is only checked if:
1. any user is assigned to the project (if no then allow anybody)
2. if logged user is allowed for given project
But also _admin_ users _not assigned_ to the project shall be allowed.
---
 models/project.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/models/project.php b/models/project.php
index a2f66478..45cd1baa 100644
--- a/models/project.php
+++ b/models/project.php
@@ -82,6 +82,15 @@ class Project extends Base
 
         if ($nb_users < 1) return true;
 
+        // check if user has admin rights
+        $nb_users = $this->db
+                    ->table(\Model\User::TABLE)
+                    ->eq('id', $user_id)
+                    ->eq('is_admin', 1)
+                    ->count();
+         
+        if ($nb_users > 0) return true;
+
         // Otherwise, allow only specific users
         return (bool) $this->db
                     ->table(self::TABLE_USERS)
-- 
cgit v1.2.3