From 5c6b67bd7605485db2b19a8838838b7c4455e3b6 Mon Sep 17 00:00:00 2001
From: Frédéric Guillot <fred@kanboard.net>
Date: Fri, 2 Jan 2015 22:14:28 -0500
Subject: Allow project managers to remove tasks

---
 app/Controller/Base.php         | 4 ----
 app/Model/Acl.php               | 1 -
 app/Model/ProjectPermission.php | 2 +-
 app/Model/TaskPermission.php    | 2 +-
 app/Template/task/layout.php    | 2 +-
 app/Template/task/sidebar.php   | 2 +-
 tests/units/AclTest.php         | 4 ++--
 7 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/app/Controller/Base.php b/app/Controller/Base.php
index b5d59640..8a5354aa 100644
--- a/app/Controller/Base.php
+++ b/app/Controller/Base.php
@@ -244,10 +244,6 @@ abstract class Base
      */
     protected function taskLayout($template, array $params)
     {
-        if (isset($params['task']) && $this->taskPermission->canRemoveTask($params['task']) === false) {
-            $params['hide_remove_menu'] = true;
-        }
-
         $content = $this->template->render($template, $params);
         $params['task_content_for_layout'] = $content;
         $params['title'] = $params['task']['project_name'].' &gt; '.$params['task']['title'];
diff --git a/app/Model/Acl.php b/app/Model/Acl.php
index d717e12f..9c3f5e06 100644
--- a/app/Model/Acl.php
+++ b/app/Model/Acl.php
@@ -52,7 +52,6 @@ class Acl extends Base
         'category' => '*',
         'project' => array('edit', 'update', 'exporttasks', 'exportdailyprojectsummary', 'share', 'integration', 'users', 'alloweverybody', 'allow', 'setowner', 'revoke', 'duplicate', 'disable', 'enable'),
         'swimlane' => '*',
-        'task' => array('remove'),
     );
 
     /**
diff --git a/app/Model/ProjectPermission.php b/app/Model/ProjectPermission.php
index 0249b3b1..02f3b428 100644
--- a/app/Model/ProjectPermission.php
+++ b/app/Model/ProjectPermission.php
@@ -198,7 +198,7 @@ class ProjectPermission extends Base
                     ->table(self::TABLE)
                     ->eq('project_id', $project_id)
                     ->eq('user_id', $user_id)
-                    ->update(array('is_owner' => $is_owner));
+                    ->update(array('is_owner' => (int) $is_owner));
     }
 
     /**
diff --git a/app/Model/TaskPermission.php b/app/Model/TaskPermission.php
index 53740a9a..e2420e10 100644
--- a/app/Model/TaskPermission.php
+++ b/app/Model/TaskPermission.php
@@ -20,7 +20,7 @@ class TaskPermission extends Base
      */
     public function canRemoveTask(array $task)
     {
-        if ($this->userSession->isAdmin()) {
+        if ($this->userSession->isAdmin() || $this->projectPermission->isManager($task['project_id'], $this->userSession->getId())) {
             return true;
         }
         else if (isset($task['creator_id']) && $task['creator_id'] == $this->userSession->getId()) {
diff --git a/app/Template/task/layout.php b/app/Template/task/layout.php
index 776fdc78..dd36903d 100644
--- a/app/Template/task/layout.php
+++ b/app/Template/task/layout.php
@@ -6,7 +6,7 @@
     </div>
     <section class="sidebar-container" id="task-section">
 
-        <?= $this->render('task/sidebar', array('task' => $task, 'hide_remove_menu' => isset($hide_remove_menu))) ?>
+        <?= $this->render('task/sidebar', array('task' => $task)) ?>
 
         <div class="sidebar-content">
             <?= $task_content_for_layout ?>
diff --git a/app/Template/task/sidebar.php b/app/Template/task/sidebar.php
index 4ee7ca8a..acddd52f 100644
--- a/app/Template/task/sidebar.php
+++ b/app/Template/task/sidebar.php
@@ -35,7 +35,7 @@
                 <?= $this->a(t('Open this task'), 'task', 'open', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?>
             <?php endif ?>
         </li>
-        <?php if (! $hide_remove_menu): ?>
+        <?php if ($this->taskPermission->canRemoveTask($task)): ?>
         <li>
             <?= $this->a(t('Remove'), 'task', 'remove', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?>
         </li>
diff --git a/tests/units/AclTest.php b/tests/units/AclTest.php
index 3c18beae..41af8950 100644
--- a/tests/units/AclTest.php
+++ b/tests/units/AclTest.php
@@ -59,7 +59,6 @@ class AclTest extends Base
         $this->assertTrue($acl->isManagerAction('project', 'disable'));
         $this->assertTrue($acl->isManagerAction('category', 'index'));
         $this->assertTrue($acl->isManagerAction('project', 'users'));
-        $this->assertTrue($acl->isManagerAction('task', 'remove'));
         $this->assertFalse($acl->isManagerAction('app', 'index'));
     }
 
@@ -183,7 +182,8 @@ class AclTest extends Base
         $this->assertTrue($acl->isAllowed('project', 'show', 1));
         $this->assertFalse($acl->isAllowed('config', 'application', 1));
         $this->assertFalse($acl->isAllowed('project', 'users', 1));
-        $this->assertFalse($acl->isAllowed('task', 'remove', 1));
+        $this->assertTrue($acl->isAllowed('task', 'remove', 1));
+        $this->assertFalse($acl->isAllowed('task', 'remove', 2));
         $this->assertTrue($acl->isAllowed('app', 'index', 1));
     }
 
-- 
cgit v1.2.3