From 76019d76287f174cb6bf81fe052dc5c5c53be46c Mon Sep 17 00:00:00 2001
From: Frédéric Guillot <fred@kanboard.net>
Date: Thu, 11 Dec 2014 20:51:40 -0500
Subject: Add project owner support (allow user management to a regular user),
 see #316

---
 app/Controller/Base.php | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'app/Controller/Base.php')

diff --git a/app/Controller/Base.php b/app/Controller/Base.php
index 5027cf31..5b99e6b8 100644
--- a/app/Controller/Base.php
+++ b/app/Controller/Base.php
@@ -252,6 +252,20 @@ abstract class Base
         }
     }
 
+    /**
+     * Check if the current user is owner of the given project
+     *
+     * @access protected
+     * @param  integer   $project_id  Project id
+     */
+    protected function checkProjectOwnerPermissions($project_id)
+    {
+        if (! $this->acl->isAdminUser() &&
+            ! ($this->acl->isRegularUser() && $this->projectPermission->isOwner($project_id, $this->acl->getUserId()))) {
+            $this->forbidden();
+        }
+    }
+
     /**
      * Redirection when there is no project in the database
      *
@@ -299,6 +313,7 @@ abstract class Base
         $params['project_content_for_layout'] = $content;
         $params['title'] = $params['project']['name'] === $params['title'] ? $params['title'] : $params['project']['name'].' &gt; '.$params['title'];
         $params['board_selector'] = $this->projectPermission->getAllowedProjects($this->acl->getUserId());
+        $params['is_owner'] = $this->projectPermission->isOwner($params['project']['id'], $this->acl->getUserId());
 
         return $this->template->layout('project/layout', $params);
     }
-- 
cgit v1.2.3