From d138834dcf902534f78237939926e97fd9a0eebe Mon Sep 17 00:00:00 2001
From: Frédéric Guillot <fred@kanboard.net>
Date: Sun, 5 Oct 2014 19:40:57 -0400
Subject: Regular users are able to create private projects

---
 app/Model/ProjectPermission.php | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

(limited to 'app/Model/ProjectPermission.php')

diff --git a/app/Model/ProjectPermission.php b/app/Model/ProjectPermission.php
index 9d339f4d..b4466c20 100644
--- a/app/Model/ProjectPermission.php
+++ b/app/Model/ProjectPermission.php
@@ -142,12 +142,10 @@ class ProjectPermission extends Base
      */
     public function isUserAllowed($project_id, $user_id)
     {
-        // Check if the user has admin rights
         if ($this->user->isAdmin($user_id)) {
             return true;
         }
 
-        // Otherwise, allow only specific users
         return (bool) $this->db
                     ->table(self::TABLE)
                     ->eq('project_id', $project_id)
@@ -155,6 +153,23 @@ class ProjectPermission extends Base
                     ->count();
     }
 
+    /**
+     * Check if a specific user is allowed to manage a project
+     *
+     * @access public
+     * @param  integer   $project_id   Project id
+     * @param  integer   $user_id      User id
+     * @return bool
+     */
+    public function adminAllowed($project_id, $user_id)
+    {
+        if ($this->isUserAllowed($project_id, $user_id) && $this->project->isPrivate($project_id)) {
+            return true;
+        }
+
+        return false;
+    }
+
     /**
      * Filter a list of projects for a given user
      *
-- 
cgit v1.2.3