From 5969eb8e3030c822333872f24daa23b9eac1f4f7 Mon Sep 17 00:00:00 2001
From: Dj Padzensky <djpadz@padz.net>
Date: Thu, 14 Jul 2016 13:20:56 -0700
Subject: Added tighter access controls to profile section

---
 app/Template/user_modification/show.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'app/Template/user_modification')

diff --git a/app/Template/user_modification/show.php b/app/Template/user_modification/show.php
index 396d550d..506c9161 100644
--- a/app/Template/user_modification/show.php
+++ b/app/Template/user_modification/show.php
@@ -11,16 +11,16 @@
     <?= $this->form->text('username', $values, $errors, array('required', isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1 ? 'readonly' : '', 'maxlength="50"')) ?>
 
     <?= $this->form->label(t('Name'), 'name') ?>
-    <?= $this->form->text('name', $values, $errors) ?>
+    <?= $this->form->text('name', $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_name') ? '' : 'readonly')) ?>
 
     <?= $this->form->label(t('Email'), 'email') ?>
-    <?= $this->form->email('email', $values, $errors) ?>
+    <?= $this->form->email('email', $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_email') ? '' : 'readonly')) ?>
 
     <?= $this->form->label(t('Timezone'), 'timezone') ?>
-    <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
+    <?= $this->form->select('timezone', $timezones, $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_timezone') ? '' : 'disabled')) ?>
 
     <?= $this->form->label(t('Language'), 'language') ?>
-    <?= $this->form->select('language', $languages, $values, $errors) ?>
+    <?= $this->form->select('language', $languages, $values, $errors, array($this->user->hasAccess('UserModificationController', 'show/edit_language') ? '' : 'disabled')) ?>
 
     <?php if ($this->user->isAdmin()): ?>
         <?= $this->form->label(t('Role'), 'role') ?>
-- 
cgit v1.2.3