From fedf4ea2de21fcf95fc5aa942cedc7924865f160 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Thu, 8 Sep 2016 20:44:03 -0400
Subject: Custom project roles inherit from project members

---
 app/Core/Security/Role.php | 12 ++++++++++++
 app/Helper/UserHelper.php  |  5 +++++
 2 files changed, 17 insertions(+)

(limited to 'app')

diff --git a/app/Core/Security/Role.php b/app/Core/Security/Role.php
index cb45a8af..c16d4094 100644
--- a/app/Core/Security/Role.php
+++ b/app/Core/Security/Role.php
@@ -49,6 +49,18 @@ class Role
         );
     }
 
+    /**
+     * Check if the given role is custom or not
+     *
+     * @access public
+     * @param  string $role
+     * @return bool
+     */
+    public function isCustomProjectRole($role)
+    {
+        return ! empty($role) && $role !== self::PROJECT_MANAGER && $role !== self::PROJECT_MEMBER && $role !== self::PROJECT_VIEWER;
+    }
+
     /**
      * Get role name
      *
diff --git a/app/Helper/UserHelper.php b/app/Helper/UserHelper.php
index e42bafe4..17c66616 100644
--- a/app/Helper/UserHelper.php
+++ b/app/Helper/UserHelper.php
@@ -150,6 +150,11 @@ class UserHelper extends Base
 
         if ($result === null) {
             $role = $this->getProjectUserRole($project_id);
+
+            if ($this->role->isCustomProjectRole($role)) {
+                $role = Role::PROJECT_MEMBER;
+            }
+
             $result = $this->projectAuthorization->isAllowed($controller, $action, $role);
             $this->memoryCache->set($key, $result);
         }
-- 
cgit v1.2.3