Jingga/oms-Tasks
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Tasks.git synced 2026-02-14 05:38:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

only show tasks user is allowed to see

Browse Source
This commit is contained in:
Dennis Eichhorn 2020-06-10 21:54:42 +02:00
parent c3ae9923a4
commit f4866ed18f
1 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Controller/BackendController.php
View File

@ -74,17 +74,17 @@ final class BackendController extends Controller implements DashboardElementInte
if ($request->getData('ptype') === '-') { if ($request->getData('ptype') === '-') {
$view->setData('tasks', $view->setData('tasks',
TaskMapper::withConditional('language', $response->getHeader()->getL11n()->getLanguage()) TaskMapper::withConditional('language', $response->getHeader()->getL11n()->getLanguage())
::getBeforePivot((int) ($request->getData('id') ?? 0), null, 25) ::getAnyBeforePivot($request->getHeader()->getAccount(), (int) ($request->getData('id') ?? 0), null, 25)
); );
} elseif ($request->getData('ptype') === '+') { } elseif ($request->getData('ptype') === '+') {
$view->setData('tasks', $view->setData('tasks',
TaskMapper::withConditional('language', $response->getHeader()->getL11n()->getLanguage()) TaskMapper::withConditional('language', $response->getHeader()->getL11n()->getLanguage())
::getAfterPivot((int) ($request->getData('id') ?? 0), null, 25) ::getAnyAfterPivot($request->getHeader()->getAccount(), (int) ($request->getData('id') ?? 0), null, 25)
); );
} else { } else {
$view->setData('tasks', $view->setData('tasks',
TaskMapper::withConditional('language', $response->getHeader()->getL11n()->getLanguage()) TaskMapper::withConditional('language', $response->getHeader()->getL11n()->getLanguage())
::getAfterPivot(0, null, 25) ::getAnyAfterPivot($request->getHeader()->getAccount(), 0, null, 25)
); );
} }
@ -126,11 +126,23 @@ final class BackendController extends Controller implements DashboardElementInte
{ {
$view = new TaskView($this->app->l11nManager, $request, $response); $view = new TaskView($this->app->l11nManager, $request, $response);
if (!TaskMapper::hasReadingPermission($request->getHeader()->getAccount(), (int) $request->getData('id'))) {
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
$view->setTemplate('/Web/Backend/Error/403');
$this->app->loadLanguageFromPath(
$response->getHeader()->getL11n()->getLanguage(),
__DIR__ . '/../../../Web/Backend/Error/lang/' . $response->getHeader()->getL11n()->getLanguage() . '.lang.php'
);
return $view;
}
/** @var \phpOMS\Model\Html\Head $head */ /** @var \phpOMS\Model\Html\Head $head */
$head = $response->get('Content')->getData('head'); $head = $response->get('Content')->getData('head');
$head->addAsset(AssetType::CSS, '/Modules/Tasks/Theme/Backend/css/styles.css'); $head->addAsset(AssetType::CSS, '/Modules/Tasks/Theme/Backend/css/styles.css');
$task = TaskMapper::get((int) $request->getData('id'), RelationType::ALL, 5); $task = TaskMapper::get((int) $request->getData('id'), RelationType::ALL, 3);
$accountId = $request->getHeader()->getAccount(); $accountId = $request->getHeader()->getAccount();
if (!($task->getCreatedBy()->getId() === $accountId if (!($task->getCreatedBy()->getId() === $accountId