github-mirrors/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-04-22 04:57:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

Prevent isCommentOnly user adding attachments, editing list names, moving lists,

Browse source 
and seeing board settings menu. Show non-editable Custom Fields to isCommentOnly user.

Thanks to xet7 !

Closes wekan/wekan-snap#97,
closes #2416,
closes #2255
This commit is contained in:
Lauri Ojansivu 2019-07-24 15:01:05 +03:00
parent 62bfe1da21
commit a68c928896
5 changed files with 42 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

26
client/components/cards/attachments.jade
View file

@ -37,17 +37,19 @@ template(name="attachmentsGalery")
i.fa.fa-download
| {{_ 'download'}}
if currentUser.isBoardMember
if isImage
a(class="{{#if $eq ../coverId _id}}js-remove-cover{{else}}js-add-cover{{/if}}")
i.fa.fa-thumb-tack
if($eq ../coverId _id)
| {{_ 'remove-cover'}}
else
| {{_ 'add-cover'}}
a.js-confirm-delete
i.fa.fa-close
| {{_ 'delete'}}
unless currentUser.isCommentOnly
if isImage
a(class="{{#if $eq ../coverId _id}}js-remove-cover{{else}}js-add-cover{{/if}}")
i.fa.fa-thumb-tack
if($eq ../coverId _id)
| {{_ 'remove-cover'}}
else
| {{_ 'add-cover'}}
a.js-confirm-delete
i.fa.fa-close
| {{_ 'delete'}}
if currentUser.isBoardMember
li.attachment-item.add-attachment
a.js-add-attachment {{_ 'add-attachment' }}
unless currentUser.isCommentOnly
li.attachment-item.add-attachment
a.js-add-attachment {{_ 'add-attachment' }}

16
client/components/cards/cardCustomFields.jade
View file

@ -31,6 +31,10 @@ template(name="cardCustomField-text")
= value
else
| {{_ 'edit'}}
else
+viewer
= value
template(name="cardCustomField-number")
if canModifyCard
@ -45,6 +49,9 @@ template(name="cardCustomField-number")
= value
else
| {{_ 'edit'}}
else
if value
= value
template(name="cardCustomField-date")
if canModifyCard
@ -55,6 +62,11 @@ template(name="cardCustomField-date")
| {{showDate}}
else
| {{_ 'edit'}}
else
if value
div.card-date
time(datetime="{{showISODate}}")
| {{showDate}}
template(name="cardCustomField-dropdown")
if canModifyCard
@ -79,3 +91,7 @@ template(name="cardCustomField-dropdown")
= selectedItem
else
| {{_ 'edit'}}
else
if value
+viewer
= selectedItem

2
client/components/lists/listHeader.jade
View file

@ -9,7 +9,7 @@ template(name="listHeader")
if currentList
a.list-header-left-icon.fa.fa-angle-left.js-unselect-list
h2.list-header-name(
class="{{#if currentUser.isBoardMember}}js-open-inlined-form is-editable{{/if}}")
class="{{#if currentUser.isBoardMember}}{{#unless currentUser.isCommentOnly}}js-open-inlined-form is-editable{{/unless}}{{/if}}")
+viewer
= title
if wipLimit.enabled

5
client/components/sidebar/sidebar.jade
View file

@ -34,8 +34,9 @@ template(name="membersWidget")
h3
i.fa.fa-user
| {{_ 'members'}}
a.board-header-btn.js-open-board-menu(title="{{_ 'boardMenuPopup-title'}}").right
i.board-header-btn-icon.fa.fa-cog
unless currentUser.isCommentOnly
a.board-header-btn.js-open-board-menu(title="{{_ 'boardMenuPopup-title'}}").right
i.board-header-btn-icon.fa.fa-cog
.board-widget-content
each currentBoard.activeMembers

12
client/components/swimlanes/swimlanes.jade
View file

@ -9,14 +9,16 @@ template(name="swimlane")
each lists
+miniList(this)
if currentUser.isBoardMember
+addListForm
unless currentUser.isCommentOnly
+addListForm
else
each lists
+list(this)
if currentCardIsInThisList _id ../_id
+cardDetails(currentCard)
if currentUser.isBoardMember
+addListForm
unless currentUser.isCommentOnly
+addListForm
template(name="listsGroup")
.swimlane.list-group.js-lists
@ -27,14 +29,16 @@ template(name="listsGroup")
each lists
+miniList(this)
if currentUser.isBoardMember
+addListForm
unless currentUser.isCommentOnly
+addListForm
else
each lists
+list(this)
if currentCardIsInThisList _id null
+cardDetails(currentCard)
if currentUser.isBoardMember
+addListForm
unless currentUser.isCommentOnly
+addListForm
template(name="addListForm")
.list.list-composer.js-list-composer