revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
Code Issues Releases Wiki Activity

Restrict Workboard initialization to CAN_EDIT

Browse source 
Summary: Make Workboard initialization more restrictive.

Test Plan: Log out, see "No Workboard", Log in with permissions, see "New Workboard", Log in with notchad, see "No Workboard".

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T7410

Differential Revision: https://secure.phabricator.com/D14306
This commit is contained in:
Chad Little 2015-10-19 13:22:13 -07:00
parent 267e718dfe
commit ec485de8f9
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/applications/project/controller/PhabricatorProjectBoardViewController.php
View file

@ -67,7 +67,11 @@ final class PhabricatorProjectBoardViewController
// TODO: Expand the checks here if we add the ability
// to hide the Backlog column
if (!$columns) {
if (!$viewer->isLoggedIn()) {
$can_edit = PhabricatorPolicyFilter::hasCapability(
$viewer,
$project,
PhabricatorPolicyCapability::CAN_EDIT);
if (!$can_edit) {
return $this->noAccessDialog($project);
}
switch ($request->getStr('initialize-type')) {