fix(views): only allow project admins to manage views
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
Resolves https://community.vikunja.io/t/manage-views-only-for-project-admins/2279
This commit is contained in:
parent
e88f95e501
commit
1074a8d916
@ -396,7 +396,8 @@
|
||||
"titleRequired": "Please provide a title.",
|
||||
"delete": "Delete this view",
|
||||
"deleteText": "Are you sure you want to remove this view? It will no longer be possible to use it to view tasks in this project. This action won't delete any tasks. This cannot be undone!",
|
||||
"deleteSuccess": "The view was successfully deleted"
|
||||
"deleteSuccess": "The view was successfully deleted",
|
||||
"onlyAdminsCanEdit": "Only project admins can edit views."
|
||||
}
|
||||
},
|
||||
"filters": {
|
||||
|
@ -1,6 +1,6 @@
|
||||
<script setup lang="ts">
|
||||
import CreateEdit from '@/components/misc/create-edit.vue'
|
||||
import {computed, ref} from 'vue'
|
||||
import {watch, ref, computed} from 'vue'
|
||||
import {useProjectStore} from '@/stores/projects'
|
||||
import ProjectViewModel from '@/models/projectView'
|
||||
import type {IProjectView} from '@/modelTypes/IProjectView'
|
||||
@ -9,6 +9,10 @@ import ProjectViewService from '@/services/projectViews'
|
||||
import XButton from '@/components/input/button.vue'
|
||||
import {error, success} from '@/message'
|
||||
import {useI18n} from 'vue-i18n'
|
||||
import ProjectService from '@/services/project'
|
||||
import {RIGHTS} from '@/constants/rights'
|
||||
import ProjectModel from '@/models/project'
|
||||
import Message from '@/components/misc/message.vue'
|
||||
|
||||
const {
|
||||
projectId,
|
||||
@ -28,6 +32,17 @@ const viewIdToDelete = ref<number | null>(null)
|
||||
const showDeleteModal = ref(false)
|
||||
const viewToEdit = ref<IProjectView | null>(null)
|
||||
|
||||
const isAdmin = ref<boolean>(false)
|
||||
watch(
|
||||
() => projectId,
|
||||
async () => {
|
||||
const projectService = new ProjectService()
|
||||
const project = await projectService.get(new ProjectModel({id: projectId}))
|
||||
isAdmin.value = project.maxRight === RIGHTS.ADMIN
|
||||
},
|
||||
{immediate: true},
|
||||
)
|
||||
|
||||
async function createView() {
|
||||
if (!showCreateForm.value) {
|
||||
showCreateForm.value = true
|
||||
@ -83,13 +98,17 @@ async function saveView() {
|
||||
<CreateEdit
|
||||
:title="$t('project.views.header')"
|
||||
:primary-label="$t('misc.save')"
|
||||
:has-primary-action="false"
|
||||
>
|
||||
<ViewEditForm
|
||||
v-if="showCreateForm"
|
||||
v-model="newView"
|
||||
class="mb-4"
|
||||
/>
|
||||
<div class="is-flex is-justify-content-end mb-4">
|
||||
<div
|
||||
v-if="isAdmin"
|
||||
class="is-flex is-justify-content-end mb-4"
|
||||
>
|
||||
<XButton
|
||||
:loading="projectViewService.loading"
|
||||
@click="createView"
|
||||
@ -97,6 +116,10 @@ async function saveView() {
|
||||
{{ $t('project.views.create') }}
|
||||
</XButton>
|
||||
</div>
|
||||
|
||||
<Message v-if="!isAdmin">
|
||||
{{ $t('project.views.onlyAdminsCanEdit') }}
|
||||
</Message>
|
||||
|
||||
<table
|
||||
v-if="views?.length > 0"
|
||||
@ -144,6 +167,7 @@ async function saveView() {
|
||||
<td>{{ v.viewKind }}</td>
|
||||
<td class="has-text-right">
|
||||
<XButton
|
||||
v-if="isAdmin"
|
||||
class="is-danger mr-2"
|
||||
icon="trash-alt"
|
||||
@click="() => {
|
||||
@ -152,6 +176,7 @@ async function saveView() {
|
||||
}"
|
||||
/>
|
||||
<XButton
|
||||
v-if="isAdmin"
|
||||
icon="pen"
|
||||
@click="viewToEdit = {...v}"
|
||||
/>
|
||||
|
@ -28,17 +28,17 @@ func (p *ProjectView) CanRead(s *xorm.Session, a web.Auth) (bool, int, error) {
|
||||
|
||||
func (p *ProjectView) CanDelete(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
pp := p.getProject()
|
||||
return pp.CanUpdate(s, a)
|
||||
return pp.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
func (p *ProjectView) CanUpdate(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
pp := p.getProject()
|
||||
return pp.CanUpdate(s, a)
|
||||
return pp.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
func (p *ProjectView) CanCreate(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
pp := p.getProject()
|
||||
return pp.CanUpdate(s, a)
|
||||
return pp.IsAdmin(s, a)
|
||||
}
|
||||
|
||||
func (p *ProjectView) getProject() (pp *Project) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user