Tighten some edit permissions on organisations
This commit is contained in:
@@ -66,9 +66,15 @@ class OrganisationPermissions extends BaseSeed
|
||||
'view_organisation_field_own' => new Permission([
|
||||
'slug' => 'view_organisation_field',
|
||||
'name' => 'View own organisation',
|
||||
'conditions' => "is_organisation_member(self.id,organisation.id) & in(property,['name','slug','description','members'])",
|
||||
'conditions' => "is_organisation_member(self.id,organisation.id) && in(property,['name','slug','description','members'])",
|
||||
'description' => 'View certain properties of own organisation.',
|
||||
]),
|
||||
'update_organisation_field_own' => new Permission([
|
||||
'slug' => 'update_organisation_field',
|
||||
'name' => 'Update own organisation',
|
||||
'conditions' => "is_organisation_admin(self.id,organisation.id) && subset(fields,['name','slug','description','members'])",
|
||||
'description' => 'Edit basic properties of own organisation.',
|
||||
]),
|
||||
'update_organisation_field' => new Permission([
|
||||
'slug' => 'update_organisation_field',
|
||||
'name' => 'Edit organisation',
|
||||
@@ -206,6 +212,7 @@ class OrganisationPermissions extends BaseSeed
|
||||
$permissions['uri_organisations']->id,
|
||||
$permissions['uri_organisation_own']->id,
|
||||
$permissions['view_organisation_field_own']->id,
|
||||
$permissions['update_organisation_field_own']->id,
|
||||
$permissions['leave_organisation']->id,
|
||||
$permissions['register_organisation']->id,
|
||||
]);
|
||||
|
||||
@@ -24,17 +24,39 @@
|
||||
</button>
|
||||
<ul class="dropdown-menu box-tool-menu">
|
||||
{% block tools %}
|
||||
{% if 'edit' not in tools.hidden %}
|
||||
<li>
|
||||
<a href="#" class="js-organisation-edit" data-slug="{{organisation.slug}}">
|
||||
<i class="fas fa-edit fa-fw"></i> {{translate('EDIT')}}
|
||||
</a>
|
||||
</li>
|
||||
{% if 'delete' not in tools.hidden %}
|
||||
{% endif %}
|
||||
{% if checkAccess('leave_organisation') and (isOrganisationMember(organisation)) %}
|
||||
<li>
|
||||
<a href="#" class="js-organisation-leave" data-slug="{{organisation.slug}}">
|
||||
<i class="fas fa-door-open fa-fw"></i> {{translate('ORGANISATION.LEAVE')}}
|
||||
</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
{% if organisation.flag_approved != 1 %}
|
||||
{% if checkAccess('approve_organisation') %}
|
||||
<li>
|
||||
<a href="#" class="js-organisation-delete" data-slug="{{organisation.slug}}">
|
||||
<i class="fas fa-trash-alt fa-fw"></i> {{translate('DELETE')}}
|
||||
<a href="#" class="js-organisation-approveRegistration" data-slug="{{organisation.slug}}">
|
||||
<i class="fas fa-thumbs-up fa-fw"></i> {{translate('APPROVE')}}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="#" class="js-organisation-rejectRegistration" data-slug="{{organisation.slug}}">
|
||||
<i class="fas fa-thumbs-down fa-fw"></i> {{translate('REJECT')}}
|
||||
</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
{% elseif 'delete' not in tools.hidden %}
|
||||
<li>
|
||||
<a href="#" class="js-organisation-delete" data-slug="{{organisation.slug}}">
|
||||
<i class="fas fa-trash-alt fa-fw"></i> {{translate('DELETE')}}
|
||||
</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
</ul>
|
||||
@@ -78,7 +100,7 @@
|
||||
</p>
|
||||
{% endif %}
|
||||
{% block organisation_profile %}{% endblock %}
|
||||
{% if checkAccess('leave_organisation') %}
|
||||
{% if checkAccess('leave_organisation') and (isOrganisationMember(organisation)) %}
|
||||
<hr>
|
||||
<div class="text-center">
|
||||
<button type="button" class="btn btn-danger js-organisation-leave" data-slug="{{organisation.slug}}">{{translate('ORGANISATION.LEAVE')}}</button>
|
||||
|
||||
Reference in New Issue
Block a user