Tighten some edit permissions on organisations
This commit is contained in:
@@ -66,9 +66,15 @@ class OrganisationPermissions extends BaseSeed
|
|||||||
'view_organisation_field_own' => new Permission([
|
'view_organisation_field_own' => new Permission([
|
||||||
'slug' => 'view_organisation_field',
|
'slug' => 'view_organisation_field',
|
||||||
'name' => 'View own organisation',
|
'name' => 'View own organisation',
|
||||||
'conditions' => "is_organisation_member(self.id,organisation.id) & in(property,['name','slug','description','members'])",
|
'conditions' => "is_organisation_member(self.id,organisation.id) && in(property,['name','slug','description','members'])",
|
||||||
'description' => 'View certain properties of own organisation.',
|
'description' => 'View certain properties of own organisation.',
|
||||||
]),
|
]),
|
||||||
|
'update_organisation_field_own' => new Permission([
|
||||||
|
'slug' => 'update_organisation_field',
|
||||||
|
'name' => 'Update own organisation',
|
||||||
|
'conditions' => "is_organisation_admin(self.id,organisation.id) && subset(fields,['name','slug','description','members'])",
|
||||||
|
'description' => 'Edit basic properties of own organisation.',
|
||||||
|
]),
|
||||||
'update_organisation_field' => new Permission([
|
'update_organisation_field' => new Permission([
|
||||||
'slug' => 'update_organisation_field',
|
'slug' => 'update_organisation_field',
|
||||||
'name' => 'Edit organisation',
|
'name' => 'Edit organisation',
|
||||||
@@ -206,6 +212,7 @@ class OrganisationPermissions extends BaseSeed
|
|||||||
$permissions['uri_organisations']->id,
|
$permissions['uri_organisations']->id,
|
||||||
$permissions['uri_organisation_own']->id,
|
$permissions['uri_organisation_own']->id,
|
||||||
$permissions['view_organisation_field_own']->id,
|
$permissions['view_organisation_field_own']->id,
|
||||||
|
$permissions['update_organisation_field_own']->id,
|
||||||
$permissions['leave_organisation']->id,
|
$permissions['leave_organisation']->id,
|
||||||
$permissions['register_organisation']->id,
|
$permissions['register_organisation']->id,
|
||||||
]);
|
]);
|
||||||
|
|||||||
@@ -24,17 +24,39 @@
|
|||||||
</button>
|
</button>
|
||||||
<ul class="dropdown-menu box-tool-menu">
|
<ul class="dropdown-menu box-tool-menu">
|
||||||
{% block tools %}
|
{% block tools %}
|
||||||
|
{% if 'edit' not in tools.hidden %}
|
||||||
<li>
|
<li>
|
||||||
<a href="#" class="js-organisation-edit" data-slug="{{organisation.slug}}">
|
<a href="#" class="js-organisation-edit" data-slug="{{organisation.slug}}">
|
||||||
<i class="fas fa-edit fa-fw"></i> {{translate('EDIT')}}
|
<i class="fas fa-edit fa-fw"></i> {{translate('EDIT')}}
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
{% if 'delete' not in tools.hidden %}
|
{% endif %}
|
||||||
|
{% if checkAccess('leave_organisation') and (isOrganisationMember(organisation)) %}
|
||||||
|
<li>
|
||||||
|
<a href="#" class="js-organisation-leave" data-slug="{{organisation.slug}}">
|
||||||
|
<i class="fas fa-door-open fa-fw"></i> {{translate('ORGANISATION.LEAVE')}}
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
{% endif %}
|
||||||
|
{% if organisation.flag_approved != 1 %}
|
||||||
|
{% if checkAccess('approve_organisation') %}
|
||||||
<li>
|
<li>
|
||||||
<a href="#" class="js-organisation-delete" data-slug="{{organisation.slug}}">
|
<a href="#" class="js-organisation-approveRegistration" data-slug="{{organisation.slug}}">
|
||||||
<i class="fas fa-trash-alt fa-fw"></i> {{translate('DELETE')}}
|
<i class="fas fa-thumbs-up fa-fw"></i> {{translate('APPROVE')}}
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
|
<li>
|
||||||
|
<a href="#" class="js-organisation-rejectRegistration" data-slug="{{organisation.slug}}">
|
||||||
|
<i class="fas fa-thumbs-down fa-fw"></i> {{translate('REJECT')}}
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
{% endif %}
|
||||||
|
{% elseif 'delete' not in tools.hidden %}
|
||||||
|
<li>
|
||||||
|
<a href="#" class="js-organisation-delete" data-slug="{{organisation.slug}}">
|
||||||
|
<i class="fas fa-trash-alt fa-fw"></i> {{translate('DELETE')}}
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
</ul>
|
</ul>
|
||||||
@@ -78,7 +100,7 @@
|
|||||||
</p>
|
</p>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% block organisation_profile %}{% endblock %}
|
{% block organisation_profile %}{% endblock %}
|
||||||
{% if checkAccess('leave_organisation') %}
|
{% if checkAccess('leave_organisation') and (isOrganisationMember(organisation)) %}
|
||||||
<hr>
|
<hr>
|
||||||
<div class="text-center">
|
<div class="text-center">
|
||||||
<button type="button" class="btn btn-danger js-organisation-leave" data-slug="{{organisation.slug}}">{{translate('ORGANISATION.LEAVE')}}</button>
|
<button type="button" class="btn btn-danger js-organisation-leave" data-slug="{{organisation.slug}}">{{translate('ORGANISATION.LEAVE')}}</button>
|
||||||
|
|||||||
Reference in New Issue
Block a user