apitech
/
wekan
mirror of https://github.com/wekan/wekan
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The Open Source kanban (built with Meteor). Keep variable/table/field names camelCase. For translations, only add Pull Request changes to wekan/i18n/en.i18n.json , other translations are done at https://transifex.com/wekan/wekan only.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12932 Commits
1 Branch
851 Tags
85 MiB
 
 
 
 
 
 
Tag: Branch: Tree: v8.20
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'v8.20'
${ noResults }
wekan/server/lib/utils.js

46 lines
1.7 KiB
Raw Permalink Blame History

allowIsBoardAdmin = function(userId, board) {
return board && board.hasAdmin(userId);
};
allowIsBoardMember = function(userId, board) {
return board && board.hasMember(userId);
};
allowIsAnyBoardMember = function(userId, boards) {
return _.some(boards, board => {
return board && board.hasMember(userId);
});
};
allowIsBoardMemberCommentOnly = function(userId, board) {
return board && board.hasMember(userId) && !board.hasReadOnly(userId) && !board.hasReadAssignedOnly(userId) && !board.hasNoComments(userId);
};
allowIsBoardMemberNoComments = function(userId, board) {
return board && board.hasMember(userId) && !board.hasNoComments(userId);
};
// Check if user has write access to board (can create/edit cards and lists)
allowIsBoardMemberWithWriteAccess = function(userId, board) {
return board && board.members && board.members.some(e => e.userId === userId && e.isActive && !e.isNoComments && !e.isCommentOnly && !e.isWorker && !e.isReadOnly && !e.isReadAssignedOnly);
};
// Check if user has write access via a card's board
allowIsBoardMemberWithWriteAccessByCard = function(userId, card) {
const board = card && card.board && card.board();
return allowIsBoardMemberWithWriteAccess(userId, board);
};
allowIsBoardMemberByCard = function(userId, card) {
const board = card.board();
return board && board.hasMember(userId);
};
// Policy: can a user update a board's 'sort' field?
// Requirements:
// - user must be authenticated
// - update must include 'sort' field
// - user must be a member of the board
canUpdateBoardSort = function(userId, board, fieldNames) {
return !!userId && _.contains(fieldNames || [], 'sort') && allowIsBoardMember(userId, board);
};