* Allow authorised users to create projects.
This commit is contained in:
parent
c75977ce5a
commit
8f6f6ee53e
|
@ -66,10 +66,20 @@ sub delete : Chained('project') PathPart Args(0) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
sub requireMayCreateProjects {
|
||||||
|
my ($c) = @_;
|
||||||
|
|
||||||
|
requireLogin($c) if !$c->user_exists;
|
||||||
|
|
||||||
|
error($c, "Only administrators or authorised users can perform this operation.")
|
||||||
|
unless $c->check_user_roles('admin') || $c->check_user_roles('create-projects');
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
sub create : Path('/create-project') {
|
sub create : Path('/create-project') {
|
||||||
my ($self, $c) = @_;
|
my ($self, $c) = @_;
|
||||||
|
|
||||||
requireAdmin($c);
|
requireMayCreateProjects($c);
|
||||||
|
|
||||||
$c->stash->{template} = 'project.tt';
|
$c->stash->{template} = 'project.tt';
|
||||||
$c->stash->{create} = 1;
|
$c->stash->{create} = 1;
|
||||||
|
@ -80,7 +90,7 @@ sub create : Path('/create-project') {
|
||||||
sub create_submit : Path('/create-project/submit') {
|
sub create_submit : Path('/create-project/submit') {
|
||||||
my ($self, $c) = @_;
|
my ($self, $c) = @_;
|
||||||
|
|
||||||
requireAdmin($c);
|
requireMayCreateProjects($c);
|
||||||
|
|
||||||
my $projectName = trim $c->request->params->{name};
|
my $projectName = trim $c->request->params->{name};
|
||||||
|
|
||||||
|
@ -88,8 +98,10 @@ sub create_submit : Path('/create-project/submit') {
|
||||||
# Note: $projectName is validated in updateProject,
|
# Note: $projectName is validated in updateProject,
|
||||||
# which will abort the transaction if the name isn't
|
# which will abort the transaction if the name isn't
|
||||||
# valid. Idem for the owner.
|
# valid. Idem for the owner.
|
||||||
|
my $owner = $c->check_user_roles('admin')
|
||||||
|
? trim $c->request->params->{owner} : $c->user->username;
|
||||||
my $project = $c->model('DB::Projects')->create(
|
my $project = $c->model('DB::Projects')->create(
|
||||||
{name => $projectName, displayname => "", owner => trim $c->request->params->{owner}});
|
{name => $projectName, displayname => "", owner => $owner});
|
||||||
updateProject($c, $project);
|
updateProject($c, $project);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -179,7 +179,7 @@
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<th>Owner:</th>
|
<th>Owner:</th>
|
||||||
<td><tt>[% INCLUDE maybeEditString param="owner" value=project.owner.username edit=(edit && c.check_user_roles('admin')) %]</tt></td>
|
<td><tt>[% INCLUDE maybeEditString param="owner" value=(project.owner.username || c.user.username) edit=(edit && c.check_user_roles('admin')) %]</tt></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<th>Enabled:</th>
|
<th>Enabled:</th>
|
||||||
|
|
Loading…
Reference in a new issue