diff options
| author | wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf <61180606+wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf@users.noreply.github.com> | 2020-08-22 08:58:59 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-08-22 02:58:59 -0400 |
| commit | d4e35b9dc61779559fe28a7537d28bef2938a443 (patch) | |
| tree | 833e669f014fc661fec2b1842e268bcda119462f /templates/repo | |
| parent | a0484890c11a088330db0e3a0c03474ee2408b13 (diff) | |
| download | gitea-d4e35b9dc61779559fe28a7537d28bef2938a443.tar.gz gitea-d4e35b9dc61779559fe28a7537d28bef2938a443.zip | |
Hide 'New Project board' button for users that are not signed in (#12547)
* hide: 'New Project board' button
* there is no reason to show the button for users that are not signed in
* update template: specifies the condition together with another one
as per lafriks' suggestion in the comment
* chore: add proper user authorization check
* chore: also hide button if repo is archived
* chore: show project board edit/delete menu to authorized users only
* chore: drop the redundant IsSigned check
* CanWriteIssues and CanWritePulls implies (and requires) signed in user
* Add CanWriteProjects and properly assert permissions
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'templates/repo')
| -rw-r--r-- | templates/repo/projects/list.tmpl | 62 | ||||
| -rw-r--r-- | templates/repo/projects/new.tmpl | 2 | ||||
| -rw-r--r-- | templates/repo/projects/view.tmpl | 100 |
3 files changed, 80 insertions, 84 deletions
diff --git a/templates/repo/projects/list.tmpl b/templates/repo/projects/list.tmpl index f48cf400ba..6e98bd3fd0 100644 --- a/templates/repo/projects/list.tmpl +++ b/templates/repo/projects/list.tmpl @@ -4,10 +4,10 @@ <div class="ui container"> <div class="navbar"> {{template "repo/issue/navbar" .}} - {{if and (or .CanWriteIssues .CanWritePulls) (not .Repository.IsArchived)}} - <div class="ui right"> - <a class="ui green button" href="{{$.Link}}/new">{{.i18n.Tr "repo.projects.new"}}</a> - </div> + {{if and .CanWriteProjects (not .Repository.IsArchived)}} + <div class="ui right"> + <a class="ui green button" href="{{$.Link}}/new">{{.i18n.Tr "repo.projects.new"}}</a> + </div> {{end}} </div> <div class="ui divider"></div> @@ -39,35 +39,35 @@ </div> <div class="milestone list"> {{range .Projects}} - <li class="item"> - {{svg "octicon-project" 16}} <a href="{{$.RepoLink}}/projects/{{.ID}}">{{.Title}}</a> - <div class="meta"> - {{ $closedDate:= TimeSinceUnix .ClosedDateUnix $.Lang }} - {{if .IsClosed }} - {{svg "octicon-clock" 16}} {{$.i18n.Tr "repo.milestones.closed" $closedDate|Str2html}} + <li class="item"> + {{svg "octicon-project" 16}} <a href="{{$.RepoLink}}/projects/{{.ID}}">{{.Title}}</a> + <div class="meta"> + {{ $closedDate:= TimeSinceUnix .ClosedDateUnix $.Lang }} + {{if .IsClosed }} + {{svg "octicon-clock" 16}} {{$.i18n.Tr "repo.milestones.closed" $closedDate|Str2html}} + {{end}} + <span class="issue-stats"> + {{svg "octicon-issue-opened" 16}} {{$.i18n.Tr "repo.issues.open_tab" .NumOpenIssues}} + {{svg "octicon-issue-closed" 16}} {{$.i18n.Tr "repo.issues.close_tab" .NumClosedIssues}} + </span> + </div> + {{if and (or $.CanWriteIssues $.CanWritePulls) (not $.Repository.IsArchived)}} + <div class="ui right operate"> + <a href="{{$.Link}}/{{.ID}}/edit" data-id={{.ID}} data-title={{.Title}}>{{svg "octicon-pencil" 16}} {{$.i18n.Tr "repo.issues.label_edit"}}</a> + {{if .IsClosed}} + <a class="link-action" href data-url="{{$.Link}}/{{.ID}}/open">{{svg "octicon-check" 16}} {{$.i18n.Tr "repo.projects.open"}}</a> + {{else}} + <a class="link-action" href data-url="{{$.Link}}/{{.ID}}/close">{{svg "octicon-x" 16}} {{$.i18n.Tr "repo.projects.close"}}</a> + {{end}} + <a class="delete-button" href="#" data-url="{{$.RepoLink}}/projects/{{.ID}}/delete" data-id="{{.ID}}">{{svg "octicon-trashcan" 16}} {{$.i18n.Tr "repo.issues.label_delete"}}</a> + </div> {{end}} - <span class="issue-stats"> - {{svg "octicon-issue-opened" 16}} {{$.i18n.Tr "repo.issues.open_tab" .NumOpenIssues}} - {{svg "octicon-issue-closed" 16}} {{$.i18n.Tr "repo.issues.close_tab" .NumClosedIssues}} - </span> - </div> - {{if and (or $.CanWriteIssues $.CanWritePulls) (not $.Repository.IsArchived)}} - <div class="ui right operate"> - <a href="{{$.Link}}/{{.ID}}/edit" data-id={{.ID}} data-title={{.Title}}>{{svg "octicon-pencil" 16}} {{$.i18n.Tr "repo.issues.label_edit"}}</a> - {{if .IsClosed}} - <a class="link-action" href data-url="{{$.Link}}/{{.ID}}/open">{{svg "octicon-check" 16}} {{$.i18n.Tr "repo.projects.open"}}</a> - {{else}} - <a class="link-action" href data-url="{{$.Link}}/{{.ID}}/close">{{svg "octicon-x" 16}} {{$.i18n.Tr "repo.projects.close"}}</a> + {{if .Description}} + <div class="content"> + {{.RenderedContent|Str2html}} + </div> {{end}} - <a class="delete-button" href="#" data-url="{{$.RepoLink}}/projects/{{.ID}}/delete" data-id="{{.ID}}">{{svg "octicon-trashcan" 16}} {{$.i18n.Tr "repo.issues.label_delete"}}</a> - </div> - {{end}} - {{if .Description}} - <div class="content"> - {{.RenderedContent|Str2html}} - </div> - {{end}} - </li> + </li> {{end}} {{template "base/paginate" .}} diff --git a/templates/repo/projects/new.tmpl b/templates/repo/projects/new.tmpl index 2da722bf9e..aabc09c80d 100644 --- a/templates/repo/projects/new.tmpl +++ b/templates/repo/projects/new.tmpl @@ -4,7 +4,7 @@ <div class="ui container"> <div class="navbar"> {{template "repo/issue/navbar" .}} - {{if and (or .CanWriteIssues .CanWritePulls) .PageIsEditProject}} + {{if and .CanWriteProjects .PageIsEditProject}} <div class="ui right floated secondary menu"> <a class="ui green button" href="{{$.RepoLink}}/projects/new">{{.i18n.Tr "repo.milestones.new"}}</a> </div> diff --git a/templates/repo/projects/view.tmpl b/templates/repo/projects/view.tmpl index 21c6f01733..653004aa27 100644 --- a/templates/repo/projects/view.tmpl +++ b/templates/repo/projects/view.tmpl @@ -10,10 +10,9 @@ {{template "repo/issue/search" .}} </div> <div class="column right aligned"> - {{if .PageIsProjects}} - <a class="ui green button show-modal item" data-modal="#new-board-item">{{.i18n.Tr "new_project_board"}}</a> + {{if and .CanWriteProjects (not .Repository.IsArchived) .PageIsProjects}} + <a class="ui green button show-modal item" data-modal="#new-board-item">{{.i18n.Tr "new_project_board"}}</a> {{end}} - <div class="ui small modal" id="new-board-item"> <div class="header"> {{$.i18n.Tr "repo.projects.board.new"}} @@ -45,65 +44,62 @@ <div class="ui segment board-column"> <div class="board-column-header"> <div class="ui large label board-label">{{.Title}}</div> - - {{ if $.IsSigned }} - {{ if not (eq .ID 0) }} - <div class="ui dropdown jump item poping up right" data-variation="tiny inverted"> - <span class="ui text"> - <img class="ui tiny avatar image" width="24" height="24"> - <span class="fitted not-mobile" tabindex="-1">{{svg "octicon-kebab-horizontal" 24}}</span> - </span> - <div class="menu user-menu" tabindex="-1"> - <a class="item show-modal button" data-modal="#edit-project-board-modal-{{.ID}}"> - {{svg "octicon-pencil" 16}} - {{$.i18n.Tr "repo.projects.board.edit"}} - </a> - <a class="item show-modal button" data-modal="#delete-board-modal-{{.ID}}"> - {{svg "octicon-trashcan" 16}} - {{$.i18n.Tr "repo.projects.board.delete"}} - </a> - - <div class="ui small modal edit-project-board" id="edit-project-board-modal-{{.ID}}"> - <div class="header"> + {{if and $.CanWriteProjects (not $.Repository.IsArchived) $.PageIsProjects (ne .ID 0)}} + <div class="ui dropdown jump item poping up right" data-variation="tiny inverted"> + <span class="ui text"> + <img class="ui tiny avatar image" width="24" height="24"> + <span class="fitted not-mobile" tabindex="-1">{{svg "octicon-kebab-horizontal" 24}}</span> + </span> + <div class="menu user-menu" tabindex="-1"> + <a class="item show-modal button" data-modal="#edit-project-board-modal-{{.ID}}"> + {{svg "octicon-pencil" 16}} {{$.i18n.Tr "repo.projects.board.edit"}} + </a> + <a class="item show-modal button" data-modal="#delete-board-modal-{{.ID}}"> + {{svg "octicon-trashcan" 16}} + {{$.i18n.Tr "repo.projects.board.delete"}} + </a> + + <div class="ui small modal edit-project-board" id="edit-project-board-modal-{{.ID}}"> + <div class="header"> + {{$.i18n.Tr "repo.projects.board.edit"}} + </div> + <div class="content"> + <form class="ui form"> + <div class="required field"> + <label for="new_board_title">{{$.i18n.Tr "repo.projects.board.edit_title"}}</label> + <input class="project-board-title" id="new_board_title" name="title" value="{{.Title}}" required> + </div> + + <div class="text right actions"> + <div class="ui cancel button">{{$.i18n.Tr "settings.cancel"}}</div> + <button data-url="{{$.RepoLink}}/projects/{{$.Project.ID}}/{{.ID}}" class="ui red button">{{$.i18n.Tr "repo.projects.board.edit"}}</button> + </div> + </form> + </div> </div> - <div class="content"> - <form class="ui form"> - <div class="required field"> - <label for="new_board_title">{{$.i18n.Tr "repo.projects.board.edit_title"}}</label> - <input class="project-board-title" id="new_board_title" name="title" value="{{.Title}}" required> - </div> + <div class="ui basic modal" id="delete-board-modal-{{.ID}}"> + <div class="ui icon header"> + {{$.i18n.Tr "repo.projects.board.delete"}} + </div> + <div class="content center"> + <input type="hidden" name="action" value="delete"> + <div class="field"> + <label> + {{$.i18n.Tr "repo.projects.board.deletion_desc"}} + </label> + </div> + </div> + <form class="ui form" method="post"> <div class="text right actions"> <div class="ui cancel button">{{$.i18n.Tr "settings.cancel"}}</div> - <button data-url="{{$.RepoLink}}/projects/{{$.Project.ID}}/{{.ID}}" class="ui red button">{{$.i18n.Tr "repo.projects.board.edit"}}</button> + <button class="ui red button delete-project-board" data-url="{{$.RepoLink}}/projects/{{$.Project.ID}}/{{.ID}}">{{$.i18n.Tr "repo.projects.board.delete"}}</button> </div> </form> </div> </div> - - <div class="ui basic modal" id="delete-board-modal-{{.ID}}"> - <div class="ui icon header"> - {{$.i18n.Tr "repo.projects.board.delete"}} - </div> - <div class="content center"> - <input type="hidden" name="action" value="delete"> - <div class="field"> - <label> - {{$.i18n.Tr "repo.projects.board.deletion_desc"}} - </label> - </div> - </div> - <form class="ui form" method="post"> - <div class="text right actions"> - <div class="ui cancel button">{{$.i18n.Tr "settings.cancel"}}</div> - <button class="ui red button delete-project-board" data-url="{{$.RepoLink}}/projects/{{$.Project.ID}}/{{.ID}}">{{$.i18n.Tr "repo.projects.board.delete"}}</button> - </div> - </form> - </div> </div> - </div> - {{ end }} {{ end }} </div> <div class="ui divider"></div> |