"view published activities" now means all of them

This commit is contained in:
naomi 2022-05-13 11:37:31 +01:00
parent bec63239f8
commit c3e6f05b21

View File

@ -25,12 +25,12 @@ class OCActivityAccessControlHandler extends EntityAccessControlHandler {
return AccessResult::allowedIfHasPermission($account, 'view unpublished activity entities'); return AccessResult::allowedIfHasPermission($account, 'view unpublished activity entities');
} }
return AccessResult::allowedIf( return AccessResult::allowedIf(
$account->hasPermission('view published case entities') // activity permissions are inherited from case $account->hasPermission('view published activity entities')
|| $entity->getOwner()->id() == $account->id() || $entity->getOwner()->id() == $account->id()
); );
case 'update': // allowed only if a) they can see the case the activity is on and b) they can edit activities case 'update': // allowed only if a) they can see the case the activity is on and b) they can edit activities
return AccessResult::allowedIf( return AccessResult::allowedIf(
$account->hasPermission('edit activity entities') // activity permissions are inherited from case $account->hasPermission('edit activity entities')
|| $entity->getOwner()->id() == $account->id() || $entity->getOwner()->id() == $account->id()
); );
case 'delete': // allowed only if a) they can see the case the activity is on and b) they can delete activities case 'delete': // allowed only if a) they can see the case the activity is on and b) they can delete activities