changed activity access controller to allow users to view and edit ones they own

modules/opencase_entities/src/OCActivityAccessControlHandler.php

@@ -26,26 +26,17 @@ class OCActivityAccessControlHandler extends EntityAccessControlHandler {
         }
         return AccessResult::allowedIf(
             $account->hasPermission('view published case entities')  // activity permissions are inherited from case
-            || CaseInvolvement::userIsInvolved_activity($account, $entity)
+            || $entity->owner()->id() == $account->id(); 
         );
       case 'update':  // allowed only if a) they can see the case the activity is on and b) they can edit activities
-        if (!$account->hasPermission('edit activity entities')) {
+        return AccessResult::allowedIf(
-            return AccessResult::forbidden();
+            $account->hasPermission('edit activity entities')  // activity permissions are inherited from case
-        } else {
+            || $entity->owner()->id() == $account->id(); 
-            return AccessResult::allowedIf(
+        );
-              $account->hasPermission('view published case entities') 
-              || CaseInvolvement::userIsInvolved_activity($account, $entity)
-            );
-        }
       case 'delete':  // allowed only if a) they can see the case the activity is on and b) they can delete activities
-        if (!$account->hasPermission('delete activity entities')) {
+        return AccessResult::allowedIf(
-            return AccessResult::forbidden();
+          $account->hasPermission('delete case entities') 
-        } else {
+        );
-            return AccessResult::allowedIf(
-              $account->hasPermission('view published case entities') 
-              || CaseInvolvement::userIsInvolved_activity($account, $entity)
-            );
-        }
     }
 
     // Unknown operation, no opinion.