You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ha...@apache.org on 2008/10/27 08:11:08 UTC
svn commit: r708098 -
/ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/ListCurrentProjects.groovy
Author: hansbak
Date: Mon Oct 27 00:11:08 2008
New Revision: 708098
URL: http://svn.apache.org/viewvc?rev=708098&view=rev
Log:
put some more security on the currentlist of projects
Modified:
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/ListCurrentProjects.groovy
Modified: ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/ListCurrentProjects.groovy
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/ListCurrentProjects.groovy?rev=708098&r1=708097&r2=708098&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/ListCurrentProjects.groovy (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/ListCurrentProjects.groovy Mon Oct 27 00:11:08 2008
@@ -29,7 +29,8 @@
if (result.projectInfo) {
if (!result.projectInfo.currentStatusId.equals("PTS_COMPLETED") && !result.projectInfo.currentStatusId.equals("PTS_CANCELLED")) {
resultAssign = delegator.findByAnd("WorkEffortPartyAssignment", ["partyId" : parameters.userLogin.partyId, "workEffortId" : project.workEffortId])
- if (resultAssign) {
+ if (security.hasEntityPermission("PROJECTMGR", "_ADMIN", session)
+ || ((security.hasEntityPermission("PROJECTMGR", "_ROLE_ADMIN", session) || security.hasEntityPermission("PROJECTMGR", "_ROLE_VIEW", session)) && resultAssign)) {
projects.add(result.projectInfo);
}
}