Prevent isCommentOnly user adding attachments, editing list names, moving lists,

and seeing board settings menu. Show non-editable Custom Fields to isCommentOnly user.

Thanks to xet7 !

Closes wekan/wekan-snap#97,
closes #2416,
closes #2255

client/components/cards/attachments.jade

@@ -37,17 +37,19 @@ template(name="attachmentsGalery")
               i.fa.fa-download
               | {{_ 'download'}}
             if currentUser.isBoardMember
-              if isImage
-                a(class="{{#if $eq ../coverId _id}}js-remove-cover{{else}}js-add-cover{{/if}}")
-                  i.fa.fa-thumb-tack
-                  if($eq ../coverId _id)
-                    | {{_ 'remove-cover'}}
-                  else
-                    | {{_ 'add-cover'}}
-              a.js-confirm-delete
-                i.fa.fa-close
-                | {{_ 'delete'}}
+              unless currentUser.isCommentOnly
+                if isImage
+                  a(class="{{#if $eq ../coverId _id}}js-remove-cover{{else}}js-add-cover{{/if}}")
+                    i.fa.fa-thumb-tack
+                    if($eq ../coverId _id)
+                      | {{_ 'remove-cover'}}
+                    else
+                      | {{_ 'add-cover'}}
+                a.js-confirm-delete
+                  i.fa.fa-close
+                  | {{_ 'delete'}}
 
     if currentUser.isBoardMember
-      li.attachment-item.add-attachment
-        a.js-add-attachment {{_ 'add-attachment' }}
+      unless currentUser.isCommentOnly
+        li.attachment-item.add-attachment
+          a.js-add-attachment {{_ 'add-attachment' }}

client/components/cards/cardCustomFields.jade

@@ -31,6 +31,10 @@ template(name="cardCustomField-text")
                         = value
                 else
                     | {{_ 'edit'}}
+    else
+      +viewer
+        = value
+
 
 template(name="cardCustomField-number")
     if canModifyCard
@@ -45,6 +49,9 @@ template(name="cardCustomField-number")
                     = value
                 else
                     | {{_ 'edit'}}
+    else
+        if value
+            = value
 
 template(name="cardCustomField-date")
     if canModifyCard
@@ -55,6 +62,11 @@ template(name="cardCustomField-date")
                         | {{showDate}}
             else
                 | {{_ 'edit'}}
+    else
+        if value
+            div.card-date
+                time(datetime="{{showISODate}}")
+                    | {{showDate}}
 
 template(name="cardCustomField-dropdown")
     if canModifyCard
@@ -79,3 +91,7 @@ template(name="cardCustomField-dropdown")
                         = selectedItem
                 else
                     | {{_ 'edit'}}
+    else
+        if value
+            +viewer
+                = selectedItem

client/components/lists/listHeader.jade

@@ -9,7 +9,7 @@ template(name="listHeader")
         if currentList
           a.list-header-left-icon.fa.fa-angle-left.js-unselect-list
       h2.list-header-name(
-        class="{{#if currentUser.isBoardMember}}js-open-inlined-form is-editable{{/if}}")
+        class="{{#if currentUser.isBoardMember}}{{#unless currentUser.isCommentOnly}}js-open-inlined-form is-editable{{/unless}}{{/if}}")
         +viewer
           = title
         if wipLimit.enabled

client/components/sidebar/sidebar.jade

@@ -34,8 +34,9 @@ template(name="membersWidget")
     h3
       i.fa.fa-user
       | {{_ 'members'}}
-      a.board-header-btn.js-open-board-menu(title="{{_ 'boardMenuPopup-title'}}").right
-        i.board-header-btn-icon.fa.fa-cog
+      unless currentUser.isCommentOnly
+        a.board-header-btn.js-open-board-menu(title="{{_ 'boardMenuPopup-title'}}").right
+          i.board-header-btn-icon.fa.fa-cog
 
     .board-widget-content
       each currentBoard.activeMembers

client/components/swimlanes/swimlanes.jade

@@ -9,14 +9,16 @@ template(name="swimlane")
         each lists
           +miniList(this)
         if currentUser.isBoardMember
-          +addListForm
+          unless currentUser.isCommentOnly
+            +addListForm
     else
       each lists
         +list(this)
         if currentCardIsInThisList _id ../_id
           +cardDetails(currentCard)
       if currentUser.isBoardMember
-        +addListForm
+        unless currentUser.isCommentOnly
+          +addListForm
 
 template(name="listsGroup")
   .swimlane.list-group.js-lists
@@ -27,14 +29,16 @@ template(name="listsGroup")
         each lists
           +miniList(this)
         if currentUser.isBoardMember
-          +addListForm
+          unless currentUser.isCommentOnly
+            +addListForm
     else
       each lists
         +list(this)
         if currentCardIsInThisList _id null
           +cardDetails(currentCard)
       if currentUser.isBoardMember
-        +addListForm
+        unless currentUser.isCommentOnly
+          +addListForm
 
 template(name="addListForm")
   .list.list-composer.js-list-composer