|
|
@@ -52,14 +52,11 @@ Meteor.startup(() => {
|
|
|
}
|
|
|
};
|
|
|
|
|
|
- // Helper function. Will throw an error if the user does not have read only access to the given board
|
|
|
+ // Helper function. Will throw an error if the user is not active BoardAdmin or active Normal user of the board.
|
|
|
Authentication.checkBoardAccess = function(userId, boardId) {
|
|
|
Authentication.checkLoggedIn(userId);
|
|
|
-
|
|
|
const board = ReactiveCache.getBoard(boardId);
|
|
|
- const normalAccess =
|
|
|
- board.permission === 'public' ||
|
|
|
- board.members.some(e => e.userId === userId && e.isActive);
|
|
|
+ const normalAccess = board.members.some(e => e.userId === userId && e.isActive && !e.isNoComments && !e.isCommentOnly && !e.isWorker);
|
|
|
Authentication.checkAdminOrCondition(userId, normalAccess);
|
|
|
};
|
|
|
|
Lauri Ojansivu