ESCL / pjtracker

Project Tracker system
http://pjtracker.com
0 stars 0 forks source link

Redesign subresource permissions #117

Open kako-nawao opened 8 years ago

kako-nawao commented 8 years ago

Right now the permissions usage in subresource views is weird, and for actions a user that can issue can also review an item. In the case of TimeSheetActionView it's not obvious because after checking the permissions we also check that the user is a team supervisor before we allow a review, but in the case of ResourceProjectAssignmentView there's no such check.

We need to redesign that to manage this better. In the meantime, I will add the same hacky check that we have in timesheets for assignments.