Closed ezzra closed 5 years ago
Aha! This was working in todo v 1.x, but support for it was lost in the transition to v 2.x. Thinking about it more, it would be nice to be able to set access permissions for each of the 10 views, but it will require some careful thinking to do that in a way that doesn't require people to fork the codebase and do their own customization. But let's at least get it working again as it was in v 1.x.
Tests required.
This is fixed in 91b9a099a30274ce8bae6d705fcd0a5150159739. All views now check for the project-level TODO_STAFF_ONLY setting. If False or unset, all users can see all views (but some views still have internal checks to ensure that only staffers can add or delete lists, e.g.).
Adds tests to confirm.
sorry for issue spamming, but just setting this up :)
I wonder if setting
TODO_STAFF_ONLY = True
does have any effect, I can still add tasks and lists with a non staff user, actually I cannot find any use ofTODO_STAFF_ONLY
in the code