|
@@ 237-239 (lines=3) @@
|
| 234 |
|
return $errorResponse; |
| 235 |
|
} |
| 236 |
|
// reject permissions are the same as can approve |
| 237 |
|
if (!$this->project->allowed(self::ALLOW_APPROVAL, Member::currentUser())) { |
| 238 |
|
return $this->getAPIResponse(['message' => 'You are not authorised to reject this deployment'], 403); |
| 239 |
|
} |
| 240 |
|
|
| 241 |
|
// if the current user is not the person who was selected for approval on submit, but they got |
| 242 |
|
// here because they still have permission, then change the approver to the current user |
|
@@ 171-176 (lines=6) @@
|
| 168 |
|
// check for specific permission depending on the current state of the deployment: |
| 169 |
|
// submitted => approved requires approval permissions |
| 170 |
|
// new => approved requires bypass permissions. |
| 171 |
|
if ( |
| 172 |
|
$deployment->State === DNDeployment::STATE_SUBMITTED |
| 173 |
|
&& !$this->project->allowed(self::ALLOW_APPROVAL, Member::currentUser()) |
| 174 |
|
) { |
| 175 |
|
return $this->getAPIResponse(['message' => 'You are not authorised to approve this deployment'], 403); |
| 176 |
|
} |
| 177 |
|
if ( |
| 178 |
|
$deployment->State === DNDeployment::STATE_NEW |
| 179 |
|
&& !$this->project->allowed(self::ALLOW_APPROVAL_BYPASS, Member::currentUser()) |
|
@@ 177-182 (lines=6) @@
|
| 174 |
|
) { |
| 175 |
|
return $this->getAPIResponse(['message' => 'You are not authorised to approve this deployment'], 403); |
| 176 |
|
} |
| 177 |
|
if ( |
| 178 |
|
$deployment->State === DNDeployment::STATE_NEW |
| 179 |
|
&& !$this->project->allowed(self::ALLOW_APPROVAL_BYPASS, Member::currentUser()) |
| 180 |
|
) { |
| 181 |
|
return $this->getAPIResponse(['message' => 'You are not authorised to bypass approval of this deployment'], 403); |
| 182 |
|
} |
| 183 |
|
|
| 184 |
|
if ($deployment->State === DNDeployment::STATE_NEW) { |
| 185 |
|
// Bypassing approval: Ensure that approver is not set. This may happen when someone has requested approval, |
silverstripe /
deploynaut
