makeplane · sharma01ketan · Oct 8, 2024 · Oct 11, 2024 · Oct 11, 2024 · Oct 23, 2024
diff --git a/apiserver/plane/app/views/project/base.py b/apiserver/plane/app/views/project/base.py
@@ -369,20 +369,9 @@ def create(self, request, slug):
                 status=status.HTTP_410_GONE,
             )
 
+    @allow_permission([ROLE.ADMIN])
     def partial_update(self, request, slug, pk=None):
         try:
-            if not ProjectMember.objects.filter(
-                member=request.user,
-                workspace__slug=slug,
-                project_id=pk,
-                role=20,
-                is_active=True,
-            ).exists():
-                return Response(
-                    {"error": "You don't have the required permissions."},
-                    status=status.HTTP_403_FORBIDDEN,
-                )
-
             workspace = Workspace.objects.get(slug=slug)
             intake_view = request.data.get(
                 "inbox_view", request.data.get("intake_view", False)

diff --git a/...orkspaceSlug]/(projects)/projects/(detail)/[projectId]/views/(detail)/[viewId]/header.tsx b/...orkspaceSlug]/(projects)/projects/(detail)/[projectId]/views/(detail)/[viewId]/header.tsx
@@ -34,6 +34,7 @@ import {
   useProject,
   useProjectState,
   useProjectView,
+  useUser,
   useUserPermissions,
 } from "@/hooks/store";
 import { EUserPermissions, EUserPermissionsLevel } from "@/plane-web/constants/user-permissions";
@@ -48,6 +49,7 @@ export const ProjectViewIssuesHeader: React.FC = observer(() => {
   const { setTrackElement } = useEventTracker();
   const { toggleCreateIssueModal } = useCommandPalette();
   const { allowPermissions } = useUserPermissions();
+  const { data : currentUser } = useUser();
 
   const { currentProjectDetails, loader } = useProject();
   const { projectViewIds, getViewById } = useProjectView();
@@ -134,6 +136,8 @@ export const ProjectViewIssuesHeader: React.FC = observer(() => {
     [EUserPermissions.ADMIN, EUserPermissions.MEMBER],
     EUserPermissionsLevel.PROJECT
   );
+  // guests can use filters in their own views
+  const canUserUseFilters = canUserCreateIssue || currentUser?.id===viewDetails?.created_by
   const publishLink = getPublishViewLink(viewDetails?.anchor);
 
   return (
@@ -251,7 +255,7 @@ export const ProjectViewIssuesHeader: React.FC = observer(() => {
             <FiltersDropdown
               title="Filters"
               placement="bottom-end"
-              disabled={!canUserCreateIssue}
+              disabled={!canUserUseFilters}
               isFiltersApplied={isIssueFilterActive(issueFilters)}
             >
               <FilterSelection

diff --git a/web/helpers/string.helper.ts b/web/helpers/string.helper.ts
@@ -269,7 +269,6 @@ export const isCommentEmpty = (comment: string | undefined): boolean => {
  */
 export const checkURLValidity = (url: string): boolean => {
   if (!url) return false;
-
   // regex to support complex query parameters and fragments
   const urlPattern =
     /^(https?:\/\/)?((([a-z\d-]+\.)*[a-z\d-]+\.[a-z]{2,6})|(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}))(:\d+)?(\/[\w.-]*)*(\?[^#\s]*)?(#[\w-]*)?$/i;