chg: [decaying] Improved ACL integration for the UI

2019-08-20 10:06:15 +02:00 · 2019-08-20 10:06:15 +02:00 · 0866077fc6
parent 3979c29b61
commit 0866077fc6
5 changed files with 31 additions and 6 deletions
--- a/app/Controller/DecayingModelController.php
+++ b/app/Controller/DecayingModelController.php
@ -172,7 +172,7 @@ class DecayingModelController extends AppController
        $this->set('mayModify', true);
        $restrictedEdition = $this->DecayingModel->isDefaultModel($decayingModel);
        if (!$this->_isSiteAdmin() && $decayingModel['DecayingModel']['org_id'] != $this->Auth->user('Organisation')['id']) {
-            throw new MethodNotAllowedException(__("The model does not belong to your organisation"));
+            throw new UnauthorizedException(__("The model does not belong to your organisation"));
        }

        if ($this->request->is('post') || $this->request->is('put')) {
--- a/app/Model/DecayingModel.php
+++ b/app/Model/DecayingModel.php
@ -169,6 +169,11 @@ class DecayingModel extends AppModel
        return !is_null($decaying_model['DecayingModel']['uuid']);
    }

+    public function isEditableByCurrentUser($user, $decaying_model)
+    {
+        return !$this->isDefaultModel($decaying_model) && $decaying_model['DecayingModel']['org_id'] == $user['org_id'];
+    }
+
    public function fetchAllAllowedModels($user, $full=true, $filters=array())
    {
        $conditions = array();
@ -194,6 +199,7 @@ class DecayingModel extends AppModel
                $decayingModels[$i]['DecayingModel']['attribute_types'] = $decayingModels[$i]['DecayingModel']['attribute_types'] + Hash::extract($decayingModels[$i]['DecayingModelMapping'], '{n}.attribute_type');
                unset($decayingModels[$i]['DecayingModelMapping']);
            }
+            $decayingModels[$i]['DecayingModel']['isEditable'] = $this->isEditableByCurrentUser($user, $decayingModels[$i]);
        }

        return $decayingModels;
--- a/app/View/DecayingModel/decaying_tool.ctp
+++ b/app/View/DecayingModel/decaying_tool.ctp
@ -171,6 +171,7 @@
 ?>

 <script>
+var logged_user_org_id = <?php echo h($me['org_id']); ?>;
 $(document).ready(function() {
    $('.json-transform').each(function(i) {
        var text = $(this).text().trim();
--- a/app/View/DecayingModel/index.ctp
+++ b/app/View/DecayingModel/index.ctp
@ -18,10 +18,25 @@
    </div>

 <?php
+    $temp = $passedArgsArray;
+    unset($temp['sort']);
+    unset($temp['direction']);
+    $filter_active = count(array_keys($temp)) > 0;
    $data = array(
        'children' => array(
            array(
                'children' => array(
+                    array(
+                        'title' => __('All Models'),
+                        'text' => __('All Models'),
+                        'url' => sprintf('%s/%s%s',
+                            $baseurl . '/decayingModel/index',
+                            isset($passedArgsArray['sort']) ? 'sort:' . $passedArgsArray['sort'] . '/' : '',
+                            isset($passedArgsArray['direction']) ? 'direction:' . $passedArgsArray['direction'] . '/' : ''
+                        ),
+                        'class' => 'searchFilterButton',
+                        'active' => !$filter_active
+                    ),
                    array(
                        'title' => __('My models only'),
                        'text' => __('My Models'),
--- a/app/webroot/js/decayingTool.js
+++ b/app/webroot/js/decayingTool.js
@ -123,6 +123,7 @@
            /* CANVAS */
            _init: function() {
                var that = this;
+                this.user_org_id = logged_user_org_id;
                this.resetMultiplier();
                this.width = $(this.container).width() - this.options.margin.left - this.options.margin.right;
                this.height = 380 - this.options.margin.top - this.options.margin.bottom;
@ -653,7 +654,7 @@
                var btn_content_html;
                var selected_model = d3.select($checkbox.closest('tr')[0]).data()[0];
                if ($checkbox.length > 0) {
-                    if (selected_model.DecayingModel.isDefault) {
+                    if (!selected_model.DecayingModel.isEditable) {
                        save_button.data('isedit', 0).data('modelid', 0);
                        btn_content_html = '<i class="fa fa-plus"> ' + save_button.data('savetext');
                    } else {
@ -979,10 +980,12 @@ ModelTable.prototype = {
    _gen_td_buttons: function(model) {
        var html_button = '<div style="width: max-content">';
        html_button += '<button class="btn btn-info btn-small decayingLoadBtn" onclick="decayingTool.loadModel(this);"><span class="fa fa-line-chart"> Load model</span></button>';
-        if (model.DecayingModel.enabled) {
-            html_button += '<button class="btn btn-danger btn-small" style="margin-left: 3px;" onclick="decayingTool.disableModel(this, ' + model.DecayingModel.id + ');" title="Disable model"><span class="fa fa-pause"></span></button>'
-        } else {
-            html_button += '<button class="btn btn-success btn-small" style="margin-left: 3px;" onclick="decayingTool.enableModel(this, ' + model.DecayingModel.id + ');" title="Enable model"><span class="fa fa-play"></span></button>'
+        if (model.DecayingModel.isEditable) {
+            if (model.DecayingModel.enabled) {
+                html_button += '<button class="btn btn-danger btn-small" style="margin-left: 3px;" onclick="decayingTool.disableModel(this, ' + model.DecayingModel.id + ');" title="Disable model"><span class="fa fa-pause"></span></button>'
+            } else {
+                html_button += '<button class="btn btn-success btn-small" style="margin-left: 3px;" onclick="decayingTool.enableModel(this, ' + model.DecayingModel.id + ');" title="Enable model"><span class="fa fa-play"></span></button>'
+            }
        }
        html_button += '</div>';
        return html_button;