new: [metafield editor permission] added
- users/org admins/group admins/community admins can now only modify metafield data on any object if the permission is set for their role - Since some communities use this for ACL to secondary tools, this will allow them to restrict who can modify thempull/170/merge
parent
25e55a620b
commit
6270ae8e18
|
@ -0,0 +1,30 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
use Migrations\AbstractMigration;
|
||||
use Phinx\Db\Adapter\MysqlAdapter;
|
||||
|
||||
final class RoleMetaEditor extends AbstractMigration
|
||||
{
|
||||
public $autoId = false; // turn off automatic `id` column create. We want it to be `int(10) unsigned`
|
||||
|
||||
public function change(): void
|
||||
{
|
||||
$exists = $this->table('roles')->hasColumn('perm_meta_field_editor');
|
||||
if (!$exists) {
|
||||
$this->table('roles')
|
||||
->addColumn('perm_meta_field_editor', 'boolean', [
|
||||
'default' => 0,
|
||||
'null' => false,
|
||||
])
|
||||
->addIndex('perm_meta_field_editor')
|
||||
->update();
|
||||
}
|
||||
$builder = $this->getQueryBuilder();
|
||||
$builder
|
||||
->update('roles')
|
||||
->set('perm_meta_field_editor', true)
|
||||
->where(['perm_admin' => true])
|
||||
->execute();
|
||||
}
|
||||
}
|
|
@ -427,7 +427,9 @@ class CRUDComponent extends Component
|
|||
public function add(array $params = []): void
|
||||
{
|
||||
$data = $this->Table->newEmptyEntity();
|
||||
if ($this->metaFieldsSupported()) {
|
||||
$user = $this->Controller->ACL->getUser();
|
||||
$metaFieldsEnabled = $user['role']['perm_meta_field_editor'] && $this->metaFieldsSupported();
|
||||
if ($metaFieldsEnabled) {
|
||||
$metaTemplates = $this->getMetaTemplates();
|
||||
$data = $this->attachMetaTemplatesIfNeeded($data, $metaTemplates->toArray());
|
||||
if (isset($params['afterFind'])) {
|
||||
|
@ -452,7 +454,7 @@ class CRUDComponent extends Component
|
|||
throw new NotFoundException(__('Could not save {0} due to the marshaling failing. Your input is bad and you should feel bad.', $this->ObjectAlias));
|
||||
}
|
||||
}
|
||||
if ($this->metaFieldsSupported()) {
|
||||
if ($metaFieldsEnabled) {
|
||||
$massagedData = $this->massageMetaFields($data, $input, $metaTemplates);
|
||||
unset($input['MetaTemplates']); // Avoid MetaTemplates to be overriden when patching entity
|
||||
$data = $massagedData['entity'];
|
||||
|
@ -526,10 +528,10 @@ class CRUDComponent extends Component
|
|||
if (!empty($errors)) {
|
||||
if (count($errors) == 1) {
|
||||
$field = array_keys($errors)[0];
|
||||
$fieldError = json_encode($errors[$field]);
|
||||
$fieldError = implode(', ', array_values($errors[$field]));
|
||||
$validationMessage = __('{0}: {1}', $field, $fieldError);
|
||||
} else {
|
||||
$validationMessage = __('There has been validation issues with multiple fields: {0}', json_encode($errors));
|
||||
$validationMessage = __('There has been validation issues with multiple fields');
|
||||
}
|
||||
}
|
||||
return $validationMessage;
|
||||
|
@ -692,7 +694,9 @@ class CRUDComponent extends Component
|
|||
$params['contain'][] = 'Tags';
|
||||
$this->setAllTags();
|
||||
}
|
||||
if ($this->metaFieldsSupported()) {
|
||||
$user = $this->Controller->ACL->getUser();
|
||||
$metaFieldsEnabled = $user['role']['perm_meta_field_editor'] && $this->metaFieldsSupported();
|
||||
if ($metaFieldsEnabled) {
|
||||
if (empty($params['contain'])) {
|
||||
$params['contain'] = [];
|
||||
}
|
||||
|
@ -710,7 +714,7 @@ class CRUDComponent extends Component
|
|||
$query->where($params['conditions']);
|
||||
}
|
||||
$data = $query->first();
|
||||
if ($this->metaFieldsSupported()) {
|
||||
if ($metaFieldsEnabled) {
|
||||
$metaTemplates = $this->getMetaTemplates();
|
||||
$data = $this->attachMetaTemplatesIfNeeded($data, $metaTemplates->toArray());
|
||||
}
|
||||
|
@ -734,7 +738,7 @@ class CRUDComponent extends Component
|
|||
throw new NotFoundException(__('Could not save {0} due to the marshaling failing. Your input is bad and you should feel bad.', $this->ObjectAlias));
|
||||
}
|
||||
}
|
||||
if ($this->metaFieldsSupported()) {
|
||||
if ($metaFieldsEnabled) {
|
||||
$massagedData = $this->massageMetaFields($data, $input, $metaTemplates);
|
||||
unset($input['MetaTemplates']); // Avoid MetaTemplates to be overriden when patching entity
|
||||
$data = $massagedData['entity'];
|
||||
|
@ -749,7 +753,7 @@ class CRUDComponent extends Component
|
|||
}
|
||||
$savedData = $this->Table->save($data);
|
||||
if ($savedData !== false) {
|
||||
if ($this->metaFieldsSupported() && !empty($metaFieldsToDelete)) {
|
||||
if ($metaFieldsEnabled && !empty($metaFieldsToDelete)) {
|
||||
foreach ($metaFieldsToDelete as $k => $v) {
|
||||
if ($v === null) {
|
||||
unset($metaFieldsToDelete[$k]);
|
||||
|
|
|
@ -32,6 +32,11 @@
|
|||
'type' => 'checkbox',
|
||||
'label' => 'Sync permission'
|
||||
],
|
||||
[
|
||||
'field' => 'perm_meta_field_editor',
|
||||
'type' => 'checkbox',
|
||||
'label' => 'Meta field modification privilege'
|
||||
],
|
||||
[
|
||||
'field' => 'is_default',
|
||||
'type' => 'checkbox',
|
||||
|
|
|
@ -74,6 +74,12 @@ echo $this->element('genericElements/IndexTable/index_table', [
|
|||
'data_path' => 'perm_sync',
|
||||
'element' => 'boolean'
|
||||
],
|
||||
[
|
||||
'name' => __('Meta field Editor'),
|
||||
'sort' => 'perm_meta_field_editor',
|
||||
'data_path' => 'perm_meta_field_editor',
|
||||
'element' => 'boolean'
|
||||
],
|
||||
[
|
||||
'name' => 'Default',
|
||||
'sort' => 'is_default',
|
||||
|
|
Loading…
Reference in New Issue