chg: [users:add] Update the permission limitation for org permission on /users/add

pull/184/head
Sami Mokaddem 2024-09-24 16:03:35 +02:00
parent 888661a172
commit aae584f0b7
4 changed files with 73 additions and 34 deletions

View File

@ -245,7 +245,8 @@ class ACLComponent extends Component
'register' => ['*'], 'register' => ['*'],
'settings' => ['*'], 'settings' => ['*'],
'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']], 'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
'view' => ['*'] 'view' => ['*'],
'getLimitationForOrganisation' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
], ],
'UserSettings' => [ 'UserSettings' => [
'index' => ['*'], 'index' => ['*'],

View File

@ -393,7 +393,7 @@ class CRUDComponent extends Component
return false; return false;
} }
private function getMetaTemplates(array $metaTemplateConditions = []) public function getMetaTemplates(array $metaTemplateConditions = [])
{ {
$metaTemplates = []; $metaTemplates = [];
if (!$this->metaFieldsSupported()) { if (!$this->metaFieldsSupported()) {

View File

@ -541,4 +541,22 @@ class UsersController extends AppController
} }
$this->viewBuilder()->setLayout('login'); $this->viewBuilder()->setLayout('login');
} }
public function getLimitationForOrganisation($org_id) {
$currentUser = $this->ACL->getUser();
if (!$currentUser['role']['perm_community_admin']) {
$validOrgs = $this->Users->getValidOrgsForUser($currentUser);
if ($currentUser['role']['perm_group_admin']) {
if (!in_array($org_id, $validOrgs)) {
throw new MethodNotAllowedException(__('You do not have permission to assign that organisation.'));
}
}
}
$fakeUser = $this->Users->newEmptyEntity();
$fakeUser->organisation_id = $org_id; // set fakeUser's to the selected org-id
$metaTemplates = $this->CRUD->getMetaTemplates();
$fakeUser = $this->CRUD->attachMetaTemplatesIfNeeded($fakeUser, $metaTemplates->toArray());
$fakeUser = $this->fetchTable('PermissionLimitations')->attachLimitations($fakeUser);
return $this->RestResponse->viewData($fakeUser, 'json');
}
} }

View File

@ -102,6 +102,12 @@ echo $this->element('genericElements/Form/genericForm', [
<script> <script>
$(document).ready(function() { $(document).ready(function() {
const entity = <?= json_encode($entity) ?>; const entity = <?= json_encode($entity) ?>;
createUIForPermission(entity)
$('#organisation_id-field').change(updateOrgPermissionCount)
updateOrgPermissionCount()
function createUIForPermission(entity) {
if (entity.MetaTemplates) { if (entity.MetaTemplates) {
for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) { for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) { for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) {
@ -118,6 +124,7 @@ echo $this->element('genericElements/Form/genericForm', [
} }
if (metafieldInput !== null) { if (metafieldInput !== null) {
const permissionWarnings = buildPermissionElement(metaTemplateField) const permissionWarnings = buildPermissionElement(metaTemplateField)
$(metafieldInput.parentElement).find('.permission-container').remove()
$(metafieldInput.parentElement).append(permissionWarnings) $(metafieldInput.parentElement).append(permissionWarnings)
} }
} }
@ -126,7 +133,8 @@ echo $this->element('genericElements/Form/genericForm', [
function buildPermissionElement(metaTemplateField) { function buildPermissionElement(metaTemplateField) {
const warningTypes = ['danger', 'warning', 'info', ] const warningTypes = ['danger', 'warning', 'info', ]
const $span = $('<span>').addClass('ms-2') const $span = $('<span>')
.addClass(['permission-container', 'ms-2'])
warningTypes.forEach(warningType => { warningTypes.forEach(warningType => {
if (metaTemplateField[warningType]) { if (metaTemplateField[warningType]) {
$theWarning = $('<span>') $theWarning = $('<span>')
@ -140,5 +148,17 @@ echo $this->element('genericElements/Form/genericForm', [
}); });
return $span return $span
} }
}
async function updateOrgPermissionCount() {
var org_id = $('#organisation_id-field').val()
var url = `/users/getLimitationForOrganisation/${org_id}?includeMetatemplate=1`
const response = await fetch(url, new Headers({Accept: 'application/json'}));
if (!response.ok) {
throw new Error(`Network response was not ok. \`${response.statusText}\``)
}
const entity = await response.json();
createUIForPermission(entity)
}
}) })
</script> </script>