chg: [users:add] Update the permission limitation for org permission on /users/add
Sami Mokaddem
parent
888661a172
commit
aae584f0b7
|
|
@ -245,7 +245,8 @@ class ACLComponent extends Component
|
||||||
'register' => ['*'],
|
'register' => ['*'],
|
||||||
'settings' => ['*'],
|
'settings' => ['*'],
|
||||||
'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
|
'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
|
||||||
'view' => ['*']
|
'view' => ['*'],
|
||||||
|
'getLimitationForOrganisation' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
|
||||||
],
|
],
|
||||||
'UserSettings' => [
|
'UserSettings' => [
|
||||||
'index' => ['*'],
|
'index' => ['*'],
|
||||||
|
|
|
||||||
|
|
@ -393,7 +393,7 @@ class CRUDComponent extends Component
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getMetaTemplates(array $metaTemplateConditions = [])
|
public function getMetaTemplates(array $metaTemplateConditions = [])
|
||||||
{
|
{
|
||||||
$metaTemplates = [];
|
$metaTemplates = [];
|
||||||
if (!$this->metaFieldsSupported()) {
|
if (!$this->metaFieldsSupported()) {
|
||||||
|
|
|
||||||
|
|
@ -541,4 +541,22 @@ class UsersController extends AppController
|
||||||
}
|
}
|
||||||
$this->viewBuilder()->setLayout('login');
|
$this->viewBuilder()->setLayout('login');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getLimitationForOrganisation($org_id) {
|
||||||
|
$currentUser = $this->ACL->getUser();
|
||||||
|
if (!$currentUser['role']['perm_community_admin']) {
|
||||||
|
$validOrgs = $this->Users->getValidOrgsForUser($currentUser);
|
||||||
|
if ($currentUser['role']['perm_group_admin']) {
|
||||||
|
if (!in_array($org_id, $validOrgs)) {
|
||||||
|
throw new MethodNotAllowedException(__('You do not have permission to assign that organisation.'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$fakeUser = $this->Users->newEmptyEntity();
|
||||||
|
$fakeUser->organisation_id = $org_id; // set fakeUser's to the selected org-id
|
||||||
|
$metaTemplates = $this->CRUD->getMetaTemplates();
|
||||||
|
$fakeUser = $this->CRUD->attachMetaTemplatesIfNeeded($fakeUser, $metaTemplates->toArray());
|
||||||
|
$fakeUser = $this->fetchTable('PermissionLimitations')->attachLimitations($fakeUser);
|
||||||
|
return $this->RestResponse->viewData($fakeUser, 'json');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -102,6 +102,12 @@ echo $this->element('genericElements/Form/genericForm', [
|
||||||
<script>
|
<script>
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
const entity = <?= json_encode($entity) ?>;
|
const entity = <?= json_encode($entity) ?>;
|
||||||
|
createUIForPermission(entity)
|
||||||
|
|
||||||
|
$('#organisation_id-field').change(updateOrgPermissionCount)
|
||||||
|
updateOrgPermissionCount()
|
||||||
|
|
||||||
|
function createUIForPermission(entity) {
|
||||||
if (entity.MetaTemplates) {
|
if (entity.MetaTemplates) {
|
||||||
for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
|
for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
|
||||||
for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) {
|
for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) {
|
||||||
|
|
@ -118,6 +124,7 @@ echo $this->element('genericElements/Form/genericForm', [
|
||||||
}
|
}
|
||||||
if (metafieldInput !== null) {
|
if (metafieldInput !== null) {
|
||||||
const permissionWarnings = buildPermissionElement(metaTemplateField)
|
const permissionWarnings = buildPermissionElement(metaTemplateField)
|
||||||
|
$(metafieldInput.parentElement).find('.permission-container').remove()
|
||||||
$(metafieldInput.parentElement).append(permissionWarnings)
|
$(metafieldInput.parentElement).append(permissionWarnings)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -126,7 +133,8 @@ echo $this->element('genericElements/Form/genericForm', [
|
||||||
|
|
||||||
function buildPermissionElement(metaTemplateField) {
|
function buildPermissionElement(metaTemplateField) {
|
||||||
const warningTypes = ['danger', 'warning', 'info', ]
|
const warningTypes = ['danger', 'warning', 'info', ]
|
||||||
const $span = $('<span>').addClass('ms-2')
|
const $span = $('<span>')
|
||||||
|
.addClass(['permission-container', 'ms-2'])
|
||||||
warningTypes.forEach(warningType => {
|
warningTypes.forEach(warningType => {
|
||||||
if (metaTemplateField[warningType]) {
|
if (metaTemplateField[warningType]) {
|
||||||
$theWarning = $('<span>')
|
$theWarning = $('<span>')
|
||||||
|
|
@ -140,5 +148,17 @@ echo $this->element('genericElements/Form/genericForm', [
|
||||||
});
|
});
|
||||||
return $span
|
return $span
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
async function updateOrgPermissionCount() {
|
||||||
|
var org_id = $('#organisation_id-field').val()
|
||||||
|
var url = `/users/getLimitationForOrganisation/${org_id}?includeMetatemplate=1`
|
||||||
|
const response = await fetch(url, new Headers({Accept: 'application/json'}));
|
||||||
|
if (!response.ok) {
|
||||||
|
throw new Error(`Network response was not ok. \`${response.statusText}\``)
|
||||||
|
}
|
||||||
|
const entity = await response.json();
|
||||||
|
createUIForPermission(entity)
|
||||||
|
}
|
||||||
})
|
})
|
||||||
</script>
|
</script>
|
||||||
Loading…
Reference in New Issue