cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity

chg: [users:add] Update the permission limitation for org permission on /users/add

develop
Sami Mokaddem 2024-09-24 16:03:35 +02:00
parent 888661a172
commit aae584f0b7
4 changed files with 73 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Controller/Component/ACLComponent.php
View File

@ -245,7 +245,8 @@ class ACLComponent extends Component
'register' => ['*'], 'register' => ['*'],
'settings' => ['*'], 'settings' => ['*'],
'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']], 'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
'view' => ['*'] 'view' => ['*'],
'getLimitationForOrganisation' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
], ],
'UserSettings' => [ 'UserSettings' => [
'index' => ['*'], 'index' => ['*'],

2
src/Controller/Component/CRUDComponent.php
View File

@ -393,7 +393,7 @@ class CRUDComponent extends Component
return false; return false;
} }
private function getMetaTemplates(array $metaTemplateConditions = []) public function getMetaTemplates(array $metaTemplateConditions = [])
{ {
$metaTemplates = []; $metaTemplates = [];
if (!$this->metaFieldsSupported()) { if (!$this->metaFieldsSupported()) {

18
src/Controller/UsersController.php
View File

@ -541,4 +541,22 @@ class UsersController extends AppController
} }
$this->viewBuilder()->setLayout('login'); $this->viewBuilder()->setLayout('login');
} }
public function getLimitationForOrganisation($org_id) {
$currentUser = $this->ACL->getUser();
if (!$currentUser['role']['perm_community_admin']) {
$validOrgs = $this->Users->getValidOrgsForUser($currentUser);
if ($currentUser['role']['perm_group_admin']) {
if (!in_array($org_id, $validOrgs)) {
throw new MethodNotAllowedException(__('You do not have permission to assign that organisation.'));
}
}
}
$fakeUser = $this->Users->newEmptyEntity();
$fakeUser->organisation_id = $org_id; // set fakeUser's to the selected org-id
$metaTemplates = $this->CRUD->getMetaTemplates();
$fakeUser = $this->CRUD->attachMetaTemplatesIfNeeded($fakeUser, $metaTemplates->toArray());
$fakeUser = $this->fetchTable('PermissionLimitations')->attachLimitations($fakeUser);
return $this->RestResponse->viewData($fakeUser, 'json');
}
} }

84
templates/Users/add.php
View File

@ -102,43 +102,63 @@ echo $this->element('genericElements/Form/genericForm', [
<script> <script>
$(document).ready(function() { $(document).ready(function() {
const entity = <?= json_encode($entity) ?>; const entity = <?= json_encode($entity) ?>;
if (entity.MetaTemplates) { createUIForPermission(entity)
for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) { $('#organisation_id-field').change(updateOrgPermissionCount)
let metaFieldId = false updateOrgPermissionCount()
if (metaTemplateField.metaFields !== undefined && Object.keys(metaTemplateField.metaFields).length > 0) {
metaFieldId = Object.keys(metaTemplateField.metaFields)[0] function createUIForPermission(entity) {
} if (entity.MetaTemplates) {
let metafieldInput for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
const baseQueryPath = `MetaTemplates.${metaTemplateId}.meta_template_fields.${metaTemplateFieldId}.metaFields` for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) {
if (metaFieldId) { let metaFieldId = false
metafieldInput = document.getElementById(`${baseQueryPath}.${metaFieldId}.value-field`) if (metaTemplateField.metaFields !== undefined && Object.keys(metaTemplateField.metaFields).length > 0) {
} else { metaFieldId = Object.keys(metaTemplateField.metaFields)[0]
metafieldInput = document.getElementById(`${baseQueryPath}.new.0-field`) }
} let metafieldInput
if (metafieldInput !== null) { const baseQueryPath = `MetaTemplates.${metaTemplateId}.meta_template_fields.${metaTemplateFieldId}.metaFields`
const permissionWarnings = buildPermissionElement(metaTemplateField) if (metaFieldId) {
$(metafieldInput.parentElement).append(permissionWarnings) metafieldInput = document.getElementById(`${baseQueryPath}.${metaFieldId}.value-field`)
} else {
metafieldInput = document.getElementById(`${baseQueryPath}.new.0-field`)
}
if (metafieldInput !== null) {
const permissionWarnings = buildPermissionElement(metaTemplateField)
$(metafieldInput.parentElement).find('.permission-container').remove()
$(metafieldInput.parentElement).append(permissionWarnings)
}
} }
} }
} }
function buildPermissionElement(metaTemplateField) {
const warningTypes = ['danger', 'warning', 'info', ]
const $span = $('<span>')
.addClass(['permission-container', 'ms-2'])
warningTypes.forEach(warningType => {
if (metaTemplateField[warningType]) {
$theWarning = $('<span>')
.addClass([
`text-${warningType}`,
'ms-1',
])
.append($(metaTemplateField[warningType]))
$span.append($theWarning)
}
});
return $span
}
} }
function buildPermissionElement(metaTemplateField) { async function updateOrgPermissionCount() {
const warningTypes = ['danger', 'warning', 'info', ] var org_id = $('#organisation_id-field').val()
const $span = $('<span>').addClass('ms-2') var url = `/users/getLimitationForOrganisation/${org_id}?includeMetatemplate=1`
warningTypes.forEach(warningType => { const response = await fetch(url, new Headers({Accept: 'application/json'}));
if (metaTemplateField[warningType]) { if (!response.ok) {
$theWarning = $('<span>') throw new Error(`Network response was not ok. \`${response.statusText}\``)
.addClass([ }
`text-${warningType}`, const entity = await response.json();
'ms-1', createUIForPermission(entity)
])
.append($(metaTemplateField[warningType]))
$span.append($theWarning)
}
});
return $span
} }
}) })
</script> </script>