cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity

chg: [users:add] Update the permission limitation for org permission on /users/add

develop
Sami Mokaddem 2024-09-24 16:03:35 +02:00
parent 888661a172
commit aae584f0b7
4 changed files with 73 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Controller/Component/ACLComponent.php
View File

@ -245,7 +245,8 @@ class ACLComponent extends Component
'register' => ['*'],
'settings' => ['*'],
'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
'view' => ['*']
'view' => ['*'],
'getLimitationForOrganisation' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
],
'UserSettings' => [
'index' => ['*'],

2
src/Controller/Component/CRUDComponent.php
View File

@ -393,7 +393,7 @@ class CRUDComponent extends Component
return false;
}
private function getMetaTemplates(array $metaTemplateConditions = [])
public function getMetaTemplates(array $metaTemplateConditions = [])
{
$metaTemplates = [];
if (!$this->metaFieldsSupported()) {

18
src/Controller/UsersController.php
View File

@ -541,4 +541,22 @@ class UsersController extends AppController
}
$this->viewBuilder()->setLayout('login');
}
public function getLimitationForOrganisation($org_id) {
$currentUser = $this->ACL->getUser();
if (!$currentUser['role']['perm_community_admin']) {
$validOrgs = $this->Users->getValidOrgsForUser($currentUser);
if ($currentUser['role']['perm_group_admin']) {
if (!in_array($org_id, $validOrgs)) {
throw new MethodNotAllowedException(__('You do not have permission to assign that organisation.'));
}
}
}
$fakeUser = $this->Users->newEmptyEntity();
$fakeUser->organisation_id = $org_id; // set fakeUser's to the selected org-id
$metaTemplates = $this->CRUD->getMetaTemplates();
$fakeUser = $this->CRUD->attachMetaTemplatesIfNeeded($fakeUser, $metaTemplates->toArray());
$fakeUser = $this->fetchTable('PermissionLimitations')->attachLimitations($fakeUser);
return $this->RestResponse->viewData($fakeUser, 'json');
}
}

22
templates/Users/add.php
View File

@ -102,6 +102,12 @@ echo $this->element('genericElements/Form/genericForm', [
<script>
$(document).ready(function() {
const entity = <?= json_encode($entity) ?>;
createUIForPermission(entity)
$('#organisation_id-field').change(updateOrgPermissionCount)
updateOrgPermissionCount()
function createUIForPermission(entity) {
if (entity.MetaTemplates) {
for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) {
@ -118,6 +124,7 @@ echo $this->element('genericElements/Form/genericForm', [
}
if (metafieldInput !== null) {
const permissionWarnings = buildPermissionElement(metaTemplateField)
$(metafieldInput.parentElement).find('.permission-container').remove()
$(metafieldInput.parentElement).append(permissionWarnings)
}
}
@ -126,7 +133,8 @@ echo $this->element('genericElements/Form/genericForm', [
function buildPermissionElement(metaTemplateField) {
const warningTypes = ['danger', 'warning', 'info', ]
const $span = $('<span>').addClass('ms-2')
const $span = $('<span>')
.addClass(['permission-container', 'ms-2'])
warningTypes.forEach(warningType => {
if (metaTemplateField[warningType]) {
$theWarning = $('<span>')
@ -140,5 +148,17 @@ echo $this->element('genericElements/Form/genericForm', [
});
return $span
}
}
async function updateOrgPermissionCount() {
var org_id = $('#organisation_id-field').val()
var url = `/users/getLimitationForOrganisation/${org_id}?includeMetatemplate=1`
const response = await fetch(url, new Headers({Accept: 'application/json'}));
if (!response.ok) {
throw new Error(`Network response was not ok. \`${response.statusText}\``)
}
const entity = await response.json();
createUIForPermission(entity)
}
})
</script>