chg: [users:add] Update the permission limitation for org permission on /users/add

pull/184/head
Sami Mokaddem 2024-09-24 16:03:35 +02:00
parent 888661a172
commit aae584f0b7
4 changed files with 73 additions and 34 deletions

View File

@ -245,7 +245,8 @@ class ACLComponent extends Component
'register' => ['*'],
'settings' => ['*'],
'toggle' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
'view' => ['*']
'view' => ['*'],
'getLimitationForOrganisation' => ['OR' => ['perm_org_admin', 'perm_community_admin']],
],
'UserSettings' => [
'index' => ['*'],

View File

@ -393,7 +393,7 @@ class CRUDComponent extends Component
return false;
}
private function getMetaTemplates(array $metaTemplateConditions = [])
public function getMetaTemplates(array $metaTemplateConditions = [])
{
$metaTemplates = [];
if (!$this->metaFieldsSupported()) {

View File

@ -541,4 +541,22 @@ class UsersController extends AppController
}
$this->viewBuilder()->setLayout('login');
}
public function getLimitationForOrganisation($org_id) {
$currentUser = $this->ACL->getUser();
if (!$currentUser['role']['perm_community_admin']) {
$validOrgs = $this->Users->getValidOrgsForUser($currentUser);
if ($currentUser['role']['perm_group_admin']) {
if (!in_array($org_id, $validOrgs)) {
throw new MethodNotAllowedException(__('You do not have permission to assign that organisation.'));
}
}
}
$fakeUser = $this->Users->newEmptyEntity();
$fakeUser->organisation_id = $org_id; // set fakeUser's to the selected org-id
$metaTemplates = $this->CRUD->getMetaTemplates();
$fakeUser = $this->CRUD->attachMetaTemplatesIfNeeded($fakeUser, $metaTemplates->toArray());
$fakeUser = $this->fetchTable('PermissionLimitations')->attachLimitations($fakeUser);
return $this->RestResponse->viewData($fakeUser, 'json');
}
}

View File

@ -102,43 +102,63 @@ echo $this->element('genericElements/Form/genericForm', [
<script>
$(document).ready(function() {
const entity = <?= json_encode($entity) ?>;
if (entity.MetaTemplates) {
for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) {
let metaFieldId = false
if (metaTemplateField.metaFields !== undefined && Object.keys(metaTemplateField.metaFields).length > 0) {
metaFieldId = Object.keys(metaTemplateField.metaFields)[0]
}
let metafieldInput
const baseQueryPath = `MetaTemplates.${metaTemplateId}.meta_template_fields.${metaTemplateFieldId}.metaFields`
if (metaFieldId) {
metafieldInput = document.getElementById(`${baseQueryPath}.${metaFieldId}.value-field`)
} else {
metafieldInput = document.getElementById(`${baseQueryPath}.new.0-field`)
}
if (metafieldInput !== null) {
const permissionWarnings = buildPermissionElement(metaTemplateField)
$(metafieldInput.parentElement).append(permissionWarnings)
createUIForPermission(entity)
$('#organisation_id-field').change(updateOrgPermissionCount)
updateOrgPermissionCount()
function createUIForPermission(entity) {
if (entity.MetaTemplates) {
for (const [metaTemplateId, metaTemplate] of Object.entries(entity.MetaTemplates)) {
for (const [metaTemplateFieldId, metaTemplateField] of Object.entries(metaTemplate.meta_template_fields)) {
let metaFieldId = false
if (metaTemplateField.metaFields !== undefined && Object.keys(metaTemplateField.metaFields).length > 0) {
metaFieldId = Object.keys(metaTemplateField.metaFields)[0]
}
let metafieldInput
const baseQueryPath = `MetaTemplates.${metaTemplateId}.meta_template_fields.${metaTemplateFieldId}.metaFields`
if (metaFieldId) {
metafieldInput = document.getElementById(`${baseQueryPath}.${metaFieldId}.value-field`)
} else {
metafieldInput = document.getElementById(`${baseQueryPath}.new.0-field`)
}
if (metafieldInput !== null) {
const permissionWarnings = buildPermissionElement(metaTemplateField)
$(metafieldInput.parentElement).find('.permission-container').remove()
$(metafieldInput.parentElement).append(permissionWarnings)
}
}
}
}
function buildPermissionElement(metaTemplateField) {
const warningTypes = ['danger', 'warning', 'info', ]
const $span = $('<span>')
.addClass(['permission-container', 'ms-2'])
warningTypes.forEach(warningType => {
if (metaTemplateField[warningType]) {
$theWarning = $('<span>')
.addClass([
`text-${warningType}`,
'ms-1',
])
.append($(metaTemplateField[warningType]))
$span.append($theWarning)
}
});
return $span
}
}
function buildPermissionElement(metaTemplateField) {
const warningTypes = ['danger', 'warning', 'info', ]
const $span = $('<span>').addClass('ms-2')
warningTypes.forEach(warningType => {
if (metaTemplateField[warningType]) {
$theWarning = $('<span>')
.addClass([
`text-${warningType}`,
'ms-1',
])
.append($(metaTemplateField[warningType]))
$span.append($theWarning)
}
});
return $span
async function updateOrgPermissionCount() {
var org_id = $('#organisation_id-field').val()
var url = `/users/getLimitationForOrganisation/${org_id}?includeMetatemplate=1`
const response = await fetch(url, new Headers({Accept: 'application/json'}));
if (!response.ok) {
throw new Error(`Network response was not ok. \`${response.statusText}\``)
}
const entity = await response.json();
createUIForPermission(entity)
}
})
</script>