From 5e06557cf0fa0fd0d246173441789b266b598802 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20B=C3=B6hmer?= Date: Sun, 6 Nov 2022 21:29:03 +0100 Subject: [PATCH] Removed field permissions from Part edit page --- src/Form/CollectionTypeExtension.php | 2 +- src/Form/Part/OrderdetailType.php | 8 ++-- src/Form/Part/PartBaseType.php | 37 +++++-------------- src/Form/WorkaroundCollectionType.php | 23 ------------ src/Security/Voter/PartVoter.php | 14 ------- templates/Parts/edit/_lots.html.twig | 2 +- templates/Parts/edit/_orderdetails.html.twig | 4 +- .../Parts/edit/_specifications.html.twig | 2 +- .../Parts/edit/edit_form_styles.html.twig | 12 +++--- .../Parts/info/_extended_infos.html.twig | 4 +- .../components/attachments.macro.html.twig | 2 +- templates/helper.twig | 6 +-- 12 files changed, 29 insertions(+), 87 deletions(-) delete mode 100644 src/Form/WorkaroundCollectionType.php diff --git a/src/Form/CollectionTypeExtension.php b/src/Form/CollectionTypeExtension.php index f3aa4143..8ca1b068 100644 --- a/src/Form/CollectionTypeExtension.php +++ b/src/Form/CollectionTypeExtension.php @@ -54,7 +54,7 @@ class CollectionTypeExtension extends AbstractTypeExtension public static function getExtendedTypes(): iterable { - return [CollectionType::class, WorkaroundCollectionType::class]; + return [CollectionType::class]; } public function configureOptions(OptionsResolver $resolver): void diff --git a/src/Form/Part/OrderdetailType.php b/src/Form/Part/OrderdetailType.php index 65dbde86..7010aff6 100644 --- a/src/Form/Part/OrderdetailType.php +++ b/src/Form/Part/OrderdetailType.php @@ -50,6 +50,7 @@ use App\Form\Type\StructuralEntityType; use App\Form\WorkaroundCollectionType; use Symfony\Component\Form\AbstractType; use Symfony\Component\Form\Extension\Core\Type\CheckboxType; +use Symfony\Component\Form\Extension\Core\Type\CollectionType; use Symfony\Component\Form\Extension\Core\Type\TextType; use Symfony\Component\Form\Extension\Core\Type\UrlType; use Symfony\Component\Form\FormBuilderInterface; @@ -106,16 +107,15 @@ class OrderdetailType extends AbstractType } //Attachment section - $event->getForm()->add('pricedetails', WorkaroundCollectionType::class, [ + $event->getForm()->add('pricedetails', CollectionType::class, [ 'entry_type' => PricedetailType::class, - 'allow_add' => $this->security->isGranted('@parts_prices.create'), - 'allow_delete' => $this->security->isGranted('@parts_prices.delete'), + 'allow_add' => true, + 'allow_delete' => true, 'label' => false, 'reindex_enable' => true, 'prototype_data' => $dummy_pricedetail, 'by_reference' => false, 'entry_options' => [ - 'disabled' => !$this->security->isGranted('@parts_prices.edit'), 'measurement_unit' => $options['measurement_unit'], ], ]); diff --git a/src/Form/Part/PartBaseType.php b/src/Form/Part/PartBaseType.php index fba54dfb..bd30015a 100644 --- a/src/Form/Part/PartBaseType.php +++ b/src/Form/Part/PartBaseType.php @@ -103,7 +103,6 @@ class PartBaseType extends AbstractType 'attr' => [ 'placeholder' => 'part.edit.name.placeholder', ], - 'disabled' => !$this->security->isGranted('name.edit', $part), ]) ->add('description', RichTextEditorType::class, [ 'required' => false, @@ -114,7 +113,6 @@ class PartBaseType extends AbstractType 'placeholder' => 'part.edit.description.placeholder', 'rows' => 2, ], - 'disabled' => !$this->security->isGranted('description.edit', $part), ]) ->add('minAmount', SIUnitType::class, [ 'attr' => [ @@ -123,13 +121,11 @@ class PartBaseType extends AbstractType ], 'label' => 'part.edit.mininstock', 'measurement_unit' => $part->getPartUnit(), - 'disabled' => !$this->security->isGranted('minamount.edit', $part), ]) ->add('category', StructuralEntityType::class, [ 'class' => Category::class, 'label' => 'part.edit.category', 'disable_not_selectable' => true, - 'disabled' => !$this->security->isGranted('category.edit', $part), 'constraints' => [ ], ]) @@ -138,7 +134,6 @@ class PartBaseType extends AbstractType 'required' => false, 'label' => 'part.edit.footprint', 'disable_not_selectable' => true, - 'disabled' => !$this->security->isGranted('footprint.edit', $part), ]) ->add('tags', TextType::class, [ 'required' => false, @@ -149,7 +144,6 @@ class PartBaseType extends AbstractType 'data-controller' => 'elements--tagsinput', 'data-autocomplete' => $this->urlGenerator->generate('typeahead_tags', ['query' => '__QUERY__']), ], - 'disabled' => !$this->security->isGranted('tags.edit', $part), ]); //Manufacturer section @@ -158,32 +152,27 @@ class PartBaseType extends AbstractType 'required' => false, 'label' => 'part.edit.manufacturer.label', 'disable_not_selectable' => true, - 'disabled' => !$this->security->isGranted('manufacturer.edit', $part), ]) ->add('manufacturer_product_url', UrlType::class, [ 'required' => false, 'empty_data' => '', 'label' => 'part.edit.manufacturer_url.label', - 'disabled' => !$this->security->isGranted('mpn.edit', $part), ]) ->add('manufacturer_product_number', TextType::class, [ 'required' => false, 'empty_data' => '', 'label' => 'part.edit.mpn', - 'disabled' => !$this->security->isGranted('mpn.edit', $part), ]) ->add('manufacturing_status', ChoiceType::class, [ 'label' => 'part.edit.manufacturing_status', 'choices' => $status_choices, 'required' => false, - 'disabled' => !$this->security->isGranted('status.edit', $part), ]); //Advanced section $builder->add('needsReview', CheckboxType::class, [ 'required' => false, 'label' => 'part.edit.needs_review', - 'disabled' => !$this->security->isGranted('edit', $part), ]) ->add('favorite', CheckboxType::class, [ 'required' => false, @@ -194,14 +183,12 @@ class PartBaseType extends AbstractType 'unit' => 'g', 'label' => 'part.edit.mass', 'required' => false, - 'disabled' => !$this->security->isGranted('mass.edit', $part), ]) ->add('partUnit', StructuralEntityType::class, [ 'class' => MeasurementUnit::class, 'required' => false, 'disable_not_selectable' => true, 'label' => 'part.edit.partUnit', - 'disabled' => !$this->security->isGranted('unit.edit', $part), ]); //Comment section @@ -212,20 +199,18 @@ class PartBaseType extends AbstractType 'rows' => 4, ], 'mode' => 'markdown-full', - 'disabled' => !$this->security->isGranted('comment.edit', $part), 'empty_data' => '', ]); //Part Lots section $builder->add('partLots', CollectionType::class, [ 'entry_type' => PartLotType::class, - 'allow_add' => $this->security->isGranted('lots.create', $part), - 'allow_delete' => $this->security->isGranted('lots.delete', $part), + 'allow_add' => true, + 'allow_delete' => true, 'reindex_enable' => true, 'label' => false, 'entry_options' => [ 'measurement_unit' => $part->getPartUnit(), - 'disabled' => !$this->security->isGranted('lots.edit', $part), ], 'by_reference' => false, ]); @@ -233,49 +218,45 @@ class PartBaseType extends AbstractType //Attachment section $builder->add('attachments', CollectionType::class, [ 'entry_type' => AttachmentFormType::class, - 'allow_add' => $this->security->isGranted('attachments.create', $part), - 'allow_delete' => $this->security->isGranted('attachments.delete', $part), + 'allow_add' => true, + 'allow_delete' => true, 'reindex_enable' => true, 'label' => false, 'entry_options' => [ 'data_class' => PartAttachment::class, - 'disabled' => !$this->security->isGranted('attachments.edit', $part), ], 'by_reference' => false, ]); $builder->add('master_picture_attachment', MasterPictureAttachmentType::class, [ 'required' => false, - 'disabled' => !$this->security->isGranted('attachments.edit', $part), 'label' => 'part.edit.master_attachment', 'entity' => $part, ]); //Orderdetails section - $builder->add('orderdetails', WorkaroundCollectionType::class, [ + $builder->add('orderdetails', CollectionType::class, [ 'entry_type' => OrderdetailType::class, - 'allow_add' => $this->security->isGranted('orderdetails.create', $part), - 'allow_delete' => $this->security->isGranted('orderdetails.delete', $part), 'reindex_enable' => true, + 'allow_add' => true, + 'allow_delete' => true, 'label' => false, 'by_reference' => false, 'prototype_data' => new Orderdetail(), 'entry_options' => [ 'measurement_unit' => $part->getPartUnit(), - 'disabled' => !$this->security->isGranted('orderdetails.edit', $part), ], ]); $builder->add('parameters', CollectionType::class, [ 'entry_type' => ParameterType::class, - 'allow_add' => $this->security->isGranted('parameters.create', $part), - 'allow_delete' => $this->security->isGranted('parameters.delete', $part), + 'allow_add' => true, + 'allow_delete' => true, 'label' => false, 'reindex_enable' => true, 'by_reference' => false, 'prototype_data' => new PartParameter(), 'entry_options' => [ - 'disabled' => !$this->security->isGranted('parameters.edit', $part), 'data_class' => PartParameter::class, ], ]); diff --git a/src/Form/WorkaroundCollectionType.php b/src/Form/WorkaroundCollectionType.php deleted file mode 100644 index 45bd0ba6..00000000 --- a/src/Form/WorkaroundCollectionType.php +++ /dev/null @@ -1,23 +0,0 @@ -vars['prototype']->vars['multipart']) { - $view->vars['multipart'] = true; - } - } -} diff --git a/src/Security/Voter/PartVoter.php b/src/Security/Voter/PartVoter.php index cfbc66be..1470163e 100644 --- a/src/Security/Voter/PartVoter.php +++ b/src/Security/Voter/PartVoter.php @@ -57,13 +57,6 @@ class PartVoter extends ExtendedVoter protected function supports($attribute, $subject): bool { if (is_a($subject, Part::class, true)) { - //Check if a sub permission should be checked -> $attribute has format name.edit - if (false !== strpos($attribute, '.')) { - [$perm, $op] = explode('.', $attribute); - - return $this->resolver->isValidOperation('parts_'.$perm, $op); - } - return $this->resolver->isValidOperation('parts', $attribute); } @@ -73,13 +66,6 @@ class PartVoter extends ExtendedVoter protected function voteOnUser(string $attribute, $subject, User $user): bool { - //Check for sub permissions - if (false !== strpos($attribute, '.')) { - [$perm, $op] = explode('.', $attribute); - - return $this->resolver->inherit($user, 'parts_'.$perm, $op) ?? false; - } - //Null concealing operator means, that no return $this->resolver->inherit($user, 'parts', $attribute) ?? false; } diff --git a/templates/Parts/edit/_lots.html.twig b/templates/Parts/edit/_lots.html.twig index 1a4b436d..c4e452a4 100644 --- a/templates/Parts/edit/_lots.html.twig +++ b/templates/Parts/edit/_lots.html.twig @@ -11,7 +11,7 @@ diff --git a/templates/Parts/edit/_orderdetails.html.twig b/templates/Parts/edit/_orderdetails.html.twig index 33613816..9a4d1175 100644 --- a/templates/Parts/edit/_orderdetails.html.twig +++ b/templates/Parts/edit/_orderdetails.html.twig @@ -6,12 +6,12 @@ {% for detail in form.orderdetails %} - {{ form_widget(detail, {'disable_delete' : not is_granted('orderdetails.delete', part)}) }} + {{ form_widget(detail) }} {% endfor %}
- diff --git a/templates/Parts/edit/_specifications.html.twig b/templates/Parts/edit/_specifications.html.twig index 42ffe9ac..a43be0d5 100644 --- a/templates/Parts/edit/_specifications.html.twig +++ b/templates/Parts/edit/_specifications.html.twig @@ -24,7 +24,7 @@ - diff --git a/templates/Parts/edit/edit_form_styles.html.twig b/templates/Parts/edit/edit_form_styles.html.twig index 1931a1ee..c4ec753e 100644 --- a/templates/Parts/edit/edit_form_styles.html.twig +++ b/templates/Parts/edit/edit_form_styles.html.twig @@ -15,7 +15,7 @@ {{ form_widget(form.price_related_quantity, {'attr': {'class': 'form-control-sm'}}) }} {{ form_errors(form.price_related_quantity) }} {{ form_errors(form) }} @@ -50,15 +50,14 @@ - - {{ form_errors(form) }} @@ -93,8 +92,7 @@ {{ form_widget(form) }} - @@ -111,7 +109,7 @@ {{ form_widget(form) }} - diff --git a/templates/Parts/info/_extended_infos.html.twig b/templates/Parts/info/_extended_infos.html.twig index 8fdc18e1..97a375d7 100644 --- a/templates/Parts/info/_extended_infos.html.twig +++ b/templates/Parts/info/_extended_infos.html.twig @@ -9,7 +9,7 @@ {% trans %}user.creating_user{% endtrans %} - {% if is_granted('show_users', part) %} + {% if is_granted('show_history', part) %} {{ creating_user(part).fullName(true) ?? 'Unknown'|trans }} {% else %} {% trans %}accessDenied{% endtrans %} @@ -24,7 +24,7 @@ {% trans %}user.last_editing_user{% endtrans %} - {% if is_granted('show_users', part) %} + {% if is_granted('show_history', part) %} {{ last_editing_user(part).fullName(true) ?? 'Unknown'|trans }} {% else %} {% trans %}accessDenied{% endtrans %} diff --git a/templates/components/attachments.macro.html.twig b/templates/components/attachments.macro.html.twig index d30579d9..47c9e0bd 100644 --- a/templates/components/attachments.macro.html.twig +++ b/templates/components/attachments.macro.html.twig @@ -12,7 +12,7 @@ - diff --git a/templates/helper.twig b/templates/helper.twig index 576b2414..4cfe1a11 100644 --- a/templates/helper.twig +++ b/templates/helper.twig @@ -136,7 +136,7 @@ {% else %} {{ entity.addedDate | format_datetime(datetime_format) }} {% endif %} - {% if is_granted('show_users', entity) %} + {% if is_granted('show_history', entity) %} {% if lastModified == true %} {% set user = last_editing_user(entity) %} {% else %} @@ -145,9 +145,9 @@ {% if user is not null %} {% if user.fullName is not empty %} - ({{ user.fullName }}) + ({{ user.fullName }}) {% else %} - (@{{ user.name }}) + (@{{ user.name }}) {% endif %} {% endif %} {% endif %}