mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-21 09:35:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added permission to control if a user is allowed to withdraw/add/move parts

Browse source
This commit is contained in:
Jan Böhmer 2023-01-07 21:23:36 +01:00
parent 89a4846259
commit 60d5776cb7
7 changed files with 55 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

14
config/permissions.yaml
View file

@ -27,7 +27,7 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
'currencies.read', 'attachment_types.read', 'measurement_units.read'] 'currencies.read', 'attachment_types.read', 'measurement_units.read']
edit: edit:
label: "perm.edit" label: "perm.edit"
alsoSet: 'read' alsoSet: ['read', 'parts_stock.withdraw', 'parts_stock.add', 'parts_stock.move']
create: create:
label: "perm.create" label: "perm.create"
alsoSet: ['read', 'edit'] alsoSet: ['read', 'edit']
@ -44,6 +44,18 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
label: "perm.revert_elements" label: "perm.revert_elements"
alsoSet: ["read", "edit", "create", "delete", "show_history"] alsoSet: ["read", "edit", "create", "delete", "show_history"]
parts_stock:
group: "data"
label: "perm.parts_stock"
operations:
withdraw:
label: "perm.parts_stock.withdraw"
add:
label: "perm.parts_stock.add"
move:
label: "perm.parts_stock.move"
storelocations: &PART_CONTAINING storelocations: &PART_CONTAINING
label: "perm.storelocations" label: "perm.storelocations"
group: "data" group: "data"

3
src/Controller/PartController.php
View file

@ -354,12 +354,15 @@ class PartController extends AbstractController
switch ($action) { switch ($action) {
case "withdraw": case "withdraw":
case "remove": case "remove":
$this->denyAccessUnlessGranted('withdraw', $partLot);
$withdrawAddHelper->withdraw($partLot, $amount, $comment); $withdrawAddHelper->withdraw($partLot, $amount, $comment);
break; break;
case "add": case "add":
$this->denyAccessUnlessGranted('add', $partLot);
$withdrawAddHelper->add($partLot, $amount, $comment); $withdrawAddHelper->add($partLot, $amount, $comment);
break; break;
case "move": case "move":
$this->denyAccessUnlessGranted('move', $partLot);
$withdrawAddHelper->move($partLot, $targetLot, $amount, $comment); $withdrawAddHelper->move($partLot, $targetLot, $amount, $comment);
break; break;
default: default:

7
src/Security/Voter/PartLotVoter.php
View file

@ -57,7 +57,7 @@ class PartLotVoter extends ExtendedVoter
$this->security = $security; $this->security = $security;
} }
protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element']; protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element', 'withdraw', 'add', 'move'];
protected function voteOnUser(string $attribute, $subject, User $user): bool protected function voteOnUser(string $attribute, $subject, User $user): bool
{ {
@ -65,6 +65,11 @@ class PartLotVoter extends ExtendedVoter
throw new \RuntimeException('This voter can only handle PartLot objects!'); throw new \RuntimeException('This voter can only handle PartLot objects!');
} }
if (in_array($attribute, ['withdraw', 'add', 'move']))
{
return $this->resolver->inherit($user, 'parts_stock', $attribute) ?? false;
}
switch ($attribute) { switch ($attribute) {
case 'read': case 'read':
$operation = 'read'; $operation = 'read';

5
src/Services/UserSystem/PermissionManager.php
View file

@ -77,6 +77,11 @@ class PermissionManager
*/ */
public function dontInherit(HasPermissionsInterface $user, string $permission, string $operation): ?bool public function dontInherit(HasPermissionsInterface $user, string $permission, string $operation): ?bool
{ {
//Check that the permission/operation combination is valid
if (! $this->isValidOperation($permission, $operation)) {
throw new InvalidArgumentException('The permission/operation combination "'.$permission.'/'.$operation.'" is not valid!');
}
//Get the permissions from the user //Get the permissions from the user
return $user->getPermissions()->getPermissionValue($permission, $operation); return $user->getPermissions()->getPermissionValue($permission, $operation);
} }

1
src/Services/UserSystem/PermissionPresetsHelper.php
View file

@ -102,6 +102,7 @@ class PermissionPresetsHelper
//Set datastructures //Set datastructures
$this->permissionResolver->setAllOperationsOfPermission($permHolder, 'parts', PermissionData::ALLOW); $this->permissionResolver->setAllOperationsOfPermission($permHolder, 'parts', PermissionData::ALLOW);
$this->permissionResolver->setAllOperationsOfPermission($permHolder, 'parts_stock', PermissionData::ALLOW);
$this->permissionResolver->setAllOperationsOfPermission($permHolder, 'categories', PermissionData::ALLOW); $this->permissionResolver->setAllOperationsOfPermission($permHolder, 'categories', PermissionData::ALLOW);
$this->permissionResolver->setAllOperationsOfPermission($permHolder, 'storelocations', PermissionData::ALLOW); $this->permissionResolver->setAllOperationsOfPermission($permHolder, 'storelocations', PermissionData::ALLOW);
$this->permissionResolver->setAllOperationsOfPermission($permHolder, 'footprints', PermissionData::ALLOW); $this->permissionResolver->setAllOperationsOfPermission($permHolder, 'footprints', PermissionData::ALLOW);

6
templates/Parts/info/_part_lots.html.twig
View file

@ -65,21 +65,21 @@
<button type="button" class="btn btn-outline-primary" data-bs-toggle="modal" data-bs-target="#withdraw-modal" <button type="button" class="btn btn-outline-primary" data-bs-toggle="modal" data-bs-target="#withdraw-modal"
data-action="withdraw" data-lot-id="{{ lot.id }}" data-lot-amount="{{ lot.amount }}" data-action="withdraw" data-lot-id="{{ lot.id }}" data-lot-amount="{{ lot.amount }}"
title="{% trans %}part.info.withdraw_modal.title.withdraw{% endtrans %}" title="{% trans %}part.info.withdraw_modal.title.withdraw{% endtrans %}"
{% if not withdraw_add_helper.canWithdraw(lot) %}disabled{% endif %} {% if not is_granted('withdraw', lot) or not withdraw_add_helper.canWithdraw(lot) %}disabled{% endif %}
> >
<i class="fa-solid fa-minus fa-fw"></i> <i class="fa-solid fa-minus fa-fw"></i>
</button> </button>
<button type="button" class="btn btn-outline-primary" data-bs-toggle="modal" data-bs-target="#withdraw-modal" <button type="button" class="btn btn-outline-primary" data-bs-toggle="modal" data-bs-target="#withdraw-modal"
data-action="add" data-lot-id="{{ lot.id }}" data-lot-amount="{{ lot.amount }}" data-action="add" data-lot-id="{{ lot.id }}" data-lot-amount="{{ lot.amount }}"
title="{% trans %}part.info.withdraw_modal.title.add{% endtrans %}" title="{% trans %}part.info.withdraw_modal.title.add{% endtrans %}"
{% if not withdraw_add_helper.canAdd(lot) %}disabled{% endif %} {% if not is_granted('add', lot) or not withdraw_add_helper.canAdd(lot) %}disabled{% endif %}
> >
<i class="fa-solid fa-plus fa-fw"></i> <i class="fa-solid fa-plus fa-fw"></i>
</button> </button>
<button type="button" class="btn btn-outline-primary" data-bs-toggle="modal" data-bs-target="#withdraw-modal" <button type="button" class="btn btn-outline-primary" data-bs-toggle="modal" data-bs-target="#withdraw-modal"
data-action="move" data-lot-id="{{ lot.id }}" data-lot-amount="{{ lot.amount }}" data-action="move" data-lot-id="{{ lot.id }}" data-lot-amount="{{ lot.amount }}"
title="{% trans %}part.info.withdraw_modal.title.move{% endtrans %}" title="{% trans %}part.info.withdraw_modal.title.move{% endtrans %}"
{% if not withdraw_add_helper.canWithdraw(lot) or part.partLots.count == 1 %}disabled{% endif %} {% if not is_granted('move', lot) or not withdraw_add_helper.canWithdraw(lot) or part.partLots.count == 1 %}disabled{% endif %}
> >
<i class="fa-solid fa-right-left fa-fw"></i> <i class="fa-solid fa-right-left fa-fw"></i>
</button> </button>

24
translations/messages.en.xlf
View file

@ -10193,5 +10193,29 @@ Element 3</target>
<target>Added/Moved/Withdrawn parts successfully.</target> <target>Added/Moved/Withdrawn parts successfully.</target>
</segment> </segment>
</unit> </unit>
<unit id="oghrs8X" name="perm.parts_stock">
<segment>
<source>perm.parts_stock</source>
<target>Parts Stock</target>
</segment>
</unit>
<unit id="YjbdSVx" name="perm.parts_stock.withdraw">
<segment>
<source>perm.parts_stock.withdraw</source>
<target>Withdraw parts from stock</target>
</segment>
</unit>
<unit id="P4saY9b" name="perm.parts_stock.add">
<segment>
<source>perm.parts_stock.add</source>
<target>Add parts to stock</target>
</segment>
</unit>
<unit id="JR4LXfJ" name="perm.parts_stock.move">
<segment>
<source>perm.parts_stock.move</source>
<target>Move parts between lots</target>
</segment>
</unit>
</file> </file>
</xliff> </xliff>