mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-20 17:15:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Show a warning flash message, if permissions were corrected and missing permissions were set

Browse source 
Related to issue #435
This commit is contained in:
Jan Böhmer 2023-11-25 00:28:07 +01:00
parent 17000da97e
commit 84c111ac7c
5 changed files with 1468 additions and 1429 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/Services/UserSystem/PermissionManager.php
View file

@ -230,12 +230,16 @@ class PermissionManager
/**
* This functions sets all operations mentioned in the alsoSet value of a permission, so that the structure is always valid.
* This function should be called after every setPermission() call.
* @return bool true if values were changed/corrected, false if not
*/
public function ensureCorrectSetOperations(HasPermissionsInterface $user): void
public function ensureCorrectSetOperations(HasPermissionsInterface $user): bool
{
//If we have changed anything on the permission structure due to the alsoSet value, this becomes true, so we
//redo the whole process, to ensure that all alsoSet values are set recursively.
$return_value = false;
do {
$anything_changed = false; //Reset the variable for the next iteration
@ -254,12 +258,15 @@ class PermissionManager
$this->setPermission($user, $set_perm, $set_op, true);
//Mark the change, so we redo the whole process
$anything_changed = true;
$return_value = true;
}
}
}
}
}
} while($anything_changed);
return $return_value;
}
/**

30
src/Validator/Constraints/ValidPermissionValidator.php
View file

@ -22,15 +22,21 @@ declare(strict_types=1);
namespace App\Validator\Constraints;
use App\Controller\GroupController;
use App\Controller\UserController;
use App\Security\Interfaces\HasPermissionsInterface;
use App\Services\UserSystem\PermissionManager;
use Symfony\Component\Form\Exception\UnexpectedTypeException;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
use function Symfony\Component\Translation\t;
class ValidPermissionValidator extends ConstraintValidator
{
public function __construct(protected PermissionManager $resolver)
public function __construct(protected PermissionManager $resolver, protected RequestStack $requestStack)
{
}
@ -49,6 +55,26 @@ class ValidPermissionValidator extends ConstraintValidator
/** @var HasPermissionsInterface $perm_holder */
$perm_holder = $this->context->getObject();
$this->resolver->ensureCorrectSetOperations($perm_holder);
$changed = $this->resolver->ensureCorrectSetOperations($perm_holder);
//Sending a flash message if the permissions were fixed (only if called from UserController or GroupController)
//This is pretty hacky and bad design but I dont see a better way without a complete rewrite of how permissions are validated
//on the admin pages
if ($changed) {
//Check if this was called in context of UserController
$request = $this->requestStack->getMainRequest();
if (!$request) {
return;
}
//Determine the controller class (the part before the ::)
$controller_class = explode('::', $request->attributes->get('_controller'))[0];
if (in_array($controller_class, [UserController::class, GroupController::class])) {
/** @var Session $session */
$session = $this->requestStack->getSession();
$flashBag = $session->getFlashBag();
$flashBag->add('warning', t('user.edit.flash.permissions_fixed'));
}
}
}
}

2784
translations/messages.en.xlf
View file

File diff suppressed because it is too large Load diff

4
translations/security.en.xlf
View file

@ -2,13 +2,13 @@
<xliff xmlns="urn:oasis:names:tc:xliff:document:2.0" version="2.0" srcLang="en" trgLang="en">
<file id="security.en">
<unit id="aazoCks" name="user.login_error.user_disabled">
<segment state="translated">
<segment>
<source>user.login_error.user_disabled</source>
<target>Your account is disabled! Contact an administrator if you think this is wrong.</target>
</segment>
</unit>
<unit id="Dpb9AmY" name="saml.error.cannot_login_local_user_per_saml">
<segment state="translated">
<segment>
<source>saml.error.cannot_login_local_user_per_saml</source>
<target>You cannot login as local user via SSO! Use your local user password instead.</target>
</segment>

70
translations/validators.en.xlf
View file

@ -37,7 +37,7 @@
<note priority="1">Part-DB1\src\Entity\UserSystem\Group.php:0</note>
<note priority="1">Part-DB1\src\Entity\UserSystem\User.php:0</note>
</notes>
<segment state="translated">
<segment>
<source>part.master_attachment.must_be_picture</source>
<target>The preview attachment must be a valid picture!</target>
</segment>
@ -82,7 +82,7 @@
<note priority="1">src\Entity\StructuralDBElement.php:0</note>
<note priority="1">src\Entity\Supplier.php:0</note>
</notes>
<segment state="translated">
<segment>
<source>structural.entity.unique_name</source>
<target>An element with this name already exists on this level!</target>
</segment>
@ -102,7 +102,7 @@
<note category="file-source" priority="1">Part-DB1\src\Entity\Parameters\StorelocationParameter.php:0</note>
<note category="file-source" priority="1">Part-DB1\src\Entity\Parameters\SupplierParameter.php:0</note>
</notes>
<segment state="translated">
<segment>
<source>parameters.validator.min_lesser_typical</source>
<target>Value must be lesser or equal the the typical value ({{ compared_value }}).</target>
</segment>
@ -122,7 +122,7 @@
<note category="file-source" priority="1">Part-DB1\src\Entity\Parameters\StorelocationParameter.php:0</note>
<note category="file-source" priority="1">Part-DB1\src\Entity\Parameters\SupplierParameter.php:0</note>
</notes>
<segment state="translated">
<segment>
<source>parameters.validator.min_lesser_max</source>
<target>Value must be lesser than the maximum value ({{ compared_value }}).</target>
</segment>
@ -142,7 +142,7 @@
<note category="file-source" priority="1">Part-DB1\src\Entity\Parameters\StorelocationParameter.php:0</note>
<note category="file-source" priority="1">Part-DB1\src\Entity\Parameters\SupplierParameter.php:0</note>
</notes>
<segment state="translated">
<segment>
<source>parameters.validator.max_greater_typical</source>
<target>Value must be greater or equal than the typical value ({{ compared_value }}).</target>
</segment>
@ -152,7 +152,7 @@
<note category="file-source" priority="1">Part-DB1\src\Entity\UserSystem\User.php:0</note>
<note priority="1">Part-DB1\src\Entity\UserSystem\User.php:0</note>
</notes>
<segment state="translated">
<segment>
<source>validator.user.username_already_used</source>
<target>A user with this name is already exisiting</target>
</segment>
@ -162,7 +162,7 @@
<note category="file-source" priority="1">Part-DB1\src\Entity\UserSystem\User.php:0</note>
<note priority="1">Part-DB1\src\Entity\UserSystem\User.php:0</note>
</notes>
<segment state="translated">
<segment>
<source>user.invalid_username</source>
<target>The username must contain only letters, numbers, underscores, dots, pluses or minuses!</target>
</segment>
@ -171,7 +171,7 @@
<notes>
<note category="state" priority="1">obsolete</note>
</notes>
<segment state="translated">
<segment>
<source>validator.noneofitschild.self</source>
<target>An element can not be its own parent!</target>
</segment>
@ -180,163 +180,163 @@
<notes>
<note category="state" priority="1">obsolete</note>
</notes>
<segment state="translated">
<segment>
<source>validator.noneofitschild.children</source>
<target>You can not assign children element as parent (This would cause loops)!</target>
</segment>
</unit>
<unit id="ayNr6QK" name="validator.select_valid_category">
<segment state="translated">
<segment>
<source>validator.select_valid_category</source>
<target>Please select a valid category!</target>
</segment>
</unit>
<unit id="6vIlN5q" name="validator.part_lot.only_existing">
<segment state="translated">
<segment>
<source>validator.part_lot.only_existing</source>
<target>Can not add new parts to this location as it is marked as "Only Existing"</target>
</segment>
</unit>
<unit id="3xoKOIS" name="validator.part_lot.location_full.no_increase">
<segment state="translated">
<segment>
<source>validator.part_lot.location_full.no_increase</source>
<target>Location is full. Amount can not be increased (new value must be smaller than {{ old_amount }}).</target>
</segment>
</unit>
<unit id="R6Ov4Yt" name="validator.part_lot.location_full">
<segment state="translated">
<segment>
<source>validator.part_lot.location_full</source>
<target>Location is full. Can not add new parts to it.</target>
</segment>
</unit>
<unit id="BNQk2e7" name="validator.part_lot.single_part">
<segment state="translated">
<segment>
<source>validator.part_lot.single_part</source>
<target>This location can only contain a single part and it is already full!</target>
</segment>
</unit>
<unit id="4gPskOG" name="validator.attachment.must_not_be_null">
<segment state="translated">
<segment>
<source>validator.attachment.must_not_be_null</source>
<target>You must select an attachment type!</target>
</segment>
</unit>
<unit id="cDDVrWT" name="validator.orderdetail.supplier_must_not_be_null">
<segment state="translated">
<segment>
<source>validator.orderdetail.supplier_must_not_be_null</source>
<target>You must select an supplier!</target>
</segment>
</unit>
<unit id="k5DDdB4" name="validator.measurement_unit.use_si_prefix_needs_unit">
<segment state="translated">
<segment>
<source>validator.measurement_unit.use_si_prefix_needs_unit</source>
<target>To enable SI prefixes, you have to set a unit symbol!</target>
</segment>
</unit>
<unit id="DuzIOCr" name="part.ipn.must_be_unique">
<segment state="translated">
<segment>
<source>part.ipn.must_be_unique</source>
<target>The internal part number must be unique. {{ value }} is already in use!</target>
</segment>
</unit>
<unit id="Z4Kuuo2" name="validator.project.bom_entry.name_or_part_needed">
<segment state="translated">
<segment>
<source>validator.project.bom_entry.name_or_part_needed</source>
<target>You have to choose a part for a part BOM entry or set a name for a non-part BOM entry.</target>
</segment>
</unit>
<unit id="WF_v4ih" name="project.bom_entry.name_already_in_bom">
<segment state="translated">
<segment>
<source>project.bom_entry.name_already_in_bom</source>
<target>There is already an BOM entry with this name!</target>
</segment>
</unit>
<unit id="5v4p85H" name="project.bom_entry.part_already_in_bom">
<segment state="translated">
<segment>
<source>project.bom_entry.part_already_in_bom</source>
<target>This part already exists in the BOM!</target>
</segment>
</unit>
<unit id="3lM32Tw" name="project.bom_entry.mountnames_quantity_mismatch">
<segment state="translated">
<segment>
<source>project.bom_entry.mountnames_quantity_mismatch</source>
<target>The number of mountnames has to match the BOMs quantity!</target>
</segment>
</unit>
<unit id="x47D5WT" name="project.bom_entry.can_not_add_own_builds_part">
<segment state="translated">
<segment>
<source>project.bom_entry.can_not_add_own_builds_part</source>
<target>You can not add a project's own builds part to the BOM.</target>
</segment>
</unit>
<unit id="2x2XDI_" name="project.bom_has_to_include_all_subelement_parts">
<segment state="translated">
<segment>
<source>project.bom_has_to_include_all_subelement_parts</source>
<target>The project BOM has to include all subprojects builds parts. Part %part_name% of project %project_name% missing!</target>
</segment>
</unit>
<unit id="U9b1EzD" name="project.bom_entry.price_not_allowed_on_parts">
<segment state="translated">
<segment>
<source>project.bom_entry.price_not_allowed_on_parts</source>
<target>Prices are not allowed on BOM entries associated with a part. Define the price on the part instead.</target>
</segment>
</unit>
<unit id="ID056SR" name="validator.project_build.lot_bigger_than_needed">
<segment state="translated">
<segment>
<source>validator.project_build.lot_bigger_than_needed</source>
<target>You have selected more quantity to withdraw than needed! Remove unnecessary quantity.</target>
</segment>
</unit>
<unit id="6hV5UqD" name="validator.project_build.lot_smaller_than_needed">
<segment state="translated">
<segment>
<source>validator.project_build.lot_smaller_than_needed</source>
<target>You have selected less quantity to withdraw than needed for the build! Add additional quantity.</target>
</segment>
</unit>
<unit id="G9ZKt.4" name="part.name.must_match_category_regex">
<segment state="translated">
<segment>
<source>part.name.must_match_category_regex</source>
<target>The part name does not match the regular expression stated by the category: %regex%</target>
</segment>
</unit>
<unit id="m8kMFhf" name="validator.attachment.name_not_blank">
<segment state="translated">
<segment>
<source>validator.attachment.name_not_blank</source>
<target>Set a value here, or upload a file to automatically use its filename as name for the attachment.</target>
</segment>
</unit>
<unit id="nwGaNBW" name="validator.part_lot.owner_must_match_storage_location_owner">
<segment state="translated">
<segment>
<source>validator.part_lot.owner_must_match_storage_location_owner</source>
<target>The owner of this lot must match the owner of the selected storage location (%owner_name%)!</target>
</segment>
</unit>
<unit id="HXSz3nQ" name="validator.part_lot.owner_must_not_be_anonymous">
<segment state="translated">
<segment>
<source>validator.part_lot.owner_must_not_be_anonymous</source>
<target>A lot owner must not be the anonymous user!</target>
</segment>
</unit>
<unit id="N8aA0Uh" name="validator.part_association.must_set_an_value_if_type_is_other">
<segment state="translated">
<segment>
<source>validator.part_association.must_set_an_value_if_type_is_other</source>
<target>If you set the type to "other", then you have to set a descriptive value for it!</target>
</segment>
</unit>
<unit id="9VYNZ4v" name="validator.part_association.part_cannot_be_associated_with_itself">
<segment state="translated">
<segment>
<source>validator.part_association.part_cannot_be_associated_with_itself</source>
<target>A part can not be associated with itself!</target>
</segment>
</unit>
<unit id="csc1PNn" name="validator.part_association.already_exists">
<segment state="translated">
<segment>
<source>validator.part_association.already_exists</source>
<target>The association with this part already exists!</target>
</segment>
</unit>
<unit id="sfW4NYE" name="validator.part_lot.vendor_barcode_must_be_unique">
<segment state="translated">
<segment>
<source>validator.part_lot.vendor_barcode_must_be_unique</source>
<target>This vendor barcode value was already used in another lot. The barcode must be unique!</target>
</segment>