mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-06-30 13:34:28 +02:00
Check permissions for time travel and element undo.
This commit is contained in:
Jan Böhmer
parent
254d4e6c69
commit
8a61b465d0
23 changed files with 370 additions and 90 deletions
|
|
@ -42,11 +42,13 @@ class IconLinkColumn extends AbstractColumn
|
|||
'icon' => 'fas fa-fw fa-edit',
|
||||
'title' => null,
|
||||
'href' => null,
|
||||
'disabled' => false,
|
||||
]);
|
||||
|
||||
$resolver->setAllowedTypes('title', ['null', 'string', 'callable']);
|
||||
$resolver->setAllowedTypes('icon', ['null', 'string', 'callable']);
|
||||
$resolver->setAllowedTypes('href', ['null', 'string', 'callable']);
|
||||
$resolver->setAllowedTypes('disabled', ['bool', 'callable']);
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
|
@ -56,10 +58,12 @@ class IconLinkColumn extends AbstractColumn
|
|||
$href = $this->getHref($value, $context);
|
||||
$icon = $this->getIcon($value, $context);
|
||||
$title = $this->getTitle($value, $context);
|
||||
$disabled = $this->getDisabled($value, $context);
|
||||
|
||||
if ($href !== null) {
|
||||
return sprintf(
|
||||
'<a class="btn btn-primary btn-sm" href="%s" title="%s"><i class="%s"></i></a>',
|
||||
'<a class="btn btn-primary btn-sm %s" href="%s" title="%s"><i class="%s"></i></a>',
|
||||
$disabled ? 'disabled' : '',
|
||||
$href,
|
||||
$title,
|
||||
$icon
|
||||
|
|
@ -69,6 +73,18 @@ class IconLinkColumn extends AbstractColumn
|
|||
return "";
|
||||
}
|
||||
|
||||
protected function getDisabled($value, $context): bool
|
||||
{
|
||||
$provider = $this->options['disabled'];
|
||||
if (is_bool($provider)) {
|
||||
return $provider;
|
||||
}
|
||||
if (is_callable($provider)) {
|
||||
return call_user_func($provider, $value, $context);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
protected function getHref($value, $context): ?string
|
||||
{
|
||||
$provider = $this->options['href'];
|
||||
|
|
|
|||
|
|
@ -27,15 +27,18 @@ use App\Entity\LogSystem\ElementCreatedLogEntry;
|
|||
use App\Entity\LogSystem\ElementDeletedLogEntry;
|
||||
use App\Entity\LogSystem\ElementEditedLogEntry;
|
||||
use Omines\DataTablesBundle\Column\AbstractColumn;
|
||||
use Symfony\Component\Security\Core\Security;
|
||||
use Symfony\Contracts\Translation\TranslatorInterface;
|
||||
|
||||
class RevertLogColumn extends AbstractColumn
|
||||
{
|
||||
protected $translator;
|
||||
protected $security;
|
||||
|
||||
public function __construct(TranslatorInterface $translator)
|
||||
public function __construct(TranslatorInterface $translator, Security $security)
|
||||
{
|
||||
$this->translator = $translator;
|
||||
$this->security = $security;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -65,17 +68,21 @@ class RevertLogColumn extends AbstractColumn
|
|||
return '';
|
||||
}
|
||||
|
||||
$disabled = !$this->security->isGranted('revert_element', $context->getTargetClass());
|
||||
|
||||
$tmp = '<div class="btn-group btn-group-sm">';
|
||||
$tmp .= sprintf(
|
||||
'<button type="submit" class="btn btn-outline-secondary" name="undo" value="%d"><i class="fas fa-fw %s" title="%s"></i></button>',
|
||||
'<button type="submit" class="btn btn-outline-secondary" name="undo" value="%d" %s><i class="fas fa-fw %s" title="%s"></i></button>',
|
||||
$context->getID(),
|
||||
$disabled ? 'disabled' : '',
|
||||
$icon,
|
||||
$title
|
||||
);
|
||||
|
||||
$tmp .= sprintf(
|
||||
'<button type="submit" class="btn btn-outline-secondary" name="revert" value="%d"><i class="fas fa-fw fa-backward" title="%s"></i></button>',
|
||||
'<button type="submit" class="btn btn-outline-secondary" name="revert" value="%d" %s><i class="fas fa-fw fa-backward" title="%s"></i></button>',
|
||||
$context->getID(),
|
||||
$disabled ? 'disabled' : '',
|
||||
$this->translator->trans('log.undo.revert')
|
||||
);
|
||||
|
||||
|
|
|
|||
|
|
@ -66,6 +66,7 @@ use Omines\DataTablesBundle\DataTableTypeInterface;
|
|||
use Psr\Log\LogLevel;
|
||||
use Symfony\Component\OptionsResolver\OptionsResolver;
|
||||
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
||||
use Symfony\Component\Security\Core\Security;
|
||||
use Symfony\Contracts\Translation\TranslatorInterface;
|
||||
use Symfony\Flex\Options;
|
||||
|
||||
|
|
@ -76,15 +77,17 @@ class LogDataTable implements DataTableTypeInterface
|
|||
protected $urlGenerator;
|
||||
protected $entityURLGenerator;
|
||||
protected $logRepo;
|
||||
protected $security;
|
||||
|
||||
public function __construct(ElementTypeNameGenerator $elementTypeNameGenerator, TranslatorInterface $translator,
|
||||
UrlGeneratorInterface $urlGenerator, EntityURLGenerator $entityURLGenerator, EntityManagerInterface $entityManager)
|
||||
UrlGeneratorInterface $urlGenerator, EntityURLGenerator $entityURLGenerator, EntityManagerInterface $entityManager, Security $security)
|
||||
{
|
||||
$this->elementTypeNameGenerator = $elementTypeNameGenerator;
|
||||
$this->translator = $translator;
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
$this->entityURLGenerator = $entityURLGenerator;
|
||||
$this->logRepo = $entityManager->getRepository(AbstractLogEntry::class);
|
||||
$this->security = $security;
|
||||
}
|
||||
|
||||
public function configureOptions(OptionsResolver $optionsResolver)
|
||||
|
|
@ -235,7 +238,13 @@ class LogDataTable implements DataTableTypeInterface
|
|||
}
|
||||
}
|
||||
return null;
|
||||
},
|
||||
'disabled' => function ($value, AbstractLogEntry $context) {
|
||||
return
|
||||
!$this->security->isGranted('@tools.timetravel')
|
||||
|| !$this->security->isGranted('show_history', $context->getTargetClass());
|
||||
}
|
||||
|
||||
]);
|
||||
|
||||
$dataTable->add('actionRevert', RevertLogColumn::class, [
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue