mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-22 01:49:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Show the permissions a user have on the user info page.

Browse source
This commit is contained in:
Jan Böhmer 2019-09-13 19:38:22 +02:00
parent 1f005b25f7
commit a078eef649
8 changed files with 171 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/Controller/UserController.php
View file

@ -31,6 +31,7 @@ namespace App\Controller;
use App\Entity\Attachments\AttachmentType; use App\Entity\Attachments\AttachmentType;
use App\Entity\UserSystem\User; use App\Entity\UserSystem\User;
use App\Form\Permissions\PermissionsType;
use App\Form\UserAdminForm; use App\Form\UserAdminForm;
use App\Form\UserSettingsType; use App\Form\UserSettingsType;
use App\Services\EntityExporter; use App\Services\EntityExporter;
@ -135,9 +136,18 @@ class UserController extends AdminPages\BaseAdminController
$avatar = $packages->getUrl('/img/default_avatar.png'); $avatar = $packages->getUrl('/img/default_avatar.png');
} }
//Show permissions to user
$builder = $this->createFormBuilder()->add('permissions',PermissionsType::class, [
'mapped' => false,
'disabled' => true,
'inherit' => true,
'data' => $user
]);
return $this->render('Users/user_info.html.twig', [ return $this->render('Users/user_info.html.twig', [
'user' => $user, 'user' => $user,
'avatar' => $avatar, 'avatar' => $avatar,
'form' => $builder->getForm()->createView()
]); ]);
} }

5
src/Form/Permissions/PermissionGroupType.php
View file

@ -71,7 +71,8 @@ class PermissionGroupType extends AbstractType
'label' => $permission['label'] ?? $key, 'label' => $permission['label'] ?? $key,
'mapped' => false, 'mapped' => false,
'data' => $builder->getData(), 'data' => $builder->getData(),
'disabled' => $options['disabled'] 'disabled' => $options['disabled'],
'inherit' => $options['inherit']
]); ]);
} }
} }
@ -84,6 +85,8 @@ class PermissionGroupType extends AbstractType
return trim($options['name']); return trim($options['name']);
}); });
$resolver->setDefault('inherit', false);
$resolver->setDefault('label', function (Options $options) { $resolver->setDefault('label', function (Options $options) {
if (!empty($this->perm_structure['groups'][$options['group_name']]['label'])) { if (!empty($this->perm_structure['groups'][$options['group_name']]['label'])) {
return $this->perm_structure['groups'][$options['group_name']]['label']; return $this->perm_structure['groups'][$options['group_name']]['label'];

70
src/Form/Permissions/PermissionType.php
View file

@ -44,7 +44,7 @@ use Symfony\Component\Form\FormView;
use Symfony\Component\OptionsResolver\Options; use Symfony\Component\OptionsResolver\Options;
use Symfony\Component\OptionsResolver\OptionsResolver; use Symfony\Component\OptionsResolver\OptionsResolver;
class PermissionType extends AbstractType implements DataMapperInterface class PermissionType extends AbstractType
{ {
protected $resolver; protected $resolver;
protected $perm_structure; protected $perm_structure;
@ -76,6 +76,7 @@ class PermissionType extends AbstractType implements DataMapperInterface
}); });
$resolver->setDefaults([ $resolver->setDefaults([
'inherit' => false
]); ]);
} }
@ -92,76 +93,11 @@ class PermissionType extends AbstractType implements DataMapperInterface
]); ]);
} }
$builder->setDataMapper($this); $builder->setDataMapper(new PermissionsMapper($this->resolver, $options['inherit']));
} }
public function buildView(FormView $view, FormInterface $form, array $options) public function buildView(FormView $view, FormInterface $form, array $options)
{ {
$view->vars['multi_checkbox'] = $options['multi_checkbox']; $view->vars['multi_checkbox'] = $options['multi_checkbox'];
} }
/**
* Maps the view data of a compound form to its children.
*
* The method is responsible for calling {@link FormInterface::setData()}
* on the children of compound forms, defining their underlying model data.
*
* @param mixed $viewData View data of the compound form being initialized
* @param FormInterface[]|\Traversable $forms A list of {@link FormInterface} instances
*
* @throws Exception\UnexpectedTypeException if the type of the data parameter is not supported
*/
public function mapDataToForms($viewData, $forms)
{
foreach ($forms as $form) {
$value = $this->resolver->dontInherit(
$viewData,
$form->getParent()->getConfig()->getOption('perm_name'),
$form->getName()
);
$form->setData($value);
}
}
/**
* Maps the model data of a list of children forms into the view data of their parent.
*
* This is the internal cascade call of FormInterface::submit for compound forms, since they
* cannot be bound to any input nor the request as scalar, but their children may:
*
* $compoundForm->submit($arrayOfChildrenViewData)
* // inside:
* $childForm->submit($childViewData);
* // for each entry, do the same and/or reverse transform
* $this->dataMapper->mapFormsToData($compoundForm, $compoundInitialViewData)
* // then reverse transform
*
* When a simple form is submitted the following is happening:
*
* $simpleForm->submit($submittedViewData)
* // inside:
* $this->viewData = $submittedViewData
* // then reverse transform
*
* The model data can be an array or an object, so this second argument is always passed
* by reference.
*
* @param FormInterface[]|\Traversable $forms A list of {@link FormInterface} instances
* @param mixed $viewData The compound form's view data that get mapped
* its children model data
*
* @throws Exception\UnexpectedTypeException if the type of the data parameter is not supported
*/
public function mapFormsToData($forms, &$viewData)
{
foreach ($forms as $form) {
$value = $form->getData();
$this->resolver->setPermission(
$viewData,
$form->getParent()->getConfig()->getOption('perm_name'),
$form->getName(),
$value
);
}
}
} }

128
src/Form/Permissions/PermissionsMapper.php Normal file
View file

@ -0,0 +1,128 @@
<?php
/**
*
* part-db version 0.1
* Copyright (C) 2005 Christoph Lechner
* http://www.cl-projects.de/
*
* part-db version 0.2+
* Copyright (C) 2009 K. Jacobs and others (see authors.php)
* http://code.google.com/p/part-db/
*
* Part-DB Version 0.4+
* Copyright (C) 2016 - 2019 Jan Böhmer
* https://github.com/jbtronics
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*
*/
namespace App\Form\Permissions;
use App\Services\PermissionResolver;
use Symfony\Component\Form\DataMapperInterface;
use Symfony\Component\Form\FormInterface;
/**
* This class is a data mapper that maps the permission data from DB (accessed via a PermissionResolver),
* to TristateCheckboxes and vice versa.
*/
class PermissionsMapper implements DataMapperInterface
{
protected $resolver;
protected $inherit;
public function __construct(PermissionResolver $resolver, bool $inherit = false)
{
$this->inherit = $inherit;
$this->resolver = $resolver;
}
/**
* Maps the view data of a compound form to its children.
*
* The method is responsible for calling {@link FormInterface::setData()}
* on the children of compound forms, defining their underlying model data.
*
* @param mixed $viewData View data of the compound form being initialized
* @param FormInterface[]|\Traversable $forms A list of {@link FormInterface} instances
*
*/
public function mapDataToForms($viewData, $forms)
{
foreach ($forms as $form) {
if ($this->inherit) {
$value = $this->resolver->inherit(
$viewData,
$form->getParent()->getConfig()->getOption('perm_name'),
$form->getName()
) ?? false;
} else {
$value = $this->resolver->dontInherit(
$viewData,
$form->getParent()->getConfig()->getOption('perm_name'),
$form->getName()
);
}
$form->setData($value);
}
}
/**
* Maps the model data of a list of children forms into the view data of their parent.
*
* This is the internal cascade call of FormInterface::submit for compound forms, since they
* cannot be bound to any input nor the request as scalar, but their children may:
*
* $compoundForm->submit($arrayOfChildrenViewData)
* // inside:
* $childForm->submit($childViewData);
* // for each entry, do the same and/or reverse transform
* $this->dataMapper->mapFormsToData($compoundForm, $compoundInitialViewData)
* // then reverse transform
*
* When a simple form is submitted the following is happening:
*
* $simpleForm->submit($submittedViewData)
* // inside:
* $this->viewData = $submittedViewData
* // then reverse transform
*
* The model data can be an array or an object, so this second argument is always passed
* by reference.
*
* @param FormInterface[]|\Traversable $forms A list of {@link FormInterface} instances
* @param mixed $viewData The compound form's view data that get mapped
* its children model data
*
*/
public function mapFormsToData($forms, &$viewData)
{
if ($this->inherit) {
throw new \RuntimeException('The permission type is readonly when it is showing read only data!');
}
foreach ($forms as $form) {
$value = $form->getData();
$this->resolver->setPermission(
$viewData,
$form->getParent()->getConfig()->getOption('perm_name'),
$form->getName(),
$value
);
}
}
}

9
src/Form/Permissions/PermissionsType.php
View file

@ -62,7 +62,8 @@ class PermissionsType extends AbstractType
return [new NoLockout()]; return [new NoLockout()];
} }
return []; return [];
} },
'inherit' => false,
]); ]);
@ -82,7 +83,8 @@ class PermissionsType extends AbstractType
'group_name' => $key, 'group_name' => $key,
'mapped' => false, 'mapped' => false,
'data' => $builder->getData(), 'data' => $builder->getData(),
'disabled' => $options['disabled'] 'disabled' => $options['disabled'],
'inherit' => $options['inherit']
]); ]);
} }
@ -91,7 +93,8 @@ class PermissionsType extends AbstractType
'label' => 'perm.group.other', 'label' => 'perm.group.other',
'mapped' => false, 'mapped' => false,
'data' => $builder->getData(), 'data' => $builder->getData(),
'disabled' => $options['disabled'] 'disabled' => $options['disabled'],
'inherit' => $options['inherit']
]); ]);
} }
} }

4
src/Security/Voter/UserVoter.php
View file

@ -78,7 +78,9 @@ class UserVoter extends ExtendedVoter
} }
} }
//Else just check users permission: //Else just check users permission:
return $this->resolver->inherit($user, 'users', $attribute) ?? false; if ($this->resolver->isValidOperation('users', $attribute)) {
return $this->resolver->inherit($user, 'users', $attribute) ?? false;
}
} }
return false; return false;

16
templates/Users/user_info.html.twig
View file

@ -29,7 +29,7 @@
<div class="form-group row"> <div class="form-group row">
<label class="col-form-label col-md-4">{% trans %}user.email.label{% endtrans %}</label> <label class="col-form-label col-md-4">{% trans %}user.email.label{% endtrans %}</label>
<div class="col-md-8"> <div class="col-md-8">
{# <p class="form-control-plaintext">{{ user.email }}</p>#} {# <p class="form-control-plaintext">{{ user.email }}</p>#}
<a class="form-control-link" href="mailto:{{ user.email }}">{{ user.email }}</a> <a class="form-control-link" href="mailto:{{ user.email }}">{{ user.email }}</a>
</div> </div>
</div> </div>
@ -58,4 +58,18 @@
</div> </div>
</div> </div>
</div> </div>
{% endblock %}
{% block additional_content %}
{% if is_granted('read', user) or is_granted('show_permissions', user) %}
<div class="card mt-3">
<div class="card-header"><i class="fas fa-gavel fa-fw"></i>
{% trans %}user.permissions{% endtrans %}</div>
<div class="card-body">
{{ form_start(form) }}
{{ form_row(form.permissions) }}
{{ form_end(form) }}
</div>
</div>
{% endif %}
{% endblock %} {% endblock %}

2
templates/main_card.html.twig
View file

@ -13,4 +13,6 @@
</div> </div>
{% endblock %} {% endblock %}
</div> </div>
{% block additional_content %}{% endblock %}
{% endblock %} {% endblock %}