mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-06-23 10:18:56 +02:00
Allow to change all permissions at once via the console command.
This commit is contained in:
Jan Böhmer
parent
3fbc72600f
commit
a30b67e328
3 changed files with 57 additions and 36 deletions
|
|
@ -65,18 +65,23 @@ class UsersPermissionsCommand extends Command
|
||||||
$edit_mapping = $this->renderPermissionTable($output, $user, $inherit);
|
$edit_mapping = $this->renderPermissionTable($output, $user, $inherit);
|
||||||
|
|
||||||
while($edit_mode) {
|
while($edit_mode) {
|
||||||
$index_to_edit = $io->ask('Which permission do you want to edit? Enter the index (e.g. 2-4) to edit or "q" to quit', 'q');
|
$index_to_edit = $io->ask('Which permission do you want to edit? Enter the index (e.g. 2-4) to edit, * for all permissions or "q" to quit', 'q');
|
||||||
if ($index_to_edit === 'q') {
|
if ($index_to_edit === 'q') {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($edit_mapping[$index_to_edit])) {
|
if (!isset($edit_mapping[$index_to_edit]) && $index_to_edit !== '*') {
|
||||||
$io->error('Invalid index');
|
$io->error('Invalid index');
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($index_to_edit === '*') {
|
||||||
|
$io->warning('You are about to edit all permissions. This will overwrite all permissions!');
|
||||||
|
} else {
|
||||||
[$perm_to_edit, $op_to_edit] = $edit_mapping[$index_to_edit];
|
[$perm_to_edit, $op_to_edit] = $edit_mapping[$index_to_edit];
|
||||||
$io->note('Editing permission ' . $perm_to_edit . ' with operation <options=bold>' . $op_to_edit);
|
$io->note('Editing permission ' . $perm_to_edit . ' with operation <options=bold>' . $op_to_edit);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
$new_value_str = $io->ask('Enter the new value for the permission (A = allow, D = disallow, I = inherit)');
|
$new_value_str = $io->ask('Enter the new value for the permission (A = allow, D = disallow, I = inherit)');
|
||||||
switch (strtolower($new_value_str)) {
|
switch (strtolower($new_value_str)) {
|
||||||
|
|
@ -97,9 +102,18 @@ class UsersPermissionsCommand extends Command
|
||||||
continue 2;
|
continue 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
$user->getPermissions()->setPermissionValue($perm_to_edit, $op_to_edit, $new_value);
|
if ($index_to_edit === '*') {
|
||||||
|
$this->permissionResolver->setAllPermissions($user, $new_value);
|
||||||
|
$io->success('Permission updated successfully');
|
||||||
|
$this->entityManager->flush();
|
||||||
|
|
||||||
|
break; //Show the new table
|
||||||
|
} else {
|
||||||
|
$this->permissionResolver->setPermission($user, $perm_to_edit, $op_to_edit, $new_value);
|
||||||
|
}
|
||||||
|
|
||||||
//Ensure that all operations are set accordingly
|
//Ensure that all operations are set accordingly
|
||||||
$this->ensureCorrectPermissions($user);
|
$this->permissionResolver->ensureCorrectSetOperations($user);
|
||||||
$io->success('Permission updated successfully');
|
$io->success('Permission updated successfully');
|
||||||
|
|
||||||
//Save to DB
|
//Save to DB
|
||||||
|
|
@ -183,21 +197,4 @@ class UsersPermissionsCommand extends Command
|
||||||
|
|
||||||
return '???';
|
return '???';
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function ensureCorrectPermissions(User $user): void
|
|
||||||
{
|
|
||||||
$perm_structure = $this->permissionResolver->getPermissionStructure();
|
|
||||||
|
|
||||||
foreach ($perm_structure['perms'] as $perm_key => $permission) {
|
|
||||||
foreach ($permission['operations'] as $op_key => $op) {
|
|
||||||
if (!empty($op['alsoSet']) &&
|
|
||||||
true === $this->permissionResolver->dontInherit($user, $perm_key, $op_key)) {
|
|
||||||
//Set every op listed in also Set
|
|
||||||
foreach ($op['alsoSet'] as $set_also) {
|
|
||||||
$this->permissionResolver->setPermission($user, $perm_key, $set_also, true);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -204,6 +204,42 @@ class PermissionResolver
|
||||||
isset($this->permission_structure['perms'][$permission]['operations'][$operation]);
|
isset($this->permission_structure['perms'][$permission]['operations'][$operation]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This functions sets all operations mentioned in the alsoSet value of a permission, so that the structure is always valid.
|
||||||
|
* @param User $user
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function ensureCorrectSetOperations(HasPermissionsInterface $user): void
|
||||||
|
{
|
||||||
|
//Check for each permission and operation, for an alsoSet attribute
|
||||||
|
foreach ($this->permission_structure['perms'] as $perm_key => $permission) {
|
||||||
|
foreach ($permission['operations'] as $op_key => $op) {
|
||||||
|
if (!empty($op['alsoSet']) &&
|
||||||
|
true === $this->dontInherit($user, $perm_key, $op_key)) {
|
||||||
|
//Set every op listed in also Set
|
||||||
|
foreach ($op['alsoSet'] as $set_also) {
|
||||||
|
$this->setPermission($user, $perm_key, $set_also, true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets all possible operations of all possible permissions of the given entity to the given value.
|
||||||
|
* @param HasPermissionsInterface $perm_holder
|
||||||
|
* @param bool|null $new_value
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setAllPermissions(HasPermissionsInterface $perm_holder, ?bool $new_value): void
|
||||||
|
{
|
||||||
|
foreach ($this->permission_structure['perms'] as $perm_key => $permission) {
|
||||||
|
foreach ($permission['operations'] as $op_key => $op) {
|
||||||
|
$this->setPermission($perm_holder, $perm_key, $op_key, $new_value);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
protected function generatePermissionStructure()
|
protected function generatePermissionStructure()
|
||||||
{
|
{
|
||||||
$cache = new ConfigCache($this->cache_file, $this->is_debug);
|
$cache = new ConfigCache($this->cache_file, $this->is_debug);
|
||||||
|
|
|
||||||
|
|
@ -56,7 +56,6 @@ class ValidPermissionValidator extends ConstraintValidator
|
||||||
public function __construct(PermissionResolver $resolver)
|
public function __construct(PermissionResolver $resolver)
|
||||||
{
|
{
|
||||||
$this->resolver = $resolver;
|
$this->resolver = $resolver;
|
||||||
$this->perm_structure = $resolver->getPermissionStructure();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -74,17 +73,6 @@ class ValidPermissionValidator extends ConstraintValidator
|
||||||
/** @var HasPermissionsInterface $perm_holder */
|
/** @var HasPermissionsInterface $perm_holder */
|
||||||
$perm_holder = $this->context->getObject();
|
$perm_holder = $this->context->getObject();
|
||||||
|
|
||||||
//Check for each permission and operation, for an alsoSet attribute
|
$this->resolver->ensureCorrectSetOperations($perm_holder);
|
||||||
foreach ($this->perm_structure['perms'] as $perm_key => $permission) {
|
|
||||||
foreach ($permission['operations'] as $op_key => $op) {
|
|
||||||
if (!empty($op['alsoSet']) &&
|
|
||||||
true === $this->resolver->dontInherit($perm_holder, $perm_key, $op_key)) {
|
|
||||||
//Set every op listed in also Set
|
|
||||||
foreach ($op['alsoSet'] as $set_also) {
|
|
||||||
$this->resolver->setPermission($perm_holder, $perm_key, $set_also, true);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue