From 449163c8756f7c493cf8496dc409fa25ca39dfb1 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 28 Apr 2016 14:03:54 -0700 Subject: [PATCH] Fixes #1995 - updated group admin to use native permissions --- app/Http/Controllers/GroupsController.php | 14 +- app/Models/Group.php | 78 +++++++- config/permissions.php | 211 +++++++++++++++++++++- resources/views/groups/edit.blade.php | 36 ++-- 4 files changed, 306 insertions(+), 33 deletions(-) diff --git a/app/Http/Controllers/GroupsController.php b/app/Http/Controllers/GroupsController.php index d5fa4b4ee7..a39dafcd5d 100755 --- a/app/Http/Controllers/GroupsController.php +++ b/app/Http/Controllers/GroupsController.php @@ -92,12 +92,10 @@ class GroupsController extends Controller public function getEdit($id = null) { $group = Group::find($id); - $group->name = e(Input::get('name')); - $group->permissions = json_decode($group->permissions, true); $permissions = config('permissions'); - - // Show the page - return View::make('groups/edit', compact('group', 'permissions','allpermissions')); + $group->permissions = $group->decodePermissions(); + $selected_array = $group->selectedPermissionsArray($permissions, $group->permissions); + return View::make('groups/edit', compact('group', 'permissions','selected_array')); } /** @@ -111,12 +109,16 @@ class GroupsController extends Controller */ public function postEdit($id = null) { - + // print_r(Input::get('permission')); + // exit; + $permissions = config('permissions'); if (!$group = Group::find($id)) { return Redirect::route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id'))); } $group->name = e(Input::get('name')); + $group->permissions = json_encode(Input::get('permission')); + if (!config('app.lock_passwords')) { diff --git a/app/Models/Group.php b/app/Models/Group.php index edc29a8930..20b31740b1 100755 --- a/app/Models/Group.php +++ b/app/Models/Group.php @@ -13,22 +13,80 @@ class Group extends Model 'name' => 'required|min:3|max:255', ); - /** - * Whether the model should inject it's identifier to the unique - * validation rules before attempting validation. If this property - * is not set in the model it will default to true. - * - * @var boolean - */ + /** + * Whether the model should inject it's identifier to the unique + * validation rules before attempting validation. If this property + * is not set in the model it will default to true. + * + * @var boolean + */ protected $injectUniqueIdentifier = true; use ValidatingTrait; - /** - * Get user groups - */ + /** + * Get user groups + */ public function users() { return $this->belongsToMany('\App\Models\User', 'users_groups'); } + + + public function decodePermissions() + { + return json_decode($this->permissions, true); + } + + + /** + * Walks through the permissions in the permissions config file and determines if + * permissions are granted based on a $selected_arr array. + * + * The $permissions array is a multidimensional array broke down by section. + * (Licenses, Assets, etc) + * + * The $selected_arr should be a flattened array that contains just the + * corresponding permission name and a true or false boolean to determine + * if that group has been granted that permission. + * + * @todo Move this into a helper? Since the same logic is used for users. + * @author [A. Gianotto] [ 'superuser', 'label' => 'Super User', 'note' => 'Determines whether the user has full access to all aspects of the admin. ', + 'display' => true, ), ), 'Admin' => array( array( 'permission' => 'admin', - 'label' => 'Admin Rights', + 'label' => '', 'note' => 'Determines whether the user has access to most aspects of the admin.', + 'display' => true, ), ), - 'Reporting' => array( + 'Reports' => array( array( - 'permission' => 'reports', - 'label' => 'View Reports', + 'permission' => 'reports.view', + 'label' => '', 'note' => 'Determines whether the user has the abiity to view reports.', + 'display' => true, ), ), + 'Assets' => array( + array( + 'permission' => 'assets.view', + 'label' => '', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'assets.create', + 'label' => 'Create Assets', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'assets.edit', + 'label' => 'Edit Assets', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'assets.delete', + 'label' => 'Delete Assets', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'assets.checkout', + 'label' => 'View Assets', + 'note' => '', + 'display' => false, + ), + ), + + 'Accessories' => array( + array( + 'permission' => 'accessories.view', + 'label' => '', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'accessory.create', + 'label' => 'Create Assets', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'accessories.edit', + 'label' => 'Edit Assets', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'accessories.delete', + 'label' => 'Delete Assets', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'accessories.checkout', + 'label' => 'View Assets', + 'note' => '', + 'display' => false, + ), + ), + + 'Consumables' => array( + array( + 'permission' => 'consumables.view', + 'label' => '', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'consumables.create', + 'label' => 'Create Consumables', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'consumables.edit', + 'label' => 'Edit Consumables', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'consumables.delete', + 'label' => 'Delete Consumables', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'consumables.checkout', + 'label' => 'Checkout Consumables', + 'note' => '', + 'display' => false, + ), + ), + + 'Licenses' => array( array( - 'permission' => 'license_keys', + 'permission' => 'licenses.view', + 'label' => '', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'licenses.create', + 'label' => 'Create Licenses', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'licenses.edit', + 'label' => 'Edit Licenses', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'licenses.delete', + 'label' => 'Delete Licenses', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'licenses.checkout', + 'label' => 'Checkout Licenses', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'licenses.keys', 'label' => 'View License Keys', - 'note' => 'Determines whether the user has the ability to view the license keys assigned to them in their own profile. (Usually granted for lower-level permissions that wouldn\'t normally have access.)', + 'note' => '', + 'display' => true, ), ), + 'Components' => array( + array( + 'permission' => 'components.view', + 'label' => '', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'components.create', + 'label' => 'Create Components', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'components.edit', + 'label' => 'Edit Components', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'components.delete', + 'label' => 'Delete Components', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'components.checkout', + 'label' => 'Checkout Components', + 'note' => '', + 'display' => false, + ), + + ), + + 'Users' => array( + array( + 'permission' => 'users.view', + 'label' => 'View Users', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'users.create', + 'label' => 'Create Users', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'users.edit', + 'label' => 'Edit Users', + 'note' => '', + 'display' => false, + ), + array( + 'permission' => 'users.delete', + 'label' => 'Delete Users', + 'note' => '', + 'display' => false, + ), + + ), + + + + ); diff --git a/resources/views/groups/edit.blade.php b/resources/views/groups/edit.blade.php index 60ae30bf43..7fc9508b10 100755 --- a/resources/views/groups/edit.blade.php +++ b/resources/views/groups/edit.blade.php @@ -20,6 +20,7 @@ } +
@@ -48,26 +49,39 @@ {!! $errors->first('name', ' :message') !!}
+
@foreach ($permissions as $area => $permission) - @for ($i = 0; $i < count($area); $i++) -

{{ $area }}: {{ $permission[$i]['label'] }}

-

{{ $permission[$i]['note'] }}

+ @for ($i = 0; $i < count($permission); $i++) + - -
- - + @if ($permission[$i]['display']) +

{{ $area }}: {{ $permission[$i]['label'] }}

+

{{ $permission[$i]['note'] }}

+ + +
+ + + + +
+
+ @endif @endfor - -
- -
@endforeach +
+