Fixes #1995 - updated group admin to use native permissions

This commit is contained in:
snipe 2016-04-28 14:03:54 -07:00
parent 97a91e2d83
commit 449163c875
4 changed files with 306 additions and 33 deletions

View file

@ -92,12 +92,10 @@ class GroupsController extends Controller
public function getEdit($id = null) public function getEdit($id = null)
{ {
$group = Group::find($id); $group = Group::find($id);
$group->name = e(Input::get('name'));
$group->permissions = json_decode($group->permissions, true);
$permissions = config('permissions'); $permissions = config('permissions');
$group->permissions = $group->decodePermissions();
// Show the page $selected_array = $group->selectedPermissionsArray($permissions, $group->permissions);
return View::make('groups/edit', compact('group', 'permissions','allpermissions')); return View::make('groups/edit', compact('group', 'permissions','selected_array'));
} }
/** /**
@ -111,12 +109,16 @@ class GroupsController extends Controller
*/ */
public function postEdit($id = null) public function postEdit($id = null)
{ {
// print_r(Input::get('permission'));
// exit;
$permissions = config('permissions');
if (!$group = Group::find($id)) { if (!$group = Group::find($id)) {
return Redirect::route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id'))); return Redirect::route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
} }
$group->name = e(Input::get('name')); $group->name = e(Input::get('name'));
$group->permissions = json_encode(Input::get('permission'));
if (!config('app.lock_passwords')) { if (!config('app.lock_passwords')) {

View file

@ -31,4 +31,62 @@ class Group extends Model
{ {
return $this->belongsToMany('\App\Models\User', 'users_groups'); return $this->belongsToMany('\App\Models\User', 'users_groups');
} }
public function decodePermissions()
{
return json_decode($this->permissions, true);
}
/**
* Walks through the permissions in the permissions config file and determines if
* permissions are granted based on a $selected_arr array.
*
* The $permissions array is a multidimensional array broke down by section.
* (Licenses, Assets, etc)
*
* The $selected_arr should be a flattened array that contains just the
* corresponding permission name and a true or false boolean to determine
* if that group has been granted that permission.
*
* @todo Move this into a helper? Since the same logic is used for users.
* @author [A. Gianotto] [<snipe@snipe.net]
* @param array $permissions
* @param array $selected_arr
* @since [v1.0]
* @return Array
*/
public static function selectedPermissionsArray($permissions, $selected_arr = array())
{
$permissions_arr = array();
foreach ($permissions as $permission) {
for ($x = 0; $x < count($permission); $x++) {
$permission_name = $permission[$x]['permission'];
if ($permission[$x]['display'] === true) {
if ($selected_arr) {
if (array_key_exists($permission_name,$selected_arr)) {
$permissions_arr[$permission_name] = ($selected_arr[$permission_name] === 1) ? '1': '0';
} else {
$permissions_arr[$permission_name] = 'bum';
}
} else {
$permissions_arr[$permission_name] = 'hodor';
}
}
}
}
return $permissions_arr;
}
} }

View file

@ -7,32 +7,231 @@ return array(
'permission' => 'superuser', 'permission' => 'superuser',
'label' => 'Super User', 'label' => 'Super User',
'note' => 'Determines whether the user has full access to all aspects of the admin. ', 'note' => 'Determines whether the user has full access to all aspects of the admin. ',
'display' => true,
), ),
), ),
'Admin' => array( 'Admin' => array(
array( array(
'permission' => 'admin', 'permission' => 'admin',
'label' => 'Admin Rights', 'label' => '',
'note' => 'Determines whether the user has access to most aspects of the admin.', 'note' => 'Determines whether the user has access to most aspects of the admin.',
'display' => true,
), ),
), ),
'Reporting' => array( 'Reports' => array(
array( array(
'permission' => 'reports', 'permission' => 'reports.view',
'label' => 'View Reports', 'label' => '',
'note' => 'Determines whether the user has the abiity to view reports.', 'note' => 'Determines whether the user has the abiity to view reports.',
'display' => true,
), ),
), ),
'Assets' => array(
array(
'permission' => 'assets.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.create',
'label' => 'Create Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.edit',
'label' => 'Edit Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.delete',
'label' => 'Delete Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.checkout',
'label' => 'View Assets',
'note' => '',
'display' => false,
),
),
'Accessories' => array(
array(
'permission' => 'accessories.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessory.create',
'label' => 'Create Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessories.edit',
'label' => 'Edit Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessories.delete',
'label' => 'Delete Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessories.checkout',
'label' => 'View Assets',
'note' => '',
'display' => false,
),
),
'Consumables' => array(
array(
'permission' => 'consumables.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.create',
'label' => 'Create Consumables',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.edit',
'label' => 'Edit Consumables',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.delete',
'label' => 'Delete Consumables',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.checkout',
'label' => 'Checkout Consumables',
'note' => '',
'display' => false,
),
),
'Licenses' => array( 'Licenses' => array(
array( array(
'permission' => 'license_keys', 'permission' => 'licenses.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.create',
'label' => 'Create Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.edit',
'label' => 'Edit Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.delete',
'label' => 'Delete Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.checkout',
'label' => 'Checkout Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.keys',
'label' => 'View License Keys', 'label' => 'View License Keys',
'note' => 'Determines whether the user has the ability to view the license keys assigned to them in their own profile. (Usually granted for lower-level permissions that wouldn\'t normally have access.)', 'note' => '',
'display' => true,
), ),
), ),
'Components' => array(
array(
'permission' => 'components.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.create',
'label' => 'Create Components',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.edit',
'label' => 'Edit Components',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.delete',
'label' => 'Delete Components',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.checkout',
'label' => 'Checkout Components',
'note' => '',
'display' => false,
),
),
'Users' => array(
array(
'permission' => 'users.view',
'label' => 'View Users',
'note' => '',
'display' => false,
),
array(
'permission' => 'users.create',
'label' => 'Create Users',
'note' => '',
'display' => false,
),
array(
'permission' => 'users.edit',
'label' => 'Edit Users',
'note' => '',
'display' => false,
),
array(
'permission' => 'users.delete',
'label' => 'Delete Users',
'note' => '',
'display' => false,
),
),
); );

View file

@ -20,6 +20,7 @@
} }
</style> </style>
<div class="row"> <div class="row">
<div class="col-md-9"> <div class="col-md-9">
<div class="box box-default"> <div class="box box-default">
@ -48,26 +49,39 @@
{!! $errors->first('name', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!} {!! $errors->first('name', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
</div> </div>
</div> </div>
<div class="col-md-9 col-md-offset-3"> <div class="col-md-9 col-md-offset-3">
@foreach ($permissions as $area => $permission) @foreach ($permissions as $area => $permission)
@for ($i = 0; $i < count($area); $i++) @for ($i = 0; $i < count($permission); $i++)
<?php
$permission_name = $permission[$i]['permission'];
?>
@if ($permission[$i]['display'])
<h3>{{ $area }}: {{ $permission[$i]['label'] }}</h3> <h3>{{ $area }}: {{ $permission[$i]['label'] }}</h3>
<p>{{ $permission[$i]['note'] }}</p> <p>{{ $permission[$i]['note'] }}</p>
<!-- radio --> <!-- radio -->
<div class="form-group" style="padding-left: 15px;"> <div class="form-group" style="padding-left: 15px;">
<label class="radio-padding"><input type="radio" name="{{ $permission[$i]['permission']}}" class="minimal" value="1"> Grant</label>
<label class="radio-padding"><input type="radio" name="{{ $permission[$i]['permission'] }}" class="minimal" value="0"> Deny</label> <label class="radio-padding">
{{ Form::radio('permission['.$permission_name.']', 1, $group->permissions[$permission_name], ['class' => 'minimal']) }}
Grant</label>
<label class="radio-padding">
{{ Form::radio('permission['.$permission_name.']', 0, !$group->permissions[$permission_name], ['class' => 'minimal']) }}
Deny</label>
</div>
<hr>
@endif
@endfor @endfor
@endforeach
</div> </div>
<hr> <hr>
@endforeach
</div> </div>