Fixes #1995 - updated group admin to use native permissions

This commit is contained in:
snipe 2016-04-28 14:03:54 -07:00
parent 97a91e2d83
commit 449163c875
4 changed files with 306 additions and 33 deletions

View file

@ -92,12 +92,10 @@ class GroupsController extends Controller
public function getEdit($id = null)
{
$group = Group::find($id);
$group->name = e(Input::get('name'));
$group->permissions = json_decode($group->permissions, true);
$permissions = config('permissions');
// Show the page
return View::make('groups/edit', compact('group', 'permissions','allpermissions'));
$group->permissions = $group->decodePermissions();
$selected_array = $group->selectedPermissionsArray($permissions, $group->permissions);
return View::make('groups/edit', compact('group', 'permissions','selected_array'));
}
/**
@ -111,12 +109,16 @@ class GroupsController extends Controller
*/
public function postEdit($id = null)
{
// print_r(Input::get('permission'));
// exit;
$permissions = config('permissions');
if (!$group = Group::find($id)) {
return Redirect::route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
}
$group->name = e(Input::get('name'));
$group->permissions = json_encode(Input::get('permission'));
if (!config('app.lock_passwords')) {

View file

@ -13,22 +13,80 @@ class Group extends Model
'name' => 'required|min:3|max:255',
);
/**
* Whether the model should inject it's identifier to the unique
* validation rules before attempting validation. If this property
* is not set in the model it will default to true.
*
* @var boolean
*/
/**
* Whether the model should inject it's identifier to the unique
* validation rules before attempting validation. If this property
* is not set in the model it will default to true.
*
* @var boolean
*/
protected $injectUniqueIdentifier = true;
use ValidatingTrait;
/**
* Get user groups
*/
/**
* Get user groups
*/
public function users()
{
return $this->belongsToMany('\App\Models\User', 'users_groups');
}
public function decodePermissions()
{
return json_decode($this->permissions, true);
}
/**
* Walks through the permissions in the permissions config file and determines if
* permissions are granted based on a $selected_arr array.
*
* The $permissions array is a multidimensional array broke down by section.
* (Licenses, Assets, etc)
*
* The $selected_arr should be a flattened array that contains just the
* corresponding permission name and a true or false boolean to determine
* if that group has been granted that permission.
*
* @todo Move this into a helper? Since the same logic is used for users.
* @author [A. Gianotto] [<snipe@snipe.net]
* @param array $permissions
* @param array $selected_arr
* @since [v1.0]
* @return Array
*/
public static function selectedPermissionsArray($permissions, $selected_arr = array())
{
$permissions_arr = array();
foreach ($permissions as $permission) {
for ($x = 0; $x < count($permission); $x++) {
$permission_name = $permission[$x]['permission'];
if ($permission[$x]['display'] === true) {
if ($selected_arr) {
if (array_key_exists($permission_name,$selected_arr)) {
$permissions_arr[$permission_name] = ($selected_arr[$permission_name] === 1) ? '1': '0';
} else {
$permissions_arr[$permission_name] = 'bum';
}
} else {
$permissions_arr[$permission_name] = 'hodor';
}
}
}
}
return $permissions_arr;
}
}

View file

@ -7,32 +7,231 @@ return array(
'permission' => 'superuser',
'label' => 'Super User',
'note' => 'Determines whether the user has full access to all aspects of the admin. ',
'display' => true,
),
),
'Admin' => array(
array(
'permission' => 'admin',
'label' => 'Admin Rights',
'label' => '',
'note' => 'Determines whether the user has access to most aspects of the admin.',
'display' => true,
),
),
'Reporting' => array(
'Reports' => array(
array(
'permission' => 'reports',
'label' => 'View Reports',
'permission' => 'reports.view',
'label' => '',
'note' => 'Determines whether the user has the abiity to view reports.',
'display' => true,
),
),
'Assets' => array(
array(
'permission' => 'assets.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.create',
'label' => 'Create Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.edit',
'label' => 'Edit Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.delete',
'label' => 'Delete Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'assets.checkout',
'label' => 'View Assets',
'note' => '',
'display' => false,
),
),
'Accessories' => array(
array(
'permission' => 'accessories.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessory.create',
'label' => 'Create Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessories.edit',
'label' => 'Edit Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessories.delete',
'label' => 'Delete Assets',
'note' => '',
'display' => false,
),
array(
'permission' => 'accessories.checkout',
'label' => 'View Assets',
'note' => '',
'display' => false,
),
),
'Consumables' => array(
array(
'permission' => 'consumables.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.create',
'label' => 'Create Consumables',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.edit',
'label' => 'Edit Consumables',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.delete',
'label' => 'Delete Consumables',
'note' => '',
'display' => false,
),
array(
'permission' => 'consumables.checkout',
'label' => 'Checkout Consumables',
'note' => '',
'display' => false,
),
),
'Licenses' => array(
array(
'permission' => 'license_keys',
'permission' => 'licenses.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.create',
'label' => 'Create Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.edit',
'label' => 'Edit Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.delete',
'label' => 'Delete Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.checkout',
'label' => 'Checkout Licenses',
'note' => '',
'display' => false,
),
array(
'permission' => 'licenses.keys',
'label' => 'View License Keys',
'note' => 'Determines whether the user has the ability to view the license keys assigned to them in their own profile. (Usually granted for lower-level permissions that wouldn\'t normally have access.)',
'note' => '',
'display' => true,
),
),
'Components' => array(
array(
'permission' => 'components.view',
'label' => '',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.create',
'label' => 'Create Components',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.edit',
'label' => 'Edit Components',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.delete',
'label' => 'Delete Components',
'note' => '',
'display' => false,
),
array(
'permission' => 'components.checkout',
'label' => 'Checkout Components',
'note' => '',
'display' => false,
),
),
'Users' => array(
array(
'permission' => 'users.view',
'label' => 'View Users',
'note' => '',
'display' => false,
),
array(
'permission' => 'users.create',
'label' => 'Create Users',
'note' => '',
'display' => false,
),
array(
'permission' => 'users.edit',
'label' => 'Edit Users',
'note' => '',
'display' => false,
),
array(
'permission' => 'users.delete',
'label' => 'Delete Users',
'note' => '',
'display' => false,
),
),
);

View file

@ -20,6 +20,7 @@
}
</style>
<div class="row">
<div class="col-md-9">
<div class="box box-default">
@ -48,26 +49,39 @@
{!! $errors->first('name', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
</div>
</div>
<div class="col-md-9 col-md-offset-3">
@foreach ($permissions as $area => $permission)
@for ($i = 0; $i < count($area); $i++)
<h3>{{ $area }}: {{ $permission[$i]['label'] }}</h3>
<p>{{ $permission[$i]['note'] }}</p>
@for ($i = 0; $i < count($permission); $i++)
<?php
$permission_name = $permission[$i]['permission'];
?>
<!-- radio -->
<div class="form-group" style="padding-left: 15px;">
<label class="radio-padding"><input type="radio" name="{{ $permission[$i]['permission']}}" class="minimal" value="1"> Grant</label>
<label class="radio-padding"><input type="radio" name="{{ $permission[$i]['permission'] }}" class="minimal" value="0"> Deny</label>
@if ($permission[$i]['display'])
<h3>{{ $area }}: {{ $permission[$i]['label'] }}</h3>
<p>{{ $permission[$i]['note'] }}</p>
<!-- radio -->
<div class="form-group" style="padding-left: 15px;">
<label class="radio-padding">
{{ Form::radio('permission['.$permission_name.']', 1, $group->permissions[$permission_name], ['class' => 'minimal']) }}
Grant</label>
<label class="radio-padding">
{{ Form::radio('permission['.$permission_name.']', 0, !$group->permissions[$permission_name], ['class' => 'minimal']) }}
Deny</label>
</div>
<hr>
@endif
@endfor
</div>
<hr>
@endforeach
</div>
<hr>
</div>