Merge pull request #15563 from snipe/refined_gates_on_user_bulk
Some checks are pending
Crowdin Action / upload-sources-to-crowdin (push) Waiting to run
Docker images (Alpine) / docker (push) Waiting to run
Docker images / docker (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.1) (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.2) (push) Waiting to run
Tests in MySQL / PHP ${{ matrix.php-version }} (8.3) (push) Waiting to run
Tests in SQLite / PHP ${{ matrix.php-version }} (8.1.1) (push) Waiting to run

Update for #15534 - Refined gates on user bulk
This commit is contained in:
snipe 2024-09-25 20:35:58 +01:00 committed by GitHub
commit ac6411743b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 29 additions and 20 deletions

View file

@ -36,7 +36,7 @@ class BulkUsersController extends Controller
*/
public function edit(Request $request)
{
$this->authorize('update', User::class);
$this->authorize('view', User::class);
// Make sure there were users selected
if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
@ -48,16 +48,18 @@ class BulkUsersController extends Controller
// bulk edit, display the bulk edit form
if ($request->input('bulk_actions') == 'edit') {
$this->authorize('update', User::class);
return view('users/bulk-edit', compact('users'))
->with('groups', Group::pluck('name', 'id'));
// bulk delete, display the bulk delete confirmation form
} elseif ($request->input('bulk_actions') == 'delete') {
$this->authorize('delete', User::class);
return view('users/confirm-bulk-delete')->with('users', $users)->with('statuslabel_list', Helper::statusLabelList());
// merge, confirm they have at least 2 users selected and display the merge screen
} elseif ($request->input('bulk_actions') == 'merge') {
$this->authorize('delete', User::class);
if (($request->filled('ids')) && (count($request->input('ids')) > 1)) {
return view('users/confirm-merge')->with('users', $users);
// Not enough users selected, send them back

View file

@ -1,24 +1,31 @@
<div id="userBulkEditToolbar">
@can('view', \App\Models\User::class)
<div id="userBulkEditToolbar">
{{ Form::open([
'method' => 'POST',
'route' => ['users/bulkedit'],
'class' => 'form-inline',
'id' => 'usersBulkForm']) }}
@if (request('status')!='deleted')
@can('delete', \App\Models\User::class)
@if (request('status')!='deleted')
<div id="users-toolbar">
<label for="bulk_actions" class="sr-only">{{ trans('general.bulk_actions') }}</label>
<select name="bulk_actions" class="form-control select2" style="min-width:300px;" aria-label="bulk_actions">
@can('update', \App\Models\User::class)
<option value="edit">{{ trans('general.bulk_edit') }}</option>
@endcan
@can('delete', \App\Models\User::class)
<option value="delete">{!! trans('general.bulk_checkin_delete') !!}</option>
<option value="merge">{!! trans('general.merge_users') !!}</option>
@endcan
<option value="bulkpasswordreset">{{ trans('button.send_password_link') }}</option>
<option value="print">{{ trans('admin/users/general.print_assigned') }}</option>
</select>
<button class="btn btn-primary" id="bulkUserEditButton" disabled>{{ trans('button.go') }}</button>
</div>
@endcan
@endif
@endif
{{ Form::close() }}
</div>
</div>
@endcan