Permission refactor for contacts (#2162)

This commit is contained in:
David Bomba 2018-06-11 22:44:55 +10:00 committed by GitHub
parent 0e963f9dce
commit 96c5633f59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 87 additions and 23 deletions

View File

@ -49,20 +49,20 @@ if (! defined('APP_NAME')) {
define('ENTITY_PROPOSAL_INVITATION', 'proposal_invitation');
$permissionEntities = [
ENTITY_PROPOSAL,
ENTITY_EXPENSE,
ENTITY_PROJECT,
ENTITY_VENDOR,
ENTITY_PRODUCT,
ENTITY_TASK,
ENTITY_QUOTE,
ENTITY_CREDIT,
ENTITY_PAYMENT,
ENTITY_CONTACT,
ENTITY_INVOICE,
ENTITY_CLIENT,
ENTITY_RECURRING_INVOICE,
//ENTITY_CONTACT,
ENTITY_CREDIT,
ENTITY_EXPENSE,
ENTITY_INVOICE,
ENTITY_PAYMENT,
ENTITY_PRODUCT,
ENTITY_PROJECT,
ENTITY_PROPOSAL,
ENTITY_QUOTE,
'reports',
ENTITY_TASK,
ENTITY_VENDOR,
ENTITY_RECURRING_INVOICE,
];
define('PERMISSION_ENTITIES', json_encode($permissionEntities));

View File

@ -81,6 +81,37 @@ class GenericEntityPolicy
return false;
}
/**
* @param User $user
* @param $item - entity name or object
*
* @return bool
*/
public static function edit(User $user, $item)
{
if (! static::checkModuleEnabled($user, $item))
return false;
$entityType = is_string($item) ? $item : $item->getEntityType();
return $user->hasPermission('edit_' . $entityType) || $user->owns($item);
}
/**
* @param User $user
* @param $item - entity name or object
* @return bool
*/
private static function checkModuleEnabled(User $user, $item)
{
$entityType = is_string($item) ? $item : $item->getEntityType();
return $user->account->isModuleEnabled($entityType);
}
private static function className($entityType)
{
if (! Utils::isNinjaProd()) {

View File

@ -102,6 +102,9 @@
->check(is_array($permissions) && in_array('edit_' . $permissionEntity, $permissions, FALSE) ? true : false) !!}</td>
</tr>
@endforeach
<tr><td><input type="checkbox" id="view_contact" value="view_contact" name="permissions[view_contact]" style="display:none">
<input type="checkbox" id="edit_contact" value="edit_contact" name="permissions[edit_contact]" style="display:none">
<input type="checkbox" id="create_contact" value="create_contact" name="permissions[create_contact]" style="display:none"></td></tr>
</tbody>
</table>
</div>
@ -148,10 +151,12 @@
.replace(']',"")
.replace('[',""); //get entity name
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
setCheckboxEditValue(entity);
setContactPermission();
});
/*
*
* Checks state of View/Edit checkbox, will enable/disable check/uncheck
@ -168,10 +173,27 @@
.replace(']',"")
.replace('[',""); //get entity name
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
setCheckboxEditValue(entity);
setContactPermission();
if(!$('#view_' + entity).is(':checked')) {
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
});
$('#edit_client, #view_client, #create_client').change(function() {
switch($(this).val()) {
case 'create_client':
$('#create_contact').prop('disabled', false); //set state of edit checkbox
$('#create_contact').prop('checked', $('#create_client').is(':checked') );
break;
case 'view_client':
$('#view_contact').prop('disabled', false); //set state of edit checkbox
$('#view_contact').prop('checked', $('#view_client').is(':checked') );
break;
case 'edit_client':
$('#edit_contact').prop('disabled', false); //set state of edit checkbox
$('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
break;
}
});
@ -192,17 +214,28 @@
$('#' + permission_type + entity).prop('checked', checked); //set state of edit checkbox
if(!$('#view_' + entity).is(':checked')) {
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
}
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
setCheckboxEditValue(entity);
setContactPermission();
});
});
function setCheckboxEditValue(entity) {
if(!$('#view_' + entity).is(':checked')) {
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
}
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
}
function setContactPermission() {
$('#view_contact').prop('checked', $('#view_client').is(':checked') );
$('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
$('#create_contact').prop('checked', $('#create_client').is(':checked') );
}
@stop