mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2025-07-09 03:14:30 -04:00
Permission refactor for contacts (#2162)
This commit is contained in:
parent
0e963f9dce
commit
96c5633f59
@ -49,20 +49,20 @@ if (! defined('APP_NAME')) {
|
||||
define('ENTITY_PROPOSAL_INVITATION', 'proposal_invitation');
|
||||
|
||||
$permissionEntities = [
|
||||
ENTITY_PROPOSAL,
|
||||
ENTITY_EXPENSE,
|
||||
ENTITY_PROJECT,
|
||||
ENTITY_VENDOR,
|
||||
ENTITY_PRODUCT,
|
||||
ENTITY_TASK,
|
||||
ENTITY_QUOTE,
|
||||
ENTITY_CREDIT,
|
||||
ENTITY_PAYMENT,
|
||||
ENTITY_CONTACT,
|
||||
ENTITY_INVOICE,
|
||||
ENTITY_CLIENT,
|
||||
ENTITY_RECURRING_INVOICE,
|
||||
//ENTITY_CONTACT,
|
||||
ENTITY_CREDIT,
|
||||
ENTITY_EXPENSE,
|
||||
ENTITY_INVOICE,
|
||||
ENTITY_PAYMENT,
|
||||
ENTITY_PRODUCT,
|
||||
ENTITY_PROJECT,
|
||||
ENTITY_PROPOSAL,
|
||||
ENTITY_QUOTE,
|
||||
'reports',
|
||||
ENTITY_TASK,
|
||||
ENTITY_VENDOR,
|
||||
ENTITY_RECURRING_INVOICE,
|
||||
];
|
||||
|
||||
define('PERMISSION_ENTITIES', json_encode($permissionEntities));
|
||||
|
@ -81,6 +81,37 @@ class GenericEntityPolicy
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param User $user
|
||||
* @param $item - entity name or object
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
|
||||
public static function edit(User $user, $item)
|
||||
{
|
||||
if (! static::checkModuleEnabled($user, $item))
|
||||
return false;
|
||||
|
||||
|
||||
$entityType = is_string($item) ? $item : $item->getEntityType();
|
||||
return $user->hasPermission('edit_' . $entityType) || $user->owns($item);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param User $user
|
||||
* @param $item - entity name or object
|
||||
* @return bool
|
||||
*/
|
||||
|
||||
private static function checkModuleEnabled(User $user, $item)
|
||||
{
|
||||
$entityType = is_string($item) ? $item : $item->getEntityType();
|
||||
return $user->account->isModuleEnabled($entityType);
|
||||
}
|
||||
|
||||
|
||||
|
||||
private static function className($entityType)
|
||||
{
|
||||
if (! Utils::isNinjaProd()) {
|
||||
|
@ -102,6 +102,9 @@
|
||||
->check(is_array($permissions) && in_array('edit_' . $permissionEntity, $permissions, FALSE) ? true : false) !!}</td>
|
||||
</tr>
|
||||
@endforeach
|
||||
<tr><td><input type="checkbox" id="view_contact" value="view_contact" name="permissions[view_contact]" style="display:none">
|
||||
<input type="checkbox" id="edit_contact" value="edit_contact" name="permissions[edit_contact]" style="display:none">
|
||||
<input type="checkbox" id="create_contact" value="create_contact" name="permissions[create_contact]" style="display:none"></td></tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
@ -148,10 +151,12 @@
|
||||
.replace(']',"")
|
||||
.replace('[',""); //get entity name
|
||||
|
||||
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
|
||||
setCheckboxEditValue(entity);
|
||||
setContactPermission();
|
||||
|
||||
});
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
* Checks state of View/Edit checkbox, will enable/disable check/uncheck
|
||||
@ -168,10 +173,27 @@
|
||||
.replace(']',"")
|
||||
.replace('[',""); //get entity name
|
||||
|
||||
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
|
||||
setCheckboxEditValue(entity);
|
||||
setContactPermission();
|
||||
|
||||
if(!$('#view_' + entity).is(':checked')) {
|
||||
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
|
||||
});
|
||||
|
||||
$('#edit_client, #view_client, #create_client').change(function() {
|
||||
switch($(this).val()) {
|
||||
case 'create_client':
|
||||
$('#create_contact').prop('disabled', false); //set state of edit checkbox
|
||||
$('#create_contact').prop('checked', $('#create_client').is(':checked') );
|
||||
break;
|
||||
|
||||
case 'view_client':
|
||||
$('#view_contact').prop('disabled', false); //set state of edit checkbox
|
||||
$('#view_contact').prop('checked', $('#view_client').is(':checked') );
|
||||
break;
|
||||
|
||||
case 'edit_client':
|
||||
$('#edit_contact').prop('disabled', false); //set state of edit checkbox
|
||||
$('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
|
||||
break;
|
||||
}
|
||||
|
||||
});
|
||||
@ -192,17 +214,28 @@
|
||||
|
||||
$('#' + permission_type + entity).prop('checked', checked); //set state of edit checkbox
|
||||
|
||||
if(!$('#view_' + entity).is(':checked')) {
|
||||
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
|
||||
}
|
||||
|
||||
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
|
||||
|
||||
setCheckboxEditValue(entity);
|
||||
setContactPermission();
|
||||
|
||||
});
|
||||
|
||||
|
||||
});
|
||||
|
||||
function setCheckboxEditValue(entity) {
|
||||
|
||||
if(!$('#view_' + entity).is(':checked')) {
|
||||
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
|
||||
}
|
||||
|
||||
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
|
||||
|
||||
}
|
||||
|
||||
function setContactPermission() {
|
||||
|
||||
$('#view_contact').prop('checked', $('#view_client').is(':checked') );
|
||||
$('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
|
||||
$('#create_contact').prop('checked', $('#create_client').is(':checked') );
|
||||
|
||||
}
|
||||
@stop
|
||||
|
Loading…
x
Reference in New Issue
Block a user