Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Permission refactor for contacts (#2162)

Browse Source
This commit is contained in:
David Bomba 2018-06-11 22:44:55 +10:00 committed by GitHub
parent 0e963f9dce
commit 96c5633f59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 87 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
app/Constants.php
View File

@ -49,20 +49,20 @@ if (! defined('APP_NAME')) {
define('ENTITY_PROPOSAL_INVITATION', 'proposal_invitation'); define('ENTITY_PROPOSAL_INVITATION', 'proposal_invitation');
$permissionEntities = [ $permissionEntities = [
ENTITY_PROPOSAL,
ENTITY_EXPENSE,
ENTITY_PROJECT,
ENTITY_VENDOR,
ENTITY_PRODUCT,
ENTITY_TASK,
ENTITY_QUOTE,
ENTITY_CREDIT,
ENTITY_PAYMENT,
ENTITY_CONTACT,
ENTITY_INVOICE,
ENTITY_CLIENT, ENTITY_CLIENT,
ENTITY_RECURRING_INVOICE, //ENTITY_CONTACT,
ENTITY_CREDIT,
ENTITY_EXPENSE,
ENTITY_INVOICE,
ENTITY_PAYMENT,
ENTITY_PRODUCT,
ENTITY_PROJECT,
ENTITY_PROPOSAL,
ENTITY_QUOTE,
'reports', 'reports',
ENTITY_TASK,
ENTITY_VENDOR,
ENTITY_RECURRING_INVOICE,
]; ];
define('PERMISSION_ENTITIES', json_encode($permissionEntities)); define('PERMISSION_ENTITIES', json_encode($permissionEntities));

31
app/Policies/GenericEntityPolicy.php
View File

@ -81,6 +81,37 @@ class GenericEntityPolicy
return false; return false;
} }
/**
* @param User $user
* @param $item - entity name or object
*
* @return bool
*/
public static function edit(User $user, $item)
{
if (! static::checkModuleEnabled($user, $item))
return false;
$entityType = is_string($item) ? $item : $item->getEntityType();
return $user->hasPermission('edit_' . $entityType) || $user->owns($item);
}
/**
* @param User $user
* @param $item - entity name or object
* @return bool
*/
private static function checkModuleEnabled(User $user, $item)
{
$entityType = is_string($item) ? $item : $item->getEntityType();
return $user->account->isModuleEnabled($entityType);
}
private static function className($entityType) private static function className($entityType)
{ {
if (! Utils::isNinjaProd()) { if (! Utils::isNinjaProd()) {

49
resources/views/users/edit.blade.php
View File

@ -102,6 +102,9 @@
->check(is_array($permissions) && in_array('edit_' . $permissionEntity, $permissions, FALSE) ? true : false) !!}</td> ->check(is_array($permissions) && in_array('edit_' . $permissionEntity, $permissions, FALSE) ? true : false) !!}</td>
</tr> </tr>
@endforeach @endforeach
<tr><td><input type="checkbox" id="view_contact" value="view_contact" name="permissions[view_contact]" style="display:none">
<input type="checkbox" id="edit_contact" value="edit_contact" name="permissions[edit_contact]" style="display:none">
<input type="checkbox" id="create_contact" value="create_contact" name="permissions[create_contact]" style="display:none"></td></tr>
</tbody> </tbody>
</table> </table>
</div> </div>
@ -148,10 +151,12 @@
.replace(']',"") .replace(']',"")
.replace('[',""); //get entity name .replace('[',""); //get entity name
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox setCheckboxEditValue(entity);
setContactPermission();
}); });
/* /*
* *
* Checks state of View/Edit checkbox, will enable/disable check/uncheck * Checks state of View/Edit checkbox, will enable/disable check/uncheck
@ -168,10 +173,27 @@
.replace(']',"") .replace(']',"")
.replace('[',""); //get entity name .replace('[',""); //get entity name
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox setCheckboxEditValue(entity);
setContactPermission();
if(!$('#view_' + entity).is(':checked')) { });
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
$('#edit_client, #view_client, #create_client').change(function() {
switch($(this).val()) {
case 'create_client':
$('#create_contact').prop('disabled', false); //set state of edit checkbox
$('#create_contact').prop('checked', $('#create_client').is(':checked') );
break;
case 'view_client':
$('#view_contact').prop('disabled', false); //set state of edit checkbox
$('#view_contact').prop('checked', $('#view_client').is(':checked') );
break;
case 'edit_client':
$('#edit_contact').prop('disabled', false); //set state of edit checkbox
$('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
break;
} }
}); });
@ -192,17 +214,28 @@
$('#' + permission_type + entity).prop('checked', checked); //set state of edit checkbox $('#' + permission_type + entity).prop('checked', checked); //set state of edit checkbox
setCheckboxEditValue(entity);
setContactPermission();
});
});
function setCheckboxEditValue(entity) {
if(!$('#view_' + entity).is(':checked')) { if(!$('#view_' + entity).is(':checked')) {
$('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state. $('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
} }
$('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox $('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
}
}); function setContactPermission() {
});
$('#view_contact').prop('checked', $('#view_client').is(':checked') );
$('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
$('#create_contact').prop('checked', $('#create_client').is(':checked') );
}
@stop @stop