mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
Added interface for adding/removing roles in entity perms.
This commit is contained in:
parent
ffd6a1002e
commit
803934d020
@ -15,16 +15,15 @@ class PermissionFormData
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the roles with permissions assigned.
|
||||
* Get the permissions with assigned roles.
|
||||
*/
|
||||
public function rolesWithPermissions(): array
|
||||
public function permissionsWithRoles(): array
|
||||
{
|
||||
return $this->entity->permissions()
|
||||
->with('role')
|
||||
->where('role_id', '!=', 0)
|
||||
->get(['id', 'role_id'])
|
||||
->pluck('role')
|
||||
->sortBy('display_name')
|
||||
->get()
|
||||
->sortBy('role.display_name')
|
||||
->all();
|
||||
}
|
||||
|
||||
|
@ -2,7 +2,9 @@
|
||||
|
||||
namespace BookStack\Http\Controllers;
|
||||
|
||||
use BookStack\Auth\Permissions\EntityPermission;
|
||||
use BookStack\Auth\Permissions\PermissionFormData;
|
||||
use BookStack\Auth\Role;
|
||||
use BookStack\Entities\Models\Book;
|
||||
use BookStack\Entities\Models\Bookshelf;
|
||||
use BookStack\Entities\Models\Chapter;
|
||||
@ -148,4 +150,20 @@ class PermissionsController extends Controller
|
||||
|
||||
return redirect($shelf->getUrl());
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an empty entity permissions form row for the given role.
|
||||
*/
|
||||
public function formRowForRole(string $entityType, string $roleId)
|
||||
{
|
||||
$this->checkPermissionOr('restrictions-manage', fn() => userCan('restrictions-manage-all'));
|
||||
|
||||
$role = Role::query()->findOrFail($roleId);
|
||||
|
||||
return view('form.entity-permissions-row', [
|
||||
'role' => $role,
|
||||
'permission' => new EntityPermission(),
|
||||
'entityType' => $entityType,
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
@ -1,14 +1,21 @@
|
||||
|
||||
|
||||
/**
|
||||
* @extends {Component}
|
||||
*/
|
||||
class EntityPermissions {
|
||||
|
||||
setup() {
|
||||
this.container = this.$el;
|
||||
this.entityType = this.$opts.entityType;
|
||||
|
||||
this.everyoneInheritToggle = this.$refs.everyoneInherit;
|
||||
this.roleSelect = this.$refs.roleSelect;
|
||||
this.roleContainer = this.$refs.roleContainer;
|
||||
|
||||
this.setupListeners();
|
||||
}
|
||||
|
||||
setupListeners() {
|
||||
// "Everyone Else" inherit toggle
|
||||
this.everyoneInheritToggle.addEventListener('change', event => {
|
||||
const inherit = event.target.checked;
|
||||
const permissions = document.querySelectorAll('input[type="checkbox"][name^="restrictions[0]["]');
|
||||
@ -16,7 +23,56 @@ class EntityPermissions {
|
||||
permission.disabled = inherit;
|
||||
permission.checked = false;
|
||||
}
|
||||
})
|
||||
});
|
||||
|
||||
// Remove role row button click
|
||||
this.container.addEventListener('click', event => {
|
||||
const button = event.target.closest('button');
|
||||
if (button && button.dataset.roleId) {
|
||||
this.removeRowOnButtonClick(button)
|
||||
}
|
||||
});
|
||||
|
||||
// Role select change
|
||||
this.roleSelect.addEventListener('change', event => {
|
||||
const roleId = this.roleSelect.value;
|
||||
if (roleId) {
|
||||
this.addRoleRow(roleId);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
async addRoleRow(roleId) {
|
||||
this.roleSelect.disabled = true;
|
||||
|
||||
// Remove option from select
|
||||
const option = this.roleSelect.querySelector(`option[value="${roleId}"]`);
|
||||
if (option) {
|
||||
option.remove();
|
||||
}
|
||||
|
||||
// Get and insert new row
|
||||
const resp = await window.$http.get(`/permissions/form-row/${this.entityType}/${roleId}`);
|
||||
const wrap = document.createElement('div');
|
||||
wrap.innerHTML = resp.data;
|
||||
const row = wrap.children[0];
|
||||
this.roleContainer.append(row);
|
||||
window.components.init(row);
|
||||
|
||||
this.roleSelect.disabled = false;
|
||||
}
|
||||
|
||||
removeRowOnButtonClick(button) {
|
||||
const row = button.closest('.content-permissions-row');
|
||||
const roleId = button.dataset.roleId;
|
||||
const roleName = button.dataset.roleName;
|
||||
|
||||
const option = document.createElement('option');
|
||||
option.value = roleId;
|
||||
option.textContent = roleName;
|
||||
|
||||
this.roleSelect.append(option);
|
||||
row.remove();
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -109,12 +109,23 @@ button {
|
||||
display: block;
|
||||
}
|
||||
|
||||
.button.icon {
|
||||
.button.icon, .icon-button {
|
||||
.svg-icon {
|
||||
margin-inline-end: 0;
|
||||
}
|
||||
}
|
||||
|
||||
.icon-button {
|
||||
text-align: center;
|
||||
border: 1px solid transparent;
|
||||
}
|
||||
.icon-button:hover {
|
||||
background-color: rgba(0, 0, 0, 0.05);
|
||||
border-radius: 4px;
|
||||
border-color: #DDD;
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
.button.svg {
|
||||
display: flex;
|
||||
align-items: center;
|
||||
|
@ -1,3 +1,9 @@
|
||||
{{--
|
||||
$role - The Role to display this row for.
|
||||
$entityType - String identifier for type of entity having permissions applied.
|
||||
$permission - The entity permission containing the permissions.
|
||||
--}}
|
||||
|
||||
<div component="permissions-table" class="content-permissions-row flex-container-row justify-space-between wrap">
|
||||
<div class="gap-x-m flex-container-row items-center px-l py-m flex">
|
||||
<div class="text-large" title="{{ $role->id === 0 ? 'Everyone Else' : trans('common.role') }}">
|
||||
@ -15,7 +21,8 @@
|
||||
@endif
|
||||
</div>
|
||||
@php
|
||||
$inheriting = ($role->id === 0 && !$model->restricted);
|
||||
// TODO
|
||||
$inheriting = ($role->id === 0);
|
||||
@endphp
|
||||
@if($role->id === 0)
|
||||
<div class="px-l flex-container-row items-center" refs="entity-permissions@everyoneInherit">
|
||||
@ -30,18 +37,53 @@
|
||||
<div class="flex-container-row justify-space-between gap-x-xl wrap items-center">
|
||||
<input type="hidden" name="permissions[{{ $role->id }}][active]" value="true">
|
||||
<div class="px-l">
|
||||
@include('form.restriction-checkbox', ['name'=>'permissions', 'label' => trans('common.view'), 'action' => 'view', 'disabled' => $inheriting])
|
||||
@include('form.custom-checkbox', [
|
||||
'name' => 'permissions[' . $role->id . '][view]',
|
||||
'label' => trans('common.view'),
|
||||
'value' => 'true',
|
||||
'checked' => $permission->view,
|
||||
'disabled' => $inheriting
|
||||
])
|
||||
</div>
|
||||
@if($entityType !== 'page')
|
||||
<div class="px-l">
|
||||
@if(!$model instanceof \BookStack\Entities\Models\Page)
|
||||
@include('form.restriction-checkbox', ['name'=>'permissions', 'label' => trans('common.create'), 'action' => 'create', 'disabled' => $inheriting])
|
||||
@include('form.custom-checkbox', [
|
||||
'name' => 'permissions[' . $role->id . '][create]',
|
||||
'label' => trans('common.create'),
|
||||
'value' => 'true',
|
||||
'checked' => $permission->create,
|
||||
'disabled' => $inheriting
|
||||
])
|
||||
</div>
|
||||
@endif
|
||||
<div class="px-l">
|
||||
@include('form.custom-checkbox', [
|
||||
'name' => 'permissions[' . $role->id . '][update]',
|
||||
'label' => trans('common.update'),
|
||||
'value' => 'true',
|
||||
'checked' => $permission->update,
|
||||
'disabled' => $inheriting
|
||||
])
|
||||
</div>
|
||||
<div class="px-l">
|
||||
@include('form.restriction-checkbox', ['name'=>'permissions', 'label' => trans('common.update'), 'action' => 'update', 'disabled' => $inheriting])
|
||||
</div>
|
||||
<div class="px-l">
|
||||
@include('form.restriction-checkbox', ['name'=>'permissions', 'label' => trans('common.delete'), 'action' => 'delete', 'disabled' => $inheriting])
|
||||
@include('form.custom-checkbox', [
|
||||
'name' => 'permissions[' . $role->id . '][delete]',
|
||||
'label' => trans('common.delete'),
|
||||
'value' => 'true',
|
||||
'checked' => $permission->delete,
|
||||
'disabled' => $inheriting
|
||||
])
|
||||
</div>
|
||||
</div>
|
||||
@if($role->id !== 0)
|
||||
<div class="flex-container-row items-center px-m py-s">
|
||||
<button type="button"
|
||||
class="text-neg p-m icon-button"
|
||||
data-role-id="{{ $role->id }}"
|
||||
data-role-name="{{ $role->display_name }}"
|
||||
title="Remove Row">
|
||||
@icon('close') <span class="hide-over-m ml-xs">Remove Row</span>
|
||||
</button>
|
||||
</div>
|
||||
@endif
|
||||
</div>
|
@ -1,4 +1,7 @@
|
||||
<form component="entity-permissions" action="{{ $model->getUrl('/permissions') }}" method="POST">
|
||||
<form component="entity-permissions"
|
||||
option:entity-permissions:entity-type="{{ $model->getType() }}"
|
||||
action="{{ $model->getUrl('/permissions') }}"
|
||||
method="POST">
|
||||
{!! csrf_field() !!}
|
||||
<input type="hidden" name="_method" value="PUT">
|
||||
|
||||
@ -18,14 +21,34 @@
|
||||
<p class="text-warn">{{ trans('entities.shelves_permissions_cascade_warning') }}</p>
|
||||
@endif
|
||||
|
||||
<div class="content-permissions mt-m mb-xl">
|
||||
@foreach($data->rolesWithPermissions() as $role)
|
||||
@include('form.entity-permissions-row', ['role' => $role, 'model' => $model])
|
||||
<div refs="entity-permissions@role-container" class="content-permissions mt-m mb-m">
|
||||
@foreach($data->permissionsWithRoles() as $permission)
|
||||
@include('form.entity-permissions-row', [
|
||||
'permission' => $permission,
|
||||
'role' => $permission->role,
|
||||
'entityType' => $model->getType()
|
||||
])
|
||||
@endforeach
|
||||
</div>
|
||||
|
||||
<div class="flex-container-row justify-flex-end mb-xl">
|
||||
<div>
|
||||
<label for="role_select">Override permissions for role</label>
|
||||
<select name="role_select" id="role_select" refs="entity-permissions@role-select">
|
||||
<option value="">{{ trans('common.select') }}</option>
|
||||
@foreach($data->rolesNotAssigned() as $role)
|
||||
<option value="{{ $role->id }}">{{ $role->display_name }}</option>
|
||||
@endforeach
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="content-permissions mt-m mb-xl">
|
||||
@include('form.entity-permissions-row', ['role' => $data->everyoneElseRole(), 'model' => $model])
|
||||
@include('form.entity-permissions-row', [
|
||||
'role' => $data->everyoneElseRole(),
|
||||
'permission' => new \BookStack\Auth\Permissions\EntityPermission(),
|
||||
'entityType' => $model->getType(),
|
||||
])
|
||||
</div>
|
||||
|
||||
<div class="text-right">
|
||||
|
@ -215,6 +215,9 @@ Route::middleware('auth')->group(function () {
|
||||
Route::get('/', [HomeController::class, 'index']);
|
||||
Route::get('/home', [HomeController::class, 'index']);
|
||||
|
||||
// Permissions
|
||||
Route::get('/permissions/form-row/{entityType}/{roleId}', [PermissionsController::class, 'formRowForRole']);
|
||||
|
||||
// Maintenance
|
||||
Route::get('/settings/maintenance', [MaintenanceController::class, 'index']);
|
||||
Route::delete('/settings/maintenance/cleanup-images', [MaintenanceController::class, 'cleanupImages']);
|
||||
|
Loading…
Reference in New Issue
Block a user