From d8672944a5b3f6002b9d164f4c13b69408b5e75e Mon Sep 17 00:00:00 2001
From: Dan Brown <ssddanbrown@googlemail.com>
Date: Tue, 6 Sep 2022 17:20:35 +0100
Subject: [PATCH] Added image view access notice to role form

Added to clarify the role permission in scenarios where users may have
not read the docs site to understand image access control.

Related to #3688
---
 resources/lang/en/settings.php                      | 1 +
 resources/views/settings/roles/parts/form.blade.php | 8 +++++++-
 tests/Permissions/RolesTest.php                     | 8 ++++++++
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/resources/lang/en/settings.php b/resources/lang/en/settings.php
index 9dbd96c5a..ea4228488 100755
--- a/resources/lang/en/settings.php
+++ b/resources/lang/en/settings.php
@@ -161,6 +161,7 @@ return [
     'roles_system_warning' => 'Be aware that access to any of the above three permissions can allow a user to alter their own privileges or the privileges of others in the system. Only assign roles with these permissions to trusted users.',
     'role_asset_desc' => 'These permissions control default access to the assets within the system. Permissions on Books, Chapters and Pages will override these permissions.',
     'role_asset_admins' => 'Admins are automatically given access to all content but these options may show or hide UI options.',
+    'role_asset_image_view_note' => 'This relates to visibility within the image manager. Actual access of uploaded image files will be dependant upon system image storage option.',
     'role_all' => 'All',
     'role_own' => 'Own',
     'role_controlled_by_asset' => 'Controlled by the asset they are uploaded to',
diff --git a/resources/views/settings/roles/parts/form.blade.php b/resources/views/settings/roles/parts/form.blade.php
index 73d6a03d0..593791997 100644
--- a/resources/views/settings/roles/parts/form.blade.php
+++ b/resources/views/settings/roles/parts/form.blade.php
@@ -172,7 +172,7 @@
                     <a href="#" permissions-table-toggle-all-in-row class="text-small text-primary">{{ trans('common.toggle_all') }}</a>
                 </td>
                 <td>@include('settings.roles.parts.checkbox', ['permission' => 'image-create-all', 'label' => ''])</td>
-                <td style="line-height:1.2;"><small class="faded">{{ trans('settings.role_controlled_by_asset') }}</small></td>
+                <td style="line-height:1.2;"><small class="faded">{{ trans('settings.role_controlled_by_asset') }}<sup>1</sup></small></td>
                 <td>
                     @include('settings.roles.parts.checkbox', ['permission' => 'image-update-own', 'label' => trans('settings.role_own')])
                     <br>
@@ -221,5 +221,11 @@
                 </td>
             </tr>
         </table>
+
+        <div>
+            <p class="text-muted text-small px-m">
+                <sup>1</sup> {{ trans('settings.role_asset_image_view_note') }}
+            </p>
+        </div>
     </div>
 </div>
\ No newline at end of file
diff --git a/tests/Permissions/RolesTest.php b/tests/Permissions/RolesTest.php
index 3604a3cac..b992bfecc 100644
--- a/tests/Permissions/RolesTest.php
+++ b/tests/Permissions/RolesTest.php
@@ -163,6 +163,14 @@ class RolesTest extends TestCase
         $this->assertEquals($this->user->id, $roleA->users()->first()->id);
     }
 
+    public function test_image_view_notice_shown_on_role_form()
+    {
+        /** @var Role $role */
+        $role = Role::query()->first();
+        $this->asAdmin()->get("/settings/roles/{$role->id}")
+            ->assertSee('Actual access of uploaded image files will be dependant upon system image storage option');
+    }
+
     public function test_copy_role_button_shown()
     {
         /** @var Role $role */