summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Rettberg2018-03-04 16:41:50 +0100
committerSimon Rettberg2018-03-04 16:41:50 +0100
commitc6744aac063482c4c48ed3a98d5cd8857e1261e6 (patch)
tree38f04b234810ddcf5534e6d40277dd64d1f18f35
parent[roomplanner] Add permissions (diff)
downloadslx-admin-c6744aac063482c4c48ed3a98d5cd8857e1261e6.tar.gz
slx-admin-c6744aac063482c4c48ed3a98d5cd8857e1261e6.tar.xz
slx-admin-c6744aac063482c4c48ed3a98d5cd8857e1261e6.zip
[sysconfig] Add permissions
-rw-r--r--modules-available/sysconfig/page.inc.php38
-rw-r--r--modules-available/sysconfig/permissions/permissions.json20
-rw-r--r--modules-available/sysconfig/templates/list-configs.html21
-rw-r--r--modules-available/sysconfig/templates/list-modules.html24
4 files changed, 86 insertions, 17 deletions
diff --git a/modules-available/sysconfig/page.inc.php b/modules-available/sysconfig/page.inc.php
index 30271514..7bb3e599 100644
--- a/modules-available/sysconfig/page.inc.php
+++ b/modules-available/sysconfig/page.inc.php
@@ -59,7 +59,7 @@ class Page_SysConfig extends Page
{
User::load();
- if (!User::hasPermission('superadmin')) {
+ if (!User::isLoggedIn()) {
Message::addError('main.no-permission');
Util::redirect('?do=Main');
}
@@ -90,6 +90,7 @@ class Page_SysConfig extends Page
// Action: "addmodule" (upload new module)
if ($action === 'addmodule') {
+ User::assertPermission('module.edit');
$this->initAddModule();
AddModule_Base::preprocess();
}
@@ -97,18 +98,22 @@ class Page_SysConfig extends Page
if ($action === 'module') {
// Action: "delmodule" (delete module)
if (Request::post('del', 'no') !== 'no') {
+ User::assertPermission('module.edit');
$this->delModule();
}
if (Request::post('download', 'no') !== 'no') {
+ User::assertPermission('module.download');
$this->downloadModule();
}
if (Request::post('rebuild', 'no') !== 'no') {
+ User::assertPermission('module.edit');
$this->rebuildModule();
}
}
// Action: "addconfig" (compose config from one or more modules)
if ($action === 'addconfig') {
+ User::assertPermission('config.edit');
$this->initAddConfig();
AddConfig_Base::preprocess();
}
@@ -116,14 +121,17 @@ class Page_SysConfig extends Page
if ($action === 'config') {
// Action: "delconfig" (delete config)
if (Request::post('del', 'no') !== 'no') {
+ User::assertPermission('config.edit');
$this->delConfig();
}
// Action "activate" (set sysconfig as active)
if (Request::post('activate', 'no') !== 'no') {
+ User::assertPermission('config.assign', $this->currentLoc);
$this->activateConfig();
}
// Action "rebuild" (rebuild config.tgz from its modules)
if (Request::post('rebuild', 'no') !== 'no') {
+ User::assertPermission('config.edit');
$this->rebuildConfig();
}
}
@@ -141,15 +149,24 @@ class Page_SysConfig extends Page
$action = Request::any('action', 'list');
switch ($action) {
case 'addmodule':
+ User::assertPermission('module.edit');
AddModule_Base::render();
return;
case 'addconfig':
+ User::assertPermission('config.edit');
AddConfig_Base::render();
return;
case 'list':
+ $pMods = User::hasPermission('module.view-list');
+ $pConfs = User::hasPermission('config.view-list');
+ if (!($pMods || $pConfs)) {
+ Message::addError('main.no-permission');
+ }
Render::openTag('div', array('class' => 'row'));
- $this->listConfigs();
- if ($this->currentLoc === 0) {
+ if ($pConfs) {
+ $this->listConfigs();
+ }
+ if ($this->currentLoc === 0 && $pMods) {
$this->listModules();
}
Render::closeTag('div');
@@ -159,6 +176,7 @@ class Page_SysConfig extends Page
Render::addTemplate('js'); // Make this js snippet a template so i18n works
return;
case 'module':
+ User::assertPermission('module.view-list');
$listid = Request::post('list');
if ($listid !== false) {
$this->listModuleContents($listid);
@@ -166,6 +184,7 @@ class Page_SysConfig extends Page
}
break;
case 'config':
+ User::assertPermission('config.view-list');
$listid = Request::post('list');
if ($listid !== false) {
$this->listConfigContents($listid);
@@ -238,13 +257,16 @@ class Page_SysConfig extends Page
'needrebuild' => ($row['status'] !== 'OK')
);
}
- Render::addTemplate('list-configs', array(
+ $data = array(
'locationid' => $this->currentLoc,
'locationname' => $locationName,
'havelocations' => Module::isAvailable('locations'),
'configs' => $configs,
'inheritConfig' => !$hasDefault,
- ));
+ );
+ Permission::addGlobalTags($data['perms'], null, ['config.edit']);
+ Permission::addGlobalTags($data['perms'], $this->currentLoc, ['config.assign']);
+ Render::addTemplate('list-configs', $data);
}
private function listModules()
@@ -254,10 +276,12 @@ class Page_SysConfig extends Page
$types = array_map(function ($mod) { return $mod->moduleType(); }, $modules);
$titles = array_map(function ($mod) { return $mod->title(); }, $modules);
array_multisort($types, SORT_ASC, $titles, SORT_ASC, $modules);
- Render::addTemplate('list-modules', array(
+ $data = array(
'modules' => $modules,
'havemodules' => (count($modules) > 0)
- ));
+ );
+ Permission::addGlobalTags($data['perms'], null, ['module.edit', 'module.download']);
+ Render::addTemplate('list-modules', $data);
}
private function listModuleContents($moduleid)
diff --git a/modules-available/sysconfig/permissions/permissions.json b/modules-available/sysconfig/permissions/permissions.json
new file mode 100644
index 00000000..08321c50
--- /dev/null
+++ b/modules-available/sysconfig/permissions/permissions.json
@@ -0,0 +1,20 @@
+{
+ "config.view-list": {
+ "location-aware": false
+ },
+ "config.assign": {
+ "location-aware": true
+ },
+ "config.edit": {
+ "location-aware": false
+ },
+ "module.view-list": {
+ "location-aware": false
+ },
+ "module.edit": {
+ "location-aware": false
+ },
+ "module.download": {
+ "location-aware": false
+ }
+} \ No newline at end of file
diff --git a/modules-available/sysconfig/templates/list-configs.html b/modules-available/sysconfig/templates/list-configs.html
index 205317b8..4db7b9b2 100644
--- a/modules-available/sysconfig/templates/list-configs.html
+++ b/modules-available/sysconfig/templates/list-configs.html
@@ -26,7 +26,7 @@
</td>
<td>
{{^current}}
- <button class="btn btn-primary btn-xs" name="activate" value="{{configid}}">
+ <button class="btn btn-primary btn-xs" name="activate" value="{{configid}}" {{perms.config.assign.disabled}}>
<span class="glyphicon glyphicon-flag"></span>
{{lang_activate}}
</button>
@@ -54,13 +54,22 @@
{{^needrebuild}}
class="refconf btn btn-default btn-xs"
{{/needrebuild}}
- name="rebuild" value="{{configid}}" title="{{lang_rebuild}}"><span class="glyphicon glyphicon-refresh"></span></button>
+ name="rebuild" value="{{configid}}" title="{{lang_rebuild}}"
+ {{perms.config.edit.disabled}}>
+ <span class="glyphicon glyphicon-refresh"></span>
+ </button>
{{/locationid}}
</td>
<td class="text-nowrap">
{{^locationid}}
- <a class="btn btn-success btn-xs" href="?do=SysConfig&amp;action=addconfig&amp;edit={{configid}}" title="{{lang_edit}}"><span class="glyphicon glyphicon-edit"></span></a>
- <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{configid}}" title="{{lang_delete}}"><span class="glyphicon glyphicon-trash"></span></button>
+ <a class="btn btn-success btn-xs {{perms.config.edit.disabled}}"
+ href="?do=SysConfig&amp;action=addconfig&amp;edit={{configid}}" title="{{lang_edit}}">
+ <span class="glyphicon glyphicon-edit"></span>
+ </a>
+ <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{configid}}"
+ title="{{lang_delete}}" {{perms.config.edit.disabled}}>
+ <span class="glyphicon glyphicon-trash"></span>
+ </button>
{{/locationid}}
</td>
</tr>
@@ -101,7 +110,9 @@
</div>
{{^locationid}}
<div class="panel-footer text-right">
- <a class="btn btn-primary" href="?do=SysConfig&amp;action=addconfig">{{lang_newConfiguration}}</a>
+ <a class="btn btn-primary {{perms.config.edit.disabled}}" href="?do=SysConfig&amp;action=addconfig">
+ {{lang_newConfiguration}}
+ </a>
</div>
{{/locationid}}
</div>
diff --git a/modules-available/sysconfig/templates/list-modules.html b/modules-available/sysconfig/templates/list-modules.html
index a55253ec..b91ce106 100644
--- a/modules-available/sysconfig/templates/list-modules.html
+++ b/modules-available/sysconfig/templates/list-modules.html
@@ -16,7 +16,10 @@
<td class="text-nowrap">
{{#allowDownload}}
<button class="btn btn-default btn-xs" name="list" value="{{id}}" title="{{lang_show}}"><span class="glyphicon glyphicon-eye-open"></span></button>
- <button class="btn btn-default btn-xs" name="download" value="{{id}}" title="{{lang_download}}"><span class="glyphicon glyphicon-download-alt"></span></button>
+ <button class="btn btn-default btn-xs" name="download" value="{{id}}"
+ title="{{lang_download}}" {{perms.module.download.disabled}}>
+ <span class="glyphicon glyphicon-download-alt"></span>
+ </button>
{{/allowDownload}}
</td>
<td class="text-nowrap">
@@ -27,9 +30,18 @@
{{^needRebuild}}
class="refmod btn btn-default btn-xs"
{{/needRebuild}}
- name="rebuild" value="{{id}}" title="{{lang_rebuild}}"><span class="glyphicon glyphicon-refresh"></span></button>
- <a class="btn btn-success btn-xs" href="?do=SysConfig&amp;action=addmodule&amp;step={{moduleType}}_Start&amp;edit={{id}}" title="{{lang_edit}}"><span class="glyphicon glyphicon-edit"></span></a>
- <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{id}}" title="{{lang_delete}}"><span class="glyphicon glyphicon-trash"></span></button>
+ name="rebuild" value="{{id}}" title="{{lang_rebuild}}" {{perms.module.edit.disabled}}>
+ <span class="glyphicon glyphicon-refresh"></span>
+ </button>
+ <a class="btn btn-success btn-xs"
+ href="?do=SysConfig&amp;action=addmodule&amp;step={{moduleType}}_Start&amp;edit={{id}}"
+ title="{{lang_edit}}" {{perms.module.edit.disabled}}>
+ <span class="glyphicon glyphicon-edit"></span>
+ </a>
+ <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{id}}"
+ title="{{lang_delete}}" {{perms.module.edit.disabled}}>
+ <span class="glyphicon glyphicon-trash"></span>
+ </button>
</td>
</tr>
{{/modules}}
@@ -40,7 +52,9 @@
</form>
</div>
<div class="panel-footer text-right">
- <a class="btn btn-primary" href="?do=SysConfig&amp;action=addmodule">{{lang_newModule}}</a>
+ <a class="btn btn-primary {{perms.module.edit.disabled}}" href="?do=SysConfig&amp;action=addmodule">
+ {{lang_newModule}}
+ </a>
</div>
</div>