diff options
| author | Christian Hofmaier | 2017-11-30 16:35:04 +0100 |
|---|---|---|
| committer | Christian Hofmaier | 2017-11-30 16:35:04 +0100 |
| commit | 9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b (patch) | |
| tree | 5137e6e2875704969784b7db53ed2d2457e33799 /modules-available/statistics_reporting | |
| parent | [news] reworked permission system from "click and you get error" to "button i... (diff) | |
| download | slx-admin-9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b.tar.gz slx-admin-9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b.tar.xz slx-admin-9d9bb6390020c3cb138b9c62a8acd1fd8e274c6b.zip | |
[statistics_reporting] reworked permission system from "click and you get error" to "button is disabled due to lack of permission"
Diffstat (limited to 'modules-available/statistics_reporting')
3 files changed, 30 insertions, 31 deletions
diff --git a/modules-available/statistics_reporting/page.inc.php b/modules-available/statistics_reporting/page.inc.php index 9862a82e..5d586b6c 100644 --- a/modules-available/statistics_reporting/page.inc.php +++ b/modules-available/statistics_reporting/page.inc.php @@ -55,8 +55,6 @@ class Page_Statistics_Reporting extends Page if (User::hasPermission("table.export") && User::hasPermission("table.view.$this->type")) { $this->doExport(); // Does not return - } else { - Message::addError('main.no-permission'); } } // Get report - fetch data exactly the way it would automatically be reported @@ -67,10 +65,7 @@ class Page_Statistics_Reporting extends Page Header('Content-Disposition: attachment; filename=remote-report.json'); Header('Content-Type: application/json; charset=utf-8'); die(json_encode($report)); - } else { - Message::addError('main.no-permission'); } - } } @@ -109,6 +104,7 @@ class Page_Statistics_Reporting extends Page $data['tables'][] = array( 'name' => Dictionary::translate('table_' . $table, true), 'value' => $table, + 'allowed' => User::hasPermission("table.view.$table"), 'selected' => ($this->type === $table) ? 'selected' : '', ); } @@ -130,15 +126,17 @@ class Page_Statistics_Reporting extends Page $data['settingsButtonClass'] = 'danger'; } + $data['allowedExport'] = User::hasPermission("table.export") && User::hasPermission("table.view.$this->type"); + $data['allowedDownload'] = User::hasPermission("reporting.download"); + $data['allowedReportChange'] = User::hasPermission("reporting.change"); + Render::addTemplate('columnChooser', $data); $data['data'] = $this->fetchData(GETDATA_PRINTABLE); - if (User::hasPermission("table.view.$this->type")) + if (User::hasPermission("table.view.$this->type")) { Render::addTemplate('table-' . $this->type, $data); - else - Message::addError('main.no-permission'); - + } } } @@ -146,23 +144,24 @@ class Page_Statistics_Reporting extends Page { $this->action = Request::any('action', false, 'string'); if ($this->action === 'setReporting') { - if (!User::hasPermission("reporting.change")) { - die("Permission denied."); - } - $state = Request::post('reporting', false, 'string'); - if ($state === false) { - die('Missing setting value.'); - } - RemoteReport::setReportingEnabled($state); - $data = array(); - if (RemoteReport::isReportingEnabled()) { - $data['class'] = 'default'; - $data['checked'] = true; + if (User::hasPermission("reporting.change")) { + $state = Request::post('reporting', false, 'string'); + if ($state === false) { + die('Missing setting value.'); + } + RemoteReport::setReportingEnabled($state); + $data = array(); + if (RemoteReport::isReportingEnabled()) { + $data['class'] = 'default'; + $data['checked'] = true; + } else { + $data['class'] = 'danger'; + } + Header('Content-Type: application/json; charset=utf-8'); + die(json_encode($data)); } else { - $data['class'] = 'danger'; + die('No permission.'); } - Header('Content-Type: application/json; charset=utf-8'); - die(json_encode($data)); } else { echo 'Invalid action.'; } diff --git a/modules-available/statistics_reporting/permissions/permissions.json b/modules-available/statistics_reporting/permissions/permissions.json index 14f4ff3b..e6e550eb 100644 --- a/modules-available/statistics_reporting/permissions/permissions.json +++ b/modules-available/statistics_reporting/permissions/permissions.json @@ -4,7 +4,7 @@ "table.view.client": "View client table.", "table.view.user": "View user table.", "table.view.vm": "View lecture table.", - "table.export": "Export tables as JSON/CSV/XML.", + "table.export": "Export tables as JSON/CSV/XML. Needs the permission to view the table to export it.", "reporting.download": "Download weekly report.", "reporting.change": "Change weekly reporting settings." }
\ No newline at end of file diff --git a/modules-available/statistics_reporting/templates/columnChooser.html b/modules-available/statistics_reporting/templates/columnChooser.html index 0059e681..a6561c47 100644 --- a/modules-available/statistics_reporting/templates/columnChooser.html +++ b/modules-available/statistics_reporting/templates/columnChooser.html @@ -15,7 +15,7 @@ <div class="col-md-2"> <select name="type" id="select-table" class="form-control"> {{#tables}} - <option value="{{value}}" {{selected}}>{{name}}</option> + <option {{^allowed}}disabled{{/allowed}} value="{{value}}" {{selected}}>{{name}}</option> {{/tables}} </select> </div> @@ -45,7 +45,7 @@ <option value="xml">XML</option> </select> <div class="input-group-btn"> - <button type="submit" class="btn btn-default" name="action" value="export">{{lang_export}}</button> + <button {{^allowedExport}}disabled {{/allowedExport}} type="submit" class="btn btn-default" name="action" value="export">{{lang_export}}</button> </div> </div> </div> @@ -86,18 +86,18 @@ </div> <div class="modal-body"> <div class="checkbox"> - <input id="checkbox-reporting" type="checkbox" value="on" {{reportChecked}}> - <label for="checkbox-reporting" style="padding-left: 40px">{{lang_reportingLabel}}</label> + <input {{^allowedReportChange}}disabled {{/allowedReportChange}} id="checkbox-reporting" type="checkbox" value="on" {{reportChecked}}> + <label for="checkbox-reporting" style="padding-left: 20px">{{lang_reportingLabel}}</label> </div> <div> <p>{{lang_reportingDescription}}</p> <p><a href="https://www.bwlehrpool.de/doku.php/satellite/statistics_reporting" target="_blank">{{lang_reportMoreInfo}}</a></p> - <a class="btn btn-success" href="?do=statistics_reporting&action=getreport">{{lang_downloadReport}}</a> </div> </div> <div class="modal-footer"> + <button {{^allowedDownload}}disabled {{/allowedDownload}} class="btn btn-warning pull-left" onclick="window.location.href='?do=statistics_reporting&action=getreport'">{{lang_downloadReport}}</button> <button type="button" class="btn btn-default" data-dismiss="modal">{{lang_cancel}}</button> - <button type="button" class="btn btn-primary" data-dismiss="modal" onclick="saveSettings()">{{lang_save}}</button> + <button {{^allowedReportChange}}disabled {{/allowedReportChange}} type="button" class="btn btn-primary" data-dismiss="modal" onclick="saveSettings()">{{lang_save}}</button> </div> </div> |