From a8b0095b335780ae0bb950bc44021215d43a6b2d Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 12 Feb 2018 14:17:07 +0100
Subject: [permissionmanager] Introduce "location-aware" flag for permissions
This flag tells wether the permission can be restricted to certain
locations in a meaningful way. This flag has to be set in the
permissions.json of the according module.
For example, the permission to reboot the server cannot be limited
to certain locations in a meaningful way, while the view of the
client log can be filtered to only show log entries for clients
in specific locations.
---
modules-available/permissionmanager/page.inc.php | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
(limited to 'modules-available/permissionmanager/page.inc.php')
diff --git a/modules-available/permissionmanager/page.inc.php b/modules-available/permissionmanager/page.inc.php
index 13d81c6a..bb8482af 100644
--- a/modules-available/permissionmanager/page.inc.php
+++ b/modules-available/permissionmanager/page.inc.php
@@ -100,18 +100,21 @@ class Page_PermissionManager extends Page
$toplevel = $permString == "";
if ($toplevel && in_array("*", $selectedPermissions)) $selectAll = true;
foreach ($permissions as $k => $v) {
- $leaf = !is_array($v);
+ $leaf = isset($v['isLeaf']) && $v['isLeaf'];
$nextPermString = $permString ? $permString.".".$k : $k;
$id = $leaf ? $nextPermString : $nextPermString.".*";
$selected = $selectAll || in_array($id, $selectedPermissions);
- $res .= Render::parse("treenode",
- array("id" => $id,
- "name" => $toplevel ? Module::get($k)->getDisplayName() : $k,
- "toplevel" => $toplevel,
- "checkboxname" => "permissions",
- "selected" => $selected,
- "HTML" => $leaf ? "" : self::generatePermissionHTML($v, $selectedPermissions, $selected, $nextPermString),
- "description" => $leaf ? $v : ""));
+ $data = array("id" => $id,
+ "name" => $toplevel ? Module::get($k)->getDisplayName() : $k,
+ "toplevel" => $toplevel,
+ "checkboxname" => "permissions",
+ "selected" => $selected,
+ "HTML" => $leaf ? "" : self::generatePermissionHTML($v, $selectedPermissions, $selected, $nextPermString),
+ );
+ if ($leaf) {
+ $data += $v;
+ }
+ $res .= Render::parse("treenode", $data);
}
if ($toplevel) {
$res = Render::parse("treepanel",
--
cgit v1.2.3-55-g7522
From af5c4258439341fd2153a951fb871269bd754e58 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 12 Feb 2018 17:18:45 +0100
Subject: [permissionmanager] Tweak style, fix role filtering (and make it
AND), minor cleanups
---
.../permissionmanager/clientscript.js | 45 ++++----------
modules-available/permissionmanager/config.json | 2 +-
.../permissionmanager/lang/de/template-tags.json | 30 ++++------
.../permissionmanager/lang/en/template-tags.json | 28 ++++-----
modules-available/permissionmanager/page.inc.php | 49 ++++++++-------
modules-available/permissionmanager/style.css | 54 +++--------------
.../permissionmanager/templates/_page.html | 29 ---------
.../permissionmanager/templates/header-menu.html | 25 ++++++++
.../templates/locationstable.html | 56 +++++++----------
.../templates/role-filter-selectize.html | 6 ++
.../permissionmanager/templates/roleeditor.html | 70 ++++++++++++----------
.../permissionmanager/templates/rolestable.html | 20 +++----
.../permissionmanager/templates/treenode.html | 4 +-
.../permissionmanager/templates/treepanel.html | 2 +-
.../permissionmanager/templates/userstable.html | 40 +++++--------
15 files changed, 184 insertions(+), 276 deletions(-)
delete mode 100644 modules-available/permissionmanager/templates/_page.html
create mode 100644 modules-available/permissionmanager/templates/header-menu.html
create mode 100644 modules-available/permissionmanager/templates/role-filter-selectize.html
(limited to 'modules-available/permissionmanager/page.inc.php')
diff --git a/modules-available/permissionmanager/clientscript.js b/modules-available/permissionmanager/clientscript.js
index 4770fa6a..90d66688 100644
--- a/modules-available/permissionmanager/clientscript.js
+++ b/modules-available/permissionmanager/clientscript.js
@@ -10,36 +10,21 @@ document.addEventListener("DOMContentLoaded", function() {
plugins: ["remove_button"]
})[0].selectize;
- // If Site gets refreshed, all data-selectizeCounts will be reset to 0, so delete the filters from the selectize
- selectize.clear();
-
- selectize.on("item_add", function (value, $item) {
- // When first item gets added the filter isn't empty anymore, so hide all rows
- if (selectize.items.length === 1) {
- $(".dataTable tbody").find("tr").hide();
- }
- // Find all rows which shall be shown and increase their counter by 1
- $(".roleid-" + value).closest("tr").each(function () {
- $(this).data("selectizeCount", $(this).data("selectizeCount") + 1);
- $(this).show();
- });
- });
-
- selectize.on("item_remove", function (value, $item) {
- // When no items in the filter, show all rows again
- if (selectize.items.length === 0) {
- $(".dataTable tbody").find("tr").show();
+ var $body = $(".dataTable tbody");
+ var filterFunc = function(value) {
+ var selected = selectize.getValue();
+ if (!selected || !selected.length) {
+ $body.find("tr").show();
} else {
- // Find all rows which have the delete role, decrease their counter by 1
- $(".roleid-" + value).closest("tr").each(function () {
- $(this).data("selectizeCount", $(this).data("selectizeCount") - 1);
- // If counter is 0, hide the row (no filter given to show the row anymore)
- if ($(this).data("selectizeCount") === 0) {
- $(this).closest("tr").hide();
- }
- });
+ $body.find("tr").hide();
+ var str = 'tr.roleid-' + selected.join('.roleid-');
+ $body.find(str).show();
}
- });
+ };
+
+ selectize.on("item_add", filterFunc);
+
+ selectize.on("item_remove",filterFunc);
}
$("tr").on("click", function(e) {
@@ -47,8 +32,4 @@ document.addEventListener("DOMContentLoaded", function() {
$(this).find("input[type=checkbox]").trigger("click");
}
});
-
- $("form input").keydown(function(e) {
- if (e.keyCode === 13) e.preventDefault();
- });
});
\ No newline at end of file
diff --git a/modules-available/permissionmanager/config.json b/modules-available/permissionmanager/config.json
index c92e917a..d2071984 100644
--- a/modules-available/permissionmanager/config.json
+++ b/modules-available/permissionmanager/config.json
@@ -1,4 +1,4 @@
{
"category":"main.content",
- "dependencies": [ "locations", "js_stupidtable", "bootstrap_switch", "js_selectize" ]
+ "dependencies": [ "locations", "js_stupidtable", "js_selectize" ]
}
diff --git a/modules-available/permissionmanager/lang/de/template-tags.json b/modules-available/permissionmanager/lang/de/template-tags.json
index 71bd4075..2ec25b37 100644
--- a/modules-available/permissionmanager/lang/de/template-tags.json
+++ b/modules-available/permissionmanager/lang/de/template-tags.json
@@ -1,24 +1,18 @@
{
- "lang_roles": "Rollen",
- "lang_users": "Nutzer",
- "lang_locations": "Räume",
"lang_addRole": "Rollen erteilen",
- "lang_removeRole": "Rollen entziehen",
- "lang_newRole": "Rolle anlegen",
- "lang_selected": "Ausgewählt",
- "lang_edit": "Bearbeiten",
- "lang_delete": "Löschen",
- "lang_removeCheck": "Sind Sie sich sicher, dass Sie diese Rolle entfernen wollen?",
- "lang_deleteCheck": "Sind Sie sich sicher, dass Sie diese Rolle löschen wollen?",
- "lang_emptyNameWarning": "Der Name der Rolle darf nicht leer sein!",
+ "lang_addRoleHeading": "Neue Rolle hinzuf\u00fcgen",
+ "lang_deleteCheck": "Sind Sie sich sicher, dass Sie diese Rolle l\u00f6schen wollen?",
+ "lang_editRoleHeading": "Rolle bearbeiten",
+ "lang_locationAwareDesc": "Berechtigungen mit diesem Symbol k\u00f6nnen auf bestimmte R\u00e4ume\/Orte beschr\u00e4nkt werden. Alle anderen Berechtigungen sind unabh\u00e4ngig von den f\u00fcr diese Rolle ausgew\u00e4hlten Orten.",
+ "lang_locations": "R\u00e4ume",
+ "lang_moduleName": "Rechtemanager",
"lang_name": "Name",
- "lang_cancel": "Abbrechen",
- "lang_save": "Speichern",
- "lang_all": "alle",
- "lang_selected": "ausgewählte",
+ "lang_newRole": "Rolle anlegen",
"lang_permissions": "Rechte",
- "lang_selectizePlaceholder": "Nach Rollen filtern...",
+ "lang_removeRole": "Rollen entziehen",
+ "lang_roles": "Rollen",
"lang_searchPlaceholder": "Nach Rollen suchen...",
- "lang_moduleName": "Rechtemanager",
- "lang_roleEditor": "Rollen Editor"
+ "lang_selected": "ausgew\u00e4hlte",
+ "lang_selectizePlaceholder": "Nach Rollen filtern...",
+ "lang_users": "Nutzer"
}
\ No newline at end of file
diff --git a/modules-available/permissionmanager/lang/en/template-tags.json b/modules-available/permissionmanager/lang/en/template-tags.json
index 2d31b294..cef23422 100644
--- a/modules-available/permissionmanager/lang/en/template-tags.json
+++ b/modules-available/permissionmanager/lang/en/template-tags.json
@@ -1,24 +1,18 @@
{
- "lang_roles": "Roles",
- "lang_users": "Users",
- "lang_locations": "Locations",
"lang_addRole": "Grant Roles",
- "lang_removeRole": "Revoke Roles",
- "lang_newRole": "New Role",
- "lang_selected": "Selected",
- "lang_edit": "Edit",
- "lang_delete": "Delete",
- "lang_removeCheck": "Are you sure you want to remove this role?",
+ "lang_addRoleHeading": "Add new role",
"lang_deleteCheck": "Are you sure you want to delete this role?",
- "lang_emptyNameWarning": "Role name can not be empty!",
+ "lang_editRoleHeading": "Edit role",
+ "lang_locationAwareDesc": "Permissions with this symbol can be restricted to certain locations. All other permissions are independent of the locations selected for this role.",
+ "lang_locations": "Locations",
+ "lang_moduleName": "Permission Manager",
"lang_name": "Name",
- "lang_cancel": "Cancel",
- "lang_save": "Save",
- "lang_all": "all",
- "lang_selected": "selected",
+ "lang_newRole": "New Role",
"lang_permissions": "Permissions",
- "lang_selectizePlaceholder": "Filter for roles...",
+ "lang_removeRole": "Revoke Roles",
+ "lang_roles": "Roles",
"lang_searchPlaceholder": "Search for roles...",
- "lang_moduleName": "Permission Manager",
- "lang_roleEditor": "Role Editor"
+ "lang_selected": "selected",
+ "lang_selectizePlaceholder": "Filter for roles...",
+ "lang_users": "Users"
}
\ No newline at end of file
diff --git a/modules-available/permissionmanager/page.inc.php b/modules-available/permissionmanager/page.inc.php
index bb8482af..4b961632 100644
--- a/modules-available/permissionmanager/page.inc.php
+++ b/modules-available/permissionmanager/page.inc.php
@@ -34,6 +34,9 @@ class Page_PermissionManager extends Page
$permissions = self::processPermissions(Request::post("permissions"));
PermissionDbUpdate::saveRole($rolename, $locations, $permissions, $roleID);
}
+ if (Request::isPost()) {
+ Util::redirect('?do=permissionmanager&show=' . Request::get("show", "roles"));
+ }
}
/**
@@ -44,32 +47,35 @@ class Page_PermissionManager extends Page
$show = Request::get("show", "roles");
// switch between tables, but always show menu to switch tables
- if ( $show === 'roles' || $show === 'users' || $show === 'locations' ) {
- // get menu button colors
- $buttonColors = array();
- $buttonColors['rolesButtonClass'] = $show === 'roles' ? 'active' : '';
- $buttonColors['usersButtonClass'] = $show === 'users' ? 'active' : '';
- $buttonColors['locationsButtonClass'] = $show === 'locations' ? 'active' : '';
-
- Render::addtemplate('_page', $buttonColors);
-
- if ($show === "roles") {
- $data = array("roles" => GetPermissionData::getRoles());
- Render::addTemplate('rolestable', $data);
- } elseif ($show === "users") {
- $data = array("user" => GetPermissionData::getUserData(), "roles" => GetPermissionData::getRoles());
- Render::addTemplate('userstable', $data);
- } elseif ($show === "locations") {
- $data = array("location" => GetPermissionData::getLocationData(), "allroles" => GetPermissionData::getRoles());
- Render::addTemplate('locationstable', $data);
- }
+ // get menu button colors
+ $buttonColors = array();
+ if ($show === "roleEditor") {
+ $buttonColors['groupClass'] = 'slx-fade';
+ $buttonColors['rolesButtonClass'] = 'active';
+ } else {
+ $buttonColors[$show . 'ButtonClass'] = 'active';
+ }
+
+ Render::addtemplate('header-menu', $buttonColors);
+
+ if ($show === "roles") {
+ $data = array("roles" => GetPermissionData::getRoles());
+ Render::addTemplate('rolestable', $data);
+ } elseif ($show === "users") {
+ $data = array("user" => GetPermissionData::getUserData(), "allroles" => GetPermissionData::getRoles());
+ Render::addTemplate('role-filter-selectize', $data);
+ Render::addTemplate('userstable', $data);
+ } elseif ($show === "locations") {
+ $data = array("location" => GetPermissionData::getLocationData(), "allroles" => GetPermissionData::getRoles());
+ Render::addTemplate('role-filter-selectize', $data);
+ Render::addTemplate('locationstable', $data);
} elseif ($show === "roleEditor") {
$data = array("cancelShow" => Request::get("cancel", "roles"));
$selectedPermissions = array();
$selectedLocations = array();
- $roleid = Request::get("roleid", false);
- if ($roleid) {
+ $roleid = Request::get("roleid", false, 'int');
+ if ($roleid !== false) {
$roleData = GetPermissionData::getRoleData($roleid);
$data["roleid"] = $roleid;
$data["rolename"] = $roleData["rolename"];
@@ -81,7 +87,6 @@ class Page_PermissionManager extends Page
$data["locationHTML"] = self::generateLocationHTML(Location::getTree(), $selectedLocations);
Render::addTemplate('roleeditor', $data);
-
}
}
diff --git a/modules-available/permissionmanager/style.css b/modules-available/permissionmanager/style.css
index 9c39af64..8285fdd2 100644
--- a/modules-available/permissionmanager/style.css
+++ b/modules-available/permissionmanager/style.css
@@ -1,58 +1,21 @@
-#switchForm {
- text-align: center;
- margin-bottom: 50px;
-}
-
-#saveButton {
- margin-left: 10px;
-}
-
-#rolename {
- width: 200px;
- display: inline-block;
- margin-left: 10px;
-}
-
-.missingInput {
- border-color: rgba(255, 0, 0, 0.8);
- box-shadow: 0 1px 1px rgba(255, 0, 0, 0.075) inset, 0 0 8px rgba(255, 0, 0, 0.6);
-}
-
.table {
margin-top: 20px;
}
-.table > tbody > tr > td {
- vertical-align: middle;
- height: 50px;
-}
-
.scrollingTable {
height: 500px;
overflow: auto;
}
-.customSpanMargin {
+/* vcenter .label in table cell */
+td > .label {
display: inline-block;
- margin-top: 2px;
- margin-bottom: 2px;
+ margin: 2px 0;
}
-.panel-primary > .panel-heading {
- background-image: none;
-}
-
-.panel{
- margin-bottom: 20px;
-}
-
-.selectize-input {
- overflow: visible;
-}
-
-
-.tree-container .selected {
- background-color: rgba(0, 182, 41, 0.23);
+/* lists in tree view: hide bullet points, first entry bold, ... */
+.tree-container ul {
+ list-style-type: none;
}
.tree-container > ul {
@@ -65,6 +28,7 @@
font-weight: bold;
}
+/* number of columns in tree view depending on screen size */
.tree-container {
-moz-column-gap: 20px;
-webkit-column-gap: 20px;
@@ -91,7 +55,3 @@
column-count: 3;
}
}
-
-ul {
- list-style-type: none;
-}
\ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/_page.html b/modules-available/permissionmanager/templates/_page.html
deleted file mode 100644
index 4140ce78..00000000
--- a/modules-available/permissionmanager/templates/_page.html
+++ /dev/null
@@ -1,29 +0,0 @@
-
-
-
-
-
-
-
{{lang_moduleName}}
-
-
-
\ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/header-menu.html b/modules-available/permissionmanager/templates/header-menu.html
new file mode 100644
index 00000000..ce31d237
--- /dev/null
+++ b/modules-available/permissionmanager/templates/header-menu.html
@@ -0,0 +1,25 @@
+
+
+
+
+
{{lang_moduleName}}
+
\ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/locationstable.html b/modules-available/permissionmanager/templates/locationstable.html
index 153258fe..35058387 100644
--- a/modules-available/permissionmanager/templates/locationstable.html
+++ b/modules-available/permissionmanager/templates/locationstable.html
@@ -1,37 +1,21 @@
-
\ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/role-filter-selectize.html b/modules-available/permissionmanager/templates/role-filter-selectize.html
new file mode 100644
index 00000000..ceadec75
--- /dev/null
+++ b/modules-available/permissionmanager/templates/role-filter-selectize.html
@@ -0,0 +1,6 @@
+
\ No newline at end of file
diff --git a/modules-available/permissionmanager/templates/roleeditor.html b/modules-available/permissionmanager/templates/roleeditor.html
index eadce027..d50f2145 100644
--- a/modules-available/permissionmanager/templates/roleeditor.html
+++ b/modules-available/permissionmanager/templates/roleeditor.html
@@ -1,24 +1,42 @@
-