From 7afe5a3ffee64ff5c1ee7692a2ac4c83d46d6a78 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 19 Feb 2018 13:36:35 +0100
Subject: [permissionmanager] Implement permissions:

Permissinmanager is now protected by permissions.
In order to prevent complete lockout, the user with
userid == 1 will always be able to edit and assign permissions.
(TODO: Communicate this somehow)
---
 .../permissionmanager/templates/rolestable.html    | 25 ++++++++++++++++------
 1 file changed, 18 insertions(+), 7 deletions(-)

(limited to 'modules-available/permissionmanager/templates/rolestable.html')

diff --git a/modules-available/permissionmanager/templates/rolestable.html b/modules-available/permissionmanager/templates/rolestable.html
index 944ab3ae..9ba8d85c 100644
--- a/modules-available/permissionmanager/templates/rolestable.html
+++ b/modules-available/permissionmanager/templates/rolestable.html
@@ -11,7 +11,14 @@
 				<thead>
 					<tr>
 						<th data-sort="string">{{lang_roles}}</th>
-						<th class="text-center slx-smallcol">{{lang_edit}}</th>
+						<th class="text-center slx-smallcol">
+							{{#perms.roles.edit.disabled}}
+							{{lang_view}}
+							{{/perms.roles.edit.disabled}}
+							{{^perms.roles.edit.disabled}}
+							{{lang_edit}}
+							{{/perms.roles.edit.disabled}}
+						</th>
 						<th class="text-center slx-smallcol">{{lang_delete}}</th>
 					</tr>
 				</thead>
@@ -24,7 +31,9 @@
 							<a class="btn btn-xs btn-primary" href="?do=permissionmanager&show=roleEditor&roleid={{roleid}}"><span class="glyphicon glyphicon-edit"></span></a>
 						</td>
 						<td class="text-center">
-							<a class="btn btn-xs btn-danger" href="#deleteModal" data-toggle="modal" data-target="#deleteModal" onclick="deleteRole('{{roleid}}')"><span class="glyphicon glyphicon-trash"></span></a>
+							<button type="button" class="btn btn-xs btn-danger" data-toggle="modal" data-target="#deleteModal" onclick="deleteRole('{{roleid}}', '{{users}}')" {{perms.roles.edit.disabled}}>
+								<span class="glyphicon glyphicon-trash"></span>
+							</button>
 						</td>
 					</tr>
 				{{/roles}}
@@ -42,10 +51,11 @@
 					<h4 class="modal-title" id="myModalLabel">{{lang_delete}}</h4>
 				</div>
 				<div class="modal-body">
-					{{lang_deleteCheck}}
+					<p>{{lang_roleDeleteConfirm}}</p>
+					{{lang_numAssignedUsers}}: <span id="delete-role-users"></span>
 				</div>
 				<div class="modal-footer">
-					<input type="hidden" id="deleteId" name="deleteId" value=""/>
+					<input type="hidden" id="delete-role-id" name="deleteId" value="">
 					<button type="button" class="btn btn-default" data-dismiss="modal">{{lang_cancel}}</button>
 					<button type="submit" name="action" value="deleteRole" class="btn btn-danger"><span class="glyphicon glyphicon-trash"></span> {{lang_delete}}</button>
 				</div>
@@ -56,12 +66,13 @@
 </form>
 
 <div class="text-right">
-	<a href="?do=permissionmanager&show=roleEditor" class="btn btn-success"><span class="glyphicon glyphicon-plus"></span> {{lang_newRole}}</a>
+	<a href="?do=permissionmanager&show=roleEditor" class="btn btn-success {{perms.roles.edit.disabled}}"><span class="glyphicon glyphicon-plus"></span> {{lang_newRole}}</a>
 </div>
 
 <script>
-	function deleteRole($roleid) {
-		$(".modal-footer #deleteId").val($roleid);
+	function deleteRole(roleid, users) {
+		$("#delete-role-id").val(roleid);
+		$("#delete-role-users").text(users);
 	}
 
 	function searchFieldFunction() {
-- 
cgit v1.2.3-55-g7522