hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-18 15:33:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

PHRAS-3262 right deletion and user search

Browse Source
This commit is contained in:
aina esokia
2020-12-14 17:31:33 +03:00
parent b56b557b81
commit 4f996477ca
4 changed files with 331 additions and 205 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
lib/Alchemy/Phrasea/PhraseanetService/Controller/PSExposeController.php
View File

@@ -69,7 +69,8 @@ class PSExposeController extends Controller
} }
/** /**
* Add or update access control entry (ACE) for a publication * Add update or delete access control entry (ACE) for a publication
* "action" param value : "update" or "delete"
* *
* @param PhraseaApplication $app * @param PhraseaApplication $app
* @param Request $request * @param Request $request
@@ -84,13 +85,22 @@ class PSExposeController extends Controller
$accessToken = $this->getAndSaveToken($exposeConfiguration); $accessToken = $this->getAndSaveToken($exposeConfiguration);
try { try {
$response = $exposeClient->put('/permissions/ace', [ $guzzleParams = [
'headers' => [ 'headers' => [
'Authorization' => 'Bearer '. $accessToken, 'Authorization' => 'Bearer '. $accessToken,
'Content-Type' => 'application/json' 'Content-Type' => 'application/json'
], ],
'json' => $request->get('jsonData') 'json' => $request->get('jsonData')
]); ];
if ($request->get('action') == 'delete') {
$response = $exposeClient->delete('/permissions/ace', $guzzleParams);
$message = 'Permission successfully deleted!';
} else {
$response = $exposeClient->put('/permissions/ace', $guzzleParams);
$message = 'Permission successfully updated!';
}
} catch(\Exception $e) { } catch(\Exception $e) {
return $this->app->json([ return $this->app->json([
'success' => false, 'success' => false,
@@ -107,7 +117,7 @@ class PSExposeController extends Controller
return $this->app->json([ return $this->app->json([
'success' => true, 'success' => true,
'message' => 'Permission successfully updated!' 'message' => $message
]); ]);
} }
@@ -193,9 +203,6 @@ class PSExposeController extends Controller
$accessToken = $this->getAndSaveToken($exposeConfiguration); $accessToken = $this->getAndSaveToken($exposeConfiguration);
$publication = []; $publication = [];
$permissions = [];
$listUsers = [];
$listGroups = [];
$resPublication = $exposeClient->get('/publications/' . $request->get('publicationId') , [ $resPublication = $exposeClient->get('/publications/' . $request->get('publicationId') , [
'headers' => [ 'headers' => [
@@ -222,45 +229,7 @@ class PSExposeController extends Controller
]); ]);
} }
$resPermission = $exposeClient->get('/permissions/aces?objectType=publication&objectId=' . $request->get('publicationId') , [ list($permissions, $listUsers, $listGroups) = $this->getPermissions($exposeClient, $request->get('publicationId'), $accessToken);
'headers' => [
'Authorization' => 'Bearer '. $accessToken
]
]);
if ($resPermission->getStatusCode() == 200) {
$permissions = json_decode($resPermission->getBody()->getContents(),true);
}
$resUsers = $exposeClient->get('/permissions/users', [
'headers' => [
'Authorization' => 'Bearer '. $accessToken
]
]);
if ($resUsers->getStatusCode() == 200) {
$listUsers = json_decode($resUsers->getBody()->getContents(),true);
}
$resGroups = $exposeClient->get('/permissions/groups', [
'headers' => [
'Authorization' => 'Bearer '. $accessToken
]
]);
if ($resGroups->getStatusCode() == 200) {
$listGroups = json_decode($resGroups->getBody()->getContents(),true);
}
foreach ($permissions as &$permission) {
if ($permission['userType'] == 'user') {
$key = array_search($permission['userId'], array_column($listUsers, 'id'));
$permission = array_merge($permission, $listUsers[$key]);
} elseif ($permission['userType'] == 'group') {
$key = array_search($permission['userId'], array_column($listGroups, 'id'));
$permission = array_merge($permission, $listGroups[$key]);
}
}
return $this->render("prod/WorkZone/ExposeEdit.html.twig", [ return $this->render("prod/WorkZone/ExposeEdit.html.twig", [
'publication' => $publication, 'publication' => $publication,
@@ -271,6 +240,29 @@ class PSExposeController extends Controller
]); ]);
} }
/**
* @param PhraseaApplication $app
* @param Request $request
* @return string
*/
public function listPublicationPermissionAction(PhraseaApplication $app, Request $request)
{
$exposeConfiguration = $app['conf']->get(['phraseanet-service', 'expose-service', 'exposes'], []);
$exposeConfiguration = $exposeConfiguration[$request->get('exposeName')];
$exposeClient = new Client(['base_uri' => $exposeConfiguration['expose_base_uri'], 'http_errors' => false]);
$accessToken = $this->getAndSaveToken($exposeConfiguration);
list($permissions, $listUsers, $listGroups) = $this->getPermissions($exposeClient, $request->get('publicationId'), $accessToken);
return $this->render("prod/WorkZone/ExposePermission.html.twig", [
'permissions' => $permissions,
'listUsers' => $listUsers,
'listGroups' => $listGroups
]);
}
/** /**
* Require params "exposeName" and "publicationId" * Require params "exposeName" and "publicationId"
* optionnal param "page" * optionnal param "page"
@@ -606,6 +598,67 @@ class PSExposeController extends Controller
]); ]);
} }
/**
* @param Client $exposeClient
* @param $publicationId
* @param $accessToken
* @return array
*/
private function getPermissions(Client $exposeClient, $publicationId, $accessToken)
{
$permissions = [];
$listUsers = [];
$listGroups = [];
$resPermission = $exposeClient->get('/permissions/aces?objectType=publication&objectId=' . $publicationId, [
'headers' => [
'Authorization' => 'Bearer '. $accessToken
]
]);
if ($resPermission->getStatusCode() == 200) {
$permissions = json_decode($resPermission->getBody()->getContents(),true);
}
$resUsers = $exposeClient->get('/permissions/users', [
'headers' => [
'Authorization' => 'Bearer '. $accessToken
]
]);
if ($resUsers->getStatusCode() == 200) {
$listUsers = json_decode($resUsers->getBody()->getContents(),true);
}
$resGroups = $exposeClient->get('/permissions/groups', [
'headers' => [
'Authorization' => 'Bearer '. $accessToken
]
]);
if ($resGroups->getStatusCode() == 200) {
$listGroups = json_decode($resGroups->getBody()->getContents(),true);
}
foreach ($permissions as &$permission) {
if ($permission['userType'] == 'user') {
$key = array_search($permission['userId'], array_column($listUsers, 'id'));
$permission = array_merge($permission, $listUsers[$key]);
$listUsers[$key]['selected'] = true;
} elseif ($permission['userType'] == 'group') {
$key = array_search($permission['userId'], array_column($listGroups, 'id'));
$permission = array_merge($permission, $listGroups[$key]);
$listGroups[$key]['selected'] = true;
}
}
return [
$permissions,
$listUsers,
$listGroups
];
}
/** /**
* Get Token and save in session * Get Token and save in session
* @param $config * @param $config

4
lib/Alchemy/Phrasea/PhraseanetService/Provider/PSExposeServiceProvider.php
View File

@@ -74,6 +74,10 @@ class PSExposeServiceProvider implements ControllerProviderInterface, ServicePro
->method('POST') ->method('POST')
->bind('ps_expose_publication_permission_update'); ->bind('ps_expose_publication_permission_update');
$controllers->match('/publication/permission/list', 'controller.ps.expose:listPublicationPermissionAction')
->method('GET')
->bind('ps_expose_publication_permission_list');
return $controllers; return $controllers;
} }

209
templates/web/prod/WorkZone/ExposeEdit.html.twig
View File

@@ -1,7 +1,7 @@
{% block css %} {% block css %}
<style type="text/css"> <style type="text/css">
#permission-editing td, #permission-editing th { #permission-editing td, #permission-editing th {
min-width: 200px; min-width: 150px;
text-align: center; text-align: center;
height: 50px; height: 50px;
} }
@@ -177,115 +177,13 @@
</div> </div>
<div style="padding: 10px;"> <div id="permission-list" style="padding: 10px;">
{% include 'prod/WorkZone/ExposePermission.html.twig' %}
<div class="ui-widget">
<select id="group-list" name="" tabindex="-1" aria-hidden="true"
class="">
<option value="">Select a group</option>
{% for group in listGroups %}
<option value="{{ group.id }}">{{ group.name }}</option>
{% endfor %}
</select>
</div>
<table>
<thead>
<tr>
<th>
Group
</th>
<th>
View
</th>
<th>
Edit
</th>
<th>
Delete
</th>
</tr>
</thead>
<tbody id="group-permission-list">
{% for permission in permissions %}
{% if permission.userType == 'group' %}
<tr data-group-id="{{ permission.userId }}" data-mask="{{ permission.mask }}">
<td>
{{ permission.name }}
</td>
<td>
<input class="group-view" type="checkbox" {% if (permission.mask b-and 1) != 0 %} checked {% endif %} />
</td>
<td>
<input class="group-edit" type="checkbox" {% if (permission.mask b-and 4) != 0 %} checked {% endif %}/>
</td>
<td>
<input class="group-delete" type="checkbox" {% if (permission.mask b-and 8) != 0 %} checked {% endif %}/>
</td>
</tr>
{% endif %}
{% endfor %}
</tbody>
</table>
<br/>
<br/>
<div class="ui-widget">
<select id="user-list" name="" tabindex="-1" aria-hidden="true"
class="">
<option value="">Select an user</option>
{% for user in listUsers %}
<option value="{{ user.id }}">{{ user.username }}</option>
{% endfor %}
</select>
</div>
<table>
<thead>
<tr>
<th>
User
</th>
<th>
View
</th>
<th>
Edit
</th>
<th>
Delete
</th>
</tr>
</thead>
<tbody id="user-permission-list">
{% for permission in permissions %}
{% if permission.userType == 'user' %}
<tr data-user-id="{{ permission.userId }}" data-mask="{{ permission.mask }}">
<td>
{{ permission.username }}
</td>
<td>
<input class="user-view" type="checkbox" {% if (permission.mask b-and 1) != 0 %} checked {% endif %}/>
</td>
<td>
<input class="user-edit" type="checkbox" {% if (permission.mask b-and 4) != 0 %} checked {% endif %}/>
</td>
<td>
<input class="user-delete" type="checkbox" {% if (permission.mask b-and 8) != 0 %} checked {% endif %}/>
</td>
</tr>
{% endif %}
{% endfor %}
</tbody>
</table>
</div> </div>
</div> </div>
</div> </div>
<script type="text/javascript"> <script type="text/javascript">
var publicationEdit = $(document).find("#DIALOG-expose-edit"); var publicationEdit = $(document).find("#DIALOG-expose-edit");
var publicationForm = publicationEdit.find("#publication-data-form"); var publicationForm = publicationEdit.find("#publication-data-form");
@@ -295,9 +193,8 @@
var groupList = publicationEdit.find("#group-list"); var groupList = publicationEdit.find("#group-list");
var advancedSetting = publicationEdit.find("#advancedSetting"); var advancedSetting = publicationEdit.find("#advancedSetting");
var userPermissionList = publicationEdit.find('#user-permission-list');
var groupPermissionList = publicationEdit.find('#group-permission-list');
var publicationFieldClass = publicationEdit.find(".publication-field"); var publicationFieldClass = publicationEdit.find(".publication-field");
var permissionList = publicationEdit.find("#permission-list");
$.datepicker.regional['default'] = { $.datepicker.regional['default'] = {
closeText: "Close", closeText: "Close",
@@ -312,7 +209,6 @@
altField: ".alternate", altField: ".alternate",
altFormat: "yy-mm-dd", altFormat: "yy-mm-dd",
minDate: 0 minDate: 0
}; };
$(".use-datepicker").datepicker($.datepicker.regional['default']); $(".use-datepicker").datepicker($.datepicker.regional['default']);
@@ -367,7 +263,7 @@
}); });
bindCheckboxEvent(); bindEvent();
publicationFieldClass.on('keyup change', function (e) { publicationFieldClass.on('keyup change', function (e) {
try { try {
@@ -420,11 +316,16 @@
}); });
userList.on('change', function () { permissionList.on('change', '#input-user-list', function () {
let userId = $(this).val(); let optionSelected = permissionList.find('#user-list option[value="'+this.value+'"]');
if (optionSelected.length !== 0) {
let userId = optionSelected.text();
if (userId !== '') { if (userId !== '') {
let userName = $("#user-list option:selected").text(); optionSelected.attr('disabled','disabled');
let userName = this.value;
let permissionLine = '<tr data-user-id="'+ userId +'" data-mask="0">\n' + let permissionLine = '<tr data-user-id="'+ userId +'" data-mask="0">\n' +
' <td>\n' + userName + ' <td>\n' + userName +
@@ -438,22 +339,29 @@
' <td>\n' + ' <td>\n' +
' <input class="user-delete" type="checkbox" />\n' + ' <input class="user-delete" type="checkbox" />\n' +
' </td>\n' + ' </td>\n' +
'<td><button class="btn-danger btn-mini delete-user-permission" >Delete</button></td>\n'+
' </tr>' ' </tr>'
; ;
userPermissionList.append(permissionLine); permissionList.find("#user-permission-list").append(permissionLine);
// new permission // new permission
updatePermission(null, userId, 0, 1, 'user', true); updatePermission(null, userId, 0, 1, 'user', true);
} }
}
}); });
groupList.on('change', function() { permissionList.on('change', '#input-group-list', function() {
let groupId = $(this).val(); let optionSelected = permissionList.find('#group-list option[value="'+this.value+'"]');
if (optionSelected.length !== 0) {
let groupId = optionSelected.text();
if (groupId !== '') { if (groupId !== '') {
let groupName = $("#group-list option:selected").text(); optionSelected.attr('disabled','disabled');
let groupName = this.value;
let permissionLine = '<tr data-group-id="'+ groupId +'" data-mask="0">\n' + let permissionLine = '<tr data-group-id="'+ groupId +'" data-mask="0">\n' +
' <td>\n' + groupName + ' <td>\n' + groupName +
@@ -467,19 +375,21 @@
' <td>\n' + ' <td>\n' +
' <input class="group-delete" type="checkbox" />\n' + ' <input class="group-delete" type="checkbox" />\n' +
' </td>\n' + ' </td>\n' +
'<td><button class="btn-danger btn-mini delete-group-permission">Delete</button></td>\n'+
' </tr>' ' </tr>'
; ;
groupPermissionList.append(permissionLine); permissionList.find("#group-permission-list").append(permissionLine);
// new permission // new permission
updatePermission(null, groupId, 0, 1, 'group', true); updatePermission(null, groupId, 0, 1, 'group', true);
} }
}
}); });
function bindCheckboxEvent() { function bindEvent() {
// user right // user right
userPermissionList.on('change', '.user-view', function () { permissionList.on('change', '.user-view', function () {
updatePermission( updatePermission(
$(this), $(this),
$(this).parents('tr').attr('data-user-id'), $(this).parents('tr').attr('data-user-id'),
@@ -489,7 +399,7 @@
); );
}); });
userPermissionList.on('change', '.user-edit', function () { permissionList.on('change', '.user-edit', function () {
updatePermission( updatePermission(
$(this), $(this),
$(this).parents('tr').attr('data-user-id'), $(this).parents('tr').attr('data-user-id'),
@@ -499,7 +409,7 @@
); );
}); });
userPermissionList.on('change', '.user-delete', function () { permissionList.on('change', '.user-delete', function () {
updatePermission( updatePermission(
$(this), $(this),
$(this).parents('tr').attr('data-user-id'), $(this).parents('tr').attr('data-user-id'),
@@ -509,8 +419,13 @@
); );
}); });
permissionList.on('click', '.delete-user-permission', function () {
deletePermission('user', $(this).parents('tr').attr('data-user-id'));
});
// group right // group right
groupPermissionList.on('change', '.group-view', function () { permissionList.on('change', '.group-view', function () {
updatePermission( updatePermission(
$(this), $(this),
$(this).parents('tr').attr('data-group-id'), $(this).parents('tr').attr('data-group-id'),
@@ -520,7 +435,7 @@
); );
}); });
groupPermissionList.on('change', '.group-edit', function () { permissionList.on('change', '.group-edit', function () {
updatePermission( updatePermission(
$(this), $(this),
$(this).parents('tr').attr('data-group-id'), $(this).parents('tr').attr('data-group-id'),
@@ -530,7 +445,7 @@
); );
}); });
groupPermissionList.on('change', '.group-delete', function () { permissionList.on('change', '.group-delete', function () {
updatePermission( updatePermission(
$(this), $(this),
$(this).parents('tr').attr('data-group-id'), $(this).parents('tr').attr('data-group-id'),
@@ -539,6 +454,10 @@
'group' 'group'
); );
}); });
permissionList.on('click', '.delete-group-permission', function () {
deletePermission('group', $(this).parents('tr').attr('data-group-id'));
});
} }
function updatePermission(checkboxSelector, userId, mask, singleMask, userType, isNew = false) { function updatePermission(checkboxSelector, userId, mask, singleMask, userType, isNew = false) {
@@ -565,7 +484,8 @@
objectType: "publication", objectType: "publication",
objectId: "{{ publication.id }}", objectId: "{{ publication.id }}",
mask: mask mask: mask
} },
action: "update"
}, },
success: function (data) { success: function (data) {
if (data.success) { if (data.success) {
@@ -579,6 +499,45 @@
}); });
} }
function deletePermission(userType, userId) {
hideInfo();
$.ajax({
type: "POST",
url: "/prod/expose/publication/permission/update",
dataType: 'json',
data: {
exposeName: "{{ exposeName }}",
jsonData: {
userType: userType,
userId: userId,
objectType: "publication",
objectId: "{{ publication.id }}"
},
action: "delete"
},
success: function (data) {
if (data.success) {
publicationEdit.find("#permission-error").addClass("hidden");
publicationEdit.find("#permission-success").removeClass("hidden").html(data.message);
$.ajax({
type: "GET",
url: "/prod/expose/publication/permission/list?exposeName={{ exposeName }}&publicationId={{ publication.id }}",
success: function (data) {
permissionList.empty().append(data);
// bindCheckboxEvent();
}
});
} else {
publicationEdit.find("#permission-success").addClass("hidden");
publicationEdit.find("#permission-error").removeClass("hidden").html(data.message);
}
}
});
}
function hideInfo() { function hideInfo() {
publicationEdit.find("#permission-error").addClass("hidden"); publicationEdit.find("#permission-error").addClass("hidden");
publicationEdit.find("#permission-success").addClass("hidden"); publicationEdit.find("#permission-success").addClass("hidden");

110
templates/web/prod/WorkZone/ExposePermission.html.twig Normal file
View File

@@ -0,0 +1,110 @@
<div class="ui-widget">
<input id="input-group-list" placeholder="Group name" list="group-list">
<datalist id="group-list" tabindex="-1" aria-hidden="true"
class="">
{% for group in listGroups %}
<option value="{{ group.name }}" {% if group.selected %} disabled {% endif %}>{{ group.id }}</option>
{% endfor %}
</datalist>
</div>
<table>
<thead>
<tr>
<th>
Group
</th>
<th>
View
</th>
<th>
Edit
</th>
<th>
Delete
</th>
<th>
</th>
</tr>
</thead>
<tbody id="group-permission-list">
{% for permission in permissions %}
{% if permission.userType == 'group' %}
<tr data-group-id="{{ permission.userId }}" data-mask="{{ permission.mask }}">
<td>
{{ permission.name }}
</td>
<td>
<input class="group-view" type="checkbox" {% if (permission.mask b-and 1) != 0 %} checked {% endif %} />
</td>
<td>
<input class="group-edit" type="checkbox" {% if (permission.mask b-and 4) != 0 %} checked {% endif %}/>
</td>
<td>
<input class="group-delete" type="checkbox" {% if (permission.mask b-and 8) != 0 %} checked {% endif %}/>
</td>
<td>
<button class="btn-danger btn-mini delete-group-permission" >Delete</button>
</td>
</tr>
{% endif %}
{% endfor %}
</tbody>
</table>
<br/>
<br/>
<div class="ui-widget">
<input id="input-user-list" placeholder="User name" list="user-list">
<datalist id="user-list" tabindex="-1" aria-hidden="true"
class="">
{% for user in listUsers %}
<option value="{{ user.username }}" {% if user.selected %} disabled {% endif %}>{{ user.id }}</option>
{% endfor %}
</datalist>
</div>
<table>
<thead>
<tr>
<th>
User
</th>
<th>
View
</th>
<th>
Edit
</th>
<th>
Delete
</th>
<th>
</th>
</tr>
</thead>
<tbody id="user-permission-list">
{% for permission in permissions %}
{% if permission.userType == 'user' %}
<tr data-user-id="{{ permission.userId }}" data-mask="{{ permission.mask }}">
<td>
{{ permission.username }}
</td>
<td>
<input class="user-view" type="checkbox" {% if (permission.mask b-and 1) != 0 %} checked {% endif %}/>
</td>
<td>
<input class="user-edit" type="checkbox" {% if (permission.mask b-and 4) != 0 %} checked {% endif %}/>
</td>
<td>
<input class="user-delete" type="checkbox" {% if (permission.mask b-and 8) != 0 %} checked {% endif %}/>
</td>
<td>
<button class="btn-danger btn-mini delete-user-permission" >Delete</button>
</td>
</tr>
{% endif %}
{% endfor %}
</tbody>
</table>