hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-18 07:23:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

PHRAS-3262 add or update user permission

Browse Source
This commit is contained in:
aina esokia
2020-12-08 18:07:12 +03:00
parent 4c2f682e7b
commit ab592677b6
3 changed files with 292 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
lib/Alchemy/Phrasea/PhraseanetService/Controller/PSExposeController.php
View File

@@ -68,6 +68,87 @@ class PSExposeController extends Controller
]);
}
/**
* Get list of user or group if param "groups" defined
*
* @param PhraseaApplication $app
* @param Request $request
* @return \Symfony\Component\HttpFoundation\JsonResponse
*
*/
public function listUsersAction(PhraseaApplication $app, Request $request)
{
$exposeConfiguration = $app['conf']->get(['phraseanet-service', 'expose-service', 'exposes'], []);
$exposeConfiguration = $exposeConfiguration[$request->get('exposeName')];
$userOrGroup = 'users';
if ($request->get('groups')) {
$userOrGroup = 'groups';
}
$exposeClient = new Client(['base_uri' => $exposeConfiguration['expose_base_uri'], 'http_errors' => false]);
$accessToken = $this->getAndSaveToken($exposeConfiguration);
$response = $exposeClient->get('/permissions/' . $userOrGroup, [
'headers' => [
'Authorization' => 'Bearer '. $accessToken
]
]);
$list = [];
if ($response->getStatusCode() == 200) {
$list = json_decode($response->getBody()->getContents(),true);
}
return $app->json([
'list' => $list
]);
}
/**
* Add or update access control entry (ACE) for a publication
*
* @param PhraseaApplication $app
* @param Request $request
* @return \Symfony\Component\HttpFoundation\JsonResponse
*/
public function updatePublicationPermissionAction(PhraseaApplication $app, Request $request)
{
$exposeConfiguration = $app['conf']->get(['phraseanet-service', 'expose-service', 'exposes'], []);
$exposeConfiguration = $exposeConfiguration[$request->get('exposeName')];
$exposeClient = new Client(['base_uri' => $exposeConfiguration['expose_base_uri'], 'http_errors' => false]);
$accessToken = $this->getAndSaveToken($exposeConfiguration);
try {
$response = $exposeClient->put('/permissions/ace', [
'headers' => [
'Authorization' => 'Bearer '. $accessToken,
'Content-Type' => 'application/json'
],
'json' => $request->get('jsonData')
]);
} catch(\Exception $e) {
return $this->app->json([
'success' => false,
'message' => $e->getMessage()
]);
}
if ($response->getStatusCode() !== 200) {
return $this->app->json([
'success' => false,
'message' => 'Status code: '. $response->getStatusCode()
]);
}
return $this->app->json([
'success' => true,
'message' => 'Permission successfully updated!'
]);
}
/**
* Get list of publication
* Use param "format=json" to retrieve a json

8
lib/Alchemy/Phrasea/PhraseanetService/Provider/PSExposeServiceProvider.php
View File

@@ -70,6 +70,14 @@ class PSExposeServiceProvider implements ControllerProviderInterface, ServicePro
->method('POST')
->bind('ps_expose_publication_add_assets');
$controllers->match('/list/users', 'controller.ps.expose:listUsersAction')
->method('GET')
->bind('ps_expose_list_users');
$controllers->match('/publication/permission/update', 'controller.ps.expose:updatePublicationPermissionAction')
->method('POST')
->bind('ps_expose_publication_permission_update');
return $controllers;
}

204
templates/web/prod/WorkZone/ExposeEdit.html.twig
View File

@@ -113,6 +113,72 @@
</div>
</form>
<h3>Permission</h3>
<div style="border: 1px solid #ada9a9;padding: 5px;">
<form id="permission-user">
<div class="ui-widget">
<label>User </label>
<div class="ui-widget">
<select id="user-list" name="" tabindex="-1" aria-hidden="true"
class="">
<option value="">Select an user</option>
</select>
</div>
</div>
<div class="ui-widget">
<label style="width:10%;!important">View : </label>
<label style="width:10%;!important">
<input type="checkbox" name="user-view">
</label>
<label style="width:10%;!important">Edit : </label>
<label style="width:10%;!important">
<input type="checkbox" name="user-edit">
</label>
<label style="width:10%;!important">Delete : </label>
<label style="width:10%;!important">
<input type="checkbox" name="user-delete">
</label>
<button id="save-permission-user" type="submit">Save</button>
</div>
<p id="user-permission-success" class="hidden alert alert-success text-center"></p>
<p id="user-permission-error" class="hidden alert alert-error text-center"></p>
</form>
<form id="permission-group">
<div class="ui-widget" style="margin-top:50px;">
<label>Groups </label>
<div id="" class="ui-widget">
<select id="group-list" name="" tabindex="-1" aria-hidden="true"
class="">
<option value="">Select a Group</option>
</select>
</div>
</div>
<div class="ui-widget">
<label style="width:10%;!important">View : </label>
<label style="width:10%;!important">
<input type="checkbox" name="group-view">
</label>
<label style="width:10%;!important">Edit : </label>
<label style="width:10%;!important">
<input type="checkbox" name="group-edit">
</label>
<label style="width:10%;!important">Delete : </label>
<label style="width:10%;!important">
<input type="checkbox" name="group-delete">
</label>
<button id="save-permission-group" type="submit">Save</button>
</div>
<p id="group-permission-success" class="hidden alert alert-success text-center"></p>
<p id="group-permission-error" class="hidden alert alert-error text-center"></p>
</form>
</div>
<form name="publication-json" id="publication-json" class="text-center">
<div id="advancedSettingBlock">
<h3 class="toggleSetting">Advanced setting</h3>
@@ -155,8 +221,18 @@
var publicationForm = publicationEdit.find("#publication-data-form");
var publicationParent = publicationEdit.find("#publication_parent");
var profileField = publicationEdit.find("#profile-field");
var userList = publicationEdit.find("#user-list");
var groupList = publicationEdit.find("#group-list");
var advancedSetting = publicationEdit.find("#advancedSetting");
var userView = publicationEdit.find('input[name=user-view]');
var userEdit = publicationEdit.find('input[name=user-edit]');
var userDelete = publicationEdit.find('input[name=user-delete]');
var groupView = publicationEdit.find('input[name=group-view]');
var groupEdit = publicationEdit.find('input[name=group-edit]');
var groupDelete = publicationEdit.find('input[name=group-delete]');
var publicationFieldClass = publicationEdit.find(".publication-field");
$.datepicker.regional['default'] = {
@@ -207,7 +283,7 @@
url: `/prod/expose/list-profile?exposeName={{ exposeName }}`,
success: function (data) {
profileField.empty().html('<option value="">Select Profile</option>');
for (i = 0; i < data.profiles.length; i++) {
for (let i = 0; i < data.profiles.length; i++) {
let selected = '';
if ({{ nbProfile }} && data.profiles[i].id === '{{ publication.profile.id }}') {
selected = 'selected="selected"';
@@ -223,6 +299,36 @@
}
});
$.ajax({
type: "GET",
url: `/prod/expose/list/users?exposeName={{ exposeName }}`,
success: function (data) {
userList.empty().html('<option value="">Select an User</option>');
for (i = 0; i < data.list.length; i++) {
userList.append('<option ' +
'value=' + data.list[i].id +' >'
+ data.list[i].username +
'</option>'
);
}
}
});
$.ajax({
type: "GET",
url: `/prod/expose/list/users?groups=1&exposeName={{ exposeName }}`,
success: function (data) {
groupList.empty().html('<option value="">Select a Group</option>');
for (i = 0; i < data.list.length; i++) {
groupList.append('<option ' +
'value=' + data.list[i].id +' >'
+ data.list[i].name +
'</option>'
);
}
}
});
});
/**convert Object data to Json**/
@@ -374,6 +480,102 @@
});
publicationEdit.find('#permission-user').on('submit', function (e) {
e.preventDefault();
let mask = 0;
if (userView.is(':checked')) {
mask = mask | 1;
}
if (userEdit.is(':checked')) {
mask = mask | 4;
}
if (userDelete.is(':checked')) {
mask = mask | 8;
}
if (userList.val() !== '') {
publicationEdit.find("#user-permission-error").addClass("hidden");
publicationEdit.find("#user-permission-success").addClass("hidden");
$.ajax({
type: "POST",
url: "/prod/expose/publication/permission/update",
dataType: 'json',
data: {
exposeName: "{{ exposeName }}",
jsonData: {
userType: "user",
userId: userList.val(),
objectType: "publication",
objectId: "{{ publication.id }}",
mask: mask
}
},
success: function (data) {
if (data.success) {
publicationEdit.find("#user-permission-error").addClass("hidden");
publicationEdit.find("#user-permission-success").removeClass("hidden").html(data.message);
} else {
publicationEdit.find("#user-permission-success").addClass("hidden");
publicationEdit.find("#user-permission-error").removeClass("hidden").html(data.message);
}
}
});
}
});
publicationEdit.find('#permission-group').on('submit', function (e) {
e.preventDefault();
let mask = 0;
if (groupView.is(':checked')) {
mask = mask | 1;
}
if (groupEdit.is(':checked')) {
mask = mask | 4;
}
if (groupDelete.is(':checked')) {
mask = mask | 8;
}
if (groupList.val() !== '') {
publicationEdit.find("#group-permission-error").addClass("hidden");
publicationEdit.find("#group-permission-success").addClass("hidden");
$.ajax({
type: "POST",
url: "/prod/expose/publication/permission/update",
dataType: 'json',
data: {
exposeName: "{{ exposeName }}",
jsonData: {
userType: "group",
userId: groupList.val(),
objectType: "publication",
objectId: "{{ publication.id }}",
mask: mask
}
},
success: function (data) {
if (data.success) {
publicationEdit.find("#group-permission-error").addClass("hidden");
publicationEdit.find("#group-permission-success").removeClass("hidden").html(data.message);
} else {
publicationEdit.find("#group-permission-success").addClass("hidden");
publicationEdit.find("#group-permission-error").removeClass("hidden").html(data.message);
}
}
});
}
});
</script>
<style>
.visibility-hidden {