Skip to content

Commit

Permalink
Fix platform admin permissions in link rendering (CO-2141)
Browse files Browse the repository at this point in the history
  • Loading branch information
Benn Oshrin committed Sep 22, 2021
1 parent 21b8599 commit b18975f
Show file tree
Hide file tree
Showing 2 changed files with 66 additions and 48 deletions.
2 changes: 1 addition & 1 deletion app/src/Template/Element/menuTop.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
?>
<?php if(!empty($vv_user)): ?>
<ul>
<?php if($vv_menu_permissions['gridroles']): ?>
<?php if($vv_menu_permissions['matchgrids']): ?>
<li id="top-menu-platform">
<a class="dropdown-toggle" href="#" role="button" id="platform-dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<span class="top-menu-link-text">
Expand Down
112 changes: 65 additions & 47 deletions app/src/Template/Matchgrids/manage.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,63 +57,81 @@ declare(strict_types = 1);
</div>

<!-- Matchgrid Configuration -->
<?php if($vv_menu_permissions['gridroles']): ?>
<?php
// Determining whether to render the configuration block is a bit tricky,
// basically we have to see if the user has any appropriate permission.
// This will generally be all-or-nothing, but that could change over time.

$renderConfig = false;

if(!empty($vv_cur_mg)) {
// Matchgrid specific models

$models = [
'matchgrid_settings' => 'settings',
'api_users' => 'vpn_key',
'attributes' => 'edit',
'attribute_groups' => 'storage',
'attribute_maps' => 'swap_horiz',
'rules' => 'assignment',
'systems_of_record' => 'gavel',
];

// We'll get most users simply by checking for build permission
$renderConfig = $vv_permissions['build'];

if(!$renderConfig) {
foreach(array_keys($models) as $m) {
if(isset($vv_menu_permissions[$m]) && $vv_menu_permissions[$m]===true) {
$renderConfig = true;
break;
}
}
}
}
?>
<?php if($renderConfig): ?>
<h2><?= __('match.ti.matchgrid.config'); ?></h2>
<ul id="matchgrid-config-menu">
<?php
if(!empty($vv_cur_mg)) {
// Matchgrid specific models

$models = [
'matchgrid_settings' => 'settings',
'api_users' => 'vpn_key',
'attributes' => 'edit',
'attribute_groups' => 'storage',
'attribute_maps' => 'swap_horiz',
'rules' => 'assignment',
'systems_of_record' => 'gavel',
];

foreach($models as $model => $icon) {
if($vv_menu_permissions[$model]) {
print '<li>';

$linkContent = '<em class="material-icons" aria-hidden="true">' . $icon . '</em><span class="menu-title">'
. __('match.ct.'.\Cake\Utility\Inflector::camelize($model), [99])
. '</span>';

print $this->Html->link(
$linkContent,
['plugin' => null,
'controller' => $model,
'action' => 'index',
'matchgrid_id' => $vv_cur_mg->id],
['escape' => false]
);

print '</li>';
}
}

if($vv_permissions['build']) {
foreach($models as $model => $icon) {
if($vv_menu_permissions[$model]) {
print '<li>';
$linkContent = '<em class="material-icons" aria-hidden="true">build</em><span class="menu-title">'
. __('match.op.build')

$linkContent = '<em class="material-icons" aria-hidden="true">' . $icon . '</em><span class="menu-title">'
. __('match.ct.'.\Cake\Utility\Inflector::camelize($model), [99])
. '</span>';

print $this->Html->link(
$linkContent,
['controller' => 'Matchgrids',
'action' => 'build',
$vv_cur_mg->id],
['escape' => false,'confirm' => __('match.op.build.confirm')]
['plugin' => null,
'controller' => $model,
'action' => 'index',
'matchgrid_id' => $vv_cur_mg->id],
['escape' => false]
);

print '</li>';
}
}
}

if($vv_permissions['build']) {
print '<li>';

$linkContent = '<em class="material-icons" aria-hidden="true">build</em><span class="menu-title">'
. __('match.op.build')
. '</span>';

print $this->Html->link(
$linkContent,
['controller' => 'Matchgrids',
'action' => 'build',
$vv_cur_mg->id],
['escape' => false,'confirm' => __('match.op.build.confirm')]
);
print '</li>';
}
?>
</ul>
<?php endif;?>

<?php endif; // $renderConfig ?>
</section>

0 comments on commit b18975f

Please sign in to comment.