Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #20 from Ioannis/Fixes 
Fixes
@aaschenbrener
aaschenbrener committed Apr 8, 2024
2 parents eaf2117 + 2a37569 commit 2bd1a43
Showing 8 changed files with 49 additions and 19 deletions.
24 changes: 16 additions & 8 deletions Controller/GrouperGroupsController.php
View file
@@ -248,10 +248,15 @@ public function findSubscriber(): void
}

/**
* @param bool $self By passes the actAsIdentifier condition
*
* @return null|string
*/
public function getUserId(): ?string
public function getUserId(bool $self = false): ?string
{
if($self) {
return $this->userId;
}
// XXX We are anot acting as but we are impersonating an other user. As a result
// both the actor and the user need to have the same identifier
return $this->actAsIdentifier ?? $this->userId;
@@ -508,11 +513,14 @@ public function isAuthorized(): array|bool
$isActAsEligibilityGroupmember = false;

if(!empty($eligibleGroup)) {
$isActAsEligibilityGroupmember = $this->GrouperGroup->isGroupMember($this->getUserId(), $eligibleGroup, $cfg);
$isActAsEligibilityGroupmember = $this->GrouperGroup->isGroupMember($this->getUserId(self: true),
$eligibleGroup, $cfg);
}

// Determine what operations this user can perform
// Construct the permission set for this user, which will also be passed to the view.

// XXX In ActAs mode not edit actions are allowed
$p = [];

$p['index'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
@@ -524,16 +532,16 @@ public function isAuthorized(): array|bool
$p['groupmemberapi'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['getBaseConfig'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['groupSubscribers'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['addSubscriber'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['addSubscriber'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']) && !$isActAsEligibilityGroupmember;
$p['findSubscriber'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['usermanager'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['usermanagerapi'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['removeSubscriber'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['removeSubscriber'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']) && !$isActAsEligibilityGroupmember;

$p['groupCreate'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['joinGroup'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['leaveGroup'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['groupcreatetemplate'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']);
$p['groupCreate'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']) && !$isActAsEligibilityGroupmember;
$p['joinGroup'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']) && !$isActAsEligibilityGroupmember;
$p['leaveGroup'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']) && !$isActAsEligibilityGroupmember;
$p['groupcreatetemplate'] = ($roles['cmadmin'] || $roles['coadmin'] || $roles['comember']) && !$isActAsEligibilityGroupmember;
$p['actAsAction'] = $isActAsEligibilityGroupmember;

$this->set('permissions', $p);
1 change: 0 additions & 1 deletion View/Elements/ActAsPeopleAutocomplete.ctp
View file
@@ -165,7 +165,6 @@ $suffix = Configure::read('debug') > 0 ? '?time=' . time() : '';
<Autocomplete v-if="!loading"
@callback="(item) => addUser(item)"
:action="action"
:forceDisableBtn="loading"
icon=""/>
`
});
1 change: 1 addition & 0 deletions View/Elements/ActionSideBar.ctp
View file
@@ -24,6 +24,7 @@
<?= $this->element('ActAsPeopleAutocomplete',
compact('vv_config',
'vv_coid',
'vv_act_as_people',
'vv_is_user_owner',
'htmlId')
)?>
10 changes: 10 additions & 0 deletions webroot/css/co-grouper-base.css
View file
@@ -22,6 +22,16 @@
font-size: 0.8rem;
}

button:disabled,
input[type=button]:disabled,
input[type=button][disabled],
button[disabled]{
background:#999 !important;
color:#ffffff !important;
border: none !important;
cursor: not-allowed;
}

#content .material-icons.lg {
font-size: 1.2rem;
}
10 changes: 7 additions & 3 deletions webroot/js/autocomplete.js
View file
@@ -10,7 +10,7 @@ export default {
type: String,
default: 'add'
},
forceDisableBtn: {
forceDisable: {
type: Boolean,
default: false
},
@@ -23,7 +23,7 @@ export default {
default: ''
}
},
inject: ['txt', 'api', 'all'],
inject: ['txt', 'api', 'other'],
data() {
return {
search: '',
@@ -45,7 +45,7 @@ export default {
enableBtnFunc() {
// The minimum length that i start search is 3. So we only enable the button when
// the input text value has at least three characters
return this.enableBtn && !this.forceDisableBtn
return this.enableBtn && !this.forceDisable
},
},
computed: {
@@ -62,6 +62,9 @@ export default {
this.url = `${this.api.find}?co=${this.api.co}&mode=${this.api.mode}&page=${this.page}&limit=${this.limit}`
input.autocomplete({
source: ( request, response ) => {
if(this.forceDisable) {
return ["Not allowed"]
}
$(`#autocomplete-search-container-${this.action} .co-loading-mini`).show();
$.ajax({
url: this.url,
@@ -117,6 +120,7 @@ export default {
name="display"
class="form-control"
v-model="search"
:disabled="this.forceDisable"
:placeholder="txt.peoplePickerPlaceHolder"/>
<span class="co-loading-mini"><span></span><span></span><span></span></span>
</span>
8 changes: 5 additions & 3 deletions webroot/js/groups-table.js
View file
@@ -11,6 +11,7 @@ export default {
return status === 'T' ? 'Enabled' : 'Disabled'
}
},
inject: ['txt', 'api', 'other'],
created() {},
template: /*html*/`
<table class="table w-100 mb-0" v-if="groups.length > 0">
@@ -38,7 +39,7 @@ export default {
v-if="$attrs.onJoinGroup"
@click="$emit('joinGroup', group)"
class="btn btn-sm btn-block text-nowrap m-1 btn-success" type="button"
:disabled="group.loading">
:disabled="group.loading || this.other.hasActAs">
{{ txt.join }}
&nbsp;
<em class="material-icons mt-0 ml-1" aria-hidden="true">{{ person }}</em>
@@ -47,7 +48,7 @@ export default {
v-if="$attrs.onLeaveGroup"
@click="$emit('leaveGroup', group)"
class="btn btn-sm btn-block text-nowrap m-1 btn-danger" type="button"
:disabled="group.loading">
:disabled="group.loading || this.other.hasActAs">
{{ txt.leave }}<em class="material-icons mt-0 ml-1" aria-hidden="true">{{ person_off }}</em>
</button>
</template>
@@ -57,14 +58,15 @@ export default {
class="btn btn-grouper btn-block btn-primary btn-sm m-1 text-nowrap members-btn"
@click="$emit('showSubscribers', group)"
:data-id="encodeURIComponent(group.name)"
:disabled="this.other.hasActAs"
:data-name="group.displayExtension">{{ txt.members }}<em class="material-icons mt-0 ml-1" aria-hidden="true">group</em>
</button>
<!-- Remove from Group i manage -->
<button
v-if="$attrs.onRemoveUser"
class="btn btn-sm btn-block text-nowrap m-1 btn-danger" type="button"
@click="$emit('removeUser', group)"
:disabled="group.loading"
:disabled="group.loading || this.other.hasActAs"
:data-id="encodeURIComponent(group.name)"
:data-name="group.displayExtension">
{{ txt.remove }}<em class="material-icons mt-0 ml-1" aria-hidden="true">{{ person_off }}</em>
9 changes: 6 additions & 3 deletions webroot/js/members.js
View file
@@ -34,7 +34,7 @@ export default {
remove: Boolean,
default: false
},
inject: ['txt', 'api'],
inject: ['txt', 'api', 'other'],
components: {
Loader,
Autocomplete
@@ -163,7 +163,8 @@ export default {
<div class="d-flex mb-4">
<form id="add-user-form" class="add-user-form w-100">
<label class="sr-only" for="addUser">{{ txt.search }}</label>
<autocomplete @callback="(item) => addSubscriber(item)" :forceDisableBtn="loading"/>
<autocomplete @callback="(item) => addSubscriber(item)"
:forceDisable="loading || this.other.hasActAs"/>
</form>
</div>
</div>
@@ -182,7 +183,9 @@ export default {
{{ subscriber.id }}
</td>
<td v-if="remove">
<button :disabled="disabled.indexOf(subscriber.id) > -1" @click="removeSubscriber(group, subscriber)" class="btn btn-grouper btn-block btn-primary btn-sm m-1 text-nowrap member-del-btn">
<button :disabled="disabled.indexOf(subscriber.id) > -1 || this.other.hasActAs"
@click="removeSubscriber(group, subscriber)"
class="btn btn-grouper btn-block btn-danger btn-sm m-1 text-nowrap member-del-btn">
{{ txt.remove }}
</button>
</td>
5 changes: 4 additions & 1 deletion webroot/js/nested-table.js
View file
@@ -39,7 +39,10 @@ export default {
<collapse :default="collapsed" v-slot="{toggle, show}">
<tr class="table-light collapse-wg-working-group-parent">
<td :colspan="columns.length - 2">
<button @click="toggle" type="button" class="btn btn-link btn-text collapse-btn fw-bold m-0" role="button" :aria-expanded="show ? 'false' : 'true'">
<button @click="toggle"
type="button"
class="btn btn-link btn-text collapse-btn fw-bold m-0"
role="button" :aria-expanded="show ? 'false' : 'true'">
<span class="grpr-popover-toggle">
{{ wggroup.WGShowName || "No Name" }}
<em class="material-icons mt-0 ml-1 ml-1" aria-hidden="true">{{ show ? 'arrow_drop_down' : 'arrow_right' }}</em>

0 comments on commit 2bd1a43

Please sign in to comment.