AVSDev/sprinkle-organisations
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Tighten some more permissions down

Browse Source
This commit is contained in:
Craig Williams
2022-02-10 18:11:42 +00:00
parent 909b6a93dc
commit 575aa68bca
3 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/Database/Seeds/OrganisationPermissions.php
View File

@@ -60,9 +60,21 @@ class OrganisationPermissions extends BaseSeed
'view_organisation_field' => new Permission([ 'view_organisation_field' => new Permission([
'slug' => 'view_organisation_field', 'slug' => 'view_organisation_field',
'name' => 'View organisation', 'name' => 'View organisation',
'conditions' => "in(property,['name','slug','description','members'])", 'conditions' => "in(property,['name','slug','description'])",
'description' => 'View certain properties of any organisation.', 'description' => 'View certain properties of any organisation.',
]), ]),
'view_organisation_members_field' => new Permission([
'slug' => 'view_organisation_field',
'name' => 'View organisation members field',
'conditions' => "in(property,['members'])",
'description' => 'View members field of any organisation.',
]),
'view_organisation_members' => new Permission([
'slug' => 'view_organisation_members',
'name' => 'View organisation members',
'conditions' => "always()",
'description' => 'View members of any organisation.',
]),
'view_organisation_field_own' => new Permission([ 'view_organisation_field_own' => new Permission([
'slug' => 'view_organisation_field', 'slug' => 'view_organisation_field',
'name' => 'View own organisation', 'name' => 'View own organisation',
@@ -194,6 +206,8 @@ class OrganisationPermissions extends BaseSeed
$roleOrgAdmin->permissions()->syncWithoutDetaching([ $roleOrgAdmin->permissions()->syncWithoutDetaching([
$permissions['create_organisation']->id, $permissions['create_organisation']->id,
$permissions['view_organisation_field']->id, $permissions['view_organisation_field']->id,
$permissions['view_organisation_members_field']->id,
$permissions['view_organisation_members']->id,
$permissions['update_organisation_field']->id, $permissions['update_organisation_field']->id,
$permissions['approve_organisation']->id, $permissions['approve_organisation']->id,
$permissions['merge_organisations']->id, $permissions['merge_organisations']->id,

4
src/Twig/OrganisationsExtension.php
View File

@@ -62,6 +62,10 @@ class OrganisationsExtension extends AbstractExtension implements GlobalsInterfa
return $authorizer->runCallback($currentUser, 'is_organisation_admin', $currentUser->id, $organisation->id); return $authorizer->runCallback($currentUser, 'is_organisation_admin', $currentUser->id, $organisation->id);
}), }),
new TwigFunction('hasRole', function ($roleSlug) {
$currentUser = $this->services->currentUser;
return $currentUser->roles()->where('slug', $roleSlug)->count() > 0;
}),
]; ];
} }

10
templates/tables/organisations.html.twig
View File

@@ -14,8 +14,10 @@
<th class="sorter-metatext" data-column-name="name" data-column-template="#organisation-table-column-info" data-priority="1">{{translate('ORGANISATION')}} <i class="fas fa-sort"></i></th> <th class="sorter-metatext" data-column-name="name" data-column-template="#organisation-table-column-info" data-priority="1">{{translate('ORGANISATION')}} <i class="fas fa-sort"></i></th>
<th class="sorter-metatext" data-column-name="description" data-column-template="#organisation-table-column-description" data-priority="2">{{translate("DESCRIPTION")}} <i class="fas fa-sort"></i></th> <th class="sorter-metatext" data-column-name="description" data-column-template="#organisation-table-column-description" data-priority="2">{{translate("DESCRIPTION")}} <i class="fas fa-sort"></i></th>
<th class="filter-select filter-metatext" data-column-name="status" data-column-template="#user-table-column-status" data-priority="2">{{translate("STATUS")}} <i class="fas fa-sort"></i></th> <th class="filter-select filter-metatext" data-column-name="status" data-column-template="#user-table-column-status" data-priority="2">{{translate("STATUS")}} <i class="fas fa-sort"></i></th>
{% if checkAccess('view_organisation_members') %}
<th class="sorter-metanum" data-column-name="member_count" data-column-template="#organisation-table-column-memberCount" data-priority="2">{{translate("ORGANISATION.MEMBER_COUNT")}} <i class="fas fa-sort"></i></th> <th class="sorter-metanum" data-column-name="member_count" data-column-template="#organisation-table-column-memberCount" data-priority="2">{{translate("ORGANISATION.MEMBER_COUNT")}} <i class="fas fa-sort"></i></th>
<th class="sorter-metanum" data-column-name="admin_count" data-column-template="#organisation-table-column-adminCount" data-priority="2">{{translate("ORGANISATION.ADMIN_COUNT")}} <i class="fas fa-sort"></i></th> <th class="sorter-metanum" data-column-name="admin_count" data-column-template="#organisation-table-column-adminCount" data-priority="2">{{translate("ORGANISATION.ADMIN_COUNT")}} <i class="fas fa-sort"></i></th>
{% endif %}
<th data-column-template="#organisation-table-column-actions" data-sorter="false" data-filter="false" data-priority="1">{{translate("ACTIONS")}}</th> <th data-column-template="#organisation-table-column-actions" data-sorter="false" data-filter="false" data-priority="1">{{translate("ACTIONS")}}</th>
</tr> </tr>
</thead> </thead>
@@ -35,7 +37,15 @@
<script id="organisation-table-column-info" type="text/x-handlebars-template"> <script id="organisation-table-column-info" type="text/x-handlebars-template">
<td data-text="{{row.name}}"> <td data-text="{{row.name}}">
<strong> <strong>
{{#ifx row.is_member '==' 1 }}
<a href="{{site.uri.public}}/organisations/o/{{row.slug}}">{{row.name}}</a> <a href="{{site.uri.public}}/organisations/o/{{row.slug}}">{{row.name}}</a>
{{ else }}
{% endverbatim %}{% if hasRole('organisations-admin') or hasRole('site-admin') %}{% verbatim %}
<a href="{{site.uri.public}}/organisations/o/{{row.slug}}">{{row.name}}</a>
{% endverbatim %}{% else %}{% verbatim %}
{{row.name}}
{% endverbatim %}{% endif %}{% verbatim %}
{{/ifx }}
</strong> </strong>
</td> </td>
</script> </script>