AVSDev/sprinkle-uf-tweaks
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added user admin role

Browse Source
This commit is contained in:
Craig Williams
2023-10-06 09:54:45 +01:00
parent aa923dbe52
commit 275de8c6fe
3 changed files with 145 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
src/Controller/RoleController.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Controller;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use UserFrosting\Sprinkle\Account\Database\Models\Role;
use UserFrosting\Sprinkle\Core\Controller\SimpleController;
use UserFrosting\Support\Exception\ForbiddenException;
/**
* Override role controller class to tweak the list of available user roles
*
* @author Craig Williams (craig@avsdev.uk)
*/
class RoleController extends SimpleController
{
/**
* Returns a list of Roles.
*
* Generates a list of roles, optionally paginated, sorted and/or filtered.
* This page requires authentication.
*
* Request type: GET
*
* @param Request $request
* @param Response $response
* @param array $args
*
* @throws ForbiddenException If user is not authorized to access page
*/
public function getList(Request $request, Response $response, $args)
{
// GET parameters
$params = $request->getQueryParams();
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
$adminRole = $authorizer->checkAccess($currentUser, 'uri_roles');
$userRole = $authorizer->checkAccess($currentUser, 'role_list');
if (!$adminRole && !$userRole) {
throw new ForbiddenException();
}
$sprunje = $classMapper->createInstance('role_sprunje', $classMapper, $params);
if ($userRole) {
$siteAdminId = Role::where('slug', 'site-admin')->first()->id;
$sprunje->extendQuery(function($query) {
$query->where('role_id', '!=', $siteAdminId);
});
}
// Be careful how you consume this data - it has not been escaped and contains untrusted user-supplied content.
// For example, if you plan to insert it into an HTML DOM, you must escape it on the client side (or use client-side templating).
return $sprunje->toResponse($response);
}
}