Added a new authorizer method for checking a user has a permission (for use in sprinkle level access checks)

(cherry picked from commit 97ded0eb08)

asset-bundles.json

@@ -2,7 +2,8 @@
     "bundle": {
         "js/admin": {
             "scripts": [
-                "uf-tweaks/js/handlebars-helpers.js"
+                "uf-tweaks/js/handlebars-helpers.js",
+                "uf-tweaks/js/modal-error-handler.js"
             ],
             "options": {
                 "sprinkle": {

assets/uf-tweaks/js/modal-error-handler.js

@@ -0,0 +1,16 @@
+
+/**
+ * Default handling of UF modal error
+ *
+ * This script depends on uf-modal.js
+ *
+ * Target page: *
+ */
+
+$(document).ready(function() {
+    const handleModalError = function() {
+        $(this).ufModal('destroy');
+        $('body').on('renderError.ufModal', handleModalError);
+    }
+    $('body').on('renderError.ufModal', handleModalError);
+});

src/ServicesProvider/ServicesProvider.php

@@ -9,6 +9,7 @@
 
 namespace UserFrosting\Sprinkle\UFTweaks\ServicesProvider;
 
+use Illuminate\Database\Capsule\Manager as Capsule;
 use Monolog\Formatter\LineFormatter;
 use Monolog\Handler\StreamHandler;
 use Monolog\Logger;
@@ -43,10 +44,40 @@ class ServicesProvider
         $container->extend('classMapper', function ($classMapper, $c) {
             $classMapper->setClassMapping('activity_sprunje', 'UserFrosting\Sprinkle\UFTweaks\Sprunje\ActivitySprunje');
             $classMapper->setClassMapping('user', 'UserFrosting\Sprinkle\UFTweaks\Database\Models\User');
+            $classMapper->setClassMapping('user_sprunje', 'UserFrosting\Sprinkle\Organisations\Sprunje\UserSprunje');
 
             return $classMapper;
         });
 
+        /*
+         * Returns a callback that forwards to dashboard if user is already logged in.
+         *
+         * @return callable
+         */
+        $container['redirect.onAlreadyLoggedIn'] = function ($c) {
+            /*
+             * This method is invoked when a user attempts to perform certain public actions when they are already logged in.
+             *
+             * @todo Forward to user's landing page or last visited page
+             * @param  \Psr\Http\Message\ServerRequestInterface $request
+             * @param  \Psr\Http\Message\ResponseInterface      $response
+             * @param  array                                    $args
+             * @return \Psr\Http\Message\ResponseInterface
+             */
+            return function (Request $request, Response $response, array $args) use ($c) {
+                /** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
+                $authorizer = $c->authorizer;
+
+                $currentUser = $c->authenticator->user();
+                
+                if ($authorizer->checkAccess($currentUser, 'uri_dashboard')) {
+                    return $response->withRedirect($c->router->pathFor('dashboard'));
+                } else {
+                    return $response->withRedirect($c->router->pathFor('index'));
+                }
+            };
+        };
+
         /*
          * Returns a callback that handles setting the `UF-Redirect` header after a successful login.
          *
@@ -120,6 +151,25 @@ class ServicesProvider
                 }
             );
 
+            /*
+             * Check if the specified user (by user_id) has a particular permission.
+             *
+             * @param  int  $user_id the id of the user.
+             * @param  int  $permission_slug slug of the permission to check.
+             * @return bool true if the user has the permission, false otherwise.
+             */
+            $authorizer->addCallback(
+                'has_permission',
+                function ($user_id, $permission_slug) {
+                    return Capsule::table('role_users')
+                        ->join('permission_roles', 'role_users.role_id', '=', 'permission_roles.role_id')
+                        ->join('permissions', 'permission_roles.permission_id', '=', 'permissions.id')
+                        ->where('user_id', $user_id)
+                        ->where('slug', $permission_slug)
+                        ->count() > 0;
+                }
+            );
+
             return $authorizer;
         });
 

src/Sprunje/UserSprunje.php

@@ -0,0 +1,48 @@
+<?php
+
+/*
+ * AVSDev UF Tweaks (https://avsdev.uk)
+ *
+ * @link      https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
+ * @license   https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
+ */
+
+namespace UserFrosting\Sprinkle\UFTweaks\Sprunje;
+
+use Illuminate\Database\Schema\Builder;
+use UserFrosting\Sprinkle\Admin\Sprunje\UserSprunje as UFUserSprunje;
+
+/**
+ * UserSprunje.
+ *
+ * Extends User sprunje to make name filtering case-insensitive and include username
+ *
+ * @author Craig Williams (https://avsdev.uk)
+ */
+class UserSprunje extends UFUserSprunje
+{
+    /**
+     * Filter LIKE the first name, last name, or email.
+     *
+     * @param Builder $query
+     * @param mixed   $value
+     *
+     * @return self
+     */
+    protected function filterName($query, $value)
+    {
+        // Split value on separator for OR queries
+        $values = explode($this->orSeparator, $value);
+        $query->where(function ($query) use ($values) {
+            foreach ($values as $value) {
+                $likeValue = '%' . mb_strtolower($value) . '%';
+                $query->orWhereRaw('LOWER(first_name) LIKE ?', $likeValue)
+                ->orWhereRaw('LOWER(last_name) LIKE ?', $likeValue)
+                ->orWhereRaw('LOWER(email) LIKE ?', $likeValue)
+                ->orWhereRaw('LOWER(user_name) LIKE ?', $likeValue);
+            }
+        });
+
+        return $this;
+    }
+}