TPS
/
ORIENT
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added ability to filter down the permissions presented by the PermissionEditor 

You can now specify an array of "availablePermissions" to the PermissionEditor FormWidget that it will use to further down the list of permissions that are up for managment by the current user.
This commit is contained in:
Luke Towers 2019-10-15 17:37:59 -06:00
parent a69c76116f
commit fa93781645
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
modules/backend/formwidgets/PermissionEditor.php
View File

@ -23,6 +23,10 @@ use BackendAuth;
* 1: Explicitly allow the permission
* -1: Explicitly deny the permission
*
* Available permissions can be defined in the form of an array of permission codes to allow:
* NOTE: Users are still not allowed to modify permissions that they themselves do not have access to
* availablePermissions: ['some.author.permission', 'some.other.permission', 'etc.some.system.permission']
*
* @package october\backend
* @author Alexey Bobkov, Samuel Georges
*/
@ -35,13 +39,19 @@ class PermissionEditor extends FormWidgetBase
*/
public $mode = 'radio';
/**
* @var array Permission codes to allow to be interacted with through this widget
*/
public $availablePermissions;
/**
* @inheritDoc
*/
public function init()
{
$this->fillFromConfig([
'mode'
'mode',
'availablePermissions',
]);
$this->user = BackendAuth::getUser();
@ -137,13 +147,13 @@ class PermissionEditor extends FormWidgetBase
{
$permissions = BackendAuth::listTabbedPermissions();
if ($this->user->isSuperUser()) {
return $permissions;
}
foreach ($permissions as $tab => $permissionsArray) {
foreach ($permissionsArray as $index => $permission) {
if (!$this->user->hasAccess($permission->code)) {
if (!$this->user->hasAccess($permission->code) ||
(
is_array($this->availablePermissions) &&
!in_array($permission->code, $this->availablePermissions)
)) {
unset($permissionsArray[$index]);
}
}