mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-08-07 08:56:38 +02:00
Code Issues Releases Wiki Activity

Implement hidden permission groups (#2129)

Browse Source 
Only users that have the new `viewHiddenGroups` permissions will be able to see these groups.

You might want this when you want to give certain users special permissions, but don't want to make your authorization scheme public to regular users.

Co-authored-by: luceos <daniel+github@klabbers.email>
This commit is contained in:
Alexander Skvortsov
2020-04-21 11:49:53 -04:00
committed by GitHub
parent df8f73bd3d
commit 6e8884f190
13 changed files with 130 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Api/Controller/ListGroupsController.php
View File

@@ -26,6 +26,8 @@ class ListGroupsController extends AbstractListController
*/
protected function data(ServerRequestInterface $request, Document $document)
{
return Group::all();
$actor = $request->getAttribute('actor');
return Group::whereVisibleTo($actor)->get();
}
}

6
src/Api/Serializer/BasicUserSerializer.php
View File

@@ -45,6 +45,10 @@ class BasicUserSerializer extends AbstractSerializer
*/
protected function groups($user)
{
return $this->hasMany($user, GroupSerializer::class);
if ($this->getActor()->can('viewHiddenGroups')) {
return $this->hasMany($user, GroupSerializer::class);
}
return $this->hasMany($user, GroupSerializer::class, 'visibleGroups');
}
}

1
src/Api/Serializer/GroupSerializer.php
View File

@@ -52,6 +52,7 @@ class GroupSerializer extends AbstractSerializer
'namePlural' => $this->translateGroupName($group->name_plural),
'color' => $group->color,
'icon' => $group->icon,
'isHidden' => $group->is_hidden
];
}

3
src/Group/Command/CreateGroupHandler.php
View File

@@ -54,7 +54,8 @@ class CreateGroupHandler
Arr::get($data, 'attributes.nameSingular'),
Arr::get($data, 'attributes.namePlural'),
Arr::get($data, 'attributes.color'),
Arr::get($data, 'attributes.icon')
Arr::get($data, 'attributes.icon'),
Arr::get($data, 'attributes.isHidden', false)
);
$this->events->dispatch(

4
src/Group/Command/EditGroupHandler.php
View File

@@ -74,6 +74,10 @@ class EditGroupHandler
$group->icon = $attributes['icon'];
}
if (isset($attributes['isHidden'])) {
$group->is_hidden = $attributes['isHidden'];
}
$this->events->dispatch(
new Saving($group, $actor, $data)
);

5
src/Group/Group.php
View File

@@ -23,6 +23,7 @@ use Flarum\User\User;
* @property string $name_plural
* @property string|null $color
* @property string|null $icon
* @property bool $is_hidden
* @property \Illuminate\Database\Eloquent\Collection $users
* @property \Illuminate\Database\Eloquent\Collection $permissions
*/
@@ -72,9 +73,10 @@ class Group extends AbstractModel
* @param string $namePlural
* @param string $color
* @param string $icon
* @param bool $isHidden
* @return static
*/
public static function build($nameSingular, $namePlural, $color, $icon)
public static function build($nameSingular, $namePlural, $color = null, $icon = null, bool $isHidden = false): self
{
$group = new static;
@@ -82,6 +84,7 @@ class Group extends AbstractModel
$group->name_plural = $namePlural;
$group->color = $color;
$group->icon = $icon;
$group->is_hidden = $isHidden;
$group->raise(new Created($group));

12
src/Group/GroupPolicy.php
View File

@@ -11,6 +11,7 @@ namespace Flarum\Group;
use Flarum\User\AbstractPolicy;
use Flarum\User\User;
use Illuminate\Database\Eloquent\Builder;
class GroupPolicy extends AbstractPolicy
{
@@ -30,4 +31,15 @@ class GroupPolicy extends AbstractPolicy
return true;
}
}
/**
* @param User $actor
* @param Builder $query
*/
public function find(User $actor, Builder $query)
{
if ($actor->cannot('viewHiddenGroups')) {
$query->where('is_hidden', false);
}
}
}

5
src/User/User.php
View File

@@ -606,6 +606,11 @@ class User extends AbstractModel
return $this->belongsToMany(Group::class);
}
public function visibleGroups()
{
return $this->belongsToMany(Group::class)->where('is_hidden', false);
}
/**
* Define the relationship with the user's notifications.
*