mirror/processwire
1
0
Fork 0
mirror of https://github.com/processwire/processwire.git synced 2025-08-15 11:14:12 +02:00
Code Issues Releases Wiki Activity

Some additional helpful logic and messages added in ProcessRole, plus an update to resolve processwire/processwire-issues#474

Browse Source
This commit is contained in:
Ryan Cramer
2018-01-31 08:10:32 -05:00
parent e917c93d76
commit 03660974ee
1 changed files with 29 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
wire/modules/Process/ProcessRole/ProcessRole.module
View File

@@ -86,8 +86,10 @@ class ProcessRole extends ProcessPageType {
* *
*/ */
public function hookProcessInput(HookEvent $event) { public function hookProcessInput(HookEvent $event) {
if($event->wire('input')->post('_pw_page_name')) { static $n = 0;
if(!$n && $event->wire('input')->post('_pw_page_name')) {
$this->savePermissionOptions(); $this->savePermissionOptions();
$n++;
} }
} }
@@ -574,6 +576,7 @@ class ProcessRole extends ProcessPageType {
/** @var Template $template */ /** @var Template $template */
if(!$template->useRoles) continue; if(!$template->useRoles) continue;
if($template->flags & Template::flagSystem) continue;
$updates = array(); $updates = array();
$createRoles = $template->createRoles; $createRoles = $template->createRoles;
@@ -599,8 +602,15 @@ class ProcessRole extends ProcessPageType {
if($isGuestRole || !$guestHasView) { if($isGuestRole || !$guestHasView) {
$template->removeRole($role); $template->removeRole($role);
$updates[] = "Removed page-view from template $template->name"; $updates[] = "Removed page-view from template $template->name";
// view is a pre-requisite for edit, add and create permissions
if($edit) $updates[] = "Also removed all edit-related permissions because edit requires view permission";
} }
} }
if($isGuestRole || !$guestHasView) {
$edit = false;
$add = false;
$create = false;
}
} }
if(!$isGuestRole) { if(!$isGuestRole) {
@@ -654,12 +664,29 @@ class ProcessRole extends ProcessPageType {
foreach($adds as $key => $permissionID) { foreach($adds as $key => $permissionID) {
// force as strings // force as strings
$adds[$key] = "$permissionID"; $adds[$key] = "$permissionID"; // placement intentional
if(!$edit) {
/** @var Permission $permission */
$permission = $this->wire('permissions')->get((int) $permissionID);
if(!$permission->id) continue;
$parentPermission = $permission->getParentPermission();
// if permission requires page-edit, and user doesn't have page-edit, don't allow it to be added
if($parentPermission->name == 'page-edit') {
unset($adds[$key]); // placement intentional
$this->warning(sprintf(
$this->_('Permission “%1$s” for template “%2$s” not allowed (requires “%3$s” permission)'),
$permission->name, $template->name, $parentPermission->name
));
}
}
} }
foreach($revokes as $key => $permissionID) { foreach($revokes as $key => $permissionID) {
// force as negative integer strings // force as negative integer strings
$revokes[$key] = (string) (-1 * $permissionID); $revokes[$key] = (string) (-1 * $permissionID);
} }
$rolePermissionsNew = array_merge($adds, $revokes); $rolePermissionsNew = array_merge($adds, $revokes);
sort($rolePermissionsNew); sort($rolePermissionsNew);
sort($rolePermissions); sort($rolePermissions);