winter/modules/backend/controllers/UserRoles.php

<?php namespace Backend\Controllers;

use View;
use Response;
use BackendMenu;
use Backend\Classes\Controller;
use System\Classes\SettingsManager;

/**
 * Backend user groups controller
 *
 * @package october\backend
 * @author Alexey Bobkov, Samuel Georges
 *
 */
class UserRoles extends Controller
{
    /**
     * @var array Extensions implemented by this controller.
     */
    public $implement = [
        \Backend\Behaviors\FormController::class,
        \Backend\Behaviors\ListController::class
    ];

    /**
     * @var array `FormController` configuration.
     */
    public $formConfig = 'config_form.yaml';

    /**
     * @var array `ListController` configuration.
     */
    public $listConfig = 'config_list.yaml';

    /**
     * @var array Permissions required to view this page.
     */
    public $requiredPermissions = ['backend.manage_users'];

    /**
     * Constructor.
     */
    public function __construct()
    {
        parent::__construct();

        BackendMenu::setContext('October.System', 'system', 'users');
        SettingsManager::setContext('October.System', 'administrators');

        /*
         * Only super users can access
         */
        $this->bindEvent('page.beforeDisplay', function () {
            if (!$this->user->isSuperUser()) {
                return Response::make(View::make('backend::access_denied'), 403);
            }
        });
    }

    /**
     * Add available permission fields to the Role form.
     */
    public function formExtendFields($form)
    {
        /*
         * Add permissions tab
         */
        $form->addTabFields($this->generatePermissionsField());
    }

    /**
     * Adds the permissions editor widget to the form.
     * @return array
     */
    protected function generatePermissionsField()
    {
        return [
            'permissions' => [
                'tab' => 'backend::lang.user.permissions',
                'type' => 'Backend\FormWidgets\PermissionEditor',
                'mode' => 'checkbox'
            ]
        ];
    }
}
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`<?php namespace Backend\Controllers;`

Introduce concept of system roles These are roles defined by a special API code, once a system role code is detected, the role becomes locked and its permissions are sourced from the AuthManager. All permissions are granted to system roles by default, unless otherwise specified. This should make it easier to create client accounts as "Publishers", hiding developer tools like the CMS and Builder plugins by default. 2017-07-13 19:29:50 +10:00			`use View;`
			`use Response;`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`use BackendMenu;`
			`use Backend\Classes\Controller;`
			`use System\Classes\SettingsManager;`

			`/**`
			`* Backend user groups controller`
			`*`
			`* @package october\backend`
			`* @author Alexey Bobkov, Samuel Georges`
			`*`
			`*/`
			`class UserRoles extends Controller`
			`{`
Code doc improvements 2017-07-27 17:35:14 +10:00			`/**`
			`* @var array Extensions implemented by this controller.`
			`*/`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`public $implement = [`
Code doc improvements 2017-07-27 17:35:14 +10:00			`\Backend\Behaviors\FormController::class,`
			`\Backend\Behaviors\ListController::class`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`];`

Code doc improvements 2017-07-27 17:35:14 +10:00			`/**`
			* @var array `FormController` configuration.
			`*/`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`public $formConfig = 'config_form.yaml';`
Code doc improvements 2017-07-27 17:35:14 +10:00
			`/**`
			* @var array `ListController` configuration.
			`*/`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`public $listConfig = 'config_list.yaml';`

Code doc improvements 2017-07-27 17:35:14 +10:00			`/**`
			`* @var array Permissions required to view this page.`
			`*/`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`public $requiredPermissions = ['backend.manage_users'];`

Code doc improvements 2017-07-27 17:35:14 +10:00			`/**`
			`* Constructor.`
			`*/`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`public function __construct()`
			`{`
			`parent::__construct();`

			`BackendMenu::setContext('October.System', 'system', 'users');`
			`SettingsManager::setContext('October.System', 'administrators');`
Introduce concept of system roles These are roles defined by a special API code, once a system role code is detected, the role becomes locked and its permissions are sourced from the AuthManager. All permissions are granted to system roles by default, unless otherwise specified. This should make it easier to create client accounts as "Publishers", hiding developer tools like the CMS and Builder plugins by default. 2017-07-13 19:29:50 +10:00
			`/*`
			`* Only super users can access`
			`*/`
Code quality clean up (#4449) Credit to @bennothommo 2019-07-18 22:50:37 +08:00			`$this->bindEvent('page.beforeDisplay', function () {`
Introduce concept of system roles These are roles defined by a special API code, once a system role code is detected, the role becomes locked and its permissions are sourced from the AuthManager. All permissions are granted to system roles by default, unless otherwise specified. This should make it easier to create client accounts as "Publishers", hiding developer tools like the CMS and Builder plugins by default. 2017-07-13 19:29:50 +10:00			`if (!$this->user->isSuperUser()) {`
			`return Response::make(View::make('backend::access_denied'), 403);`
			`}`
			`});`
Create migrate script to split permissions out Permissions have been moved from Groups to a new Role model Refs #2367 2017-07-11 19:17:44 +10:00			`}`

			`/**`
			`* Add available permission fields to the Role form.`
			`*/`
			`public function formExtendFields($form)`
			`{`
			`/*`
			`* Add permissions tab`
			`*/`
			`$form->addTabFields($this->generatePermissionsField());`
			`}`

			`/**`
			`* Adds the permissions editor widget to the form.`
			`* @return array`
			`*/`
			`protected function generatePermissionsField()`
			`{`
			`return [`
			`'permissions' => [`
			`'tab' => 'backend::lang.user.permissions',`
			`'type' => 'Backend\FormWidgets\PermissionEditor',`
			`'mode' => 'checkbox'`
			`]`
			`];`
			`}`
			`}`