mirror of
https://github.com/wintercms/winter.git
synced 2024-06-28 05:33:29 +02:00
69e56b0b5b
Fixes #3315 by moving the manipulation of the filter widget scopes to the controller event method instead of before any part of the controller constructor method is run.
184 lines
4.6 KiB
PHP
184 lines
4.6 KiB
PHP
<?php namespace Backend\Controllers;
|
|
|
|
use Backend;
|
|
use BackendMenu;
|
|
use BackendAuth;
|
|
use Backend\Models\UserGroup;
|
|
use Backend\Classes\Controller;
|
|
use System\Classes\SettingsManager;
|
|
|
|
/**
|
|
* Backend user controller
|
|
*
|
|
* @package october\backend
|
|
* @author Alexey Bobkov, Samuel Georges
|
|
*
|
|
*/
|
|
class Users extends Controller
|
|
{
|
|
/**
|
|
* @var array Extensions implemented by this controller.
|
|
*/
|
|
public $implement = [
|
|
\Backend\Behaviors\FormController::class,
|
|
\Backend\Behaviors\ListController::class
|
|
];
|
|
|
|
/**
|
|
* @var array `FormController` configuration.
|
|
*/
|
|
public $formConfig = 'config_form.yaml';
|
|
|
|
/**
|
|
* @var array `ListController` configuration.
|
|
*/
|
|
public $listConfig = 'config_list.yaml';
|
|
|
|
/**
|
|
* @var array Permissions required to view this page.
|
|
*/
|
|
public $requiredPermissions = ['backend.manage_users'];
|
|
|
|
/**
|
|
* @var string HTML body tag class
|
|
*/
|
|
public $bodyClass = 'compact-container';
|
|
|
|
/**
|
|
* Constructor.
|
|
*/
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
|
|
if ($this->action == 'myaccount') {
|
|
$this->requiredPermissions = null;
|
|
}
|
|
|
|
BackendMenu::setContext('October.System', 'system', 'users');
|
|
SettingsManager::setContext('October.System', 'administrators');
|
|
}
|
|
|
|
/**
|
|
* Extends the list query to hide superusers if the current user is not a superuser themselves
|
|
*/
|
|
public function listExtendQuery($query)
|
|
{
|
|
if (!$this->user->isSuperUser()) {
|
|
$query->where('is_superuser', false);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Prevents non-superusers from even seeing the is_superuser filter
|
|
*/
|
|
public function listFilterExtendScopes($filterWidget)
|
|
{
|
|
if (!$this->user->isSuperUser()) {
|
|
$filterWidget->removeScope('is_superuser');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Extends the form query to prevent non-superusers from accessing superusers at all
|
|
*/
|
|
public function formExtendQuery($query)
|
|
{
|
|
if (!$this->user->isSuperUser()) {
|
|
$query->where('is_superuser', false);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Update controller
|
|
*/
|
|
public function update($recordId, $context = null)
|
|
{
|
|
// Users cannot edit themselves, only use My Settings
|
|
if ($context != 'myaccount' && $recordId == $this->user->id) {
|
|
return Backend::redirect('backend/users/myaccount');
|
|
}
|
|
|
|
return $this->asExtension('FormController')->update($recordId, $context);
|
|
}
|
|
|
|
/**
|
|
* My Settings controller
|
|
*/
|
|
public function myaccount()
|
|
{
|
|
SettingsManager::setContext('October.Backend', 'myaccount');
|
|
|
|
$this->pageTitle = 'backend::lang.myaccount.menu_label';
|
|
return $this->update($this->user->id, 'myaccount');
|
|
}
|
|
|
|
/**
|
|
* Proxy update onSave event
|
|
*/
|
|
public function myaccount_onSave()
|
|
{
|
|
$result = $this->asExtension('FormController')->update_onSave($this->user->id, 'myaccount');
|
|
|
|
/*
|
|
* If the password or login name has been updated, reauthenticate the user
|
|
*/
|
|
$loginChanged = $this->user->login != post('User[login]');
|
|
$passwordChanged = strlen(post('User[password]'));
|
|
if ($loginChanged || $passwordChanged) {
|
|
BackendAuth::login($this->user->reload(), true);
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Add available permission fields to the User form.
|
|
* Mark default groups as checked for new Users.
|
|
*/
|
|
public function formExtendFields($form)
|
|
{
|
|
if ($form->getContext() == 'myaccount') {
|
|
return;
|
|
}
|
|
|
|
if (!$this->user->isSuperUser()) {
|
|
$form->removeField('is_superuser');
|
|
}
|
|
|
|
/*
|
|
* Add permissions tab
|
|
*/
|
|
$form->addTabFields($this->generatePermissionsField());
|
|
|
|
/*
|
|
* Mark default groups
|
|
*/
|
|
if (!$form->model->exists) {
|
|
$defaultGroupIds = UserGroup::where('is_new_user_default', true)->lists('id');
|
|
|
|
$groupField = $form->getField('groups');
|
|
$groupField->value = $defaultGroupIds;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Adds the permissions editor widget to the form.
|
|
* @return array
|
|
*/
|
|
protected function generatePermissionsField()
|
|
{
|
|
return [
|
|
'permissions' => [
|
|
'tab' => 'backend::lang.user.permissions',
|
|
'type' => 'Backend\FormWidgets\PermissionEditor',
|
|
'trigger' => [
|
|
'action' => 'disable',
|
|
'field' => 'is_superuser',
|
|
'condition' => 'checked'
|
|
]
|
|
]
|
|
];
|
|
}
|
|
}
|