Mibew/mibew
1
0
Fork 0
mirror of https://github.com/Mibew/mibew.git synced 2024-11-15 08:34:11 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #219 from Mibew/new_perms

Browse Source 
New permissions
This commit is contained in:
Fedor A. Fetisov 2018-01-16 18:33:46 +03:00 committed by GitHub
commit 324a85fb7f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 82 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/mibew/configs/routing.yml
View File

@ -187,21 +187,24 @@ canned_message_add:
path: /operator/canned-message/add path: /operator/canned-message/add
defaults: defaults:
_controller: Mibew\Controller\CannedMessageController::showEditFormAction _controller: Mibew\Controller\CannedMessageController::showEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck _access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
methods: [GET] methods: [GET]
canned_message_add_save: canned_message_add_save:
path: /operator/canned-message/add path: /operator/canned-message/add
defaults: defaults:
_controller: Mibew\Controller\CannedMessageController::submitEditFormAction _controller: Mibew\Controller\CannedMessageController::submitEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck _access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
methods: [POST] methods: [POST]
canned_message_delete: canned_message_delete:
path: /operator/canned-message/{message_id}/delete path: /operator/canned-message/{message_id}/delete
defaults: defaults:
_controller: Mibew\Controller\CannedMessageController::deleteAction _controller: Mibew\Controller\CannedMessageController::deleteAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck _access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
requirements: requirements:
message_id: \d{1,10} message_id: \d{1,10}
@ -209,7 +212,8 @@ canned_message_edit:
path: /operator/canned-message/{message_id}/edit path: /operator/canned-message/{message_id}/edit
defaults: defaults:
_controller: Mibew\Controller\CannedMessageController::showEditFormAction _controller: Mibew\Controller\CannedMessageController::showEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck _access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
requirements: requirements:
message_id: \d{1,10} message_id: \d{1,10}
methods: [GET] methods: [GET]
@ -218,7 +222,8 @@ canned_message_edit_save:
path: /operator/canned-message/{message_id}/edit path: /operator/canned-message/{message_id}/edit
defaults: defaults:
_controller: Mibew\Controller\CannedMessageController::submitEditFormAction _controller: Mibew\Controller\CannedMessageController::submitEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck _access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
requirements: requirements:
message_id: \d{1,10} message_id: \d{1,10}
methods: [POST] methods: [POST]
@ -227,7 +232,8 @@ canned_messages:
path: /operator/canned-message path: /operator/canned-message
defaults: defaults:
_controller: Mibew\Controller\CannedMessageController::indexAction _controller: Mibew\Controller\CannedMessageController::indexAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck _access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
## Groups ## Groups
group_add: group_add:
@ -679,7 +685,8 @@ statistics:
defaults: defaults:
type: "by-date" type: "by-date"
_controller: Mibew\Controller\StatisticsController::indexAction _controller: Mibew\Controller\StatisticsController::indexAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck _access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_VIEWSTATISTICS]
requirements: requirements:
type: by-date|by-operator|by-page type: by-date|by-operator|by-page

5
src/mibew/libs/classes/Mibew/AccessControl/Check/PermissionsCheck.php
View File

@ -69,7 +69,7 @@ class PermissionsCheck extends LoggedInCheck
* *
* @param string $permission_name Name of permission. Can be one of * @param string $permission_name Name of permission. Can be one of
* "CAN_ADMINISTRATE", "CAN_TAKEOVER", "CAN_VIEWTHREADS", * "CAN_ADMINISTRATE", "CAN_TAKEOVER", "CAN_VIEWTHREADS",
* "CAN_MODIFYPROFILE". * "CAN_MODIFYPROFILE", "CAN_VIEWSTATISTICS".
* @return int Permission code. * @return int Permission code.
* @throws \InvalidArgumentException * @throws \InvalidArgumentException
*/ */
@ -88,6 +88,9 @@ class PermissionsCheck extends LoggedInCheck
case 'CAN_MODIFYPROFILE': case 'CAN_MODIFYPROFILE':
$permission_code = CAN_MODIFYPROFILE; $permission_code = CAN_MODIFYPROFILE;
break; break;
case 'CAN_VIEWSTATISTICS':
$permission_code = CAN_VIEWSTATISTICS;
break;
default: default:
throw new \InvalidArgumentException(sprintf('Unknown permission "%s".', $permission_name)); throw new \InvalidArgumentException(sprintf('Unknown permission "%s".', $permission_name));
} }

4
src/mibew/libs/classes/Mibew/Controller/AboutController.php
View File

@ -35,8 +35,10 @@ class AboutController extends AbstractController
*/ */
public function indexAction(Request $request) public function indexAction(Request $request)
{ {
$operator = $this->getOperator();
$page = array_merge( $page = array_merge(
array( array(
'showSystemInfo' => is_capable(CAN_ADMINISTRATE, $operator),
'localizations' => get_available_locales(), 'localizations' => get_available_locales(),
'phpVersion' => phpversion(), 'phpVersion' => phpversion(),
'extensions' => $this->getExtensionsInfo(), 'extensions' => $this->getExtensionsInfo(),
@ -45,7 +47,7 @@ class AboutController extends AbstractController
'menuid' => 'about', 'menuid' => 'about',
'availableUpdates' => $this->getAvailableUpdates(), 'availableUpdates' => $this->getAvailableUpdates(),
), ),
prepare_menu($this->getOperator()) prepare_menu($operator)
); );
return $this->render('about', $page); return $this->render('about', $page);

10
src/mibew/libs/operator.php
View File

@ -51,6 +51,12 @@ define('CAN_VIEWTHREADS', 2);
*/ */
define('CAN_MODIFYPROFILE', 3); define('CAN_MODIFYPROFILE', 3);
/**
* Operator can view system statistics
*/
define('CAN_VIEWSTATISTICS', 4);
/** End of permissions constants */ /** End of permissions constants */
/** /**
@ -62,6 +68,7 @@ function permission_ids()
{ {
return array( return array(
CAN_ADMINISTRATE => "admin", CAN_ADMINISTRATE => "admin",
CAN_VIEWSTATISTICS => "statistics",
CAN_TAKEOVER => "takeover", CAN_TAKEOVER => "takeover",
CAN_VIEWTHREADS => "viewthreads", CAN_VIEWTHREADS => "viewthreads",
CAN_MODIFYPROFILE => "modifyprofile", CAN_MODIFYPROFILE => "modifyprofile",
@ -80,6 +87,7 @@ function permission_descriptions()
{ {
return array( return array(
CAN_ADMINISTRATE => getlocal('System administration: settings, operators management, button generation'), CAN_ADMINISTRATE => getlocal('System administration: settings, operators management, button generation'),
CAN_VIEWSTATISTICS => getlocal('Ability to view system statistics'),
CAN_TAKEOVER => getlocal('Take over chat thread'), CAN_TAKEOVER => getlocal('Take over chat thread'),
CAN_VIEWTHREADS => getlocal('View another operator\'s chat thread'), CAN_VIEWTHREADS => getlocal('View another operator\'s chat thread'),
CAN_MODIFYPROFILE => getlocal('Ability to modify profile'), CAN_MODIFYPROFILE => getlocal('Ability to modify profile'),
@ -693,7 +701,7 @@ function prepare_menu($operator, $has_right = true)
$result['isOnline'] = is_operator_online($operator['operatorid']); $result['isOnline'] = is_operator_online($operator['operatorid']);
if ($has_right) { if ($has_right) {
$result['showban'] = Settings::get('enableban') == "1"; $result['showban'] = Settings::get('enableban') == "1";
$result['showstat'] = Settings::get('enablestatistics') == "1"; $result['showstat'] = is_capable(CAN_VIEWSTATISTICS, $operator) && (Settings::get('enablestatistics') == "1");
$result['showadmin'] = is_capable(CAN_ADMINISTRATE, $operator); $result['showadmin'] = is_capable(CAN_ADMINISTRATE, $operator);
$result['currentopid'] = $operator['operatorid']; $result['currentopid'] = $operator['operatorid'];
} }

16
src/mibew/styles/pages/default/templates_src/server_side/_menu.handlebars
View File

@ -22,11 +22,11 @@
{{/if}} {{/if}}
</ul> </ul>
</li> </li>
<li> {{#if showadmin}}
<h2>{{l10n "Administration"}}</h2> <li>
<ul class="submenu"> <h2>{{l10n "Administration"}}</h2>
<li{{#ifEqual menuid "canned"}} class="active"{{/ifEqual}}><a href="{{route "canned_messages"}}">{{l10n "Canned Messages"}}</a></li> <ul class="submenu">
{{#if showadmin}} <li{{#ifEqual menuid "canned"}} class="active"{{/ifEqual}}><a href="{{route "canned_messages"}}">{{l10n "Canned Messages"}}</a></li>
<li{{#ifEqual menuid "getcode"}} class="active"{{/ifEqual}}><a href="{{route "button_code"}}">{{l10n "Button code"}}</a></li> <li{{#ifEqual menuid "getcode"}} class="active"{{/ifEqual}}><a href="{{route "button_code"}}">{{l10n "Button code"}}</a></li>
<li{{#ifEqual menuid "operators"}} class="active"{{/ifEqual}}><a href="{{route "operators"}}">{{l10n "Operators"}}</a></li> <li{{#ifEqual menuid "operators"}} class="active"{{/ifEqual}}><a href="{{route "operators"}}">{{l10n "Operators"}}</a></li>
<li{{#ifEqual menuid "groups"}} class="active"{{/ifEqual}}><a href="{{route "groups"}}">{{l10n "Groups"}}</a></li> <li{{#ifEqual menuid "groups"}} class="active"{{/ifEqual}}><a href="{{route "groups"}}">{{l10n "Groups"}}</a></li>
@ -35,9 +35,9 @@
<li{{#ifEqual menuid "styles"}} class="active"{{/ifEqual}}><a href="{{route "style_preview" type="page"}}">{{l10n "Styles"}}</a></li> <li{{#ifEqual menuid "styles"}} class="active"{{/ifEqual}}><a href="{{route "style_preview" type="page"}}">{{l10n "Styles"}}</a></li>
<li{{#ifEqual menuid "translation"}} class="active"{{/ifEqual}}><a href="{{route "translations"}}">{{l10n "Localize"}}</a></li> <li{{#ifEqual menuid "translation"}} class="active"{{/ifEqual}}><a href="{{route "translations"}}">{{l10n "Localize"}}</a></li>
<li{{#ifEqual menuid "mail_templates"}} class="active"{{/ifEqual}}><a href="{{route "mail_templates"}}">{{l10n "Mail templates"}}</a></li> <li{{#ifEqual menuid "mail_templates"}} class="active"{{/ifEqual}}><a href="{{route "mail_templates"}}">{{l10n "Mail templates"}}</a></li>
{{/if}} </ul>
</ul> </li>
</li> {{/if}}
<li> <li>
<h2>{{l10n "Other"}}</h2> <h2>{{l10n "Other"}}</h2>
<ul class="submenu"> <ul class="submenu">

66
src/mibew/styles/pages/default/templates_src/server_side/about.handlebars
View File

@ -14,43 +14,45 @@
<p>{{{l10n "Copyright &copy; {0} Contributors of the Mibew Messenger project." "2005-2017"}}}</p> <p>{{{l10n "Copyright &copy; {0} Contributors of the Mibew Messenger project." "2005-2017"}}}</p>
<p>{{{l10n "For more information visit the official site of the project: <a href=\"https://mibew.org/\">https://mibew.org/</a>"}}}</p> <p>{{{l10n "For more information visit the official site of the project: <a href=\"https://mibew.org/\">https://mibew.org/</a>"}}}</p>
<br/><br/> {{#if showSystemInfo}}
<br/><br/>
<h2>{{l10n "System information"}}</h2> <h2>{{l10n "System information"}}</h2>
<h3>{{l10n "You are using:"}}</h3> <h3>{{l10n "You are using:"}}</h3>
<div id="current-version">{{version}}</div> <div id="current-version">{{version}}</div>
<br/> <br/>
<h3>{{l10n "Installed localizations:"}}</h3> <h3>{{l10n "Installed localizations:"}}</h3>
{{#each localizations}} {{#each localizations}}
{{this}} {{this}}
{{/each}}
<br/><br/>
<h3>{{l10n "Environment:"}}</h3>
PHP {{phpVersion}} {{#each extensions}}{{@key}}{{#if loaded}}{{#if version}}/{{version}}{{/if}}{{else}}/absent{{/if}} {{/each}}
<br/><br/>
<h2>{{l10n "Available updates"}}</h2>
{{#if availableUpdates}}
{{#each availableUpdates}}
<h3>{{title}} ({{version}})</h3>
{{#if description}}
<div>{{description}}</div>
{{/if}}
<div>
<a href="{{url}}">{{l10n "Download"}}</a>
</div>
<br/>
{{/each}} {{/each}}
{{else}}
{{l10n "There is no available updates."}}<br/><br/> <br/><br/>
<h3>{{l10n "Environment:"}}</h3>
PHP {{phpVersion}} {{#each extensions}}{{@key}}{{#if loaded}}{{#if version}}/{{version}}{{/if}}{{else}}/absent{{/if}} {{/each}}
<br/><br/>
<h2>{{l10n "Available updates"}}</h2>
{{#if availableUpdates}}
{{#each availableUpdates}}
<h3>{{title}} ({{version}})</h3>
{{#if description}}
<div>{{description}}</div>
{{/if}}
<div>
<a href="{{url}}">{{l10n "Download"}}</a>
</div>
<br/>
{{/each}}
{{else}}
{{l10n "There is no available updates."}}<br/><br/>
{{/if}}
<a href="{{route "update_check"}}">{{l10n "Check for available updates"}}</a>
{{/if}} {{/if}}
<a href="{{route "update_check"}}">{{l10n "Check for available updates"}}</a>
</div> </div>
<div class="form-footer"> <div class="form-footer">

20
src/mibew/styles/pages/default/templates_src/server_side/index.handlebars
View File

@ -65,17 +65,17 @@
</div> </div>
{{/if}} {{/if}}
<div class="dashboard-item">
<div class="dashboard-item-content">
<img src="{{asset "@CurrentStyle/images/dash/canned.png"}}" alt=""/>
<a href="{{route "canned_messages"}}">
{{l10n "Canned Messages"}}
</a>
{{l10n "Edit messages that you frequently type into the chat."}}
</div>
</div>
{{#if showadmin}} {{#if showadmin}}
<div class="dashboard-item">
<div class="dashboard-item-content">
<img src="{{asset "@CurrentStyle/images/dash/canned.png"}}" alt=""/>
<a href="{{route "canned_messages"}}">
{{l10n "Canned Messages"}}
</a>
{{l10n "Edit messages that you frequently type into the chat."}}
</div>
</div>
<div class="dashboard-item"> <div class="dashboard-item">
<div class="dashboard-item-content"> <div class="dashboard-item-content">
<img src="{{asset "@CurrentStyle/images/dash/wizard.png"}}" alt=""/> <img src="{{asset "@CurrentStyle/images/dash/wizard.png"}}" alt=""/>