Merge pull request #219 from Mibew/new_perms

New permissions
This commit is contained in:
Fedor A. Fetisov 2018-01-16 18:33:46 +03:00 committed by GitHub
commit 324a85fb7f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 82 additions and 60 deletions

View File

@ -187,21 +187,24 @@ canned_message_add:
path: /operator/canned-message/add
defaults:
_controller: Mibew\Controller\CannedMessageController::showEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck
_access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
methods: [GET]
canned_message_add_save:
path: /operator/canned-message/add
defaults:
_controller: Mibew\Controller\CannedMessageController::submitEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck
_access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
methods: [POST]
canned_message_delete:
path: /operator/canned-message/{message_id}/delete
defaults:
_controller: Mibew\Controller\CannedMessageController::deleteAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck
_access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
requirements:
message_id: \d{1,10}
@ -209,7 +212,8 @@ canned_message_edit:
path: /operator/canned-message/{message_id}/edit
defaults:
_controller: Mibew\Controller\CannedMessageController::showEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck
_access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
requirements:
message_id: \d{1,10}
methods: [GET]
@ -218,7 +222,8 @@ canned_message_edit_save:
path: /operator/canned-message/{message_id}/edit
defaults:
_controller: Mibew\Controller\CannedMessageController::submitEditFormAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck
_access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
requirements:
message_id: \d{1,10}
methods: [POST]
@ -227,7 +232,8 @@ canned_messages:
path: /operator/canned-message
defaults:
_controller: Mibew\Controller\CannedMessageController::indexAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck
_access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_ADMINISTRATE]
## Groups
group_add:
@ -679,7 +685,8 @@ statistics:
defaults:
type: "by-date"
_controller: Mibew\Controller\StatisticsController::indexAction
_access_check: Mibew\AccessControl\Check\LoggedInCheck
_access_check: Mibew\AccessControl\Check\PermissionsCheck
_access_permissions: [CAN_VIEWSTATISTICS]
requirements:
type: by-date|by-operator|by-page

View File

@ -69,7 +69,7 @@ class PermissionsCheck extends LoggedInCheck
*
* @param string $permission_name Name of permission. Can be one of
* "CAN_ADMINISTRATE", "CAN_TAKEOVER", "CAN_VIEWTHREADS",
* "CAN_MODIFYPROFILE".
* "CAN_MODIFYPROFILE", "CAN_VIEWSTATISTICS".
* @return int Permission code.
* @throws \InvalidArgumentException
*/
@ -88,6 +88,9 @@ class PermissionsCheck extends LoggedInCheck
case 'CAN_MODIFYPROFILE':
$permission_code = CAN_MODIFYPROFILE;
break;
case 'CAN_VIEWSTATISTICS':
$permission_code = CAN_VIEWSTATISTICS;
break;
default:
throw new \InvalidArgumentException(sprintf('Unknown permission "%s".', $permission_name));
}

View File

@ -35,8 +35,10 @@ class AboutController extends AbstractController
*/
public function indexAction(Request $request)
{
$operator = $this->getOperator();
$page = array_merge(
array(
'showSystemInfo' => is_capable(CAN_ADMINISTRATE, $operator),
'localizations' => get_available_locales(),
'phpVersion' => phpversion(),
'extensions' => $this->getExtensionsInfo(),
@ -45,7 +47,7 @@ class AboutController extends AbstractController
'menuid' => 'about',
'availableUpdates' => $this->getAvailableUpdates(),
),
prepare_menu($this->getOperator())
prepare_menu($operator)
);
return $this->render('about', $page);

View File

@ -51,6 +51,12 @@ define('CAN_VIEWTHREADS', 2);
*/
define('CAN_MODIFYPROFILE', 3);
/**
* Operator can view system statistics
*/
define('CAN_VIEWSTATISTICS', 4);
/** End of permissions constants */
/**
@ -62,6 +68,7 @@ function permission_ids()
{
return array(
CAN_ADMINISTRATE => "admin",
CAN_VIEWSTATISTICS => "statistics",
CAN_TAKEOVER => "takeover",
CAN_VIEWTHREADS => "viewthreads",
CAN_MODIFYPROFILE => "modifyprofile",
@ -80,6 +87,7 @@ function permission_descriptions()
{
return array(
CAN_ADMINISTRATE => getlocal('System administration: settings, operators management, button generation'),
CAN_VIEWSTATISTICS => getlocal('Ability to view system statistics'),
CAN_TAKEOVER => getlocal('Take over chat thread'),
CAN_VIEWTHREADS => getlocal('View another operator\'s chat thread'),
CAN_MODIFYPROFILE => getlocal('Ability to modify profile'),
@ -693,7 +701,7 @@ function prepare_menu($operator, $has_right = true)
$result['isOnline'] = is_operator_online($operator['operatorid']);
if ($has_right) {
$result['showban'] = Settings::get('enableban') == "1";
$result['showstat'] = Settings::get('enablestatistics') == "1";
$result['showstat'] = is_capable(CAN_VIEWSTATISTICS, $operator) && (Settings::get('enablestatistics') == "1");
$result['showadmin'] = is_capable(CAN_ADMINISTRATE, $operator);
$result['currentopid'] = $operator['operatorid'];
}

View File

@ -22,11 +22,11 @@
{{/if}}
</ul>
</li>
{{#if showadmin}}
<li>
<h2>{{l10n "Administration"}}</h2>
<ul class="submenu">
<li{{#ifEqual menuid "canned"}} class="active"{{/ifEqual}}><a href="{{route "canned_messages"}}">{{l10n "Canned Messages"}}</a></li>
{{#if showadmin}}
<li{{#ifEqual menuid "getcode"}} class="active"{{/ifEqual}}><a href="{{route "button_code"}}">{{l10n "Button code"}}</a></li>
<li{{#ifEqual menuid "operators"}} class="active"{{/ifEqual}}><a href="{{route "operators"}}">{{l10n "Operators"}}</a></li>
<li{{#ifEqual menuid "groups"}} class="active"{{/ifEqual}}><a href="{{route "groups"}}">{{l10n "Groups"}}</a></li>
@ -35,9 +35,9 @@
<li{{#ifEqual menuid "styles"}} class="active"{{/ifEqual}}><a href="{{route "style_preview" type="page"}}">{{l10n "Styles"}}</a></li>
<li{{#ifEqual menuid "translation"}} class="active"{{/ifEqual}}><a href="{{route "translations"}}">{{l10n "Localize"}}</a></li>
<li{{#ifEqual menuid "mail_templates"}} class="active"{{/ifEqual}}><a href="{{route "mail_templates"}}">{{l10n "Mail templates"}}</a></li>
{{/if}}
</ul>
</li>
{{/if}}
<li>
<h2>{{l10n "Other"}}</h2>
<ul class="submenu">

View File

@ -14,6 +14,7 @@
<p>{{{l10n "Copyright &copy; {0} Contributors of the Mibew Messenger project." "2005-2017"}}}</p>
<p>{{{l10n "For more information visit the official site of the project: <a href=\"https://mibew.org/\">https://mibew.org/</a>"}}}</p>
{{#if showSystemInfo}}
<br/><br/>
<h2>{{l10n "System information"}}</h2>
@ -51,6 +52,7 @@
{{l10n "There is no available updates."}}<br/><br/>
{{/if}}
<a href="{{route "update_check"}}">{{l10n "Check for available updates"}}</a>
{{/if}}
</div>
<div class="form-footer">

View File

@ -65,6 +65,7 @@
</div>
{{/if}}
{{#if showadmin}}
<div class="dashboard-item">
<div class="dashboard-item-content">
<img src="{{asset "@CurrentStyle/images/dash/canned.png"}}" alt=""/>
@ -75,7 +76,6 @@
</div>
</div>
{{#if showadmin}}
<div class="dashboard-item">
<div class="dashboard-item-content">
<img src="{{asset "@CurrentStyle/images/dash/wizard.png"}}" alt=""/>