Alex/freescout
1
0
Fork 0
mirror of https://github.com/freescout-helpdesk/freescout.git synced 2024-11-23 19:02:46 +01:00
Code Issues Releases Wiki Activity

User Permissions per User - closes #741

Browse Source
This commit is contained in:
FreeScout 2020-12-22 10:06:35 -08:00
parent ae602a2f6f
commit 2f14216e49
6 changed files with 129 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/SettingsController.php
View File

@ -175,7 +175,7 @@ class SettingsController extends Controller
$settings = [
'company_name' => Option::get('company_name', \Config::get('app.name')),
'next_ticket' => (Option::get('next_ticket') >= Conversation::max('number') + 1) ? Option::get('next_ticket') : Conversation::max('number') + 1,
'user_permissions' => User::getUserPermissions(),
'user_permissions' => User::getGlobalUserPermissions(),
'email_branding' => Option::get('email_branding'),
'open_tracking' => Option::get('open_tracking'),
'email_conv_history' => config('app.email_conv_history'),

15
app/Http/Controllers/UsersController.php
View File

@ -263,6 +263,21 @@ class UsersController extends Controller
$user->mailboxes()->sync($request->mailboxes);
$user->syncPersonalFolders($request->mailboxes);
// Save permissions.
$user_permissions = $request->user_permissions ?? [];
$permissions = [];
foreach (User::getUserPermissionsList() as $permission_id) {
$new_has_permission = in_array($permission_id, $user_permissions);
if ($user->hasPermission($permission_id, false) != $new_has_permission) {
$permissions[$permission_id] = (int)(bool)$new_has_permission;
$save_user = true;
}
}
$user->permissions = $permissions;
$user->save();
\Session::flash('flash_success_floating', __('Permissions saved successfully'));
return redirect()->route('users.permissions', ['id' => $id]);

33
app/User.php
View File

@ -111,6 +111,10 @@ class User extends Authenticatable
*/
protected $fillable = ['role', 'status', 'first_name', 'last_name', 'email', 'password', 'role', 'timezone', 'photo_url', 'type', 'emails', 'job_title', 'phone', 'time_format', 'enable_kb_shortcuts', 'locale'];
protected $casts = [
'permissions' => 'array',
];
/**
* For array_unique function.
*
@ -551,7 +555,7 @@ class User extends Authenticatable
if (!empty($user_permission_names[$user_permission])) {
return $user_permission_names[$user_permission];
} else {
return \Event::fire('filter.user_permission_name', [$user_permission]);
return \Eventy::filter('user_permissions.name', '', $user_permission);
}
}
@ -803,18 +807,26 @@ class User extends Authenticatable
$this->photo_url = '';
}
public function hasPermission($permission)
public function hasPermission($permission, $check_own_permissions = true)
{
$permissions = self::getUserPermissions();
$has_permission = false;
if (!empty($permissions) && is_array($permissions) && in_array($permission, $permissions)) {
return true;
} else {
return false;
$global_permissions = self::getGlobalUserPermissions();
if (!empty($global_permissions) && is_array($global_permissions) && in_array($permission, $global_permissions)) {
$has_permission = true;
}
if ($check_own_permissions && !empty($this->permissions)) {
if (isset($this->permissions[$permission])) {
$has_permission = (bool)$this->permissions[$permission];
}
}
return $has_permission;
}
public static function getUserPermissions()
public static function getGlobalUserPermissions()
{
$permissions = [];
$permissions_json = config('app.user_permissions');
@ -1001,4 +1013,9 @@ class User extends Authenticatable
return $users;
}
public static function getUserPermissionsList()
{
return \Eventy::filter('user_permissions.list', self::$user_permissions);
}
}

32
database/migrations/2020_12_22_080000_add_permissions_column_to_users_table.php Normal file
View File

@ -0,0 +1,32 @@
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class AddPermissionsColumnToUsersTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->text('permissions')->nullable();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn('permissions');
});
}
}

2
resources/views/settings/general.blade.php
View File

@ -29,7 +29,7 @@
<label for="email" class="col-sm-2 control-label">{{ __('User Permissions') }}</label>
<div class="col-sm-6">
@foreach (App\User::$user_permissions as $permission_id)
@foreach (App\User::getUserPermissionsList() as $permission_id)
<div class="control-group">
<label class="checkbox" for="user_permission_{{ $permission_id }}">
<input type="checkbox" name="settings[user_permissions][]" value="{{ $permission_id }}" id="user_permission_{{ $permission_id }}" @if (in_array($permission_id, old('settings[user_permissions]', $settings['user_permissions']))) checked="checked" @endif> {{ App\User::getUserPermissionName($permission_id) }}

78
resources/views/users/permissions.blade.php
View File

@ -14,37 +14,69 @@
@include('partials/flash_messages')
<div class="row-container">
<div class="container form-container">
<div class="row">
<div class="col-xs-12">
<h3> {{ __(':first_name has access to the selected mailboxes:', ['first_name' => $user->first_name]) }}</h3>
</div>
<div class="col-xs-12">
<form method="POST" action="">
{{ csrf_field() }}
<p><a href="javascript:void(0)" class="sel-all">{{ __('all') }}</a> / <a href="javascript:void(0)" class="sel-none">{{ __('none') }}</a></p>
<form method="POST" action="">
<fieldset id="permissions-fields">
@foreach ($mailboxes as $mailbox)
<div class="control-group">
<div class="controls">
<label class="control-label checkbox" for="mailbox-{{ $mailbox->id }}">
<input type="checkbox" name="mailboxes[]" id="mailbox-{{ $mailbox->id }}" value="{{ $mailbox->id }}" @if ($user_mailboxes->contains($mailbox)) checked="checked" @endif> {{ $mailbox->name }}
</label>
{{ csrf_field() }}
@if (count($mailboxes))
<div class="col-xs-12">
<h3> {{ __(':first_name has access to the selected mailboxes:', ['first_name' => $user->first_name]) }}</h3>
</div>
<div class="col-xs-12">
<p><a href="javascript:void(0)" class="sel-all">{{ __('all') }}</a> / <a href="javascript:void(0)" class="sel-none">{{ __('none') }}</a></p>
<fieldset id="permissions-fields">
@foreach ($mailboxes as $mailbox)
<div class="control-group">
<div class="controls">
<label class="control-label checkbox" for="mailbox-{{ $mailbox->id }}">
<input type="checkbox" name="mailboxes[]" id="mailbox-{{ $mailbox->id }}" value="{{ $mailbox->id }}" @if ($user_mailboxes->contains($mailbox)) checked="checked" @endif> {{ $mailbox->name }}
</label>
</div>
</div>
@endforeach
</fieldset>
@if ($user->isAdmin())
<div class="form-group margin-top">
<button type="submit" class="btn btn-primary">
{{ __('Save Permissions') }}
</button>
</div>
@endif
</div>
@endif
@if (!$user->isAdmin())
<div class="col-xs-12 margin-top">
<h3> {{ __('User Permissions') }}</h3>
</div>
<div class="col-xs-12">
@foreach (App\User::getUserPermissionsList() as $permission_id)
<div class="control-group">
<label class="checkbox" for="user_permission_{{ $permission_id }}">
<input type="checkbox" name="user_permissions[]" value="{{ $permission_id }}" id="user_permission_{{ $permission_id }}" @if ($user->hasPermission($permission_id)) checked="checked" @endif> @if ($user->hasPermission($permission_id, false) != $user->hasPermission($permission_id)) <span style="font-weight:bold">@else<span>@endif{{ App\User::getUserPermissionName($permission_id) }}</span>
</label>
</div>
@endforeach
</fieldset>
<div class="form-group margin-top">
<div class="form-group margin-top">
<button type="submit" class="btn btn-primary">
{{ __('Save Permissions') }}
</button>
<button type="submit" class="btn btn-primary">
{{ __('Save Permissions') }}
</button>
</div>
</div>
</form>
</div>
@endif
</form>
</div>
</div>
@endsection