From 6a277a53914ea982e61d7d701f25a623fe60f0cb Mon Sep 17 00:00:00 2001 From: snipe Date: Wed, 15 Jun 2016 20:45:45 -0700 Subject: [PATCH] Added inheritance back into users/groups --- app/Helpers/Helper.php | 3 ++- app/Http/Controllers/UsersController.php | 16 ++++++++++------ app/Http/Middleware/CheckPermissions.php | 3 +++ app/Models/User.php | 24 ++++++++++++------------ resources/views/users/edit.blade.php | 19 +++++++++++++------ 5 files changed, 40 insertions(+), 25 deletions(-) diff --git a/app/Helpers/Helper.php b/app/Helpers/Helper.php index db48d35f46..f80560d4d8 100644 --- a/app/Helpers/Helper.php +++ b/app/Helpers/Helper.php @@ -373,6 +373,7 @@ class Helper public static function selectedPermissionsArray($permissions, $selected_arr = array()) { + $permissions_arr = array(); foreach ($permissions as $permission) { @@ -384,7 +385,7 @@ class Helper if ($selected_arr) { if (array_key_exists($permission_name,$selected_arr)) { - $permissions_arr[$permission_name] = ($selected_arr[$permission_name] == 1) ? '1': '0'; + $permissions_arr[$permission_name] = $selected_arr[$permission_name]; } else { $permissions_arr[$permission_name] = '0'; } diff --git a/app/Http/Controllers/UsersController.php b/app/Http/Controllers/UsersController.php index f14ed19f9f..597cbc3b30 100755 --- a/app/Http/Controllers/UsersController.php +++ b/app/Http/Controllers/UsersController.php @@ -278,7 +278,6 @@ class UsersController extends Controller return redirect()->route('users')->with('error', $error); } - $user_groups = array ($request->input('groups')); // Update the user $user->first_name = e($request->input('first_name')); $user->last_name = e($request->input('last_name')); @@ -297,11 +296,8 @@ class UsersController extends Controller $user->manager_id = e($request->input('manager_id')); $user->notes = e($request->input('notes')); $user->permissions = json_encode($request->input('permission')); - if ($request->has('groups')) { - $user->groups()->sync($request->input('groups')); - } else { - $user->groups()->sync(array()); - } + + if ($user->manager_id == "") { @@ -312,6 +308,12 @@ class UsersController extends Controller $user->location_id = null; } + if ($request->has('groups')) { + $user->groups()->sync($request->input('groups')); + } else { + $user->groups()->sync(array()); + } + // Do we want to update the user password? if (($request->has('password')) && (!config('app.lock_passwords'))) { @@ -330,6 +332,8 @@ class UsersController extends Controller // Was the user updated? if ($user->save()) { + + // Prepare the success message $success = trans('admin/users/message.success.update'); diff --git a/app/Http/Middleware/CheckPermissions.php b/app/Http/Middleware/CheckPermissions.php index 3d4b74fab9..605f8a3154 100644 --- a/app/Http/Middleware/CheckPermissions.php +++ b/app/Http/Middleware/CheckPermissions.php @@ -6,6 +6,7 @@ use Closure; use Config; use Route; use Gate; +use Log; class CheckPermissions { @@ -19,8 +20,10 @@ class CheckPermissions */ public function handle($request, Closure $next, $section = null) { + Log::debug($section .' is the section'); if (Gate::allows($section)) { + return $next($request); } diff --git a/app/Models/User.php b/app/Models/User.php index 6ab3728811..3ba643cfba 100755 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -45,7 +45,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon if ($this->isSuperUser()) { return true; } - $permitted = false; + $user_groups = $this->groups; @@ -55,19 +55,25 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon $user_permissions = json_decode($this->permissions, true); + //If the user is explicitly granted, return false if (($user_permissions!='') && ((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1')) ) { - $permitted = true; + return true; } + // If the user is explicitly denied, return false + if (($user_permissions=='') || array_key_exists($section, $user_permissions) && ($user_permissions[$section]=='-1')) { + return false; + } + + // Loop through the groups to see if any of them grant this permission foreach ($user_groups as $user_group) { $group_permissions = json_decode($user_group->permissions, true); if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) { - $permitted = true; + return true; } } - - return $permitted; + return false; } public function isSuperUser() { @@ -211,13 +217,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon */ public function groups() { - static $static_cache = null; - - if (!$static_cache) { - $static_cache = $this->belongsToMany('\App\Models\Group', 'users_groups'); - } - return $static_cache; - //return $this->belongsToMany('\App\Models\Group', 'users_groups'); + return $this->belongsToMany('\App\Models\Group', 'users_groups'); } diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php index c9bb68b246..9615ba94d2 100755 --- a/resources/views/users/edit.blade.php +++ b/resources/views/users/edit.blade.php @@ -30,7 +30,9 @@ input[type='text'][disabled], input[disabled], textarea[disabled], input[readonl color: #555555; cursor:text; } - +.radio-padding { + padding-left: 50px; +}
@@ -242,7 +244,7 @@ input[type='text'][disabled], input[disabled], textarea[disabled], input[readonl
-
+
@@ -251,7 +253,7 @@ input[type='text'][disabled], input[disabled], textarea[disabled], input[readonl
-
+
@@ -295,6 +297,7 @@ input[type='text'][disabled], input[disabled], textarea[disabled], input[readonl
+ @foreach ($permissions as $area => $permission) @for ($i = 0; $i < count($permission); $i++) @@ -308,14 +311,18 @@ input[type='text'][disabled], input[disabled], textarea[disabled], input[readonl
- + + +
@endif