Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IBX-6592: Allowed Location to be a part of permission check for Object State assignment #2112

Closed
wants to merge 3 commits into from
Closed

IBX-6592: Allowed Location to be a part of permission check for Object State assignment #2112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
06860b6
IBX-6592: Allowed `Location` to be a part of permission check for Obj…
barw4 Nov 7, 2023
e47a001
IBX-6592: CS
barw4 Nov 8, 2023
7e135a6
IBX-6592: Refactored solution to base Object State on Location instea…
barw4 Nov 8, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 15 additions & 14 deletions src/bundle/Controller/ObjectStateController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@

use eZ\Publish\API\Repository\ObjectStateService;
use eZ\Publish\API\Repository\PermissionResolver;
use eZ\Publish\API\Repository\Values\Content\ContentInfo;
use eZ\Publish\API\Repository\Values\Content\Location;
use eZ\Publish\API\Repository\Values\ObjectState\ObjectState;
use eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup;
use eZ\Publish\Core\MVC\ConfigResolverInterface;
Expand Down Expand Up @@ -296,18 +296,12 @@ public function updateAction(Request $request, ObjectState $objectState): Respon
}

/**
* @param \Symfony\Component\HttpFoundation\Request $request
* @param \eZ\Publish\API\Repository\Values\Content\ContentInfo $contentInfo
* @param \eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup $objectStateGroup
*
* @return \Symfony\Component\HttpFoundation\Response
*
* @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException
*/
public function updateContentStateAction(
Request $request,
ContentInfo $contentInfo,
ObjectStateGroup $objectStateGroup
ObjectStateGroup $objectStateGroup,
Location $location
): Response {
if (!$this->permissionResolver->hasAccess('state', 'assign')) {
$exception = $this->createAccessDeniedException();
Expand All @@ -319,16 +313,23 @@ public function updateContentStateAction(

$form = $this->formFactory->create(
ContentObjectStateUpdateType::class,
new ContentObjectStateUpdateData($contentInfo, $objectStateGroup)
new ContentObjectStateUpdateData($objectStateGroup, null, $location)
);
$form->handleRequest($request);

$contentInfo = $location->getContentInfo();

if ($form->isSubmitted()) {
$result = $this->submitHandler->handle($form, function (ContentObjectStateUpdateData $data) {
$contentInfo = $data->getContentInfo();
$location = $data->getLocation();
$objectStateGroup = $data->getObjectStateGroup();
$objectState = $data->getObjectState();
$this->objectStateService->setContentState($contentInfo, $objectStateGroup, $objectState);
$this->objectStateService->setContentState(
$location->getContentInfo(),
$objectStateGroup,
$objectState,
$location
);

$this->notificationHandler->success(
/** @Desc("Content item's Object state changed to '%name%'.") */
Expand All @@ -344,8 +345,8 @@ public function updateContentStateAction(
}

return $this->redirectToRoute('_ez_content_view', [
'contentId' => $contentInfo->id,
'locationId' => $contentInfo->mainLocationId,
'contentId' => $contentInfo->getId(),
'locationId' => $contentInfo->getMainLocationId(),
'_fragment' => 'ez-tab-location-view-details',
]);
}
Expand Down
2 changes: 1 addition & 1 deletion src/bundle/Resources/config/routing.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -821,7 +821,7 @@ ezplatform.object_state.state.bulk_delete:
_controller: 'EzSystems\EzPlatformAdminUiBundle\Controller\ObjectStateController::bulkDeleteAction'

ezplatform.object_state.contentstate.update:
path: /state/contentstate/update/{contentInfoId}/group/{objectStateGroupId}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that's a bc break, I guess we should create new route and deprecate that one.

path: /state/contentstate/update/{locationId}/group/{objectStateGroupId}
defaults:
_controller: 'EzSystems\EzPlatformAdminUiBundle\Controller\ObjectStateController::updateContentStateAction'

Expand Down
5 changes: 2 additions & 3 deletions src/bundle/Resources/views/themes/admin/content/tab/details.html.twig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -124,12 +124,11 @@
{{ form_start(form_state_update[object_state.objectStateGroup.id], {
'method': 'POST',
'action': path('ezplatform.object_state.contentstate.update', {
'contentInfoId': content_info.id,
'objectStateGroupId': object_state.objectStateGroup.id
'objectStateGroupId': object_state.objectStateGroup.id,
'locationId': location.id,
}),
'attr': {'class': 'form-inline ez-form-inline ez-form-inline--align-left'}
}) }}
{{ form_row(form_state_update[object_state.objectStateGroup.id].contentInfo) }}
{{ form_row(form_state_update[object_state.objectStateGroup.id].objectStateGroup) }}
{{ form_row(form_state_update[object_state.objectStateGroup.id].objectState, { 'attr': {'class': 'ez-form-autosubmit'} }) }}
{% do form_state_update[object_state.objectStateGroup.id].set.setRendered %}
Expand Down
67 changes: 19 additions & 48 deletions src/lib/Form/Data/ObjectState/ContentObjectStateUpdateData.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,87 +8,58 @@

namespace EzSystems\EzPlatformAdminUi\Form\Data\ObjectState;

use eZ\Publish\API\Repository\Values\Content\ContentInfo;
use eZ\Publish\API\Repository\Values\Content\Location;
use eZ\Publish\API\Repository\Values\ObjectState\ObjectState;
use eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup;

class ContentObjectStateUpdateData
{
/**
* @var \eZ\Publish\API\Repository\Values\Content\ContentInfo
*/
private $contentInfo;

/**
* @var \eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup
*/
/** @var \eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup|null */
private $objectStateGroup;

/**
* @var \eZ\Publish\API\Repository\Values\ObjectState\ObjectState
*/
/** @var \eZ\Publish\API\Repository\Values\ObjectState\ObjectState|null */
private $objectState;

/**
* @param \eZ\Publish\API\Repository\Values\Content\ContentInfo|null $contentInfo
* @param \eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup|null $objectStateGroup
* @param \eZ\Publish\API\Repository\Values\ObjectState\ObjectState|null $objectState
*/
/** @var \eZ\Publish\API\Repository\Values\Content\Location|null */
private $location;

public function __construct(
ContentInfo $contentInfo = null,
ObjectStateGroup $objectStateGroup = null,
ObjectState $objectState = null
ObjectState $objectState = null,
Location $location = null
) {
$this->contentInfo = $contentInfo;
$this->objectStateGroup = $objectStateGroup;
$this->objectState = $objectState;
$this->location = $location;
}

/**
* @return \eZ\Publish\API\Repository\Values\Content\ContentInfo
*/
public function getContentInfo(): ContentInfo
{
return $this->contentInfo;
}

/**
* @param \eZ\Publish\API\Repository\Values\Content\ContentInfo $contentInfo
*/
public function setContentInfo(ContentInfo $contentInfo)
{
$this->contentInfo = $contentInfo;
}

/**
* @return \eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup
*/
public function getObjectStateGroup(): ObjectStateGroup
{
return $this->objectStateGroup;
}

/**
* @param \eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup $objectStateGroup
*/
public function setObjectStateGroup(ObjectStateGroup $objectStateGroup)
{
$this->objectStateGroup = $objectStateGroup;
}

/**
* @return \eZ\Publish\API\Repository\Values\ObjectState\ObjectState|null
*/
public function getObjectState(): ?ObjectState
{
return $this->objectState;
}

/**
* @param \eZ\Publish\API\Repository\Values\ObjectState\ObjectState $objectState
*/
public function setObjectState(ObjectState $objectState)
{
$this->objectState = $objectState;
}

public function getLocation(): ?Location
{
return $this->location;
}

public function setLocation(Location $location)
{
$this->location = $location;
}
}
44 changes: 19 additions & 25 deletions src/lib/Form/Type/ObjectState/ContentObjectStateUpdateType.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
use eZ\Publish\API\Repository\PermissionResolver;
use eZ\Publish\API\Repository\Values\ObjectState\ObjectState;
use EzSystems\EzPlatformAdminUi\Form\Data\ObjectState\ContentObjectStateUpdateData;
use EzSystems\EzPlatformAdminUi\Form\Type\Content\ContentInfoType;
use EzSystems\EzPlatformAdminUi\Form\Type\Content\LocationType;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\ChoiceList\Loader\CallbackChoiceLoader;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
Expand All @@ -29,23 +29,16 @@ class ContentObjectStateUpdateType extends AbstractType
/** @var \eZ\Publish\API\Repository\PermissionResolver */
private $permissionResolver;

/**
* @param \eZ\Publish\API\Repository\ObjectStateService $objectStateService
* @param \eZ\Publish\API\Repository\PermissionResolver $permissionResolver
*/
public function __construct(ObjectStateService $objectStateService, PermissionResolver $permissionResolver)
{
$this->objectStateService = $objectStateService;
$this->permissionResolver = $permissionResolver;
}

/**
* @inheritdoc
*/
public function buildForm(FormBuilderInterface $builder, array $options)
public function buildForm(FormBuilderInterface $builder, array $options): void
{
$builder
->add('contentInfo', ContentInfoType::class, [
->add('location', LocationType::class, [
'label' => false,
])
->add('objectStateGroup', ObjectStateGroupType::class, [
Expand All @@ -59,29 +52,30 @@ public function buildForm(FormBuilderInterface $builder, array $options)
/** @var \EzSystems\EzPlatformAdminUi\Form\Data\ObjectState\ContentObjectStateUpdateData $contentObjectStateUpdateData */
$contentObjectStateUpdateData = $event->getData();
$objectStateGroup = $contentObjectStateUpdateData->getObjectStateGroup();
$contentInfo = $contentObjectStateUpdateData->getContentInfo();
$location = $contentObjectStateUpdateData->getLocation();
$form = $event->getForm();

$form->add('objectState', ObjectStateChoiceType::class, [
'label' => false,
'choice_loader' => new CallbackChoiceLoader(function () use ($objectStateGroup, $contentInfo) {
$contentState = $this->objectStateService->getContentState($contentInfo, $objectStateGroup);

return array_filter(
$this->objectStateService->loadObjectStates($objectStateGroup),
function (ObjectState $objectState) use ($contentInfo, $contentState) {
return $this->permissionResolver->canUser('state', 'assign', $contentInfo, [$objectState]);
}
);
}),
'choice_loader' => new CallbackChoiceLoader(
function () use ($objectStateGroup, $location) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
function () use ($objectStateGroup, $location) {
function () use ($objectStateGroup, $location): array {

return array_filter(
$this->objectStateService->loadObjectStates($objectStateGroup),
function (ObjectState $objectState) use ($location) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
function (ObjectState $objectState) use ($location) {
function (ObjectState $objectState) use ($location): bool {

return $this->permissionResolver->canUser(
'state',
'assign',
$location->getContentInfo(),
[$location, $objectState],
);
}
);
}),
]);
});
}

/**
* @inheritdoc
*/
public function configureOptions(OptionsResolver $resolver)
public function configureOptions(OptionsResolver $resolver): void
{
$resolver->setDefaults([
'data_class' => ContentObjectStateUpdateData::class,
Expand Down
19 changes: 12 additions & 7 deletions src/lib/Tab/LocationView/DetailsTab.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,8 @@ public function getTemplate(): string

/**
* @inheritdoc
*
* @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException
*/
public function getTemplateParameters(array $contextParameters = []): array
{
Expand All @@ -133,7 +135,7 @@ public function getTemplateParameters(array $contextParameters = []): array
]);

$this->supplySectionParameters($viewParameters, $contentInfo, $location);
$this->supplyObjectStateParameters($viewParameters, $contentInfo);
$this->supplyObjectStateParameters($viewParameters, $location);
$this->supplyTranslations($viewParameters, $versionInfo);
$this->supplyFormLocationUpdate($viewParameters, $location);
$this->supplyCreator($viewParameters, $contentInfo);
Expand Down Expand Up @@ -186,13 +188,14 @@ private function supplyLastContributor(ArrayObject $parameters, VersionInfo $ver
}

/**
* @param \ArrayObject $parameters
* @param \eZ\Publish\API\Repository\Values\Content\ContentInfo $contentInfo
* @throws \eZ\Publish\API\Repository\Exceptions\InvalidArgumentException
*/
private function supplyObjectStateParameters(ArrayObject &$parameters, ContentInfo $contentInfo): void
{
private function supplyObjectStateParameters(
ArrayObject &$parameters,
Location $location
): void {
$objectStatesDataset = $this->datasetFactory->objectStates();
$objectStatesDataset->load($contentInfo);
$objectStatesDataset->load($location);

$canAssignObjectState = $this->canUserAssignObjectState();

Expand All @@ -206,7 +209,9 @@ private function supplyObjectStateParameters(ArrayObject &$parameters, ContentIn
$objectStateUpdateForm = $this->formFactory->create(
ContentObjectStateUpdateType::class,
new ContentObjectStateUpdateData(
$contentInfo, $objectStateGroup, $objectState
$objectStateGroup,
$objectState,
$location,
)
)->createView();

Expand Down
17 changes: 4 additions & 13 deletions src/lib/UI/Dataset/ObjectStatesDataset.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
namespace EzSystems\EzPlatformAdminUi\UI\Dataset;

use eZ\Publish\API\Repository\ObjectStateService;
use eZ\Publish\API\Repository\Values\Content\ContentInfo;
use eZ\Publish\API\Repository\Values\Content\Location;
use eZ\Publish\API\Repository\Values\ObjectState\ObjectStateGroup;
use EzSystems\EzPlatformAdminUi\UI\Value as UIValue;
use EzSystems\EzPlatformAdminUi\UI\Value\ValueFactory;
Expand All @@ -25,31 +25,22 @@ class ObjectStatesDataset
/** @var UIValue\ObjectState\ObjectState[] */
protected $data;

/**
* @param \eZ\Publish\API\Repository\ObjectStateService $objectStateService
* @param \EzSystems\EzPlatformAdminUi\UI\Value\ValueFactory $valueFactory
*/
public function __construct(ObjectStateService $objectStateService, ValueFactory $valueFactory)
{
$this->objectStateService = $objectStateService;
$this->valueFactory = $valueFactory;
}

/**
* @param \eZ\Publish\API\Repository\Values\Content\ContentInfo $contentInfo
*
* @return ObjectStatesDataset
*/
public function load(ContentInfo $contentInfo): self
public function load(Location $location): self
{
$data = array_map(
function (ObjectStateGroup $objectStateGroup) use ($contentInfo) {
function (ObjectStateGroup $objectStateGroup) use ($location) {
$hasObjectStates = !empty($this->objectStateService->loadObjectStates($objectStateGroup));
if (!$hasObjectStates) {
return [];
}

return $this->valueFactory->createObjectState($contentInfo, $objectStateGroup);
return $this->valueFactory->createObjectState($objectStateGroup, $location);
},
$this->objectStateService->loadObjectStateGroups()
);
Expand Down
Loading
Loading