[Bps-public-commit] rt-extension-formtools branch dynamic-forms-from-config updated. 0.53-65-g5de9b38

BPS Git Server git at git.bestpractical.com
Fri Oct 27 20:08:30 UTC 2023


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt-extension-formtools".

The branch, dynamic-forms-from-config has been updated
       via  5de9b38f31ce3e23e80976bd6895f8ef62d4d623 (commit)
      from  adda559a8036236d8743c1c86b1d5a84ab144219 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 5de9b38f31ce3e23e80976bd6895f8ef62d4d623
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Fri Oct 27 15:15:43 2023 -0400

    Add ShowForm right to control the visibility of forms

diff --git a/html/Admin/FormTools/GroupRights.html b/html/Admin/FormTools/GroupRights.html
new file mode 100644
index 0000000..791ffd0
--- /dev/null
+++ b/html/Admin/FormTools/GroupRights.html
@@ -0,0 +1,37 @@
+<& /Admin/Elements/Header, Title => $title &>
+<& /Elements/Tabs &>
+<& /Elements/ListActions, actions => \@results &>
+
+<form method="post" action="GroupRights.html" id="ModifyGroupRights" name="ModifyGroupRights">
+  <input type="hidden" class="hidden" name="id" value="<% $form_attribute->id %>" />
+
+  <& /Admin/Elements/EditRights, Context => $form_attribute, Principals => \@principals &>
+  <div class="form-row">
+    <div class="col-12">
+      <& /Elements/Submit, Label => loc('Save Changes') &>
+    </div>
+  </div>
+</form>
+
+<%INIT>
+
+Abort("No form id found") unless $id;
+
+my $form_attribute = RT::Attribute->new($session{'CurrentUser'});
+my ($ok, $msg) = $form_attribute->Load($id);
+
+unless ( $ok ) {
+    Abort("Unable to load form with id $id");
+}
+
+my @results = ProcessACLs( \%ARGS );
+
+my $title = loc('Modify group rights for Form [_1]', $form_attribute->Description);
+
+# Principal collections
+my @principals = GetPrincipalsMap($form_attribute, qw(System Groups));
+</%INIT>
+
+<%ARGS>
+$id => undef
+</%ARGS>
diff --git a/html/Admin/FormTools/UserRights.html b/html/Admin/FormTools/UserRights.html
new file mode 100644
index 0000000..9447913
--- /dev/null
+++ b/html/Admin/FormTools/UserRights.html
@@ -0,0 +1,37 @@
+<& /Admin/Elements/Header, Title => $title &>
+<& /Elements/Tabs &>
+<& /Elements/ListActions, actions => \@results &>
+
+<form method="post" action="UserRights.html" id="ModifyUserRights" name="ModifyUserRights">
+  <input type="hidden" class="hidden" name="id" value="<% $form_attribute->id %>" />
+
+  <& /Admin/Elements/EditRights, Context => $form_attribute, Principals => \@principals &>
+  <div class="form-row">
+    <div class="col-12">
+      <& /Elements/Submit, Label => loc('Save Changes') &>
+    </div>
+  </div>
+</form>
+
+<%INIT>
+
+Abort("No form id found") unless $id;
+
+my $form_attribute = RT::Attribute->new($session{'CurrentUser'});
+my ($ok, $msg) = $form_attribute->Load($id);
+
+unless ( $ok ) {
+    Abort("Unable to load form with id $id");
+}
+
+my @results = ProcessACLs( \%ARGS );
+
+my $title = loc('Modify user rights for Form [_1]', $form_attribute->Description);
+
+# Principal collections
+my @principals = GetPrincipalsMap($form_attribute, qw(Users));
+</%INIT>
+
+<%ARGS>
+$id => undef
+</%ARGS>
diff --git a/html/Callbacks/FormTools/Elements/Tabs/Privileged b/html/Callbacks/FormTools/Elements/Tabs/Privileged
index 8074fd6..0445206 100644
--- a/html/Callbacks/FormTools/Elements/Tabs/Privileged
+++ b/html/Callbacks/FormTools/Elements/Tabs/Privileged
@@ -29,6 +29,8 @@ if ( $m->request_path =~ m{^/Admin/FormTools/} ) {
         $page->child( modify => title => loc('Modify'), path => "/Admin/FormTools/Modify.html?id=" . $id );
         $page->child( description => title => loc('Description'), path => "/Admin/FormTools/Describe.html?id=" . $id );
         $page->child( advanced => title => loc('Advanced'), path => "/Admin/FormTools/Advanced.html?id=" . $id );
+        $page->child( 'group-rights' => title => loc('Group Rights'), path => "/Admin/FormTools/GroupRights.html?id=" . $id );
+        $page->child( 'user-rights' => title => loc('User Rights'), path => "/Admin/FormTools/UserRights.html?id=" . $id );
     }
 }
 
diff --git a/html/Elements/Forms/ListForms b/html/Elements/Forms/ListForms
index c7afbfd..6f7b919 100644
--- a/html/Elements/Forms/ListForms
+++ b/html/Elements/Forms/ListForms
@@ -1,6 +1,7 @@
 <&|/Widgets/TitleBox, title => '', class => 'container formtools-form-list ml-auto mr-auto' &>
 % my $item_number = 1;
 % while ( my $form_attribute = $forms->Next ) {
+%    next unless $form_attribute->CurrentUserCanSee;
 %    my $form = $form_attribute->Content;
 %    next if $form->{disabled};
 <div class="row mt-3 mb-3">
@@ -18,7 +19,7 @@
 % }
 </&>
 <%init>
-my $forms = RT::Attributes->new( RT->SystemUser );
+my $forms = RT::Attributes->new( $session{CurrentUser} );
 $forms->Limit( FIELD => 'Name', VALUE => 'FormTools Form' );
 
 my $SelfServicePath = '/SelfService';
diff --git a/html/Forms/dhandler b/html/Forms/dhandler
index 9a73a1d..ddf363c 100644
--- a/html/Forms/dhandler
+++ b/html/Forms/dhandler
@@ -63,11 +63,12 @@ if ( $page_name ) {
 
 # Load FormTools configration and look for a configured
 # form with the provided name.
-my $form_attribute = RT::Attribute->new( RT->SystemUser );
+my $form_attribute = RT::Attribute->new( $session{CurrentUser} );
 $form_attribute->LoadByCols( Name => 'FormTools Form', Description => $form_name );
 my $form_config;
 
 if ( $form_attribute->Id ) {
+    Abort( loc("Permission Denied") ) unless $form_attribute->CurrentUserCanSee;
     $form_config = $form_attribute->Content;
 }
 else {
diff --git a/lib/RT/Extension/FormTools.pm b/lib/RT/Extension/FormTools.pm
index 238ed56..4010f68 100644
--- a/lib/RT/Extension/FormTools.pm
+++ b/lib/RT/Extension/FormTools.pm
@@ -49,6 +49,47 @@ sub _GeneratePageId {
     return substr( sha1_hex( time . int rand 10000 ), 0, 8 );
 }
 
+{
+    package RT::Attribute;
+    no warnings 'redefine';
+    use Role::Basic 'with';
+    with "RT::Record::Role::Rights";
+
+    my $orig_available_rights = RT::Attribute->can('AvailableRights');
+    *AvailableRights = sub {
+        my $self = shift;
+
+        if ( $self->__Value('Name') eq 'FormTools Form' ) {
+            return { ShowForm => 'View forms' };
+        }
+        return $orig_available_rights->($self, @_);
+    };
+
+    my $orig_right_categories = RT::Attribute->can('RightCategories');
+    *RightCategories = sub {
+        my $self = shift;
+
+        if ( $self->__Value('Name') eq 'FormTools Form' ) {
+            return { ShowForm => 'General' };
+        }
+        return $orig_right_categories->($self, @_);
+    };
+
+    my $orig_current_user_has_right = RT::Attribute->can('CurrentUserHasRight');
+    *CurrentUserHasRight = sub {
+        my $self  = shift;
+        my $right = shift;
+        if ( $self->__Value('Name') eq 'FormTools Form' ) {
+            return 1 if $self->CurrentUser->HasRight( Object => RT->System, Right => 'AdminForm' );
+            $right = 'ShowForm' if $right eq 'display';
+            return $self->CurrentUser->HasRight( Object => $self, Right => $right );
+        }
+        return $orig_current_user_has_right->( $self, $right, @_ );
+    };
+
+    RT::Attribute->AddRight( General => ShowForm => 'View forms' ); # loc
+}
+
 =head1 NAME
 
 RT-Extension-FormTools - Help write multi-page ticket creation wizards

-----------------------------------------------------------------------

Summary of changes:
 html/Admin/FormTools/GroupRights.html             | 37 ++++++++++++++++++++
 html/Admin/FormTools/UserRights.html              | 37 ++++++++++++++++++++
 html/Callbacks/FormTools/Elements/Tabs/Privileged |  2 ++
 html/Elements/Forms/ListForms                     |  3 +-
 html/Forms/dhandler                               |  3 +-
 lib/RT/Extension/FormTools.pm                     | 41 +++++++++++++++++++++++
 6 files changed, 121 insertions(+), 2 deletions(-)
 create mode 100644 html/Admin/FormTools/GroupRights.html
 create mode 100644 html/Admin/FormTools/UserRights.html


hooks/post-receive
-- 
rt-extension-formtools


More information about the Bps-public-commit mailing list