[Bps-public-commit] rt-extension-formtools branch dynamic-forms-from-config updated. 0.53-65-g5de9b38
BPS Git Server
git at git.bestpractical.com
Fri Oct 27 20:08:30 UTC 2023
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt-extension-formtools".
The branch, dynamic-forms-from-config has been updated
via 5de9b38f31ce3e23e80976bd6895f8ef62d4d623 (commit)
from adda559a8036236d8743c1c86b1d5a84ab144219 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5de9b38f31ce3e23e80976bd6895f8ef62d4d623
Author: sunnavy <sunnavy at bestpractical.com>
Date: Fri Oct 27 15:15:43 2023 -0400
Add ShowForm right to control the visibility of forms
diff --git a/html/Admin/FormTools/GroupRights.html b/html/Admin/FormTools/GroupRights.html
new file mode 100644
index 0000000..791ffd0
--- /dev/null
+++ b/html/Admin/FormTools/GroupRights.html
@@ -0,0 +1,37 @@
+<& /Admin/Elements/Header, Title => $title &>
+<& /Elements/Tabs &>
+<& /Elements/ListActions, actions => \@results &>
+
+<form method="post" action="GroupRights.html" id="ModifyGroupRights" name="ModifyGroupRights">
+ <input type="hidden" class="hidden" name="id" value="<% $form_attribute->id %>" />
+
+ <& /Admin/Elements/EditRights, Context => $form_attribute, Principals => \@principals &>
+ <div class="form-row">
+ <div class="col-12">
+ <& /Elements/Submit, Label => loc('Save Changes') &>
+ </div>
+ </div>
+</form>
+
+<%INIT>
+
+Abort("No form id found") unless $id;
+
+my $form_attribute = RT::Attribute->new($session{'CurrentUser'});
+my ($ok, $msg) = $form_attribute->Load($id);
+
+unless ( $ok ) {
+ Abort("Unable to load form with id $id");
+}
+
+my @results = ProcessACLs( \%ARGS );
+
+my $title = loc('Modify group rights for Form [_1]', $form_attribute->Description);
+
+# Principal collections
+my @principals = GetPrincipalsMap($form_attribute, qw(System Groups));
+</%INIT>
+
+<%ARGS>
+$id => undef
+</%ARGS>
diff --git a/html/Admin/FormTools/UserRights.html b/html/Admin/FormTools/UserRights.html
new file mode 100644
index 0000000..9447913
--- /dev/null
+++ b/html/Admin/FormTools/UserRights.html
@@ -0,0 +1,37 @@
+<& /Admin/Elements/Header, Title => $title &>
+<& /Elements/Tabs &>
+<& /Elements/ListActions, actions => \@results &>
+
+<form method="post" action="UserRights.html" id="ModifyUserRights" name="ModifyUserRights">
+ <input type="hidden" class="hidden" name="id" value="<% $form_attribute->id %>" />
+
+ <& /Admin/Elements/EditRights, Context => $form_attribute, Principals => \@principals &>
+ <div class="form-row">
+ <div class="col-12">
+ <& /Elements/Submit, Label => loc('Save Changes') &>
+ </div>
+ </div>
+</form>
+
+<%INIT>
+
+Abort("No form id found") unless $id;
+
+my $form_attribute = RT::Attribute->new($session{'CurrentUser'});
+my ($ok, $msg) = $form_attribute->Load($id);
+
+unless ( $ok ) {
+ Abort("Unable to load form with id $id");
+}
+
+my @results = ProcessACLs( \%ARGS );
+
+my $title = loc('Modify user rights for Form [_1]', $form_attribute->Description);
+
+# Principal collections
+my @principals = GetPrincipalsMap($form_attribute, qw(Users));
+</%INIT>
+
+<%ARGS>
+$id => undef
+</%ARGS>
diff --git a/html/Callbacks/FormTools/Elements/Tabs/Privileged b/html/Callbacks/FormTools/Elements/Tabs/Privileged
index 8074fd6..0445206 100644
--- a/html/Callbacks/FormTools/Elements/Tabs/Privileged
+++ b/html/Callbacks/FormTools/Elements/Tabs/Privileged
@@ -29,6 +29,8 @@ if ( $m->request_path =~ m{^/Admin/FormTools/} ) {
$page->child( modify => title => loc('Modify'), path => "/Admin/FormTools/Modify.html?id=" . $id );
$page->child( description => title => loc('Description'), path => "/Admin/FormTools/Describe.html?id=" . $id );
$page->child( advanced => title => loc('Advanced'), path => "/Admin/FormTools/Advanced.html?id=" . $id );
+ $page->child( 'group-rights' => title => loc('Group Rights'), path => "/Admin/FormTools/GroupRights.html?id=" . $id );
+ $page->child( 'user-rights' => title => loc('User Rights'), path => "/Admin/FormTools/UserRights.html?id=" . $id );
}
}
diff --git a/html/Elements/Forms/ListForms b/html/Elements/Forms/ListForms
index c7afbfd..6f7b919 100644
--- a/html/Elements/Forms/ListForms
+++ b/html/Elements/Forms/ListForms
@@ -1,6 +1,7 @@
<&|/Widgets/TitleBox, title => '', class => 'container formtools-form-list ml-auto mr-auto' &>
% my $item_number = 1;
% while ( my $form_attribute = $forms->Next ) {
+% next unless $form_attribute->CurrentUserCanSee;
% my $form = $form_attribute->Content;
% next if $form->{disabled};
<div class="row mt-3 mb-3">
@@ -18,7 +19,7 @@
% }
</&>
<%init>
-my $forms = RT::Attributes->new( RT->SystemUser );
+my $forms = RT::Attributes->new( $session{CurrentUser} );
$forms->Limit( FIELD => 'Name', VALUE => 'FormTools Form' );
my $SelfServicePath = '/SelfService';
diff --git a/html/Forms/dhandler b/html/Forms/dhandler
index 9a73a1d..ddf363c 100644
--- a/html/Forms/dhandler
+++ b/html/Forms/dhandler
@@ -63,11 +63,12 @@ if ( $page_name ) {
# Load FormTools configration and look for a configured
# form with the provided name.
-my $form_attribute = RT::Attribute->new( RT->SystemUser );
+my $form_attribute = RT::Attribute->new( $session{CurrentUser} );
$form_attribute->LoadByCols( Name => 'FormTools Form', Description => $form_name );
my $form_config;
if ( $form_attribute->Id ) {
+ Abort( loc("Permission Denied") ) unless $form_attribute->CurrentUserCanSee;
$form_config = $form_attribute->Content;
}
else {
diff --git a/lib/RT/Extension/FormTools.pm b/lib/RT/Extension/FormTools.pm
index 238ed56..4010f68 100644
--- a/lib/RT/Extension/FormTools.pm
+++ b/lib/RT/Extension/FormTools.pm
@@ -49,6 +49,47 @@ sub _GeneratePageId {
return substr( sha1_hex( time . int rand 10000 ), 0, 8 );
}
+{
+ package RT::Attribute;
+ no warnings 'redefine';
+ use Role::Basic 'with';
+ with "RT::Record::Role::Rights";
+
+ my $orig_available_rights = RT::Attribute->can('AvailableRights');
+ *AvailableRights = sub {
+ my $self = shift;
+
+ if ( $self->__Value('Name') eq 'FormTools Form' ) {
+ return { ShowForm => 'View forms' };
+ }
+ return $orig_available_rights->($self, @_);
+ };
+
+ my $orig_right_categories = RT::Attribute->can('RightCategories');
+ *RightCategories = sub {
+ my $self = shift;
+
+ if ( $self->__Value('Name') eq 'FormTools Form' ) {
+ return { ShowForm => 'General' };
+ }
+ return $orig_right_categories->($self, @_);
+ };
+
+ my $orig_current_user_has_right = RT::Attribute->can('CurrentUserHasRight');
+ *CurrentUserHasRight = sub {
+ my $self = shift;
+ my $right = shift;
+ if ( $self->__Value('Name') eq 'FormTools Form' ) {
+ return 1 if $self->CurrentUser->HasRight( Object => RT->System, Right => 'AdminForm' );
+ $right = 'ShowForm' if $right eq 'display';
+ return $self->CurrentUser->HasRight( Object => $self, Right => $right );
+ }
+ return $orig_current_user_has_right->( $self, $right, @_ );
+ };
+
+ RT::Attribute->AddRight( General => ShowForm => 'View forms' ); # loc
+}
+
=head1 NAME
RT-Extension-FormTools - Help write multi-page ticket creation wizards
-----------------------------------------------------------------------
Summary of changes:
html/Admin/FormTools/GroupRights.html | 37 ++++++++++++++++++++
html/Admin/FormTools/UserRights.html | 37 ++++++++++++++++++++
html/Callbacks/FormTools/Elements/Tabs/Privileged | 2 ++
html/Elements/Forms/ListForms | 3 +-
html/Forms/dhandler | 3 +-
lib/RT/Extension/FormTools.pm | 41 +++++++++++++++++++++++
6 files changed, 121 insertions(+), 2 deletions(-)
create mode 100644 html/Admin/FormTools/GroupRights.html
create mode 100644 html/Admin/FormTools/UserRights.html
hooks/post-receive
--
rt-extension-formtools
More information about the Bps-public-commit
mailing list