Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(permissions): filter fields in forms based on read/write permissions #2180

Merged
merged 26 commits into from
Jan 25, 2024
Merged

feat(permissions): filter fields in forms based on read/write permissions #2180

merged 26 commits into from
Jan 25, 2024

Conversation

tomwwinter
Copy link
Contributor

@tomwwinter tomwwinter commented Jan 15, 2024
edited by TheSlimvReal
Loading

  • filter fields in forms with no read permission
  • disable fields in edit mode with read-only permissions

Can be tested with this permissions:

const rules: DatabaseRules = {
  user_app: [
    { subject: "Child", action: "read", fields: ["name"] },
    { subject: "Child", action: "manage", fields: ["name", "dateOfBirth"] },
  ],
  admin_app: [{ subject: "all", action: "manage" }],
}

related to: #1912

Visible/Frontend Changes

  • filter fields with now read permission in detail view
  • disable fields with no write access in edit mode

Architectural/Backend Changes

  • none

@tomwwinter
feat(permissions): filter fields in forms based on read/write permiss…
420e45f 
…ions

- filter fields in forms with no read permission
- disable fields in edit mode with read-only permissions
@github-actions GitHub Actions
Copy link

Deployed to https://pr-2180.aam-digital.net/

@TheSlimvReal TheSlimvReal linked an issue Jan 15, 2024 that may be closed by this pull request
Field level permissions #1912
Closed
4 tasks
TheSlimvReal
TheSlimvReal requested changes Jan 15, 2024
View reviewed changes
Copy link
Collaborator

@TheSlimvReal TheSlimvReal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the goods start already. The functionality looks good, lets try to refactor this so we can use the same approach in all forms.

src/app/core/permissions/ability/ability.service.ts Outdated Show resolved Hide resolved
src/app/core/entity-details/form/form.component.ts Outdated Show resolved Hide resolved
src/app/core/entity-details/form/form.component.ts Outdated Show resolved Hide resolved
src/app/core/entity-details/form/form.component.ts Outdated Show resolved Hide resolved
TheSlimvReal
TheSlimvReal reviewed Jan 15, 2024
View reviewed changes
Copy link
Collaborator

@TheSlimvReal TheSlimvReal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am currently wondering whether instead of listening to the status changes, we can also just overwrite the enable function of the FormGroup. So a subclass FormGroupWithPermission so this whole "what can be enabled" would all be built-in instead of managed from the outside. For me this feels a bit more straight forward, how well the general extending of Angular classes works in the long run, I am not sure. Lets discuss this.

src/app/core/common-components/entity-form/entity-form.service.spec.ts Outdated Show resolved Hide resolved
src/app/core/common-components/entity-form/entity-form/entity-form.component.ts Outdated Show resolved Hide resolved
src/app/core/common-components/entity-form/entity-form.service.spec.ts Outdated Show resolved Hide resolved
src/app/core/common-components/entity-form/entity-form.service.spec.ts Outdated Show resolved Hide resolved
src/app/core/common-components/entity-form/entity-form.service.ts Outdated Show resolved Hide resolved
src/app/core/common-components/entity-form/entity-form/entity-form.component.ts Outdated Show resolved Hide resolved
src/app/core/common-components/entity-select/entity-select.component.spec.ts Outdated Show resolved Hide resolved
tomwwinter and others added 6 commits January 16, 2024 09:03
@tomwwinter @TheSlimvReal
fix: test syntax
5248fe0 
Co-authored-by: Simon <simon@aam-digital.com>
@tomwwinter @TheSlimvReal
fix: test syntax
f99b8d0 
Co-authored-by: Simon <simon@aam-digital.com>
@tomwwinter
fix: pr review feedback
754bf3e
@tomwwinter
fix: typo
cf79872
@tomwwinter
fix: typo
b1feafc
@tomwwinter
fix: pr review feedback
c2290c8
TheSlimvReal
TheSlimvReal reviewed Jan 22, 2024
View reviewed changes
Copy link
Collaborator

@TheSlimvReal TheSlimvReal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks very good now. I only changed some small things. When playing with it I discovered a functionality issue though:

Currently the disabled state is always applied based on the update permissions. This means that the property is also disabled when a new entity (e.g. a new Note) is created even if the user has create permissions on the property. I think there is a valid use case where users are allowed to set a property initially, but once the entity already exists they are not allowed to change it anymore. Therefore I think for new entities the disabled state should be evaluated based on the create permission for a field.

TheSlimvReal
TheSlimvReal approved these changes Jan 25, 2024
View reviewed changes
Copy link
Collaborator

@TheSlimvReal TheSlimvReal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works great now. Thanks.

@TheSlimvReal TheSlimvReal merged commit b1533b1 into master Jan 25, 2024
6 of 7 checks passed
@TheSlimvReal TheSlimvReal deleted the tw/feat/1912-filter-fields-if-user-has-no-read-or-write-perissions branch January 25, 2024 10:30
@aam-digital-ci
Copy link
Collaborator

🎉 This PR is included in version 3.30.0-master.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@aam-digital-ci aam-digital-ci added the released on @master managed by CI (semantic-release) label Jan 25, 2024
@aam-digital-ci
Copy link
Collaborator

🎉 This PR is included in version 3.30.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@aam-digital-ci aam-digital-ci added the released managed by CI (semantic-release) label Jan 25, 2024
@sleidig sleidig mentioned this pull request Jan 29, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TheSlimvReal TheSlimvReal TheSlimvReal approved these changes

Assignees
No one assigned
Labels
released on @master managed by CI (semantic-release) released managed by CI (semantic-release)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Field level permissions
3 participants
@tomwwinter @aam-digital-ci @TheSlimvReal