Skip to content

Commit

Permalink
Replacement for #16251 Commits
Browse files Browse the repository at this point in the history 
After difficulties rebasing and resolving conflicts of the original PR in preparation for final merge, elected to create this clean re-submission that resolves all issues.
  • Loading branch information
@opengeek
Jim Graham authored and opengeek committed Jan 26, 2023
1 parent 5a90dc5 commit f3860a2
Show file tree
Hide file tree
Showing 17 changed files with 1,217 additions and 569 deletions.
32 changes: 29 additions & 3 deletions core/src/Revolution/Processors/Context/GetList.php
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<?php

/*
* This file is part of the MODX Revolution package.
*
Expand All @@ -10,8 +11,9 @@

namespace MODX\Revolution\Processors\Context;


use MODX\Revolution\modContext;
use MODX\Revolution\modAccessContext;
use MODX\Revolution\modUserGroup;
use MODX\Revolution\Processors\Model\GetListProcessor;
use xPDO\Om\xPDOObject;
use xPDO\Om\xPDOQuery;
Expand Down Expand Up @@ -40,6 +42,9 @@ class GetList extends GetListProcessor
/** @var boolean $canCreate Determines whether or not the user can create a context (/duplicate one) */
public $canCreate = false;

/** @param boolean $isGridFilter Indicates the target of this list data is a filter field */
protected $isGridFilter = false;

/**
* {@inheritDoc}
* @return boolean
Expand All @@ -54,7 +59,7 @@ public function initialize()
$this->canCreate = $this->modx->hasPermission('new_context');
$this->canEdit = $this->modx->hasPermission('edit_context');
$this->canRemove = $this->modx->hasPermission('delete_context');

$this->isGridFilter = $this->getProperty('isGridFilter', false);
return $initialized;
}

Expand All @@ -79,7 +84,28 @@ public function prepareQueryBeforeCount(xPDOQuery $c)
'key:NOT IN' => is_string($exclude) ? explode(',', $exclude) : $exclude,
]);
}

/*
When this class is used to fetch data for a grid filter's store (combo),
limit results to only those contexts present in the current grid.
*/
if ($this->isGridFilter) {
if ($userGroup = $this->getProperty('usergroup', false)) {
$c->innerJoin(
modAccessContext::class,
'modAccessContext',
[
'`modAccessContext`.`target` = `modContext`.`key`',
'`modAccessContext`.`principal` = ' . (int)$userGroup,
'`modAccessContext`.`principal_class` = ' . $this->modx->quote(modUserGroup::class)
]
);
if ($policy = $this->getProperty('policy', false)) {
$c->where([
'`modAccessContext`.`policy`' => (int)$policy
]);
}
}
}
return $c;
}

Expand Down
56 changes: 43 additions & 13 deletions core/src/Revolution/Processors/Element/Category/GetList.php
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<?php

/*
* This file is part of the MODX Revolution package.
*
Expand All @@ -10,8 +11,9 @@

namespace MODX\Revolution\Processors\Element\Category;


use MODX\Revolution\modCategory;
use MODX\Revolution\modUserGroup;
use MODX\Revolution\modAccessCategory;
use MODX\Revolution\Processors\Model\GetListProcessor;
use xPDO\Om\xPDOObject;
use xPDO\Om\xPDOQuery;
Expand All @@ -33,19 +35,23 @@ class GetList extends GetListProcessor
public $languageTopics = ['category'];
public $defaultSortField = 'category';

/** @param boolean $isGridFilter Indicates the target of this list data is a filter field */
protected $isGridFilter = false;

public function initialize()
{
$initialized = parent::initialize();
$this->setDefaultProperties([
'showNone' => false,
]);
$this->isGridFilter = $this->getProperty('isGridFilter', false);

return $initialized;
}

public function beforeIteration(array $list)
{
if ($this->getProperty('showNone', false)) {
if ($this->getProperty('showNone', false) && !$this->isGridFilter) {
$list = [
'0' => [
'id' => 0,
Expand Down Expand Up @@ -105,7 +111,7 @@ public function iterate(array $data)
*/
public function includeCategoryChildren(&$list, $children, $nestedName)
{
if ($children) {
if ($children && !$this->isGridFilter) {
foreach ($children as $child) {
if (!$child->checkPolicy('list')) {
continue;
Expand All @@ -129,23 +135,47 @@ public function includeCategoryChildren(&$list, $children, $nestedName)
*/
public function includeCategoryParent($parent, $parentName)
{
if ($parent) {
$categoryName = $parent->get('category');
if (!$this->isGridFilter) {
if ($parent) {
$categoryName = $parent->get('category');

return $this->includeCategoryParent($parent->Parent, $categoryName . '' . $parentName);
} else {
return $parentName;
return $this->includeCategoryParent($parent->Parent, $categoryName . '' . $parentName);
} else {
return $parentName;
}
}
}

public function prepareQueryBeforeCount(xPDOQuery $c)
{
if (!$this->getProperty('id', '')) {
$c->where([
'modCategory.parent' => 0,
]);
/*
When this class is used to fetch data for a grid filter's store (combo),
limit results to only those categories present in the current grid.
*/
if ($this->isGridFilter) {
if ($userGroup = $this->getProperty('usergroup', false)) {
$c->innerJoin(
modAccessCategory::class,
'modAccessCategory',
[
'`modAccessCategory`.`target` = `modCategory`.`id`',
'`modAccessCategory`.`principal` = ' . (int)$userGroup,
'`modAccessCategory`.`principal_class` = ' . $this->modx->quote(modUserGroup::class)
]
);
}
if ($policy = $this->getProperty('policy', false)) {
$c->where([
'`modAccessCategory`.`policy`' => (int)$policy
]);
}
} else {
if (!$this->getProperty('id', '')) {
$c->where([
'modCategory.parent' => 0,
]);
}
}

return $c;
}

Expand Down
98 changes: 95 additions & 3 deletions core/src/Revolution/Processors/Security/Access/Policy/GetList.php
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<?php

/*
* This file is part of MODX Revolution.
*
Expand All @@ -10,11 +11,17 @@

namespace MODX\Revolution\Processors\Security\Access\Policy;

use MODX\Revolution\modAccessCategory;
use MODX\Revolution\modAccessContext;
use MODX\Revolution\modAccessNamespace;
use MODX\Revolution\modAccessPermission;
use MODX\Revolution\modAccessPolicy;
use MODX\Revolution\modAccessPolicyTemplate;
use MODX\Revolution\modAccessPolicyTemplateGroup;
use MODX\Revolution\modAccessResourceGroup;
use MODX\Revolution\modUserGroup;
use MODX\Revolution\Processors\Model\GetListProcessor;
use MODX\Revolution\Sources\modAccessMediaSource;
use xPDO\Om\xPDOObject;
use xPDO\Om\xPDOQuery;

Expand All @@ -35,6 +42,9 @@ class GetList extends GetListProcessor
public $permission = 'policy_view';
public $languageTopics = ['policy', 'en:policy'];

/** @param boolean $isGridFilter Indicates the target of this list data is a filter field */
protected $isGridFilter = false;

/**
* @return bool
*/
Expand All @@ -47,6 +57,7 @@ public function initialize()
'combo' => false,
'query' => '',
]);
$this->isGridFilter = $this->getProperty('isGridFilter', false);
return $initialized;
}

Expand All @@ -57,20 +68,101 @@ public function initialize()
public function prepareQueryBeforeCount(xPDOQuery $c)
{
$c->innerJoin(modAccessPolicyTemplate::class, 'Template');

$group = $this->getProperty('group');
if (!empty($group)) {
$group = is_array($group) ? $group : explode(',', $group);
$c->innerJoin(modAccessPolicyTemplateGroup::class, 'TemplateGroup',
'TemplateGroup.id = Template.template_group');
$c->innerJoin(
modAccessPolicyTemplateGroup::class,
'TemplateGroup',
'TemplateGroup.id = Template.template_group'
);
$c->where(['TemplateGroup.name:IN' => $group]);
}

$query = $this->getProperty('query', '');
if (!empty($query)) {
$c->where([
'modAccessPolicy.name:LIKE' => '%' . $query . '%',
'OR:modAccessPolicy.description:LIKE' => '%' . $query . '%'
]);
}

/*
When this class is used to fetch data for a grid filter's store (combo),
limit results to only those policies present in the current grid.
*/
if ($this->isGridFilter) {
$userGroup = $this->getProperty('usergroup', '');
$targetGrid = $this->getProperty('targetGrid', '');

if (!empty($userGroup) && !empty($targetGrid)) {
switch ($targetGrid) {
case 'MODx.grid.UserGroupContext':
$joinClass = modAccessContext::class;
$joinAlias = 'modAccessContext';
// Note that context pk is a string ('key' is the dataIndex), not an int id
$context = $this->getProperty('context', '');
if (!empty($context)) {
$c->where([
'`modAccessContext`.`target`' => $context
]);
}
break;
case 'MODx.grid.UserGroupResourceGroup':
$joinClass = modAccessResourceGroup::class;
$joinAlias = 'modAccessResourceGroup';
$resourceGroup = $this->getProperty('resourceGroup', '');
if (!empty($resourceGroup)) {
$c->where([
'`modAccessResourceGroup`.`target`' => (int)$resourceGroup
]);
}
break;
case 'MODx.grid.UserGroupCategory':
$joinClass = modAccessCategory::class;
$joinAlias = 'modAccessCategory';
$category = $this->getProperty('category', '');
if (!empty($category)) {
$c->where([
'`modAccessCategory`.`target`' => (int)$category
]);
}
break;
case 'MODx.grid.UserGroupSource':
$joinClass = modAccessMediaSource::class;
$joinAlias = 'modAccessMediaSource';
$source = $this->getProperty('source', '');
if (!empty($source)) {
$c->where([
'`modAccessMediaSource`.`target`' => (int)$source
]);
}
break;
case 'MODx.grid.UserGroupNamespace':
$joinClass = modAccessNamespace::class;
$joinAlias = 'modAccessNamespace';
// Note that namespace pk is a string ('name' is the dataIndex), not an int id
$namespace = $this->getProperty('namespace', '');
if (!empty($namespace)) {
$c->where([
'`modAccessNamespace`.`target`' => $namespace
]);
}
break;
}
$c->innerJoin(
$joinClass,
$joinAlias,
[
'`' . $joinAlias . '`.`policy` = `modAccessPolicy`.`id`',
'`' . $joinAlias . '`.`principal` = ' . $userGroup,
'`' . $joinAlias . '`.`principal_class` = ' . $this->modx->quote(modUserGroup::class)
]
);
$c->groupby('`modAccessPolicy`.`id`');
}
}
return $c;
}

Expand All @@ -82,7 +174,7 @@ public function prepareQueryAfterCount(xPDOQuery $c)
{
$subc = $this->modx->newQuery(modAccessPermission::class);
$subc->select('COUNT(modAccessPermission.id)');
$subc->where(['modAccessPermission.template = Template.id',]);
$subc->where(['modAccessPermission.template = Template.id']);
$subc->prepare();
$c->select($this->modx->getSelectColumns(modAccessPolicy::class, 'modAccessPolicy'));
$c->select(['template_name' => 'Template.name']);
Expand Down
19 changes: 5 additions & 14 deletions core/src/Revolution/Processors/Security/Access/UserGroup/AccessNamespace/GetList.php
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<?php

/*
* This file is part of MODX Revolution.
*
Expand Down Expand Up @@ -113,7 +114,10 @@ public function prepareRow(xPDOObject $object)
if (empty($objectArray['name'])) {
$objectArray['name'] = '(' . $this->modx->lexicon('none') . ')';
}
$objectArray['authority_name'] = !empty($objectArray['role_name']) ? $objectArray['role_name'] . ' - ' . $objectArray['authority'] : $objectArray['authority'];
$objectArray['authority_name'] = !empty($objectArray['role_name'])
? $objectArray['role_name'] . ' - ' . $objectArray['authority']
: $objectArray['authority']
;

/* get permissions list */
$data = $objectArray['policy_data'];
Expand All @@ -130,21 +134,8 @@ public function prepareRow(xPDOObject $object)
$objectArray['permissions'] = implode(', ', $permissions);
}


$cls = 'pedit premove';

$objectArray['cls'] = $cls;
$objectArray['menu'] = [
[
'text' => $this->modx->lexicon('access_namespace_update'),
'handler' => 'this.updateAcl',
],
'-',
[
'text' => $this->modx->lexicon('access_namespace_remove'),
'handler' => 'this.confirm.createDelegate(this,["Security/Access/UserGroup/AccessNamespace/Remove"])',
],
];

return $objectArray;
}
Expand Down
12 changes: 1 addition & 11 deletions core/src/Revolution/Processors/Security/Access/UserGroup/Category/GetList.php
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<?php

/*
* This file is part of MODX Revolution.
*
Expand Down Expand Up @@ -138,17 +139,6 @@ public function prepareRow(xPDOObject $object)
$cls .= 'pedit premove';
}
$objectArray['cls'] = $cls;
$objectArray['menu'] = [
[
'text' => $this->modx->lexicon('access_category_update'),
'handler' => 'this.updateAcl',
],
'-',
[
'text' => $this->modx->lexicon('access_category_remove'),
'handler' => 'this.confirm.createDelegate(this,["Security/Access/UserGroup/Category/Remove"])',
]
];

return $objectArray;
}
Expand Down
Loading

0 comments on commit f3860a2

Please sign in to comment.