Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dev/core#61 Split Edit Message Templates Permission #11974

Merged
merged 4 commits into from
May 31, 2018
Merged

dev/core#61 Split Edit Message Templates Permission #11974

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e86f2eb
dev/core#61 split edit message templates permission
ajesamson Apr 13, 2018
3b23dae
dev/core#61: Code refactor and jenkins build failure resolution
ajesamson Apr 16, 2018
9faa733
dev/core#61: Added pre-upgrade message notification for added granula…
ajesamson May 28, 2018
50e2850
dev/core#61: Updated revision number
ajesamson May 30, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions CRM/Admin/Form/MessageTemplates.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,7 @@ public function buildQuickForm() {
}
else {
$this->_workflow_id = CRM_Utils_Array::value('workflow_id', $this->_values);
$this->checkUserPermission($this->_workflow_id);
$this->assign('workflow_id', $this->_workflow_id);

if ($this->_workflow_id) {
Expand Down Expand Up @@ -214,6 +215,26 @@ public function buildQuickForm() {
}
}

/**
* Restrict users access based on permission
*
* @param int $workflowId
*/
private function checkUserPermission($workflowId) {
if (isset($workflowId)) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not really familiar with message templates so just a question here, is it impossible for user driven message templates to have a workflow ID?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

User driven message templates do not have workflow ID. A template becomes system workflow message template the moment it has workflow ID.

$canView = CRM_Core_Permission::check('edit system workflow message templates');
}
else {
$canView = CRM_Core_Permission::check('edit user-driven message templates');
}

if (!$canView && !CRM_Core_Permission::check('edit message templates')) {
CRM_Core_Session::setStatus(ts('You do not have permission to view requested page.'), ts('Access Denied'));
$url = CRM_Utils_System::url('civicrm/admin/messageTemplates', "reset=1");
CRM_Utils_System::redirect($url);
}
}

/**
* Global form rule.
*
Expand Down
3 changes: 3 additions & 0 deletions CRM/Admin/Page/MessageTemplates.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -289,6 +289,9 @@ public function browse() {
);

$this->assign('rows', $rows);
$this->assign('canEditSystemTemplates', CRM_Core_Permission::check('edit system workflow message templates'));
$this->assign('canEditMessageTemplates', CRM_Core_Permission::check('edit message templates'));
$this->assign('canEditUserDrivenMessageTemplates', CRM_Core_Permission::check('edit user-driven message templates'));
}

}
10 changes: 8 additions & 2 deletions CRM/Core/Permission.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -877,6 +877,12 @@ public static function getCorePermissions() {
'edit message templates' => array(
$prefix . ts('edit message templates'),
),
'edit system workflow message templates' => array(
$prefix . ts('edit system workflow message templates'),
),
'edit user-driven message templates' => array(
$prefix . ts('edit user-driven message templates'),
),
'view my invoices' => array(
$prefix . ts('view my invoices'),
ts('Allow users to view/ download their own invoices'),
Expand Down Expand Up @@ -1459,8 +1465,8 @@ public static function getEntityActionPermissions() {

$permissions['message_template'] = array(
'get' => array('access CiviCRM'),
'create' => array('edit message templates'),
'update' => array('edit message templates'),
'create' => array('edit message templates', 'edit user-driven message templates', 'edit system workflow message templates'),
'update' => array('edit message templates', 'edit user-driven message templates', 'edit system workflow message templates'),
);
return $permissions;
}
Expand Down
4 changes: 2 additions & 2 deletions CRM/Core/xml/Menu/Admin.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -262,15 +262,15 @@
<page_callback>CRM_Admin_Page_MessageTemplates</page_callback>
<adminGroup>Communications</adminGroup>
<icon>admin/small/template.png</icon>
<access_arguments>edit message templates</access_arguments>
<access_arguments>edit message templates;edit user-driven message templates;edit system workflow message templates</access_arguments>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see the xml sometimes uses commas & sometimes semi-colons - do they have the same meaning?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it’s the diff between or and I think ; == or , == and

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think Seamus is right

<weight>30</weight>
</item>
<item>
<path>civicrm/admin/messageTemplates/add</path>
<title>Message Templates</title>
<desc>Add/Edit Message Templates</desc>
<page_callback>CRM_Admin_Form_MessageTemplates</page_callback>
<access_arguments>edit message templates</access_arguments>
<access_arguments>edit message templates;edit user-driven message templates;edit system workflow message templates</access_arguments>
<weight>262</weight>
</item>
<item>
Expand Down
12 changes: 8 additions & 4 deletions CRM/Upgrade/Incremental/php/FiveTwo.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,10 +40,14 @@ class CRM_Upgrade_Incremental_php_FiveTwo extends CRM_Upgrade_Incremental_Base {
* @param null $currentVer
*/
public function setPreUpgradeMessage(&$preUpgradeMessage, $rev, $currentVer = NULL) {
// Example: Generate a pre-upgrade message.
// if ($rev == '5.12.34') {
// $preUpgradeMessage .= '<p>' . ts('A new permission has been added called %1 This Permission is now used to control access to the Manage Tags screen', array(1 => 'manage tags')) . '</p>';
// }
if ($rev == '5.3.0') {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@eileenmcnaughton can you move this code into FiveThree.php

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah dang - didn't spot that!

$params = array(
1 => 'edit user-driven message templates',
2 => 'edit system workflow message templates',
3 => 'edit message templates',
);
$preUpgradeMessage .= '<p>' . ts('New granular permissions called %1 and %2 have been added for %3 permission. These permissions help to limit user access per template', $params) . '</p>';
}
}

/**
Expand Down
14 changes: 12 additions & 2 deletions templates/CRM/Admin/Page/MessageTemplates.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,14 +89,23 @@
<div class="crm-content-block crm-block">
<div id='mainTabContainer'>
<ul>
<li id='tab_user'> <a href='#user' title='{ts}User-driven Messages{/ts}'> {ts}User-driven Messages{/ts} </a></li>
<li id='tab_workflow'><a href='#workflow' title='{ts}System Workflow Messages{/ts}'>{ts}System Workflow Messages{/ts}</a></li>
{if $canEditUserDrivenMessageTemplates or $canEditMessageTemplates}
<li id='tab_user'><a href='#user' title='{ts}User-driven Messages{/ts}'>{ts}User-driven Messages{/ts}</a></li>
{/if}
{if $canEditSystemTemplates or $canEditMessageTemplates}
<li id='tab_workflow'><a href='#workflow' title='{ts}System Workflow Messages{/ts}'>{ts}System Workflow Messages{/ts}</a></li>
{/if}
</ul>

{* create two selector tabs, first being the ‘user’ one, the second being the ‘workflow’ one *}
{include file="CRM/common/enableDisableApi.tpl"}
{include file="CRM/common/jsortable.tpl"}
{foreach from=$rows item=template_row key=type}
{if (
$type ne 'userTemplates' and ($canEditSystemTemplates or $canEditMessageTemplates)
) or (
$type eq 'userTemplates'and ($canEditUserDrivenMessageTemplates or $canEditMessageTemplates)
)}
<div id="{if $type eq 'userTemplates'}user{else}workflow{/if}" class='ui-tabs-panel ui-widget-content ui-corner-bottom'>
<div class="help">
{if $type eq 'userTemplates'}
Expand Down Expand Up @@ -160,6 +169,7 @@
{/if}
</div>
</div>
{/if}
{/foreach}
</div>
</div>
Expand Down