diff --git a/Admin/Routes/Web/Api.php b/Admin/Routes/Web/Api.php index 1152f49..6b9d972 100755 --- a/Admin/Routes/Web/Api.php +++ b/Admin/Routes/Web/Api.php @@ -13,7 +13,7 @@ declare(strict_types=1); use Modules\Helper\Controller\ApiController; -use Modules\Helper\Models\PermissionState; +use Modules\Helper\Models\PermissionCategory; use phpOMS\Account\PermissionType; use phpOMS\Router\RouteVerb; @@ -25,7 +25,7 @@ return [ 'permission' => [ 'module' => ApiController::NAME, 'type' => PermissionType::READ, - 'state' => PermissionState::REPORT, + 'state' => PermissionCategory::REPORT, ], ], ], @@ -36,7 +36,7 @@ return [ 'permission' => [ 'module' => ApiController::NAME, 'type' => PermissionType::READ, - 'state' => PermissionState::TEMPLATE, + 'state' => PermissionCategory::TEMPLATE, ], ], ], @@ -47,7 +47,7 @@ return [ 'permission' => [ 'module' => ApiController::NAME, 'type' => PermissionType::CREATE, - 'state' => PermissionState::REPORT, + 'state' => PermissionCategory::REPORT, ], ], ], diff --git a/Admin/Routes/Web/Backend.php b/Admin/Routes/Web/Backend.php index e91ab72..b891abf 100755 --- a/Admin/Routes/Web/Backend.php +++ b/Admin/Routes/Web/Backend.php @@ -13,7 +13,7 @@ declare(strict_types=1); use Modules\Helper\Controller\BackendController; -use Modules\Helper\Models\PermissionState; +use Modules\Helper\Models\PermissionCategory; use phpOMS\Account\PermissionType; use phpOMS\Router\RouteVerb; @@ -25,7 +25,7 @@ return [ 'permission' => [ 'module' => BackendController::NAME, 'type' => PermissionType::CREATE, - 'state' => PermissionState::TEMPLATE, + 'state' => PermissionCategory::TEMPLATE, ], ], [ @@ -34,7 +34,7 @@ return [ 'permission' => [ 'module' => BackendController::NAME, 'type' => PermissionType::CREATE, - 'state' => PermissionState::TEMPLATE, + 'state' => PermissionCategory::TEMPLATE, ], ], ], @@ -45,7 +45,7 @@ return [ 'permission' => [ 'module' => BackendController::NAME, 'type' => PermissionType::CREATE, - 'state' => PermissionState::REPORT, + 'state' => PermissionCategory::REPORT, ], ], [ @@ -54,7 +54,7 @@ return [ 'permission' => [ 'module' => BackendController::NAME, 'type' => PermissionType::CREATE, - 'state' => PermissionState::REPORT, + 'state' => PermissionCategory::REPORT, ], ], ], @@ -65,7 +65,7 @@ return [ 'permission' => [ 'module' => BackendController::NAME, 'type' => PermissionType::READ, - 'state' => PermissionState::REPORT, + 'state' => PermissionCategory::REPORT, ], ], ], @@ -76,7 +76,7 @@ return [ 'permission' => [ 'module' => BackendController::NAME, 'type' => PermissionType::READ, - 'state' => PermissionState::REPORT, + 'state' => PermissionCategory::REPORT, ], ], ], diff --git a/Controller/ApiController.php b/Controller/ApiController.php index e05875e..a37ac9f 100755 --- a/Controller/ApiController.php +++ b/Controller/ApiController.php @@ -18,7 +18,7 @@ use Modules\Admin\Models\AccountPermission; use Modules\Admin\Models\NullAccount; use Modules\Helper\Models\NullReport; use Modules\Helper\Models\NullTemplate; -use Modules\Helper\Models\PermissionState; +use Modules\Helper\Models\PermissionCategory; use Modules\Helper\Models\Report; use Modules\Helper\Models\ReportMapper; use Modules\Helper\Models\Template; @@ -91,8 +91,8 @@ final class ApiController extends Controller $isExport = \in_array($request->getData('type'), ['xlsx', 'pdf', 'docx', 'pptx', 'csv', 'json']); // is allowed to read - if (!$this->app->accountManager->get($accountId)->hasPermission(PermissionType::READ, $this->app->orgId, null, self::NAME, PermissionState::REPORT, $template->getId()) - || ($isExport && !$this->app->accountManager->get($accountId)->hasPermission(PermissionType::READ, $this->app->orgId, $this->app->appName, self::NAME, PermissionState::EXPORT)) + if (!$this->app->accountManager->get($accountId)->hasPermission(PermissionType::READ, $this->app->orgId, null, self::NAME, PermissionCategory::REPORT, $template->getId()) + || ($isExport && !$this->app->accountManager->get($accountId)->hasPermission(PermissionType::READ, $this->app->orgId, $this->app->appName, self::NAME, PermissionCategory::EXPORT)) ) { $response->header->status = RequestStatusCode::R_403; @@ -353,7 +353,7 @@ final class ApiController extends Controller } // is allowed to create - if (!$this->app->accountManager->get($request->header->account)->hasPermission(PermissionType::CREATE, $this->app->orgId, null, self::NAME, PermissionState::TEMPLATE)) { + if (!$this->app->accountManager->get($request->header->account)->hasPermission(PermissionType::CREATE, $this->app->orgId, null, self::NAME, PermissionCategory::TEMPLATE)) { $response->header->status = RequestStatusCode::R_403; return; @@ -404,7 +404,7 @@ final class ApiController extends Controller $this->app->appName, self::NAME, self::NAME, - PermissionState::TEMPLATE, + PermissionCategory::TEMPLATE, $template->getId(), null, PermissionType::READ | PermissionType::MODIFY | PermissionType::DELETE | PermissionType::PERMISSION, @@ -509,7 +509,7 @@ final class ApiController extends Controller } // is allowed to create - if (!$this->app->accountManager->get($request->header->account)->hasPermission(PermissionType::CREATE, $this->app->orgId, null, self::NAME, PermissionState::REPORT)) { + if (!$this->app->accountManager->get($request->header->account)->hasPermission(PermissionType::CREATE, $this->app->orgId, null, self::NAME, PermissionCategory::REPORT)) { $response->header->status = RequestStatusCode::R_403; return; @@ -551,7 +551,7 @@ final class ApiController extends Controller $this->app->appName, self::NAME, self::NAME, - PermissionState::REPORT, + PermissionCategory::REPORT, $report->getId(), null, PermissionType::READ | PermissionType::MODIFY | PermissionType::DELETE | PermissionType::PERMISSION, diff --git a/Models/PermissionCategory.php b/Models/PermissionCategory.php new file mode 100755 index 0000000..2d5807b --- /dev/null +++ b/Models/PermissionCategory.php @@ -0,0 +1,34 @@ +