fix(Rozier): Fixed global backoffice grid when tree panel is hidden

roadiz · Apr 14, 2023 · 4aa8a5e · 4aa8a5e
1 parent 95db653
commit 4aa8a5e
Show file tree

Hide file tree

Showing 13 changed files with 38 additions and 10 deletions.
diff --git a/lib/RoadizTwoFactorBundle/src/Controller/BackupCodesAdminController.php b/lib/RoadizTwoFactorBundle/src/Controller/BackupCodesAdminController.php
@@ -25,6 +25,10 @@ public function backupCodesAdminAction(Request $request, TokenStorageInterface $
     {
         $this->denyAccessUnlessGranted('ROLE_BACKEND_USER');
 
+        if ($this->isGranted('ROLE_PREVIOUS_ADMIN')) {
+            throw $this->createAccessDeniedException('You cannot impersonate to access this page.');
+        }
+
         $user = $tokenStorage->getToken()->getUser();
         if (!($user instanceof User)) {
             throw $this->createAccessDeniedException('You must be logged in to access this page.');

diff --git a/lib/RoadizTwoFactorBundle/src/Controller/QrCodeController.php b/lib/RoadizTwoFactorBundle/src/Controller/QrCodeController.php
@@ -32,6 +32,10 @@ public function totpQrCodeAction(TokenStorageInterface $tokenStorage): Response
     {
         $this->denyAccessUnlessGranted('ROLE_BACKEND_USER');
 
+        if ($this->isGranted('ROLE_PREVIOUS_ADMIN')) {
+            throw $this->createAccessDeniedException('You cannot impersonate to access this page.');
+        }
+
         $user = $tokenStorage->getToken()->getUser();
         if (!($user instanceof User)) {
             throw $this->createAccessDeniedException('You must be logged in to access this page.');

diff --git a/lib/RoadizTwoFactorBundle/src/Controller/TwoFactorAdminController.php b/lib/RoadizTwoFactorBundle/src/Controller/TwoFactorAdminController.php
@@ -33,6 +33,10 @@ public function twoFactorAdminAction(Request $request, TokenStorageInterface $to
     {
         $this->denyAccessUnlessGranted('ROLE_BACKEND_USER');
 
+        if ($this->isGranted('ROLE_PREVIOUS_ADMIN')) {
+            throw $this->createAccessDeniedException('You cannot impersonate to access this page.');
+        }
+
         $user = $tokenStorage->getToken()->getUser();
         if (!($user instanceof User)) {
             throw $this->createAccessDeniedException('You must be logged in to access this page.');

diff --git a/lib/RoadizTwoFactorBundle/src/EventSubscriber/UserActionsMenuEventSubscriber.php b/lib/RoadizTwoFactorBundle/src/EventSubscriber/UserActionsMenuEventSubscriber.php
@@ -6,12 +6,13 @@
 
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
+use Symfony\Component\Security\Core\Security;
 use Themes\Rozier\Event\UserActionsMenuEvent;
 
 final class UserActionsMenuEventSubscriber implements EventSubscriberInterface
 {
 
-    public function __construct(private UrlGeneratorInterface $urlGenerator)
+    public function __construct(private UrlGeneratorInterface $urlGenerator, private Security $security)
     {
     }
 
@@ -24,6 +25,9 @@ public static function getSubscribedEvents(): array
 
     public function onUserActionsMenu(UserActionsMenuEvent $event): void
     {
+        if ($this->security->isGranted('ROLE_PREVIOUS_ADMIN')) {
+            return;
+        }
         $event->addAction(
             'two_factor_authentication',
             $this->urlGenerator->generate('2fa_admin_two_factor'),

diff --git a/lib/Rozier/src/Resources/app/less/grid/grid_layout.less b/lib/Rozier/src/Resources/app/less/grid/grid_layout.less
@@ -16,6 +16,17 @@
         grid-template-columns: @user-panel-xl-width @entries-panel-xl-width fit-content(100%) auto;
     }
 
+    &.trees-panel--hidden {
+        grid-template-columns: @user-panel-sm-width @entries-panel-width auto;
+
+        @media (min-width: @screen-lg-min) {
+            grid-template-columns: @user-panel-lg-width @entries-panel-lg-width auto;
+        }
+        @media (min-width: @screen-xl-min) {
+            grid-template-columns: @user-panel-xl-width @entries-panel-xl-width auto;
+        }
+    }
+
     #user-panel {
         position: relative;
         width: 100%;

diff --git a/lib/Rozier/src/Resources/views/base.html.twig b/lib/Rozier/src/Resources/views/base.html.twig
@@ -24,7 +24,10 @@
     <body>
         <div id="app"></div>
         <div id="main-container">
-            <div id="main-container-inner">
+            {% set treePanelEnabled = (is_granted('ROLE_ACCESS_NODES') or
+                is_granted('ROLE_ACCESS_DOCUMENTS') or
+                is_granted('ROLE_ACCESS_TAGS')) %}
+            <div id="main-container-inner"{% if not treePanelEnabled %} class="trees-panel--hidden"{% endif %}>
                 <section class="main-container-section navigation-container-section" id="user-panel">
                     {% include '@RoadizRozier/panels/user_panel.html.twig' with {
                         'session' : session,
@@ -39,9 +42,7 @@
                         'backofficeEntries':backofficeEntries,
                     } only %}
                 </section>
-                {% if (is_granted('ROLE_ACCESS_NODES') or
-                       is_granted('ROLE_ACCESS_DOCUMENTS') or
-                       is_granted('ROLE_ACCESS_TAGS')) %}
+                {% if treePanelEnabled %}
                 <section class="main-container-section navigation-container-section" id="main-trees">
                     <div id="main-trees-overlay"></div>
                     <div id="main-trees-container">

diff --git a/lib/Rozier/src/Resources/views/partials/js-inject.html.twig b/lib/Rozier/src/Resources/views/partials/js-inject.html.twig
@@ -1,5 +1,5 @@
 
-<script src="{{ asset('js/vendor.e62c861f7366d2f113d7.js', 'Rozier') }}" defer type="text/javascript"></script>
+<script src="{{ asset('js/vendor.f6360c32341e41ff0fc0.js', 'Rozier') }}" defer type="text/javascript"></script>
 
-<script src="{{ asset('js/app.e62c861f7366d2f113d7.js', 'Rozier') }}" defer type="text/javascript"></script>
+<script src="{{ asset('js/app.f6360c32341e41ff0fc0.js', 'Rozier') }}" defer type="text/javascript"></script>
 
diff --git a/lib/Rozier/src/Resources/views/partials/simple-js-inject.html.twig b/lib/Rozier/src/Resources/views/partials/simple-js-inject.html.twig
@@ -1,3 +1,3 @@
 
-<script src="{{ asset('js/simple.e62c861f7366d2f113d7.js', 'Rozier') }}" defer type="text/javascript"></script>
+<script src="{{ asset('js/simple.f6360c32341e41ff0fc0.js', 'Rozier') }}" defer type="text/javascript"></script>
 
diff --git a/lib/Rozier/src/static/css/app.3d6bf1608c5a8f3962cd.css b/lib/Rozier/src/static/css/app.3d6bf1608c5a8f3962cd.css
diff --git a/lib/Rozier/src/static/css/app.3d6bf1608c5a8f3962cd.css.map b/lib/Rozier/src/static/css/app.3d6bf1608c5a8f3962cd.css.map
diff --git a/...src/static/js/app.e62c861f7366d2f113d7.js → ...src/static/js/app.f6360c32341e41ff0fc0.js b/...src/static/js/app.e62c861f7366d2f113d7.js → ...src/static/js/app.f6360c32341e41ff0fc0.js
diff --git a/.../static/js/simple.e62c861f7366d2f113d7.js → .../static/js/simple.f6360c32341e41ff0fc0.js b/.../static/js/simple.e62c861f7366d2f113d7.js → .../static/js/simple.f6360c32341e41ff0fc0.js
diff --git a/.../static/js/vendor.e62c861f7366d2f113d7.js → .../static/js/vendor.f6360c32341e41ff0fc0.js b/.../static/js/vendor.e62c861f7366d2f113d7.js → .../static/js/vendor.f6360c32341e41ff0fc0.js
Original file line number	Diff line number	Diff line change
		@@ -1,3 +1,3 @@

		<script src="{{ asset('js/simple.e62c861f7366d2f113d7.js', 'Rozier') }}" defer type="text/javascript"></script>
		<script src="{{ asset('js/simple.f6360c32341e41ff0fc0.js', 'Rozier') }}" defer type="text/javascript"></script>