Skip to content

Commit

Permalink
feat(Node): Added new SEARCH attribute for NodeVoter to allow non-e…
Browse files Browse the repository at this point in the history 
…ditor to at least search nodes.
  • Loading branch information
@ambroisemaupate
ambroisemaupate committed Sep 18, 2023
1 parent dd4324d commit f713c0c
Show file tree
Hide file tree
Showing 5 changed files with 57 additions and 38 deletions.
9 changes: 9 additions & 0 deletions lib/RoadizCoreBundle/src/Security/Authorization/Voter/NodeVoter.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ final class NodeVoter extends Voter
public const CREATE = 'CREATE';
public const DUPLICATE = 'DUPLICATE';
public const CREATE_AT_ROOT = 'CREATE_AT_ROOT';
public const SEARCH = 'SEARCH';
public const READ = 'READ';
public const READ_AT_ROOT = 'READ_AT_ROOT';
public const EMPTY_TRASH = 'EMPTY_TRASH';
Expand All @@ -46,6 +47,7 @@ protected function supports(string $attribute, $subject): bool
\in_array($attribute, [
self::CREATE_AT_ROOT,
self::READ_AT_ROOT,
self::SEARCH,
self::EMPTY_TRASH,
])
) {
Expand Down Expand Up @@ -96,6 +98,7 @@ protected function voteOnAttribute(string $attribute, $subject, TokenInterface $
self::CREATE_AT_ROOT => $this->canCreateAtRoot($user),
self::READ => $this->canRead($subject, $user),
self::READ_AT_ROOT => $this->canReadAtRoot($user),
self::SEARCH => $this->canSearch($user),
self::READ_LOGS => $this->canReadLogs($subject, $user),
self::EDIT_CONTENT => $this->canEditContent($subject, $user),
self::EDIT_SETTING => $this->canEditSetting($subject, $user),
Expand Down Expand Up @@ -156,6 +159,12 @@ private function canReadAtRoot(User $user): bool
return null === $chroot && $this->security->isGranted('ROLE_ACCESS_NODES');
}

private function canSearch(User $user): bool
{
$chroot = $this->chrootResolver->getChroot($user);
return null === $chroot && $this->security->isGranted('ROLE_ACCESS_NODES');
}

private function canEmptyTrash(User $user): bool
{
$chroot = $this->chrootResolver->getChroot($user);
Expand Down
19 changes: 12 additions & 7 deletions lib/Rozier/src/AjaxControllers/AjaxNodesExplorerController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,34 +14,39 @@
use RZ\Roadiz\CoreBundle\EntityApi\NodeTypeApi;
use RZ\Roadiz\CoreBundle\SearchEngine\ClientRegistry;
use RZ\Roadiz\CoreBundle\SearchEngine\NodeSourceSearchHandlerInterface;
use RZ\Roadiz\CoreBundle\Security\Authorization\Voter\NodeVoter;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Exception\InvalidParameterException;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Security;
use Themes\Rozier\Models\NodeModel;
use Themes\Rozier\Models\NodeSourceModel;

class AjaxNodesExplorerController extends AbstractAjaxController
final class AjaxNodesExplorerController extends AbstractAjaxController
{
private SerializerInterface $serializer;
private ClientRegistry $clientRegistry;
private NodeSourceSearchHandlerInterface $nodeSourceSearchHandler;
private NodeTypeApi $nodeTypeApi;
private UrlGeneratorInterface $urlGenerator;
private Security $security;

public function __construct(
SerializerInterface $serializer,
ClientRegistry $clientRegistry,
NodeSourceSearchHandlerInterface $nodeSourceSearchHandler,
NodeTypeApi $nodeTypeApi,
UrlGeneratorInterface $urlGenerator
UrlGeneratorInterface $urlGenerator,
Security $security,
) {
$this->nodeSourceSearchHandler = $nodeSourceSearchHandler;
$this->nodeTypeApi = $nodeTypeApi;
$this->serializer = $serializer;
$this->urlGenerator = $urlGenerator;
$this->clientRegistry = $clientRegistry;
$this->security = $security;
}

protected function getItemPerPage(): int
Expand All @@ -61,7 +66,7 @@ protected function isSearchEngineAvailable(Request $request): bool
*/
public function indexAction(Request $request): Response
{
$this->denyAccessUnlessGranted('ROLE_ACCESS_NODES');
$this->denyAccessUnlessGranted(NodeVoter::SEARCH);

$criteria = $this->parseFilterFromRequest($request);
$sorting = $this->parseSortingFromRequest($request);
Expand Down Expand Up @@ -256,23 +261,23 @@ public function listAction(Request $request): JsonResponse
/**
* Normalize response Node list result.
*
* @param array<Node|NodesSources>|\Traversable<Node|NodesSources> $nodes
* @param iterable<Node|NodesSources> $nodes
* @return array
*/
private function normalizeNodes($nodes)
private function normalizeNodes(iterable $nodes): array
{
$nodesArray = [];

foreach ($nodes as $node) {
if (null !== $node) {
if ($node instanceof NodesSources) {
if (!key_exists($node->getNode()->getId(), $nodesArray)) {
$nodeModel = new NodeSourceModel($node, $this->urlGenerator);
$nodeModel = new NodeSourceModel($node, $this->urlGenerator, $this->security);
$nodesArray[$node->getNode()->getId()] = $nodeModel->toArray();
}
} else {
if (!key_exists($node->getId(), $nodesArray)) {
$nodeModel = new NodeModel($node, $this->urlGenerator);
$nodeModel = new NodeModel($node, $this->urlGenerator, $this->security);
$nodesArray[$node->getId()] = $nodeModel->toArray();
}
}
Expand Down
2 changes: 1 addition & 1 deletion lib/Rozier/src/AjaxControllers/AjaxSearchNodesSourcesController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ public function __construct(
*/
public function searchAction(Request $request): Response
{
$this->denyAccessUnlessGranted('ROLE_ACCESS_NODES');
$this->denyAccessUnlessGranted(NodeVoter::SEARCH);

if (!$request->query->has('searchTerms') || $request->query->get('searchTerms') == '') {
throw new BadRequestHttpException('searchTerms parameter is missing.');
Expand Down
40 changes: 21 additions & 19 deletions lib/Rozier/src/Models/NodeModel.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,24 +9,20 @@
use RZ\Roadiz\CoreBundle\Entity\NodesSources;
use RZ\Roadiz\CoreBundle\Entity\NodesSourcesDocuments;
use RZ\Roadiz\CoreBundle\Entity\Translation;
use RZ\Roadiz\CoreBundle\Security\Authorization\Voter\NodeVoter;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Security;

/**
* @Serializer\ExclusionPolicy("all")
*/
final class NodeModel implements ModelInterface
{
private Node $node;
private UrlGeneratorInterface $urlGenerator;

/**
* @param Node $node
* @param UrlGeneratorInterface $urlGenerator
*/
public function __construct(Node $node, UrlGeneratorInterface $urlGenerator)
{
$this->node = $node;
$this->urlGenerator = $urlGenerator;
public function __construct(
private Node $node,
private UrlGeneratorInterface $urlGenerator,
private Security $security
) {
}

public function toArray(): array
Expand All @@ -35,18 +31,21 @@ public function toArray(): array
$nodeSource = $this->node->getNodeSources()->first();

if (false === $nodeSource) {
return [
$result = [
'id' => $this->node->getId(),
'title' => $this->node->getNodeName(),
'nodeName' => $this->node->getNodeName(),
'isPublished' => $this->node->isPublished(),
'nodesEditPage' => $this->urlGenerator->generate('nodesEditPage', [
'nodeId' => $this->node->getId(),
]),
'nodeType' => [
'color' => $this->node->getNodeType()?->getColor() ?? '#000000',
]
];
if ($this->security->isGranted(NodeVoter::EDIT_SETTING, $this->node)) {
$result['nodesEditPage'] = $this->urlGenerator->generate('nodesEditPage', [
'nodeId' => $this->node->getId(),
]);
}
return $result;
}

/** @var NodesSourcesDocuments|false $thumbnail */
Expand All @@ -60,15 +59,18 @@ public function toArray(): array
'thumbnail' => $thumbnail ? $thumbnail->getDocument() : null,
'nodeName' => $this->node->getNodeName(),
'isPublished' => $this->node->isPublished(),
'nodesEditPage' => $this->urlGenerator->generate('nodesEditSourcePage', [
'nodeId' => $this->node->getId(),
'translationId' => $translation->getId(),
]),
'nodeType' => [
'color' => $this->node->getNodeType()?->getColor() ?? '#000000',
]
];

if ($this->security->isGranted(NodeVoter::EDIT_CONTENT, $nodeSource)) {
$result['nodesEditPage'] = $this->urlGenerator->generate('nodesEditSourcePage', [
'nodeId' => $this->node->getId(),
'translationId' => $translation->getId(),
]);
}

$parent = $this->node->getParent();

if ($parent instanceof Node) {
Expand Down
25 changes: 14 additions & 11 deletions lib/Rozier/src/Models/NodeSourceModel.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,20 @@
use RZ\Roadiz\CoreBundle\Entity\NodesSources;
use RZ\Roadiz\CoreBundle\Entity\NodesSourcesDocuments;
use RZ\Roadiz\CoreBundle\Entity\Translation;
use RZ\Roadiz\CoreBundle\Security\Authorization\Voter\NodeVoter;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Security;

/**
* @Serializer\ExclusionPolicy("all")
*/
final class NodeSourceModel implements ModelInterface
{
private NodesSources $nodeSource;
private UrlGeneratorInterface $urlGenerator;

public function __construct(NodesSources $nodeSource, UrlGeneratorInterface $urlGenerator)
{
$this->nodeSource = $nodeSource;
$this->urlGenerator = $urlGenerator;
public function __construct(
private NodesSources $nodeSource,
private UrlGeneratorInterface $urlGenerator,
private Security $security
) {
}

public function toArray(): array
Expand All @@ -39,15 +39,18 @@ public function toArray(): array
'nodeName' => $node->getNodeName(),
'thumbnail' => $thumbnail ? $thumbnail->getDocument() : null,
'isPublished' => $node->isPublished(),
'nodesEditPage' => $this->urlGenerator->generate('nodesEditSourcePage', [
'nodeId' => $node->getId(),
'translationId' => $translation->getId(),
]),
'nodeType' => [
'color' => $node->getNodeType()?->getColor() ?? '#000000',
]
];

if ($this->security->isGranted(NodeVoter::EDIT_CONTENT, $node)) {
$result['nodesEditPage'] = $this->urlGenerator->generate('nodesEditSourcePage', [
'nodeId' => $node->getId(),
'translationId' => $translation->getId(),
]);
}

$parent = $this->nodeSource->getParent();

if ($parent instanceof NodesSources) {
Expand Down

0 comments on commit f713c0c

Please sign in to comment.