saulteafarmer/castopod
1
0
Fork 0
mirror of https://code.castopod.org/adaures/castopod synced 2025-06-23 16:05:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(users): remove required roles input when editing user + prevent owner's roles from being edited

Browse Source 
fixes #239
This commit is contained in:
Yassine Doghri 2022-09-07 09:33:10 +00:00
parent 7512e2ed1f
commit 1c8af7550b
5 changed files with 34 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/Admin/Controllers/UserController.php
View File

@ -143,6 +143,17 @@ class UserController extends BaseController
$authorize = Services::authorization(); $authorize = Services::authorization();
$roles = $this->request->getPost('roles'); $roles = $this->request->getPost('roles');
if ($this->user->isOwner) {
return redirect()
->back()
->with('errors', [
lang('User.messages.editOwnerError', [
'username' => $this->user->username,
]),
]);
}
$authorize->setUserGroups($this->user->id, $roles ?? []); $authorize->setUserGroups($this->user->id, $roles ?? []);
// Success! // Success!

2
modules/Admin/Language/en/User.php
View File

@ -45,6 +45,8 @@ return [
'{username} will be prompted with a password reset upon next visit.', '{username} will be prompted with a password reset upon next visit.',
'banSuccess' => '{username} has been banned.', 'banSuccess' => '{username} has been banned.',
'unbanSuccess' => '{username} has been unbanned.', 'unbanSuccess' => '{username} has been unbanned.',
'editOwnerError' =>
'{username} is the instance owner, you cannot edit its roles.',
'banSuperAdminError' => 'banSuperAdminError' =>
'{username} is a superadmin, one does not simply ban a superadmin…', '{username} is a superadmin, one does not simply ban a superadmin…',
'deleteSuperAdminError' => 'deleteSuperAdminError' =>

14
modules/Auth/Entities/User.php
View File

@ -13,6 +13,7 @@ namespace Modules\Auth\Entities;
use App\Entities\Podcast; use App\Entities\Podcast;
use App\Models\NotificationModel; use App\Models\NotificationModel;
use App\Models\PodcastModel; use App\Models\PodcastModel;
use App\Models\UserModel;
use Myth\Auth\Entities\User as MythAuthUser; use Myth\Auth\Entities\User as MythAuthUser;
use RuntimeException; use RuntimeException;
@ -31,6 +32,8 @@ use RuntimeException;
*/ */
class User extends MythAuthUser class User extends MythAuthUser
{ {
public bool $is_owner;
/** /**
* @var Podcast[]|null * @var Podcast[]|null
*/ */
@ -54,6 +57,17 @@ class User extends MythAuthUser
'podcast_role' => '?string', 'podcast_role' => '?string',
]; ];
public function getIsOwner(): bool
{
$firstUser = (new UserModel())->first();
if (! $firstUser instanceof self) {
return false;
}
return $this->username === $firstUser->username;
}
/** /**
* Returns the podcasts the user is contributing to * Returns the podcasts the user is contributing to
* *

1
themes/cp_admin/user/edit.php
View File

@ -23,7 +23,6 @@
id="roles" id="roles"
name="roles[]" name="roles[]"
label="<?= lang('User.form.roles') ?>" label="<?= lang('User.form.roles') ?>"
required="true"
options="<?= esc(json_encode($roleOptions)) ?>" options="<?= esc(json_encode($roleOptions)) ?>"
selected="<?= esc(json_encode($user->roles)) ?>" /> selected="<?= esc(json_encode($user->roles)) ?>" />

7
themes/cp_admin/user/list.php
View File

@ -30,8 +30,11 @@
[ [
'header' => lang('User.list.roles'), 'header' => lang('User.list.roles'),
'cell' => function ($user) { 'cell' => function ($user) {
return implode(',', $user->roles) . if ($user->isOwner) {
'<IconButton uri="' . route_to('user-edit', $user->id) . '" glyph="edit" variant="info">' . lang('User.edit_roles', [ return 'owner, ' . implode(',', $user->roles);
}
return implode(',', $user->roles) . '<IconButton uri="' . route_to('user-edit', $user->id) . '" glyph="edit" variant="info">' . lang('User.edit_roles', [
'username' => esc($user->username), 'username' => esc($user->username),
]) . '</IconButton>'; ]) . '</IconButton>';
}, },