chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source
pull/5656/head
Angel Fernando Quiroz Campos 1 year ago
parent b9a26f522d cfefcbb2c9
commit eb451e08b6
No known key found for this signature in database
GPG Key ID: B284841AE3E562CD
4 changed files with 26 additions and 43 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 16
      public/main/inc/lib/api.lib.php
  2. 29
      src/CoreBundle/Controller/PermissionController.php
  3. 2
      src/CoreBundle/Resources/config/services.yml
  4. 22
      src/CoreBundle/ServiceHelper/PermissionServiceHelper.php

16
public/main/inc/lib/api.lib.php
Unescape View File

@ -11,8 +11,8 @@ use Chamilo\CoreBundle\Entity\User;
use Chamilo\CoreBundle\Entity\UserCourseCategory; use Chamilo\CoreBundle\Entity\UserCourseCategory;
use Chamilo\CoreBundle\Exception\NotAllowedException; use Chamilo\CoreBundle\Exception\NotAllowedException;
use Chamilo\CoreBundle\Framework\Container; use Chamilo\CoreBundle\Framework\Container;
use Chamilo\CoreBundle\Service\PermissionService;
use Chamilo\CoreBundle\ServiceHelper\MailHelper; use Chamilo\CoreBundle\ServiceHelper\MailHelper;
use Chamilo\CoreBundle\ServiceHelper\PermissionServiceHelper;
use Chamilo\CoreBundle\ServiceHelper\ThemeHelper; use Chamilo\CoreBundle\ServiceHelper\ThemeHelper;
use Chamilo\CourseBundle\Entity\CGroup; use Chamilo\CourseBundle\Entity\CGroup;
use Chamilo\CourseBundle\Entity\CLp; use Chamilo\CourseBundle\Entity\CLp;
@ -6348,15 +6348,9 @@ function api_get_roles()
function api_get_user_roles(): array function api_get_user_roles(): array
{ {
$roles = [ $permissionService = Container::$container->get(PermissionServiceHelper::class);
'ROLE_TEACHER',
'ROLE_STUDENT', $roles = $permissionService->getUserRoles();
'ROLE_RRHH',
'ROLE_SESSION_MANAGER',
'ROLE_STUDENT_BOSS',
'ROLE_INVITEE',
'ROLE_USER',
];
return array_combine($roles, $roles); return array_combine($roles, $roles);
} }
@ -7484,7 +7478,7 @@ function api_protect_webservices()
*/ */
function api_get_permission(string $permissionSlug, array $roles): bool function api_get_permission(string $permissionSlug, array $roles): bool
{ {
$permissionService = Container::$container->get(PermissionService::class); $permissionService = Container::$container->get(PermissionServiceHelper::class);
return $permissionService->hasPermission($permissionSlug, $roles); return $permissionService->hasPermission($permissionSlug, $roles);
} }

29
src/CoreBundle/Controller/PermissionController.php
Unescape View File

@ -10,6 +10,7 @@ use Chamilo\CoreBundle\Entity\PermissionRelRole;
use Chamilo\CoreBundle\Form\PermissionType; use Chamilo\CoreBundle\Form\PermissionType;
use Chamilo\CoreBundle\Repository\PermissionRelRoleRepository; use Chamilo\CoreBundle\Repository\PermissionRelRoleRepository;
use Chamilo\CoreBundle\Repository\PermissionRepository; use Chamilo\CoreBundle\Repository\PermissionRepository;
use Chamilo\CoreBundle\ServiceHelper\PermissionServiceHelper;
use Doctrine\ORM\EntityManagerInterface; use Doctrine\ORM\EntityManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
@ -17,27 +18,11 @@ use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Http\Attribute\IsGranted; use Symfony\Component\Security\Http\Attribute\IsGranted;
/**
* The Permission controller manages the /permissions page to control what roles has what permission
*/
class PermissionController extends AbstractController class PermissionController extends AbstractController
{ {
public function __construct(
#[IsGranted('ROLE_ADMIN')] private PermissionServiceHelper $permissionServiceHelper
#[Route('/permissions/test', name: 'permissions_test')] ) {}
public function testPermissions(): Response
{
// Test roles and permission slug
$roles = ['ROLE_STUDENT', 'ROLE_TEACHER'];
$permissionSlug = 'analytics:view';
// Call the api_get_permission function and log the result
$hasPermission = api_get_permission($permissionSlug, $roles);
error_log('Permission check for ' . $permissionSlug . ' with roles ' . implode(', ', $roles) . ': ' . ($hasPermission ? 'true' : 'false'));
// Return a simple response for testing purposes
return new Response('<html><body>Permission check result: ' . ($hasPermission ? 'true' : 'false') . '</body></html>');
}
#[IsGranted('ROLE_ADMIN')] #[IsGranted('ROLE_ADMIN')]
#[Route('/permissions', name: 'permissions')] #[Route('/permissions', name: 'permissions')]
@ -48,14 +33,13 @@ class PermissionController extends AbstractController
EntityManagerInterface $em EntityManagerInterface $em
): Response { ): Response {
$permissions = $permissionRepo->findAll(); $permissions = $permissionRepo->findAll();
$roles = ['ROLE_INVITEE', 'ROLE_STUDENT', 'ROLE_TEACHER', 'ROLE_ADMIN', 'ROLE_SUPER_ADMIN', 'ROLE_GLOBAL_ADMIN', 'ROLE_RRHH', 'ROLE_QUESTION_MANAGER', 'ROLE_SESSION_MANAGER', 'ROLE_STUDENT_BOSS']; $roles = $this->permissionServiceHelper->getUserRoles();
if ($request->isMethod('POST')) { if ($request->isMethod('POST')) {
$data = $request->request->all('permissions'); $data = $request->request->all('permissions');
foreach ($permissions as $permission) { foreach ($permissions as $permission) {
foreach ($roles as $role) { foreach ($roles as $role) {
$checkboxValue = isset($data[$permission->getSlug()][$role]); $checkboxValue = isset($data[$permission->getSlug()][$role]);
error_log('Processing role: ' . $role . ' with value: ' . ($checkboxValue ? 'true' : 'false'));
$permRelRole = $permissionRelRoleRepo->findOneBy(['permission' => $permission, 'roleCode' => $role]); $permRelRole = $permissionRelRoleRepo->findOneBy(['permission' => $permission, 'roleCode' => $role]);
if ($checkboxValue) { if ($checkboxValue) {
@ -67,17 +51,14 @@ class PermissionController extends AbstractController
$permRelRole->setChangeable(true); $permRelRole->setChangeable(true);
$permRelRole->setUpdatedAt(new \DateTime()); $permRelRole->setUpdatedAt(new \DateTime());
$em->persist($permRelRole); $em->persist($permRelRole);
error_log('Persisting PermissionRelRole for permission: ' . $permission->getSlug() . ' and role: ' . $role);
} else { } else {
if ($permRelRole) { if ($permRelRole) {
$em->remove($permRelRole); $em->remove($permRelRole);
error_log('Removing PermissionRelRole for permission: ' . $permission->getSlug() . ' and role: ' . $role);
} }
} }
} }
} }
$em->flush(); $em->flush();
error_log('Flush complete');
return $this->redirectToRoute('permissions'); return $this->redirectToRoute('permissions');
} }

2
src/CoreBundle/Resources/config/services.yml
Unescape View File

@ -104,6 +104,6 @@ services:
Chamilo\CoreBundle\Filter\SocialWallFilter: Chamilo\CoreBundle\Filter\SocialWallFilter:
tags: [ 'api_platform.filter' ] tags: [ 'api_platform.filter' ]
Chamilo\CoreBundle\Service\PermissionService: Chamilo\CoreBundle\ServiceHelper\PermissionServiceHelper:
arguments: arguments:
$permissionRelRoleRepository: '@Chamilo\CoreBundle\Repository\PermissionRelRoleRepository' $permissionRelRoleRepository: '@Chamilo\CoreBundle\Repository\PermissionRelRoleRepository'

22
src/CoreBundle/Service/PermissionService.php → src/CoreBundle/ServiceHelper/PermissionServiceHelper.php
Unescape View File

@ -1,20 +1,28 @@
<?php <?php
declare(strict_types=1);
/* For licensing terms, see /license.txt */ /* For licensing terms, see /license.txt */
namespace Chamilo\CoreBundle\Service; declare(strict_types=1);
namespace Chamilo\CoreBundle\ServiceHelper;
use Chamilo\CoreBundle\Repository\PermissionRelRoleRepository; use Chamilo\CoreBundle\Repository\PermissionRelRoleRepository;
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
class PermissionService class PermissionServiceHelper
{ {
private PermissionRelRoleRepository $permissionRelRoleRepository; public function __construct(
private ParameterBagInterface $parameterBag,
private PermissionRelRoleRepository $permissionRelRoleRepository
) {}
public function __construct(PermissionRelRoleRepository $permissionRelRoleRepository) public function getUserRoles(): array
{ {
$this->permissionRelRoleRepository = $permissionRelRoleRepository; $roles = $this->parameterBag->get('security.role_hierarchy.roles');
return array_filter(array_keys($roles), function ($role) {
return !str_starts_with($role, 'ROLE_CURRENT_') && $role !== 'ROLE_ANONYMOUS';
});
} }
public function hasPermission(string $permissionSlug, array $roles): bool public function hasPermission(string $permissionSlug, array $roles): bool
Write Preview
Loading…
Cancel
Save