- Added requiredPermissions to the application/config/udfmasterschema.json and set them as mandatory

- Removed the private method _isAllowed from application/controllers/widgets/UDF.php
- Removed required permissions from views application/views/system/fas_udf.php and application/views/system/infocenter/zgvpruefungen.php
- Widget views application/views/widgets/checkbox, dropdown, textarea and textfield now they print the attribute disabled
- Added constant DISABLED to application/widgets/html/HTMLWidget.php
- Removed private property _requiredPermissions from application/widgets/udf/UDFWidget.php
- application/widgets/udf/UDFWidget.php does not check permissions anymore and does not store them anymore
- Added constants PERMISSION_TYPE_READ and PERMISSION_TYPE_WRITE to application/libraries/UDFLib.php
- Removed constant PERMISSION_TYPE from application/libraries/UDFLib.php
- Removed public method isAllowed from application/libraries/UDFLib.php
- Added private methods _readAllowed, _writeAllowed, _setRequiredPermissions and _setReadOnly to application/libraries/UDFLib.php
- UDFLib->displayUDFWidget now checks if permissions are declared in the UDF JSON and if the user is allowed to read and write such UDF
- UDFLib->saveUDFs now checks if the user has the permissions to write such UDF
- Now the UDFs are even displayed in read only mode
This commit is contained in:
Paolo
2021-09-07 12:13:59 +02:00
parent 0099aaadb0
commit 9c84558f5f
11 changed files with 235 additions and 162 deletions
+1 -14
View File
@@ -26,9 +26,6 @@ class UDF extends FHC_Controller
// Loads the UDFLib with HTTP GET/POST parameters
$this->_loadUDFLib();
// Checks if the caller is allow to use this UDF widget
$this->_isAllowed();
}
//------------------------------------------------------------------------------------------------------------------
@@ -63,17 +60,6 @@ class UDF extends FHC_Controller
//------------------------------------------------------------------------------------------------------------------
// Private methods
/**
* Checks if the user is allowed to use this UDFWidget
*/
private function _isAllowed()
{
if (!$this->udflib->isAllowed())
{
$this->terminateWithJsonError('You are not allowed to access to this content');
}
}
/**
* Loads the UDFLib with the UDF_UNIQUE_ID parameter
* If the parameter UDF_UNIQUE_ID is not given then the execution of the controller is terminated and
@@ -105,3 +91,4 @@ class UDF extends FHC_Controller
}
}
}