Public-Repositories/contao-leaflet-maps
1
0
Fork 0
forked from Snck3rs/contao-leaflet-maps
Code Pull Requests Activity

Implement permission check for icons, popups and styles.

Browse Source
This commit is contained in:
David Molineus
2018-12-05 11:15:37 +01:00
parent d7fbc361d7
commit f2959b2df0
10 changed files with 386 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Bundle/Resources/config/layers.yml
View File

@@ -32,7 +32,7 @@ parameters:
markercluster:
children: true
icon: 'bundles/netzmachtcontaoleaflet/img/markercluster.png'
icon: 'bundles/netzmachtcontaoleaflet/img/cluster.png'
tile:
children: false

15
src/Bundle/Resources/config/listeners.yml
View File

@@ -76,14 +76,22 @@ services:
class: Netzmacht\Contao\Leaflet\Listener\Dca\IconDcaListener
public: true
arguments:
- '@netzmacht.contao_toolkit.contao.backend_user'
- '%netzmacht.contao_leaflet.icons%'
netzmacht.contao_leaflet.listeners.dca.style:
class: Netzmacht\Contao\Leaflet\Listener\Dca\StyleDcaListener
public: true
arguments:
- '@netzmacht.contao_toolkit.contao.backend_user'
- '%netzmacht.contao_leaflet.styles%'
-
netzmacht.contao_leaflet.listeners.dca.popup:
class: Netzmacht\Contao\Leaflet\Listener\Dca\PopupDcaListener
public: true
arguments:
- '@netzmacht.contao_toolkit.contao.backend_user'
netzmacht.contao_leaflet.listeners.dca.user:
class: Netzmacht\Contao\Leaflet\Listener\Dca\UserDcaListener
public: true
@@ -102,6 +110,11 @@ services:
- '@translator'
- '%netzmacht.contao_leaflet.layers%'
Netzmacht\Contao\Leaflet\Listener\Dca\OperationsListener:
public: true
arguments:
- '@netzmacht.contao_toolkit.contao.backend_user'
netzmacht.contao_leaflet.listeners.geo_json_listener:
class: Netzmacht\Contao\Leaflet\Listener\GeoJsonListener
arguments:

24
src/Bundle/Resources/contao/dca/tl_leaflet_icon.php
View File

@@ -10,6 +10,8 @@
* @filesource
*/
use Netzmacht\Contao\Leaflet\Listener\Dca\OperationsListener;
$GLOBALS['TL_DCA']['tl_leaflet_icon'] = [
'config' => [
'dataContainer' => 'Table',
@@ -20,6 +22,9 @@ $GLOBALS['TL_DCA']['tl_leaflet_icon'] = [
'alias' => 'unique',
],
],
'onload_callback' => [
['netzmacht.contao_leaflet.listeners.dca.icon', 'checkPermission'],
],
'onsubmit_callback' => [
['netzmacht.contao_leaflet.listeners.dca.leaflet', 'clearCache'],
],
@@ -45,16 +50,19 @@ $GLOBALS['TL_DCA']['tl_leaflet_icon'] = [
'attributes' => 'onclick="Backend.getScrollOffset();" accesskey="e"',
],
'styles' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_icon']['styles'],
'href' => 'table=tl_leaflet_style',
'icon' => 'bundles/netzmachtcontaoleaflet/img/style.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_icon']['styles'],
'href' => 'table=tl_leaflet_style',
'icon' => 'bundles/netzmachtcontaoleaflet/img/style.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'styleOperation'],
],
'popups' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_icon']['popups'],
'href' => 'table=tl_leaflet_popup',
'icon' => 'bundles/netzmachtcontaoleaflet/img/popup.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_icon']['popups'],
'href' => 'table=tl_leaflet_popup',
'icon' => 'bundles/netzmachtcontaoleaflet/img/popup.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'popupOperation'],
],
'all' => [
'label' => &$GLOBALS['TL_LANG']['MSC']['all'],

55
src/Bundle/Resources/contao/dca/tl_leaflet_layer.php
View File

@@ -10,6 +10,8 @@
* @filesource
*/
use Netzmacht\Contao\Leaflet\Listener\Dca\OperationsListener;
$GLOBALS['TL_DCA']['tl_leaflet_layer'] = [
'config' => [
'dataContainer' => 'Table',
@@ -48,22 +50,25 @@ $GLOBALS['TL_DCA']['tl_leaflet_layer'] = [
],
'global_operations' => [
'styles' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['styles'],
'href' => 'table=tl_leaflet_style',
'icon' => 'bundles/netzmachtcontaoleaflet/img/style.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['styles'],
'href' => 'table=tl_leaflet_style',
'icon' => 'bundles/netzmachtcontaoleaflet/img/style.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'styleOperation'],
],
'icons' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['icons'],
'href' => 'table=tl_leaflet_icon',
'icon' => 'bundles/netzmachtcontaoleaflet/img/icons.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['icons'],
'href' => 'table=tl_leaflet_icon',
'icon' => 'bundles/netzmachtcontaoleaflet/img/icons.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'iconOperation'],
],
'popups' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['popups'],
'href' => 'table=tl_leaflet_popup',
'icon' => 'bundles/netzmachtcontaoleaflet/img/popup.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['popups'],
'href' => 'table=tl_leaflet_popup',
'icon' => 'bundles/netzmachtcontaoleaflet/img/popup.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'popupOperation'],
],
'all' => [
'label' => &$GLOBALS['TL_LANG']['MSC']['all'],
@@ -235,9 +240,9 @@ $GLOBALS['TL_DCA']['tl_leaflet_layer'] = [
'MapBox' => ['tile_provider_key'],
'HERE' => ['tile_provider_key', 'tile_provider_code'],
],
'fileFormat' => [
'!' => ['file']
]
'fileFormat' => [
'!' => ['file'],
],
],
'metasubpalettes' => [
@@ -864,7 +869,7 @@ $GLOBALS['TL_DCA']['tl_leaflet_layer'] = [
],
'sql' => 'mediumtext NULL',
],
'fileFormat' => [
'fileFormat' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['fileFormat'],
'exclude' => true,
'inputType' => 'select',
@@ -882,19 +887,19 @@ $GLOBALS['TL_DCA']['tl_leaflet_layer'] = [
'sql' => "varchar(32) NOT NULL default ''",
],
'file' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['file'],
'exclude' => true,
'inputType' => 'fileTree',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_layer']['file'],
'exclude' => true,
'inputType' => 'fileTree',
'load_callback' => [
['netzmacht.contao_leaflet.listeners.dca.layer', 'prepareFileWidget'],
],
'eval' => [
'filesOnly' => true,
'fieldType' => 'radio',
'mandatory' => true,
'tl_class' => 'clr',
'eval' => [
'filesOnly' => true,
'fieldType' => 'radio',
'mandatory' => true,
'tl_class' => 'clr',
],
'sql' => 'binary(16) NULL',
'sql' => 'binary(16) NULL',
],
],
];

23
src/Bundle/Resources/contao/dca/tl_leaflet_popup.php
View File

@@ -10,6 +10,8 @@
* @filesource
*/
use Netzmacht\Contao\Leaflet\Listener\Dca\OperationsListener;
$GLOBALS['TL_DCA']['tl_leaflet_popup'] = [
'config' => [
'dataContainer' => 'Table',
@@ -20,6 +22,9 @@ $GLOBALS['TL_DCA']['tl_leaflet_popup'] = [
'alias' => 'unique',
],
],
'onload_callback' => [
['netzmacht.contao_leaflet.listeners.dca.popup', 'checkPermission'],
],
'onsubmit_callback' => [
['netzmacht.contao_leaflet.listeners.dca.leaflet', 'clearCache'],
],
@@ -45,16 +50,18 @@ $GLOBALS['TL_DCA']['tl_leaflet_popup'] = [
'attributes' => 'onclick="Backend.getScrollOffset();" accesskey="e"',
],
'styles' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_popup']['styles'],
'href' => 'table=tl_leaflet_style',
'icon' => 'bundles/netzmachtcontaoleaflet/img/style.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_popup']['styles'],
'href' => 'table=tl_leaflet_style',
'icon' => 'bundles/netzmachtcontaoleaflet/img/style.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'styleOperation'],
],
'icons' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_popup']['icons'],
'href' => 'table=tl_leaflet_icon',
'icon' => 'bundles/netzmachtcontaoleaflet/img/icons.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_popup']['icons'],
'href' => 'table=tl_leaflet_icon',
'icon' => 'bundles/netzmachtcontaoleaflet/img/icons.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'iconOperation'],
],
'all' => [
'label' => &$GLOBALS['TL_LANG']['MSC']['all'],

23
src/Bundle/Resources/contao/dca/tl_leaflet_style.php
View File

@@ -10,6 +10,8 @@
* @filesource
*/
use Netzmacht\Contao\Leaflet\Listener\Dca\OperationsListener;
$GLOBALS['TL_DCA']['tl_leaflet_style'] = [
'config' => [
'dataContainer' => 'Table',
@@ -20,6 +22,9 @@ $GLOBALS['TL_DCA']['tl_leaflet_style'] = [
'alias' => 'unique',
],
],
'onload_callback' => [
['netzmacht.contao_leaflet.listeners.dca.style', 'checkPermission'],
],
'onsubmit_callback' => [
['netzmacht.contao_leaflet.listeners.dca.leaflet', 'clearCache'],
],
@@ -45,16 +50,18 @@ $GLOBALS['TL_DCA']['tl_leaflet_style'] = [
'attributes' => 'onclick="Backend.getScrollOffset();" accesskey="e"',
],
'icons' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_style']['icons'],
'href' => 'table=tl_leaflet_icon',
'icon' => 'bundles/netzmachtcontaoleaflet/img/icons.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_style']['icons'],
'href' => 'table=tl_leaflet_icon',
'icon' => 'bundles/netzmachtcontaoleaflet/img/icons.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'iconOperation'],
],
'popups' => [
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_style']['popups'],
'href' => 'table=tl_leaflet_popup',
'icon' => 'bundles/netzmachtcontaoleaflet/img/popup.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'label' => &$GLOBALS['TL_LANG']['tl_leaflet_style']['popups'],
'href' => 'table=tl_leaflet_popup',
'icon' => 'bundles/netzmachtcontaoleaflet/img/popup.png',
'attributes' => 'onclick="Backend.getScrollOffset();"',
'button_callback' => [OperationsListener::class, 'popupOperation'],
],
'all' => [
'label' => &$GLOBALS['TL_LANG']['MSC']['all'],

35
src/Listener/Dca/IconDcaListener.php
View File

@@ -14,6 +14,10 @@ declare(strict_types=1);
namespace Netzmacht\Contao\Leaflet\Listener\Dca;
use Contao\BackendUser;
use Contao\CoreBundle\Exception\AccessDeniedException;
use Netzmacht\Contao\Leaflet\Model\IconModel;
/**
* Class IconDcaListener.
*
@@ -21,6 +25,13 @@ namespace Netzmacht\Contao\Leaflet\Listener\Dca;
*/
class IconDcaListener
{
/**
* Contao backend user.
*
* @var BackendUser
*/
private $user;
/**
* Icon type options.
*
@@ -31,13 +42,33 @@ class IconDcaListener
/**
* IconDcaListener constructor.
*
* @param array $icons Icon type options.
* @param BackendUser $user Backend user.
* @param array $icons Icon type options.
*/
public function __construct(array $icons)
public function __construct(BackendUser $user, array $icons)
{
$this->user = $user;
$this->icons = $icons;
}
/**
* Check the permission.
*
* @return void
*
* @throws AccessDeniedException If user has not the permission.
*/
public function checkPermission(): void
{
if ($this->user->hasAccess(IconModel::getTable(), 'leaflet_tables')) {
return;
}
throw new AccessDeniedException(
sprintf('Access denied to "%s" for user "%s"', IconModel::getTable(), $this->user->id)
);
}
/**
* Get icon options.
*

169
src/Listener/Dca/OperationsListener.php Normal file
View File

@@ -0,0 +1,169 @@
<?php
/**
* Leaflet maps for Contao CMS.
*
* @package contao-leaflet-maps
* @author David Molineus <david.molineus@netzmacht.de>
* @copyright 2014-2018 netzmacht David Molineus. All rights reserved.
* @license LGPL-3.0 https://github.com/netzmacht/contao-leaflet-maps/blob/master/LICENSE
* @filesource
*/
declare(strict_types=1);
namespace Netzmacht\Contao\Leaflet\Listener\Dca;
use Contao\Backend;
use Contao\BackendUser;
use Netzmacht\Contao\Leaflet\Model\IconModel;
use Netzmacht\Contao\Leaflet\Model\PopupModel;
use Netzmacht\Contao\Leaflet\Model\StyleModel;
/**
* Class OperationsListener
*/
final class OperationsListener
{
/**
* Backend user.
*
* @var BackendUser
*/
private $user;
/**
* OperationsListener constructor.
*
* @param BackendUser $user Backend user.
*/
public function __construct(BackendUser $user)
{
$this->user = $user;
}
/**
* Generate the style operation.
*
* @param string $href Button link.
* @param string $label Button label.
* @param string $title Button title.
* @param string $class Button icon class.
* @param string $attributes Html attributes.
*
* @return string
*/
public function styleOperation(
string $href,
string $label,
string $title,
string $class,
string $attributes
): string {
return $this->renderIfPermissionIsGranted(StyleModel::getTable(), $href, $label, $title, $class, $attributes);
}
/**
* Generate the icon operation.
*
* @param string $href Button link.
* @param string $label Button label.
* @param string $title Button title.
* @param string $class Button icon class.
* @param string $attributes Html attributes.
*
* @return string
*/
public function iconOperation(
string $href,
string $label,
string $title,
string $class,
string $attributes
): string {
return $this->renderIfPermissionIsGranted(IconModel::getTable(), $href, $label, $title, $class, $attributes);
}
/**
* Generate the popup operation.
*
* @param string $href Button link.
* @param string $label Button label.
* @param string $title Button title.
* @param string $class Button icon class.
* @param string $attributes Html attributes.
*
* @return string
*/
public function popupOperation(
string $href,
string $label,
string $title,
string $class,
string $attributes
): string {
return $this->renderIfPermissionIsGranted(PopupModel::getTable(), $href, $label, $title, $class, $attributes);
}
/**
* Check if user has permission to access the leaflet table.
*
* @param string $permission The table permission.
*
* @return bool
*/
private function hasPermission(string $permission): bool
{
return (bool) $this->user->hasAccess($permission, 'leaflet_tables');
}
/**
* Generate the style operation.
*
* @param string $permission Table permission to check.
* @param string $href Button link.
* @param string $label Button label.
* @param string $title Button title.
* @param string $class Button icon class.
* @param string $attributes Html attributes.
*
* @return string
*/
private function renderIfPermissionIsGranted(
string $permission,
string $href,
string $label,
string $title,
string $class,
string $attributes
): string {
if ($this->hasPermission($permission)) {
return $this->render($href, $label, $title, $class, $attributes);
}
return '';
}
/**
* Render a button.
*
* @param string $href Button link.
* @param string $label Button label.
* @param string $title Button title.
* @param string $class Button icon class.
* @param string $attributes Html attributes.
*
* @return string
*/
private function render(string $href, string $label, string $title, string $class, string $attributes): string
{
return sprintf(
' <a href="%s" title="%s" class="%s" %s>%s</a>',
Backend::addToUrl($href),
$title,
$class,
$attributes,
$label
);
}
}

60
src/Listener/Dca/PopupDcaListener.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
/**
* Leaflet maps for Contao CMS.
*
* @package contao-leaflet-maps
* @author David Molineus <david.molineus@netzmacht.de>
* @copyright 2014-2018 netzmacht David Molineus. All rights reserved.
* @license LGPL-3.0 https://github.com/netzmacht/contao-leaflet-maps/blob/master/LICENSE
* @filesource
*/
declare(strict_types=1);
namespace Netzmacht\Contao\Leaflet\Listener\Dca;
use Contao\BackendUser;
use Contao\CoreBundle\Exception\AccessDeniedException;
use Netzmacht\Contao\Leaflet\Model\PopupModel;
/**
* Class PopupDcaListener
*/
final class PopupDcaListener
{
/**
* Backend user.
*
* @var BackendUser
*/
private $user;
/**
* PopupDcaListener constructor.
*
* @param BackendUser $user Backend user.
*/
public function __construct(BackendUser $user)
{
$this->user = $user;
}
/**
* Check the permission.
*
* @return void
*
* @throws AccessDeniedException If user has not the permission.
*/
public function checkPermission(): void
{
if ($this->user->hasAccess(PopupModel::getTable(), 'leaflet_tables')) {
return;
}
throw new AccessDeniedException(
sprintf('Access denied to "%s" for user "%s"', PopupModel::getTable(), $this->user->id)
);
}
}

35
src/Listener/Dca/StyleDcaListener.php
View File

@@ -14,6 +14,10 @@ declare(strict_types=1);
namespace Netzmacht\Contao\Leaflet\Listener\Dca;
use Contao\BackendUser;
use Contao\CoreBundle\Exception\AccessDeniedException;
use Netzmacht\Contao\Leaflet\Model\StyleModel;
/**
* Class StyleDcaListener.
*
@@ -21,6 +25,13 @@ namespace Netzmacht\Contao\Leaflet\Listener\Dca;
*/
class StyleDcaListener
{
/**
* Backend user.
*
* @var BackendUser
*/
private $user;
/**
* Style type options.
*
@@ -31,11 +42,31 @@ class StyleDcaListener
/**
* StyleDcaListener constructor.
*
* @param array $styles Styles options.
* @param BackendUser $user Backend user.
* @param array $styles Styles options.
*/
public function __construct(array $styles)
public function __construct(BackendUser $user, array $styles)
{
$this->icons = $styles;
$this->user = $user;
}
/**
* Check the permission.
*
* @return void
*
* @throws AccessDeniedException If user has not the permission.
*/
public function checkPermission(): void
{
if ($this->user->hasAccess(StyleModel::getTable(), 'leaflet_tables')) {
return;
}
throw new AccessDeniedException(
sprintf('Access denied to "%s" for user "%s"', StyleModel::getTable(), $this->user->id)
);
}
/**