Skip to content
Snippets Groups Projects
Commit 89c0d798 authored by Peter Rotich's avatar Peter Rotich
Browse files

fixes: Review

Key permissions definition array
Move canned and faq permissions to their respective classes.
parent 8c1445f7
No related branches found
No related tags found
No related merge requests found
Showing
with 82 additions and 44 deletions
......@@ -55,7 +55,7 @@ class KbaseAjaxAPI extends AjaxController {
$faq->getId(),
$faq->getNumAttachments());
if($thisstaff
&& $thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ)) {
&& $thisstaff->getRole()->hasPerm(FAQ::PERM_MANAGE)) {
$resp.=sprintf(' | <a href="faq.php?id=%d&a=edit">'.__('Edit').'</a>',$faq->getId());
}
......
......@@ -15,6 +15,25 @@
**********************************************************************/
include_once(INCLUDE_DIR.'class.file.php');
class CannedModel {
const PERM_MANAGE = 'canned.manage';
static protected $perms = array(
self::PERM_MANAGE => array(
'title' =>
/* @trans */ 'Premade',
'desc' =>
/* @trans */ 'Ability to add/update/disable/delete canned responses')
);
static function getPermissions() {
return self::$perms;
}
}
RolePermission::register( /* @trans */ 'Knowledgebase', CannedModel::getPermissions());
class Canned {
var $id;
var $ht;
......
......@@ -39,7 +39,9 @@ class EmailModel extends VerySimpleModel {
static protected $perms = array(
self::PERM_BANLIST => array(
'title' =>
/* @trans */ 'Banlist',
'desc' =>
/* @trans */ 'Ability to add/remove emails from banlist via ticket interface'),
);
......
......@@ -46,6 +46,16 @@ class FAQ extends VerySimpleModel {
),
);
const PERM_MANAGE = 'faq.manage';
static protected $perms = array(
self::PERM_MANAGE => array(
'title' =>
/* @trans */ 'FAQ',
'desc' =>
/* @trans */ 'Ability to add/update/disable/delete knowledgebase categories and FAQs'),
);
var $attachments;
var $topics;
var $_local;
......@@ -481,8 +491,14 @@ class FAQ extends VerySimpleModel {
$this->updated = SqlFunction::NOW();
return parent::save($refetch || $this->dirty);
}
static function getPermissions() {
return self::$perms;
}
}
FAQ::_inspect();
RolePermission::register( /* @trans */ 'Knowledgebase',
FAQ::getPermissions());
class FaqTopic extends VerySimpleModel {
......
......@@ -15,27 +15,6 @@
**********************************************************************/
require_once("class.file.php");
class KnowledgebaseModel {
const PERM_PREMADE = 'kb.premade';
const PERM_FAQ = 'kb.faq';
static protected $perms = array(
self::PERM_PREMADE => array(
/* @trans */ 'Premade',
/* @trans */ 'Ability to add/update/disable/delete canned responses'),
self::PERM_FAQ => array(
/* @trans */ 'FAQ',
/* @trans */ 'Ability to add/update/disable/delete knowledgebase categories and FAQs'),
);
static function getPermissions() {
return self::$perms;
}
}
RolePermission::register( /* @trans */ 'Knowledgebase', KnowledgebaseModel::getPermissions());
class Knowledgebase {
function Knowledgebase($id) {
......
......@@ -161,9 +161,9 @@ class StaffNav {
case 'kbase':
$subnav[]=array('desc'=>__('FAQs'),'href'=>'kb.php', 'urls'=>array('faq.php'), 'iconclass'=>'kb');
if($staff) {
if ($staff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ))
if ($staff->getRole()->hasPerm(FAQ::PERM_MANAGE))
$subnav[]=array('desc'=>__('Categories'),'href'=>'categories.php','iconclass'=>'faq-categories');
if ($staff->getRole()->hasPerm(KnowledgebaseModel::PERM_PREMADE))
if ($staff->getRole()->hasPerm(CannedModel::PERM_MANAGE))
$subnav[]=array('desc'=>__('Canned Responses'),'href'=>'canned.php','iconclass'=>'canned');
}
break;
......
......@@ -466,5 +466,4 @@ Filter::addSupportedMatches(/*@trans*/ 'Organization Data', function() {
}
return $matches;
},40);
Organization::_inspect();
?>
......@@ -6,7 +6,9 @@ class ReportModel {
static protected $perms = array(
self::PERM_AGENTS => array(
'title' =>
/* @trans */ 'Stats',
'desc' =>
/* @trans */ 'Ability to view stats of other agents in allowed departments'),
);
......
......@@ -313,10 +313,4 @@ class RolePermission {
static::$_permissions[$group] ?: array(), $perms);
}
}
// Classes that might need to register roles permissions
include_once INCLUDE_DIR.'class.knowledgebase.php';
include_once INCLUDE_DIR.'class.email.php';
include_once INCLUDE_DIR.'class.report.php';
?>
......@@ -41,22 +41,34 @@ class TaskModel extends VerySimpleModel {
static protected $perms = array(
self::PERM_CREATE => array(
'title' =>
/* @trans */ 'Create',
'desc' =>
/* @trans */ 'Ability to create tasks'),
self::PERM_EDIT => array(
'title' =>
/* @trans */ 'Edit',
'desc' =>
/* @trans */ 'Ability to edit tasks'),
self::PERM_ASSIGN => array(
'title' =>
/* @trans */ 'Assign',
'desc' =>
/* @trans */ 'Ability to assign tasks to agents or teams'),
self::PERM_TRANSFER => array(
'title' =>
/* @trans */ 'Transfer',
'desc' =>
/* @trans */ 'Ability to transfer tasks between departments'),
self::PERM_CLOSE => array(
'title' =>
/* @trans */ 'Close',
'desc' =>
/* @trans */ 'Ability to close tasks'),
self::PERM_DELETE => array(
'title' =>
/* @trans */ 'Delete',
'desc' =>
/* @trans */ 'Ability to delete tasks'),
);
......
......@@ -97,25 +97,40 @@ class TicketModel extends VerySimpleModel {
static protected $perms = array(
self::PERM_CREATE => array(
'title' =>
/* @trans */ 'Create',
'desc' =>
/* @trans */ 'Ability to open tickets on behalf of users'),
self::PERM_EDIT => array(
'title' =>
/* @trans */ 'Edit',
'desc' =>
/* @trans */ 'Ability to edit tickets'),
self::PERM_ASSIGN => array(
'title' =>
/* @trans */ 'Assign',
'desc' =>
/* @trans */ 'Ability to assign tickets to agents or teams'),
self::PERM_TRANSFER => array(
'title' =>
/* @trans */ 'Transfer',
'desc' =>
/* @trans */ 'Ability to transfer tickets between departments'),
self::PERM_REPLY => array(
'title' =>
/* @trans */ 'Post Reply',
'desc' =>
/* @trans */ 'Ability to post a ticket reply'),
self::PERM_CLOSE => array(
'title' =>
/* @trans */ 'Close',
'desc' =>
/* @trans */ 'Ability to close tickets'),
self::PERM_DELETE => array(
'title' =>
/* @trans */ 'Delete',
'desc' =>
/* @trans */ 'Ability to delete tickets'),
);
......
<?php
if (!defined('OSTSCPINC') || !$thisstaff
|| !$thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ))
|| !$thisstaff->getRole()->hasPerm(FAQ::PERM_MANAGE))
die('Access Denied');
$info=array();
......
......@@ -17,7 +17,7 @@ if(!defined('OSTSTAFFINC') || !$category || !$thisstaff) die('Access Denied');
<?php echo Format::display($category->getDescription()); ?>
</div>
<?php
if ($thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ)) {
if ($thisstaff->getRole()->hasPerm(FAQ::PERM_MANAGE)) {
echo sprintf('<div class="cat-manage-bar"><a href="categories.php?id=%d" class="Icon editCategory">'.__('Edit Category').'</a>
<a href="categories.php" class="Icon deleteCategory">'.__('Delete Category').'</a>
<a href="faq.php?cid=%d&a=add" class="Icon newFAQ">'.__('Add New FAQ').'</a></div>',
......
......@@ -79,7 +79,7 @@ $query = http_build_query($query); ?>
echo __('Print'); ?>
</a></button>
<?php
if ($thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ)) { ?>
if ($thisstaff->getRole()->hasPerm(FAQ::PERM_MANAGE)) { ?>
<button>
<i class="icon-edit"></i>
<a href="faq.php?id=<?php echo $faq->getId(); ?>&a=edit"><?php
......@@ -104,7 +104,7 @@ if ($thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ)) { ?>
<hr>
<?php
if ($thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ)) { ?>
if ($thisstaff->getRole()->hasPerm(FAQ::PERM_MANAGE)) { ?>
<form action="faq.php?id=<?php echo $faq->getId(); ?>" method="post">
<?php csrf_token(); ?>
<input type="hidden" name="do" value="manage-faq">
......
<?php
if (!defined('OSTSCPINC') || !$thisstaff
|| !$thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ))
|| !$thisstaff->getRole()->hasPerm(FAQ::PERM_MANAGE))
die('Access Denied');
$info=array();
......
......@@ -98,8 +98,8 @@ $info = Format::htmlchars(($errors && $_POST) ? array_merge($info, $_POST) : $in
&nbsp;&nbsp;
<?php
echo sprintf('%s - <em>%s</em>',
Format::htmlchars(__($v[0])),
Format::htmlchars(__($v[1])));
Format::htmlchars(__($v['title'])),
Format::htmlchars(__($v['desc'])));
?>
</label>
</td>
......
......@@ -11,8 +11,8 @@ class GroupRoles extends MigrationTask {
'can_assign_tickets' => 'ticket.assign',
'can_transfer_tickets' => 'ticket.transfer',
'can_ban_emails' => 'emails.banlist',
'can_manage_premade' => 'kb.premade',
'can_manage_faq' => 'kb.faq',
'can_manage_premade' => 'canned.manage',
'can_manage_faq' => 'faq.manage',
'can_view_staff_stats' => 'stats.agents',
);
......
......@@ -19,7 +19,7 @@ include_once(INCLUDE_DIR.'class.canned.php');
/* check permission */
if(!$thisstaff
||
!$thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_PREMADE)) {
!$thisstaff->getRole()->hasPerm(CannedModel::PERM_MANAGE)) {
header('Location: kb.php');
exit;
}
......
......@@ -18,7 +18,7 @@ include_once(INCLUDE_DIR.'class.category.php');
/* check permission */
if(!$thisstaff ||
!$thisstaff->getRole()->hasPerm(KnowledgebaseModel::PERM_FAQ)) {
!$thisstaff->getRole()->hasPerm(FAQ::PERM_MANAGE)) {
header('Location: kb.php');
exit;
}
......
......@@ -35,5 +35,5 @@ $nav->setTabActive('emails', 'emailsettings.php');
require_once(STAFFINC_DIR.'header.inc.php');
include_once(STAFFINC_DIR.$inc);
include_once(STAFFINC_DIR.'footer.inc.php');
?>
?>
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment