diff options
-rw-r--r-- | app/Controller/Project.php | 26 | ||||
-rw-r--r-- | app/Locales/da_DK/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/de_DE/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/es_ES/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/fi_FI/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/fr_FR/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/it_IT/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/ja_JP/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/pl_PL/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/pt_BR/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/ru_RU/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/sv_SE/translations.php | 2 | ||||
-rw-r--r-- | app/Locales/zh_CN/translations.php | 2 | ||||
-rw-r--r-- | app/Model/ProjectPermission.php | 71 | ||||
-rw-r--r-- | app/Model/User.php | 11 | ||||
-rw-r--r-- | app/Schema/Mysql.php | 7 | ||||
-rw-r--r-- | app/Schema/Postgres.php | 7 | ||||
-rw-r--r-- | app/Schema/Sqlite.php | 7 | ||||
-rw-r--r-- | app/Templates/project_users.php | 75 | ||||
-rw-r--r-- | assets/css/app.css | 1 | ||||
-rw-r--r-- | tests/units/ProjectPermissionTest.php | 26 |
21 files changed, 212 insertions, 43 deletions
diff --git a/app/Controller/Project.php b/app/Controller/Project.php index a4ebdbc0..2b0258d5 100644 --- a/app/Controller/Project.php +++ b/app/Controller/Project.php @@ -184,6 +184,30 @@ class Project extends Base } /** + * Allow everybody + * + * @access public + */ + public function allowEverybody() + { + $project = $this->getProjectManagement(); + $values = $this->request->getValues() + array('is_everybody_allowed' => 0); + list($valid,) = $this->projectPermission->validateProjectModification($values); + + if ($valid) { + + if ($this->project->update($values)) { + $this->session->flash(t('Project updated successfully.')); + } + else { + $this->session->flashError(t('Unable to update this project.')); + } + } + + $this->response->redirect('?controller=project&action=users&project_id='.$project['id']); + } + + /** * Allow a specific user (admin only) * * @access public @@ -191,7 +215,7 @@ class Project extends Base public function allow() { $values = $this->request->getValues(); - list($valid,) = $this->projectPermission->validateModification($values); + list($valid,) = $this->projectPermission->validateUserModification($values); if ($valid) { diff --git a/app/Locales/da_DK/translations.php b/app/Locales/da_DK/translations.php index 210876ce..3032b6cf 100644 --- a/app/Locales/da_DK/translations.php +++ b/app/Locales/da_DK/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/de_DE/translations.php b/app/Locales/de_DE/translations.php index e8f4f53f..5f860c44 100644 --- a/app/Locales/de_DE/translations.php +++ b/app/Locales/de_DE/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/es_ES/translations.php b/app/Locales/es_ES/translations.php index ffaeaf2d..d24cdfcf 100644 --- a/app/Locales/es_ES/translations.php +++ b/app/Locales/es_ES/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/fi_FI/translations.php b/app/Locales/fi_FI/translations.php index 1c1b3439..4811b832 100644 --- a/app/Locales/fi_FI/translations.php +++ b/app/Locales/fi_FI/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/fr_FR/translations.php b/app/Locales/fr_FR/translations.php index 5809ef69..4f19ebd1 100644 --- a/app/Locales/fr_FR/translations.php +++ b/app/Locales/fr_FR/translations.php @@ -549,4 +549,6 @@ return array( 'Activity stream' => 'Flux d\'activité', 'Dashboard' => 'Tableau de bord', 'Confirmation' => 'Confirmation', + 'Allow everybody to access to this project' => 'Autoriser tout le monde à accéder à ce projet', + 'Everybody have access to this project.' => 'Tout le monde a acccès à ce projet.', ); diff --git a/app/Locales/it_IT/translations.php b/app/Locales/it_IT/translations.php index d933d5c7..4d2cfc91 100644 --- a/app/Locales/it_IT/translations.php +++ b/app/Locales/it_IT/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/ja_JP/translations.php b/app/Locales/ja_JP/translations.php index 210c476b..6b6c795d 100644 --- a/app/Locales/ja_JP/translations.php +++ b/app/Locales/ja_JP/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/pl_PL/translations.php b/app/Locales/pl_PL/translations.php index 6f6732d6..1ca201c1 100644 --- a/app/Locales/pl_PL/translations.php +++ b/app/Locales/pl_PL/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/pt_BR/translations.php b/app/Locales/pt_BR/translations.php index 0a5b2e28..9bfc9cb3 100644 --- a/app/Locales/pt_BR/translations.php +++ b/app/Locales/pt_BR/translations.php @@ -549,4 +549,6 @@ return array( // 'Activity stream' => '', // 'Dashboard' => '', // 'Confirmation' => '', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/ru_RU/translations.php b/app/Locales/ru_RU/translations.php index dc9dc9ba..9d236947 100644 --- a/app/Locales/ru_RU/translations.php +++ b/app/Locales/ru_RU/translations.php @@ -549,4 +549,6 @@ return array( 'Activity stream' => 'Текущая активность', 'Dashboard' => 'Инфопанель', 'Confirmation' => 'Подтверждение пароля', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/sv_SE/translations.php b/app/Locales/sv_SE/translations.php index 3ed8557a..71e03090 100644 --- a/app/Locales/sv_SE/translations.php +++ b/app/Locales/sv_SE/translations.php @@ -549,4 +549,6 @@ return array( 'Activity stream' => 'Aktivitetsström', 'Dashboard' => 'Instrumentpanel', 'Confirmation' => 'Bekräftelse', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Locales/zh_CN/translations.php b/app/Locales/zh_CN/translations.php index 38f2fee5..fbaef229 100644 --- a/app/Locales/zh_CN/translations.php +++ b/app/Locales/zh_CN/translations.php @@ -549,4 +549,6 @@ return array( 'Activity stream' => '活动流', 'Dashboard' => '面板', 'Confirmation' => '确认', + // 'Allow everybody to access to this project' => '', + // 'Everybody have access to this project.' => '', ); diff --git a/app/Model/ProjectPermission.php b/app/Model/ProjectPermission.php index b4466c20..fb9847b5 100644 --- a/app/Model/ProjectPermission.php +++ b/app/Model/ProjectPermission.php @@ -53,6 +53,22 @@ class ProjectPermission extends Base */ public function getAllowedUsers($project_id) { + if ($this->isEverybodyAllowed($project_id)) { + return $this->user->getList(); + } + + return $this->getAssociatedUsers($project_id); + } + + /** + * Get a list of people associated to the project + * + * @access public + * @param integer $project_id Project id + * @return array + */ + public function getAssociatedUsers($project_id) + { $users = $this->db ->table(self::TABLE) ->join(User::TABLE, 'id', 'user_id') @@ -61,15 +77,7 @@ class ProjectPermission extends Base ->columns(User::TABLE.'.id', User::TABLE.'.username', User::TABLE.'.name') ->findAll(); - $result = array(); - - foreach ($users as $user) { - $result[$user['id']] = $user['name'] ?: $user['username']; - } - - asort($result); - - return $result; + return $this->user->prepareList($users); } /** @@ -146,6 +154,10 @@ class ProjectPermission extends Base return true; } + if ($this->isEverybodyAllowed($project_id)) { + return true; + } + return (bool) $this->db ->table(self::TABLE) ->eq('project_id', $project_id) @@ -154,6 +166,22 @@ class ProjectPermission extends Base } /** + * Return true if everybody is allowed for the project + * + * @access public + * @param integer $project_id Project id + * @return bool + */ + public function isEverybodyAllowed($project_id) + { + return (bool) $this->db + ->table(Project::TABLE) + ->eq('id', $project_id) + ->eq('is_everybody_allowed', 1) + ->count(); + } + + /** * Check if a specific user is allowed to manage a project * * @access public @@ -223,13 +251,13 @@ class ProjectPermission extends Base } /** - * Validate allowed users + * Validate allow user * * @access public * @param array $values Form values * @return array $valid, $errors [0] = Success or not, [1] = List of errors */ - public function validateModification(array $values) + public function validateUserModification(array $values) { $v = new Validator($values, array( new Validators\Required('project_id', t('The project id is required')), @@ -243,4 +271,25 @@ class ProjectPermission extends Base $v->getErrors() ); } + + /** + * Validate allow everybody + * + * @access public + * @param array $values Form values + * @return array $valid, $errors [0] = Success or not, [1] = List of errors + */ + public function validateProjectModification(array $values) + { + $v = new Validator($values, array( + new Validators\Required('id', t('The project id is required')), + new Validators\Integer('id', t('This value must be an integer')), + new Validators\Integer('is_everybody_allowed', t('This value must be an integer')), + )); + + return array( + $v->execute(), + $v->getErrors() + ); + } } diff --git a/app/Model/User.php b/app/Model/User.php index 33bd6720..9544f3c9 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -151,7 +151,18 @@ class User extends Base public function getList() { $users = $this->db->table(self::TABLE)->columns('id', 'username', 'name')->findAll(); + return $this->prepareList($users); + } + /** + * Common method to prepare a user list + * + * @access public + * @param array $users Users list (from database) + * @return array Formated list + */ + public function prepareList(array $users) + { $result = array(); foreach ($users as $user) { diff --git a/app/Schema/Mysql.php b/app/Schema/Mysql.php index 05bef8cd..4f74f761 100644 --- a/app/Schema/Mysql.php +++ b/app/Schema/Mysql.php @@ -5,7 +5,12 @@ namespace Schema; use PDO; use Core\Security; -const VERSION = 33; +const VERSION = 34; + +function version_34($pdo) +{ + $pdo->exec("ALTER TABLE projects ADD COLUMN is_everybody_allowed TINYINT(1) DEFAULT '0'"); +} function version_33($pdo) { diff --git a/app/Schema/Postgres.php b/app/Schema/Postgres.php index 8aaff259..f301f3e8 100644 --- a/app/Schema/Postgres.php +++ b/app/Schema/Postgres.php @@ -5,7 +5,12 @@ namespace Schema; use PDO; use Core\Security; -const VERSION = 14; +const VERSION = 15; + +function version_15($pdo) +{ + $pdo->exec("ALTER TABLE projects ADD COLUMN is_everybody_allowed BOOLEAN DEFAULT '0'"); +} function version_14($pdo) { diff --git a/app/Schema/Sqlite.php b/app/Schema/Sqlite.php index 3c220f8c..8571d924 100644 --- a/app/Schema/Sqlite.php +++ b/app/Schema/Sqlite.php @@ -5,7 +5,12 @@ namespace Schema; use Core\Security; use PDO; -const VERSION = 33; +const VERSION = 34; + +function version_34($pdo) +{ + $pdo->exec('ALTER TABLE projects ADD COLUMN is_everybody_allowed INTEGER DEFAULT "0"'); +} function version_33($pdo) { diff --git a/app/Templates/project_users.php b/app/Templates/project_users.php index 3b0de7f0..35079df6 100644 --- a/app/Templates/project_users.php +++ b/app/Templates/project_users.php @@ -2,37 +2,56 @@ <h2><?= t('List of authorized users') ?></h2> </div> -<?php if (empty($users['allowed'])): ?> - <div class="alert alert-info"><?= t('Nobody have access to this project.') ?></div> +<?php if ($project['is_everybody_allowed']): ?> + <div class="alert alert-info"><?= t('Everybody have access to this project.') ?></div> <?php else: ?> -<div class="listing"> - <p><?= t('Only those users have access to this project:') ?></p> - <ul> - <?php foreach ($users['allowed'] as $user_id => $username): ?> - <li> - <strong><?= Helper\escape($username) ?></strong> - <?php if ($project['is_private'] == 0): ?> - (<a href="?controller=project&action=revoke&project_id=<?= $project['id'] ?>&user_id=<?= $user_id.Helper\param_csrf() ?>"><?= t('revoke') ?></a>) - <?php endif ?> - </li> - <?php endforeach ?> - </ul> - <p><?= t('Don\'t forget that administrators have access to everything.') ?></p> -</div> -<?php endif ?> -<?php if ($project['is_private'] == 0 && ! empty($users['not_allowed'])): ?> - <form method="post" action="?controller=project&action=allow&project_id=<?= $project['id'] ?>" autocomplete="off"> + <?php if (empty($users['allowed'])): ?> + <div class="alert alert-error"><?= t('Nobody have access to this project.') ?></div> + <?php else: ?> + <div class="listing"> + <p><?= t('Only those users have access to this project:') ?></p> + <ul> + <?php foreach ($users['allowed'] as $user_id => $username): ?> + <li> + <strong><?= Helper\escape($username) ?></strong> + <?php if ($project['is_private'] == 0): ?> + (<?= Helper\a(t('revoke'), 'project', 'revoke', array('project_id' => $project['id'], 'user_id' => $user_id), true) ?>) + <?php endif ?> + </li> + <?php endforeach ?> + </ul> + <p><?= t('Don\'t forget that administrators have access to everything.') ?></p> + </div> + <?php endif ?> + + <?php if ($project['is_private'] == 0 && ! empty($users['not_allowed'])): ?> + <form method="post" action="<?= Helper\u('project', 'allow', array('project_id' => $project['id'])) ?>" autocomplete="off"> - <?= Helper\form_csrf() ?> + <?= Helper\form_csrf() ?> - <?= Helper\form_hidden('project_id', array('project_id' => $project['id'])) ?> + <?= Helper\form_hidden('project_id', array('project_id' => $project['id'])) ?> - <?= Helper\form_label(t('User'), 'user_id') ?> - <?= Helper\form_select('user_id', $users['not_allowed']) ?><br/> + <?= Helper\form_label(t('User'), 'user_id') ?> + <?= Helper\form_select('user_id', $users['not_allowed']) ?><br/> - <div class="form-actions"> - <input type="submit" value="<?= t('Allow this user') ?>" class="btn btn-blue"/> - </div> - </form> -<?php endif ?>
\ No newline at end of file + <div class="form-actions"> + <input type="submit" value="<?= t('Allow this user') ?>" class="btn btn-blue"/> + </div> + </form> + <?php endif ?> + +<?php endif ?> + +<?php if ($project['is_private'] == 0): ?> +<form method="post" action="<?= Helper\u('project', 'allowEverybody', array('project_id' => $project['id'])) ?>"> + <?= Helper\form_csrf() ?> + + <?= Helper\form_hidden('id', array('id' => $project['id'])) ?> + <?= Helper\form_checkbox('is_everybody_allowed', t('Allow everybody to access to this project'), 1, $project['is_everybody_allowed']) ?> + + <div class="form-actions"> + <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/> + </div> +</form> +<?php endif ?> diff --git a/assets/css/app.css b/assets/css/app.css index a4d71cb4..630d94c5 100644 --- a/assets/css/app.css +++ b/assets/css/app.css @@ -589,6 +589,7 @@ a.filter-on { #board th a { text-decoration: none; font-size: 150%; + color: #3366CC; } #board td { diff --git a/tests/units/ProjectPermissionTest.php b/tests/units/ProjectPermissionTest.php index b8bd375a..ee608d03 100644 --- a/tests/units/ProjectPermissionTest.php +++ b/tests/units/ProjectPermissionTest.php @@ -8,6 +8,32 @@ use Model\User; class ProjectPermissionTest extends Base { + public function testAllowEverybody() + { + $user = new User($this->registry); + $this->assertTrue($user->create(array('username' => 'unittest#1', 'password' => 'unittest'))); + $this->assertTrue($user->create(array('username' => 'unittest#2', 'password' => 'unittest'))); + + $p = new Project($this->registry); + $pp = new ProjectPermission($this->registry); + + $this->assertEquals(1, $p->create(array('name' => 'UnitTest'))); + $this->assertFalse($pp->isEverybodyAllowed(1)); + $this->assertTrue($pp->isUserAllowed(1, 1)); + $this->assertFalse($pp->isUserAllowed(1, 2)); + $this->assertFalse($pp->isUserAllowed(1, 3)); + $this->assertEquals(array(), $pp->getAllowedUsers(1)); + $this->assertEquals(array('Unassigned'), $pp->getUsersList(1)); + + $this->assertTrue($p->update(array('id' => 1, 'is_everybody_allowed' => 1))); + $this->assertTrue($pp->isEverybodyAllowed(1)); + $this->assertTrue($pp->isUserAllowed(1, 1)); + $this->assertTrue($pp->isUserAllowed(1, 2)); + $this->assertTrue($pp->isUserAllowed(1, 3)); + $this->assertEquals(array('1' => 'admin', '2' => 'unittest#1', '3' => 'unittest#2'), $pp->getAllowedUsers(1)); + $this->assertEquals(array('Unassigned', '1' => 'admin', '2' => 'unittest#1', '3' => 'unittest#2'), $pp->getUsersList(1)); + } + public function testDisallowEverybody() { // We create a regular user |