groove/Part-DB-server
1
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-12-23 03:19:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added a permission to control which users can access private attachments.

Browse source
This commit is contained in:
Jan Böhmer 2020-03-30 16:56:58 +02:00
parent 9769915b34
commit e83d72ec10
7 changed files with 31 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

7
templates/helper.twig
View file

@ -7,14 +7,19 @@
{% endmacro %}
{% macro attachment_icon(attachment, attachment_helper, class = "fa-fw fas fa-3x", link = true) %}
{% set disabled = attachment.secure and not is_granted("show_secure", attachment) %}
{% if not attachment_helper or attachment_helper.fileExisting(attachment) %}
<a target="_blank" data-no-ajax rel="noopener" href="{% if link %}{{ attachment|entityURL('file_view') }}{% endif %}">
{% if link and not disabled %}
<a target="_blank" data-no-ajax rel="noopener" href="{{ attachment|entityURL('file_view') }}">
{% endif %}
{% if attachment.picture %}
<img class="hoverpic" src="{{ attachment|entityURL('file_view') }}">
{% else %}
<i class="text-dark {{ class }} {{ ext_to_fa_icon(attachment.extension) }}"></i>
{% endif %}
{% if link and not disabled %}
</a>
{% endif %}
{% elseif not attachment_helper.fileExisting(attachment) %}
<i class="{{ class }} fa-exclamation-triangle text-danger"></i>
{% endif %}