mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2026-03-06 15:29:37 +00:00
Compare commits
No commits in common. "9b17efc12c33624f5c074c9ada3571495ed2601b" and "07172392963fa54e64f6ae0d7fa9b4b4bd75db79" have entirely different histories.
9b17efc12c
...
0717239296
23 changed files with 57 additions and 224 deletions
25
composer.lock
generated
25
composer.lock
generated
|
|
@ -7436,16 +7436,16 @@
|
|||
},
|
||||
{
|
||||
"name": "part-db/exchanger",
|
||||
"version": "v3.1.0",
|
||||
"version": "v3.0.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/Part-DB/exchanger.git",
|
||||
"reference": "a43fe79a082e331ec2b24f3579e4fba153743757"
|
||||
"reference": "a549f2bd526042f66ad5caa044fd15c67ac5270f"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/Part-DB/exchanger/zipball/a43fe79a082e331ec2b24f3579e4fba153743757",
|
||||
"reference": "a43fe79a082e331ec2b24f3579e4fba153743757",
|
||||
"url": "https://api.github.com/repos/Part-DB/exchanger/zipball/a549f2bd526042f66ad5caa044fd15c67ac5270f",
|
||||
"reference": "a549f2bd526042f66ad5caa044fd15c67ac5270f",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
|
|
@ -7507,9 +7507,9 @@
|
|||
"money"
|
||||
],
|
||||
"support": {
|
||||
"source": "https://github.com/Part-DB/exchanger/tree/v3.1.0"
|
||||
"source": "https://github.com/Part-DB/exchanger/tree/v3.0.0"
|
||||
},
|
||||
"time": "2025-09-05T19:48:23+00:00"
|
||||
"time": "2025-09-05T14:02:04+00:00"
|
||||
},
|
||||
{
|
||||
"name": "part-db/label-fonts",
|
||||
|
|
@ -7620,20 +7620,19 @@
|
|||
},
|
||||
{
|
||||
"name": "part-db/swap-bundle",
|
||||
"version": "v6.1.0",
|
||||
"version": "v6.0.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/Part-DB/symfony-swap.git",
|
||||
"reference": "fd78ebfbd762b1d76b4d71f713f39add63dec62b"
|
||||
"reference": "6772eda2603a864b5f0a94224e0cfd79976c7389"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/Part-DB/symfony-swap/zipball/fd78ebfbd762b1d76b4d71f713f39add63dec62b",
|
||||
"reference": "fd78ebfbd762b1d76b4d71f713f39add63dec62b",
|
||||
"url": "https://api.github.com/repos/Part-DB/symfony-swap/zipball/6772eda2603a864b5f0a94224e0cfd79976c7389",
|
||||
"reference": "6772eda2603a864b5f0a94224e0cfd79976c7389",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"part-db/exchanger": "^3.1.0",
|
||||
"part-db/swap": "^5.0",
|
||||
"php": "^7.1.3|^8.0",
|
||||
"psr/http-client": "^1.0",
|
||||
|
|
@ -7688,9 +7687,9 @@
|
|||
"symfony"
|
||||
],
|
||||
"support": {
|
||||
"source": "https://github.com/Part-DB/symfony-swap/tree/v6.1.0"
|
||||
"source": "https://github.com/Part-DB/symfony-swap/tree/v6.0.0"
|
||||
},
|
||||
"time": "2025-09-05T19:52:56+00:00"
|
||||
"time": "2025-09-05T17:26:07+00:00"
|
||||
},
|
||||
{
|
||||
"name": "php-http/discovery",
|
||||
|
|
|
|||
|
|
@ -11,6 +11,3 @@ florianv_swap:
|
|||
|
||||
fixer: # Fixer.io (needs an API key)
|
||||
access_key: "%env(string:settings:exchange_rate:fixerApiKey)%"
|
||||
|
||||
frankfurter: ~
|
||||
fawazahmed_currency_api: ~
|
||||
|
|
|
|||
|
|
@ -28,14 +28,9 @@ It is recommended to install Part-DB on a 64-bit system, as the 32-bit version o
|
|||
For the installation of Part-DB, we need some prerequisites. They can be installed by running the following command:
|
||||
|
||||
```bash
|
||||
sudo apt update && apt upgrade
|
||||
sudo apt install git curl zip ca-certificates software-properties-common \
|
||||
apt-transport-https lsb-release nano wget sqlite3
|
||||
sudo apt install git curl zip ca-certificates software-properties-common apt-transport-https lsb-release nano wget
|
||||
```
|
||||
|
||||
Please run `sqlite3 --version` to assert that the SQLite version is 3.35 or higher.
|
||||
Otherwise some database migrations will not succeed.
|
||||
|
||||
### Install PHP and apache2
|
||||
|
||||
Part-DB is written in [PHP](https://php.net) and therefore needs a PHP interpreter to run. Part-DB needs PHP 8.2 or
|
||||
|
|
|
|||
|
|
@ -1,64 +0,0 @@
|
|||
<?php
|
||||
/*
|
||||
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
|
||||
*
|
||||
* Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published
|
||||
* by the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
|
||||
namespace App\DataFixtures;
|
||||
|
||||
use App\Entity\PriceInformations\Currency;
|
||||
use Brick\Math\BigDecimal;
|
||||
use Doctrine\Bundle\FixturesBundle\Fixture;
|
||||
use Doctrine\Persistence\ObjectManager;
|
||||
|
||||
class CurrencyFixtures extends Fixture
|
||||
{
|
||||
public function load(ObjectManager $manager): void
|
||||
{
|
||||
$currency1 = new Currency();
|
||||
$currency1->setName('US-Dollar');
|
||||
$currency1->setIsoCode('USD');
|
||||
$manager->persist($currency1);
|
||||
|
||||
$currency2 = new Currency();
|
||||
$currency2->setName('Swiss Franc');
|
||||
$currency2->setIsoCode('CHF');
|
||||
$currency2->setExchangeRate(BigDecimal::of('0.91'));
|
||||
$manager->persist($currency2);
|
||||
|
||||
$currency3 = new Currency();
|
||||
$currency3->setName('Great British Pound');
|
||||
$currency3->setIsoCode('GBP');
|
||||
$currency3->setExchangeRate(BigDecimal::of('0.78'));
|
||||
$manager->persist($currency3);
|
||||
|
||||
$currency7 = new Currency();
|
||||
$currency7->setName('Test Currency with long name');
|
||||
$currency7->setIsoCode('CNY');
|
||||
$manager->persist($currency7);
|
||||
|
||||
$manager->flush();
|
||||
|
||||
|
||||
//Ensure that currency 7 gets ID 7
|
||||
$manager->getRepository(Currency::class)->changeID($currency7, 7);
|
||||
$manager->flush();
|
||||
}
|
||||
}
|
||||
|
|
@ -41,7 +41,6 @@ use App\Entity\Attachments\UserAttachment;
|
|||
use RuntimeException;
|
||||
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
use function in_array;
|
||||
|
|
@ -57,7 +56,7 @@ final class AttachmentVoter extends Voter
|
|||
{
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
|
||||
//This voter only works for attachments
|
||||
|
|
@ -66,8 +65,7 @@ final class AttachmentVoter extends Voter
|
|||
}
|
||||
|
||||
if ($attribute === 'show_private') {
|
||||
$vote?->addReason('User is not allowed to view private attachments.');
|
||||
return $this->helper->isGranted($token, 'attachments', 'show_private', $vote);
|
||||
return $this->helper->isGranted($token, 'attachments', 'show_private');
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -113,8 +111,7 @@ final class AttachmentVoter extends Voter
|
|||
throw new RuntimeException('Encountered unknown Parameter type: ' . $subject);
|
||||
}
|
||||
|
||||
$vote?->addReason('User is not allowed to '.$this->mapOperation($attribute).' attachments of type '.$param.'.');
|
||||
return $this->helper->isGranted($token, $param, $this->mapOperation($attribute), $vote);
|
||||
return $this->helper->isGranted($token, $param, $this->mapOperation($attribute));
|
||||
}
|
||||
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -25,7 +25,6 @@ namespace App\Security\Voter;
|
|||
use App\Entity\UserSystem\Group;
|
||||
use App\Services\UserSystem\VoterHelper;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -44,9 +43,9 @@ final class GroupVoter extends Voter
|
|||
*
|
||||
* @param string $attribute
|
||||
*/
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
return $this->helper->isGranted($token, 'groups', $attribute, $vote);
|
||||
return $this->helper->isGranted($token, 'groups', $attribute);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ namespace App\Security\Voter;
|
|||
use App\Entity\UserSystem\User;
|
||||
use App\Services\UserSystem\VoterHelper;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
|
||||
|
|
@ -48,16 +47,9 @@ final class ImpersonateUserVoter extends Voter
|
|||
&& $subject instanceof UserInterface;
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
|
||||
{
|
||||
$result = $this->helper->isGranted($token, 'users', 'impersonate');
|
||||
|
||||
if ($result === false) {
|
||||
$vote?->addReason('User is not allowed to impersonate other users.');
|
||||
$this->helper->addReason($vote, 'users', 'impersonate');
|
||||
}
|
||||
|
||||
return $result;
|
||||
return $this->helper->isGranted($token, 'users', 'impersonate');
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
|
|
@ -69,4 +61,4 @@ final class ImpersonateUserVoter extends Voter
|
|||
{
|
||||
return is_a($subjectType, User::class, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -44,7 +44,6 @@ namespace App\Security\Voter;
|
|||
use App\Entity\LabelSystem\LabelProfile;
|
||||
use App\Services\UserSystem\VoterHelper;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -64,9 +63,9 @@ final class LabelProfileVoter extends Voter
|
|||
public function __construct(private readonly VoterHelper $helper)
|
||||
{}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
return $this->helper->isGranted($token, 'labels', self::MAPPING[$attribute], $vote);
|
||||
return $this->helper->isGranted($token, 'labels', self::MAPPING[$attribute]);
|
||||
}
|
||||
|
||||
protected function supports($attribute, $subject): bool
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ use App\Services\UserSystem\VoterHelper;
|
|||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
use App\Entity\LogSystem\AbstractLogEntry;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -40,7 +39,7 @@ final class LogEntryVoter extends Voter
|
|||
{
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
$user = $this->helper->resolveUser($token);
|
||||
|
||||
|
|
@ -49,19 +48,19 @@ final class LogEntryVoter extends Voter
|
|||
}
|
||||
|
||||
if ('delete' === $attribute) {
|
||||
return $this->helper->isGranted($token, 'system', 'delete_logs', $vote);
|
||||
return $this->helper->isGranted($token, 'system', 'delete_logs');
|
||||
}
|
||||
|
||||
if ('read' === $attribute) {
|
||||
//Allow read of the users own log entries
|
||||
if (
|
||||
$subject->getUser() === $user
|
||||
&& $this->helper->isGranted($token, 'self', 'show_logs', $vote)
|
||||
&& $this->helper->isGranted($token, 'self', 'show_logs')
|
||||
) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $this->helper->isGranted($token, 'system', 'show_logs', $vote);
|
||||
return $this->helper->isGranted($token, 'system', 'show_logs');
|
||||
}
|
||||
|
||||
if ('show_details' === $attribute) {
|
||||
|
|
|
|||
|
|
@ -46,7 +46,6 @@ use Symfony\Bundle\SecurityBundle\Security;
|
|||
use App\Entity\Parts\Part;
|
||||
use App\Entity\PriceInformations\Orderdetail;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -60,7 +59,7 @@ final class OrderdetailVoter extends Voter
|
|||
|
||||
protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element'];
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
if (! is_a($subject, Orderdetail::class, true)) {
|
||||
throw new \RuntimeException('This voter can only handle Orderdetail objects!');
|
||||
|
|
@ -76,7 +75,7 @@ final class OrderdetailVoter extends Voter
|
|||
|
||||
//If we have no part associated use the generic part permission
|
||||
if (is_string($subject) || !$subject->getPart() instanceof Part) {
|
||||
return $this->helper->isGranted($token, 'parts', $operation, $vote);
|
||||
return $this->helper->isGranted($token, 'parts', $operation);
|
||||
}
|
||||
|
||||
//Otherwise vote on the part
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ use App\Entity\Parameters\StorageLocationParameter;
|
|||
use App\Entity\Parameters\SupplierParameter;
|
||||
use RuntimeException;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -54,7 +53,7 @@ final class ParameterVoter extends Voter
|
|||
{
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
//return $this->resolver->inherit($user, 'attachments', $attribute) ?? false;
|
||||
|
||||
|
|
@ -109,7 +108,7 @@ final class ParameterVoter extends Voter
|
|||
throw new RuntimeException('Encountered unknown Parameter type: ' . (is_object($subject) ? $subject::class : $subject));
|
||||
}
|
||||
|
||||
return $this->helper->isGranted($token, $param, $attribute, $vote);
|
||||
return $this->helper->isGranted($token, $param, $attribute);
|
||||
}
|
||||
|
||||
protected function supports(string $attribute, $subject): bool
|
||||
|
|
|
|||
|
|
@ -46,7 +46,6 @@ use App\Services\UserSystem\VoterHelper;
|
|||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
use App\Entity\Parts\Part;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -62,7 +61,7 @@ final class PartAssociationVoter extends Voter
|
|||
|
||||
protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element'];
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
if (!is_string($subject) && !$subject instanceof PartAssociation) {
|
||||
throw new \RuntimeException('Invalid subject type!');
|
||||
|
|
@ -78,7 +77,7 @@ final class PartAssociationVoter extends Voter
|
|||
|
||||
//If we have no part associated use the generic part permission
|
||||
if (is_string($subject) || !$subject->getOwner() instanceof Part) {
|
||||
return $this->helper->isGranted($token, 'parts', $operation, $vote);
|
||||
return $this->helper->isGranted($token, 'parts', $operation);
|
||||
}
|
||||
|
||||
//Otherwise vote on the part
|
||||
|
|
|
|||
|
|
@ -46,7 +46,6 @@ use Symfony\Bundle\SecurityBundle\Security;
|
|||
use App\Entity\Parts\Part;
|
||||
use App\Entity\Parts\PartLot;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -60,13 +59,13 @@ final class PartLotVoter extends Voter
|
|||
|
||||
protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element', 'withdraw', 'add', 'move'];
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
$user = $this->helper->resolveUser($token);
|
||||
|
||||
if (in_array($attribute, ['withdraw', 'add', 'move'], true))
|
||||
{
|
||||
$base_permission = $this->helper->isGranted($token, 'parts_stock', $attribute, $vote);
|
||||
$base_permission = $this->helper->isGranted($token, 'parts_stock', $attribute);
|
||||
|
||||
$lot_permission = true;
|
||||
//If the lot has an owner, we need to check if the user is the owner of the lot to be allowed to withdraw it.
|
||||
|
|
@ -74,10 +73,6 @@ final class PartLotVoter extends Voter
|
|||
$lot_permission = $subject->getOwner() === $user || $subject->getOwner()->getID() === $user->getID();
|
||||
}
|
||||
|
||||
if (!$lot_permission) {
|
||||
$vote->addReason('User is not the owner of the lot.');
|
||||
}
|
||||
|
||||
return $base_permission && $lot_permission;
|
||||
}
|
||||
|
||||
|
|
@ -91,7 +86,7 @@ final class PartLotVoter extends Voter
|
|||
|
||||
//If we have no part associated use the generic part permission
|
||||
if (is_string($subject) || !$subject->getPart() instanceof Part) {
|
||||
return $this->helper->isGranted($token, 'parts', $operation, $vote);
|
||||
return $this->helper->isGranted($token, 'parts', $operation);
|
||||
}
|
||||
|
||||
//Otherwise vote on the part
|
||||
|
|
|
|||
|
|
@ -25,7 +25,6 @@ namespace App\Security\Voter;
|
|||
use App\Entity\Parts\Part;
|
||||
use App\Services\UserSystem\VoterHelper;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -53,9 +52,10 @@ final class PartVoter extends Voter
|
|||
return false;
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
return $this->helper->isGranted($token, 'parts', $attribute, $vote);
|
||||
//Null concealing operator means, that no
|
||||
return $this->helper->isGranted($token, 'parts', $attribute);
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ namespace App\Security\Voter;
|
|||
|
||||
use App\Services\UserSystem\VoterHelper;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -40,17 +39,12 @@ final class PermissionVoter extends Voter
|
|||
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
|
||||
{
|
||||
$attribute = ltrim($attribute, '@');
|
||||
[$perm, $op] = explode('.', $attribute);
|
||||
|
||||
$result = $this->helper->isGranted($token, $perm, $op);
|
||||
if ($result === false) {
|
||||
$this->helper->addReason($vote, $perm, $op);
|
||||
}
|
||||
|
||||
return $result;
|
||||
return $this->helper->isGranted($token, $perm, $op);
|
||||
}
|
||||
|
||||
public function supportsAttribute(string $attribute): bool
|
||||
|
|
|
|||
|
|
@ -47,7 +47,6 @@ use App\Entity\PriceInformations\Orderdetail;
|
|||
use App\Entity\Parts\Part;
|
||||
use App\Entity\PriceInformations\Pricedetail;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
/**
|
||||
|
|
@ -61,7 +60,7 @@ final class PricedetailVoter extends Voter
|
|||
|
||||
protected const ALLOWED_PERMS = ['read', 'edit', 'create', 'delete', 'show_history', 'revert_element'];
|
||||
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
$operation = match ($attribute) {
|
||||
'read' => 'read',
|
||||
|
|
@ -73,7 +72,7 @@ final class PricedetailVoter extends Voter
|
|||
|
||||
//If we have no part associated use the generic part permission
|
||||
if (is_string($subject) || !$subject->getOrderdetail() instanceof Orderdetail || !$subject->getOrderdetail()->getPart() instanceof Part) {
|
||||
return $this->helper->isGranted($token, 'parts', $operation, $vote);
|
||||
return $this->helper->isGranted($token, 'parts', $operation);
|
||||
}
|
||||
|
||||
//Otherwise vote on the part
|
||||
|
|
|
|||
|
|
@ -33,7 +33,6 @@ use App\Entity\Parts\Supplier;
|
|||
use App\Entity\PriceInformations\Currency;
|
||||
use App\Services\UserSystem\VoterHelper;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
use function is_object;
|
||||
|
|
@ -114,10 +113,10 @@ final class StructureVoter extends Voter
|
|||
*
|
||||
* @param string $attribute
|
||||
*/
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
$permission_name = $this->instanceToPermissionName($subject);
|
||||
//Just resolve the permission
|
||||
return $this->helper->isGranted($token, $permission_name, $attribute, $vote);
|
||||
return $this->helper->isGranted($token, $permission_name, $attribute);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ use App\Entity\UserSystem\User;
|
|||
use App\Services\UserSystem\PermissionManager;
|
||||
use App\Services\UserSystem\VoterHelper;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
use function in_array;
|
||||
|
|
@ -80,7 +79,7 @@ final class UserVoter extends Voter
|
|||
*
|
||||
* @param string $attribute
|
||||
*/
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
|
||||
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
|
||||
{
|
||||
$user = $this->helper->resolveUser($token);
|
||||
|
||||
|
|
@ -98,7 +97,7 @@ final class UserVoter extends Voter
|
|||
if (($subject instanceof User) && $subject->getID() === $user->getID() &&
|
||||
$this->helper->isValidOperation('self', $attribute)) {
|
||||
//Then we also need to check the self permission
|
||||
$tmp = $this->helper->isGranted($token, 'self', $attribute, $vote);
|
||||
$tmp = $this->helper->isGranted($token, 'self', $attribute);
|
||||
//But if the self value is not allowed then use just the user value:
|
||||
if ($tmp) {
|
||||
return $tmp;
|
||||
|
|
@ -107,7 +106,7 @@ final class UserVoter extends Voter
|
|||
|
||||
//Else just check user permission:
|
||||
if ($this->helper->isValidOperation('users', $attribute)) {
|
||||
return $this->helper->isGranted($token, 'users', $attribute, $vote);
|
||||
return $this->helper->isGranted($token, 'users', $attribute);
|
||||
}
|
||||
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -28,9 +28,6 @@ use App\Repository\UserRepository;
|
|||
use App\Security\ApiTokenAuthenticatedToken;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
use Symfony\Contracts\Translation\TranslatorInterface;
|
||||
|
||||
/**
|
||||
* @see \App\Tests\Services\UserSystem\VoterHelperTest
|
||||
|
|
@ -38,14 +35,10 @@ use Symfony\Contracts\Translation\TranslatorInterface;
|
|||
final class VoterHelper
|
||||
{
|
||||
private readonly UserRepository $userRepository;
|
||||
private readonly array $permissionStructure;
|
||||
|
||||
public function __construct(private readonly PermissionManager $permissionManager,
|
||||
private readonly TranslatorInterface $translator,
|
||||
private readonly EntityManagerInterface $entityManager)
|
||||
public function __construct(private readonly PermissionManager $permissionManager, private readonly EntityManagerInterface $entityManager)
|
||||
{
|
||||
$this->userRepository = $this->entityManager->getRepository(User::class);
|
||||
$this->permissionStructure = $this->permissionManager->getPermissionStructure();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -54,16 +47,11 @@ final class VoterHelper
|
|||
* @param TokenInterface $token The token to check
|
||||
* @param string $permission The permission to check
|
||||
* @param string $operation The operation to check
|
||||
* @param Vote|null $vote The vote object to add reasons to (optional). If null, no reasons are added.
|
||||
* @return bool
|
||||
*/
|
||||
public function isGranted(TokenInterface $token, string $permission, string $operation, ?Vote $vote = null): bool
|
||||
public function isGranted(TokenInterface $token, string $permission, string $operation): bool
|
||||
{
|
||||
$tmp = $this->isGrantedTrinary($token, $permission, $operation) ?? false;
|
||||
if ($tmp === false) {
|
||||
$this->addReason($vote, $permission, $operation);
|
||||
}
|
||||
return $tmp;
|
||||
return $this->isGrantedTrinary($token, $permission, $operation) ?? false;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -136,17 +124,4 @@ final class VoterHelper
|
|||
{
|
||||
return $this->permissionManager->isValidOperation($permission, $operation);
|
||||
}
|
||||
|
||||
public function addReason(?Vote $voter, string $permission, $operation): void
|
||||
{
|
||||
if ($voter !== null) {
|
||||
$voter->addReason(sprintf("User does not have permission %s -> %s -> %s (%s.%s).",
|
||||
$this->translator->trans('perm.group.'.($this->permissionStructure['perms'][$permission]['group'] ?? 'unknown') ),
|
||||
$this->translator->trans($this->permissionStructure['perms'][$permission]['label'] ?? $permission),
|
||||
$this->translator->trans($this->permissionStructure['perms'][$permission]['operations'][$operation]['label'] ?? $operation),
|
||||
$permission,
|
||||
$operation
|
||||
));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,9 +1,6 @@
|
|||
{% extends "bundles/TwigBundle/Exception/error.html.twig" %}
|
||||
|
||||
{% block status_comment %}
|
||||
Nice try! But you are not allowed to do this!<br>
|
||||
<code>{{ exception.message }}</code>
|
||||
Nice try! But you are not allowed to do this!
|
||||
<br> <small>If you think you should have access to this ressource, contact the adminstrator.</small>
|
||||
|
||||
|
||||
{% endblock %}
|
||||
{% endblock %}
|
||||
|
|
@ -23,7 +23,7 @@
|
|||
</div>
|
||||
<div class="col-6">
|
||||
{% if provider.providerInfo.settings_class is defined %}
|
||||
<a href="{{ path('info_providers_provider_settings', {'provider': provider.providerKey}) }}" class="btn btn-primary btn-sm {% if not is_granted('@config.change_system_settings') %}disabled{% endif %}"
|
||||
<a href="{{ path('info_providers_provider_settings', {'provider': provider.providerKey}) }}" class="btn btn-primary btn-sm"
|
||||
title="{% trans %}info_providers.settings.title{% endtrans %}"
|
||||
><i class="fa-solid fa-cog"></i></a>
|
||||
{% endif %}
|
||||
|
|
|
|||
|
|
@ -1,35 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
|
||||
*
|
||||
* Copyright (C) 2019 - 2020 Jan Böhmer (https://github.com/jbtronics)
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published
|
||||
* by the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Tests\Controller\AdminPages;
|
||||
|
||||
use App\Entity\PriceInformations\Currency;
|
||||
use PHPUnit\Framework\Attributes\Group;
|
||||
use App\Entity\Parts\Manufacturer;
|
||||
|
||||
#[Group('slow')]
|
||||
#[Group('DB')]
|
||||
class CurrencyController extends AbstractAdminController
|
||||
{
|
||||
protected static string $base_path = '/en/currency';
|
||||
protected static string $entity_class = Currency::class;
|
||||
}
|
||||
|
|
@ -7164,8 +7164,8 @@ Exampletown</target>
|
|||
Element 2
|
||||
Element 3
|
||||
|
||||
Element 1 -> Element 1.1
|
||||
Element 1 -> Element 1.2]]></target>
|
||||
Element 1 -> Element 1.1
|
||||
Element 1 -> Element 1.2]]></target>
|
||||
</segment>
|
||||
</unit>
|
||||
<unit id="TWSqPFi" name="entity.mass_creation.btn">
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue