From e38d10f283a03e3dd79d046f3634fd95e1c5e9f0 Mon Sep 17 00:00:00 2001 From: Vincent Vanwaelscappel Date: Tue, 1 Dec 2020 18:19:49 +0100 Subject: [PATCH] wip #3753 --- src/Company.php | 9 +++++++++ src/Operations/LoginasOperation.php | 15 ++++++++------- src/Permissions.php | 14 ++++++++++++++ src/User.php | 19 ++++++++++++++++++- 4 files changed, 49 insertions(+), 8 deletions(-) diff --git a/src/Company.php b/src/Company.php index e85905f..9b9849b 100644 --- a/src/Company.php +++ b/src/Company.php @@ -74,4 +74,13 @@ class Company extends CubistMagicAbstractModel $this->addField(['name' => 'e1_ws_grade', 'type' => 'Hidden']); } + + public function isOwner($user) + { + if (null === $user) { + return false; + } + /** @var $user User */ + return in_array($this->id, $user->getManagedCompanies()); + } } diff --git a/src/Operations/LoginasOperation.php b/src/Operations/LoginasOperation.php index e69a48a..0983cef 100644 --- a/src/Operations/LoginasOperation.php +++ b/src/Operations/LoginasOperation.php @@ -14,17 +14,18 @@ trait LoginasOperation protected function setupLoginasDefaults() { - if (can('manageusers')) { - $this->crud->addButtonFromView('line', 'loginas', 'user.loginas', 'end'); - } + $this->crud->addButtonFromView('line', 'loginas', 'user.loginas', 'end'); } protected function loginas($id) { - if (can('manageusers')) { - $user = User::find($id); - backpack_auth()->login($user); - } + $user = User::find($id); + backpack_auth()->login($user); return redirect('dashboard'); } + + public function canLoginas($user) + { + return $this->isOwner($user); + } } diff --git a/src/Permissions.php b/src/Permissions.php index e50c39f..e8f5afe 100644 --- a/src/Permissions.php +++ b/src/Permissions.php @@ -132,4 +132,18 @@ class Permissions } return []; } + + + /** + * @param $user integer + * @return array + */ + public static function getManagedCompanies($user) + { + $data = self::_getData(); + if (isset($data['managedCompanies'][$user])) { + return $data['managedCompanies'][$user]; + } + return []; + } } diff --git a/src/User.php b/src/User.php index 0020e4b..96a28d3 100644 --- a/src/User.php +++ b/src/User.php @@ -61,7 +61,7 @@ class User extends CubistMagicAuthenticatable 'type' => 'Locale', 'tab' => 'Settings']); - $extranetv1 = ['settings', 'ws_password', 'ws_settings', 'ws_rights', 'ws_domains','ws_count', 'login', 'mobile', 'fax', 'notes', 'grade', 'resetpassword']; + $extranetv1 = ['settings', 'ws_password', 'ws_settings', 'ws_rights', 'ws_domains', 'ws_count', 'login', 'mobile', 'fax', 'notes', 'grade', 'resetpassword']; foreach ($extranetv1 as $f) { $this->addField(['name' => 'e1_' . $f, @@ -121,5 +121,22 @@ class User extends CubistMagicAuthenticatable return $res; } + public function getManagedCompanies() + { + start_measure('_get_managed_companies', 'Get managed companies'); + $res = Permissions::getManagedCompanies($this->id); + stop_measure('_get_managed_companies'); + return $res; + } + + public function isOwner($user) + { + if (null === $user) { + return false; + } + /** @var $user self */ + return in_array($this->id, $user->getManagedUsers()); + } + } -- 2.39.5