From f65b447ca3bd1de3a647b7a3a23e6c9137329094 Mon Sep 17 00:00:00 2001 From: Teon Ooi Date: Tue, 25 Jun 2024 11:07:11 +0800 Subject: [PATCH] Revert "Merge branch 'feature-DASH-29_issue-with-dashboard-exported-data-irrelevant-data-and-incorrect-permission-status' into release-3.1.0" This reverts commit e6a43c535a10e9d6f35ce9133ae519149eefc6ed, reversing changes made to a7d7118fb8557295d5b04329fdb0b6327fd0dbd5. --- CHANGELOG.md | 5 ---- .../admin/datamanager/admin_dashboard.cfc | 29 ++++++------------- preside-objects/admin_dashboard.cfc | 10 +++---- 3 files changed, 14 insertions(+), 30 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a222891..daebf52 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,5 @@ # Changelog -## v3.0.6 - -* [DASH-26](https://projects.pixl8.london/browse/DASH-26) - (p1) There is no Granular permissions for Admin Dashboards -* [DASH-27](https://projects.pixl8.london/browse/DASH-27) - (p1) Infinite load on keyword search on admin dashboard list - ## v3.0.5 * Update build version generator diff --git a/handlers/admin/datamanager/admin_dashboard.cfc b/handlers/admin/datamanager/admin_dashboard.cfc index 4117549..ba6be55 100644 --- a/handlers/admin/datamanager/admin_dashboard.cfc +++ b/handlers/admin/datamanager/admin_dashboard.cfc @@ -57,12 +57,6 @@ component extends="preside.system.base.AdminHandler" { , adminUserGroups = { type="varchar", value=adminUserGroups, list=true } } } ); - - ArrayAppend( args.selectFields, "owner_id" ); - ArrayAppend( args.selectFields, "view_groups_list" ); - ArrayAppend( args.selectFields, "view_users_list" ); - ArrayAppend( args.selectFields, "edit_groups_list" ); - ArrayAppend( args.selectFields, "edit_users_list" ); } } @@ -80,27 +74,22 @@ component extends="preside.system.base.AdminHandler" { var canEditThis = false; var hasFullAccess = dashboardService.hasFullAccess( adminUserId ); - for ( var r in records ) { - canEditThis = ( prc.canEdit ?: false ) && ( r.owner_id == adminUserId || ( r.edit_access == "specific" && ( listFind( r.edit_users_list, adminUserId ) || _listFindOneOf( r.edit_groups_list, adminUserGroups ) ) ) ); + + for( var r in records ){ + canEditThis = prc.canEdit && ( r.owner_id == adminUserId || ( r.edit_access == "specific" && ( listFind( r.edit_users_list, adminUserId ) || _listFindOneOf( r.edit_groups_list, adminUserGroups ) ) ) ); canViewThis = canEditThis || r.view_access == "public" || ( r.view_access == "specific" && ( listFind( r.view_users_list, adminUserId ) || _listFindOneOf( r.view_groups_list, adminUserGroups ) ) ) ArrayAppend( canEdit , hasFullAccess || canEditThis ); ArrayAppend( canView , hasFullAccess || canViewThis ); ArrayAppend( canShare , hasFullAccess || r.owner_id == adminUserId ); - ArrayAppend( canDelete, hasFullAccess || ( ( prc.canDelete ?: false ) && r.owner_id == adminUserId ) ); - ArrayAppend( canClone , hasFullAccess || ( ( prc.canClone ?: false ) && canViewThis ) ); + ArrayAppend( canDelete, hasFullAccess || ( prc.canDelete && r.owner_id == adminUserId ) ); + ArrayAppend( canClone , hasFullAccess || ( prc.canClone && canViewThis ) ); } - QueryAddColumn( records, "canView" , canView ); - QueryAddColumn( records, "canEdit" , canEdit ); - QueryAddColumn( records, "canShare" , canShare ); + QueryAddColumn( records, "canView", canView ); + QueryAddColumn( records, "canEdit", canEdit ); + QueryAddColumn( records, "canShare", canShare ); QueryAddColumn( records, "canDelete", canDelete ); - QueryAddColumn( records, "canClone" , canClone ); - - QueryDeleteColumn( records, "owner_id" ); - QueryDeleteColumn( records, "view_groups_list" ); - QueryDeleteColumn( records, "view_users_list" ); - QueryDeleteColumn( records, "edit_groups_list" ); - QueryDeleteColumn( records, "edit_users_list" ); + QueryAddColumn( records, "canClone", canClone ); } private array function getRecordActionsForGridListing( event, rc, prc, args={} ) { diff --git a/preside-objects/admin_dashboard.cfc b/preside-objects/admin_dashboard.cfc index f59b05c..a12181a 100644 --- a/preside-objects/admin_dashboard.cfc +++ b/preside-objects/admin_dashboard.cfc @@ -25,9 +25,9 @@ component { property name="edit_groups" adminRenderer="ObjectRelatedRecordsList" relationship="many-to-many" relatedTo="security_group" relatedVia="admin_dashboard_edit_group" cloneable=false; property name="edit_users" adminRenderer="ObjectRelatedRecordsList" relationship="many-to-many" relatedTo="security_user" relatedVia="admin_dashboard_edit_user" cloneable=false; - property name="owner_id" adminRenderer="none" type="string" formula="${prefix}owner.id" excludeDataExport=true; - property name="view_groups_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}view_groups.id )" excludeDataExport=true; - property name="view_users_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}view_users.id )" excludeDataExport=true; - property name="edit_groups_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}edit_groups.id )" excludeDataExport=true; - property name="edit_users_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}edit_users.id )" excludeDataExport=true; + property name="owner_id" adminRenderer="none" type="string" formula="${prefix}owner.id"; + property name="view_groups_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}view_groups.id )"; + property name="view_users_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}view_users.id )"; + property name="edit_groups_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}edit_groups.id )"; + property name="edit_users_list" adminRenderer="none" type="string" formula="group_concat( distinct ${prefix}edit_users.id )"; } \ No newline at end of file