diff options
| author | Peter Zhang <peter@innocraft.com> | 2022-08-31 10:03:40 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-08-31 10:03:40 +0300 |
| commit | 598c7e5af8b196df1ef0dc78c196a4e0968b26aa (patch) | |
| tree | 306bdf37d4665280a69b08645b468cf115a8df0a | |
| parent | 645c4eb518a3668060e02d04750efb5d7ff50b2a (diff) | |
filtering a user's permissions, capabilities fixes (#19680)
* update some get role and capabilities
update some get role and capabilities
* update query and add tests
update query and add tests
* update query
update query
* Update Model.php
update access
* add UI tests
add UI tests
* Update UsersManager_spec.js
update
* Update UsersManager_admin_view_admin_filter_permissions.png
update ui
4 files changed, 32 insertions, 1 deletions
diff --git a/plugins/UsersManager/Model.php b/plugins/UsersManager/Model.php index 873dbb12fa..787b07b3aa 100644 --- a/plugins/UsersManager/Model.php +++ b/plugins/UsersManager/Model.php @@ -202,7 +202,13 @@ class Model } } - $sql = 'SELECT SQL_CALC_FOUND_ROWS s.idsite as idsite, s.name as site_name, GROUP_CONCAT(a.access SEPARATOR "|") as access + $selector = "a.access"; + if ($access) { + $selector = 'b.access'; + $joins .= " LEFT JOIN ". Common::prefixTable('access') ." b on a.idsite = b.idsite AND a.login = b.login"; + } + + $sql = 'SELECT SQL_CALC_FOUND_ROWS s.idsite as idsite, s.name as site_name, GROUP_CONCAT('.$selector.' SEPARATOR "|") as access FROM ' . Common::prefixTable('access') . " a $joins $where diff --git a/plugins/UsersManager/tests/Integration/APITest.php b/plugins/UsersManager/tests/Integration/APITest.php index e7bfb60edf..02cf0d87eb 100644 --- a/plugins/UsersManager/tests/Integration/APITest.php +++ b/plugins/UsersManager/tests/Integration/APITest.php @@ -854,6 +854,17 @@ class APITest extends IntegrationTestCase $this->assertEquals($expected, $access); } + public function testGetUserCapabilitiesAfterFilter() + { + $this->addUserWithAccess('userLoginCapabilities', 'view', 1, 'searchTextdef@email.com'); + $this->api->addCapabilities('userLoginCapabilities','tagmanager_write',1); + + $access = $this->api->getSitesAccessForUser('userLoginCapabilities', null, 1, null, 'view'); + + $this->assertEquals(['tagmanager_write'], $access[0]['capabilities']); + + } + public function testGetSitesAccessForUserShouldIgnoreOffsetIfLimitNotSupplied() { $this->api->setUserAccess('userLogin', 'admin', [1]); diff --git a/plugins/UsersManager/tests/UI/UsersManager_spec.js b/plugins/UsersManager/tests/UI/UsersManager_spec.js index 75a0e9a697..278814a640 100644 --- a/plugins/UsersManager/tests/UI/UsersManager_spec.js +++ b/plugins/UsersManager/tests/UI/UsersManager_spec.js @@ -621,6 +621,17 @@ describe("UsersManager", function () { expect(await page.screenshotSelector('.usersManager')).to.matchImage('admin_edit_permissions'); }); + it('should filter editing user permissions by access', async function () { + await page.evaluate(function () { + $('.access-filter select').val('string:admin').change(); + }); + await page.waitForTimeout(500); // wait for animation + + await page.mouse.move(-10, -10); + + expect(await page.screenshotSelector('.usersManager')).to.matchImage('admin_filter_permissions'); + }); + it('should show the add existing user modal', async function () { await page.click('.userEditForm .entityCancelLink'); diff --git a/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_admin_view_admin_filter_permissions.png b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_admin_view_admin_filter_permissions.png new file mode 100644 index 0000000000..d715f9ad98 --- /dev/null +++ b/plugins/UsersManager/tests/UI/expected-screenshots/UsersManager_admin_view_admin_filter_permissions.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:59b6d818e54cc5ed14b1f777f55697926499343a498439fcb472ec9adc67ae6d +size 54531 |
