Skip to content

Commit f4c7b00

Browse files
ipulaipula
committed
fix issue in invitation and add permissions to invitation page
1 parent 71360b6 commit f4c7b00

File tree

5 files changed

+74
-76
lines changed

5 files changed

+74
-76
lines changed

classes/user/maps/Schema.php

+16-17
Original file line numberDiff line numberDiff line change
@@ -131,7 +131,6 @@ protected function mapByProperties(array $props, User $user, array $auxiliaryDat
131131
case 'canLoginAs':
132132
$output[$prop] = $this->getPropertyCanLoginAs($user);
133133
break;
134-
135134
case 'canMergeUsers':
136135
$output[$prop] = $this->getPropertyCanMergeUsers($user);
137136
break;
@@ -175,22 +174,22 @@ protected function mapByProperties(array $props, User $user, array $auxiliaryDat
175174

176175
$output[$prop] = [];
177176
foreach ($userGroups as $userGroup) {
178-
$output[$prop][] = [
179-
'id' => (int) $userGroup->id,
180-
'name' => $userGroup->getLocalizedData('name'),
181-
'abbrev' => $userGroup->getLocalizedData('abbrev'),
182-
'roleId' => (int) $userGroup->roleId,
183-
'showTitle' => (bool) $userGroup->showTitle,
184-
'permitSelfRegistration' => (bool) $userGroup->permitSelfRegistration,
185-
'permitMetadataEdit' => (bool) $userGroup->permitMetadataEdit,
186-
'recommendOnly' => (bool) $userGroup->recommendOnly,
187-
'dateStart' => UserUserGroup::withUserId($user->getId())
188-
->withUserGroupIds([$userGroup->id])
189-
->pluck('date_start')->first(),
190-
'dateEnd' => UserUserGroup::withUserId($user->getId())
191-
->withUserGroupIds([$userGroup->id])
192-
->pluck('date_end')->first(),
193-
];
177+
$userUserGroup = UserUserGroup::withUserId($user->getId())
178+
->withUserGroupIds([$userGroup->id])->get()->toArray();
179+
foreach ($userUserGroup as $userUserGroupItem) {
180+
$output[$prop][] = [
181+
'id' => (int) $userGroup->id,
182+
'name' => $userGroup->getLocalizedData('name'),
183+
'abbrev' => $userGroup->getLocalizedData('abbrev'),
184+
'roleId' => (int) $userGroup->roleId,
185+
'showTitle' => (bool) $userGroup->showTitle,
186+
'permitSelfRegistration' => (bool) $userGroup->permitSelfRegistration,
187+
'permitMetadataEdit' => (bool) $userGroup->permitMetadataEdit,
188+
'recommendOnly' => (bool) $userGroup->recommendOnly,
189+
'dateStart' => $userUserGroupItem['dateStart'],
190+
'dateEnd' => $userUserGroupItem['dateEnd'],
191+
];
192+
}
194193
}
195194
}
196195
break;

controllers/grid/settings/user/UserGridHandler.php

+7-24
Original file line numberDiff line numberDiff line change
@@ -92,23 +92,6 @@ public function initialize($request, $args = null)
9292
// Basic grid configuration.
9393
$this->setTitle('grid.user.currentUsers');
9494

95-
// Grid actions.
96-
$router = $request->getRouter();
97-
98-
$this->addAction(
99-
new LinkAction(
100-
'addUser',
101-
new AjaxModal(
102-
$router->url($request, null, null, 'addUser', null, null),
103-
__('grid.user.add'),
104-
null,
105-
true
106-
),
107-
__('grid.user.add'),
108-
'add_user'
109-
)
110-
);
111-
11295
//
11396
// Grid columns.
11497
//
@@ -171,7 +154,7 @@ public function getTemplateVarsFromRow($row): array
171154
->withActive();
172155
})
173156
->get();
174-
157+
175158
$roles = $userGroups->map(fn (UserGroup $userGroup) => $userGroup->getLocalizedData('name'))->join(__('common.commaListSeparator'));
176159
return ['label' => $roles];
177160
}
@@ -550,18 +533,18 @@ public function removeUser($args, $request)
550533
if (!$request->checkCSRF()) {
551534
return new JSONMessage(false);
552535
}
553-
536+
554537
$context = $request->getContext();
555538
$user = $request->getUser();
556-
539+
557540
// Identify the user Id.
558541
$userId = $request->getUserVar('rowId');
559-
542+
560543
if ($userId !== null && Validation::getAdministrationLevel($userId, $user->getId(), $context->getId()) === Validation::ADMINISTRATION_PROHIBITED) {
561544
// We don't have administrative rights over this user.
562545
return new JSONMessage(false, __('grid.user.cannotAdminister'));
563546
}
564-
547+
565548
// Check if this user has any active user group assignments for this context.
566549
$activeUserGroupCount = UserGroup::query()
567550
->withContextIds($context->getId())
@@ -570,7 +553,7 @@ public function removeUser($args, $request)
570553
->withActive();
571554
})
572555
->count();
573-
556+
574557
if (!$activeUserGroupCount) {
575558
return new JSONMessage(false, __('grid.user.userNoRoles'));
576559
} else {
@@ -582,7 +565,7 @@ public function removeUser($args, $request)
582565
$query->withContextIds($context->getId());
583566
})
584567
->update(['date_end' => now()]);
585-
568+
586569
return \PKP\db\DAO::getDataChangedEvent($userId);
587570
}
588571
}

controllers/grid/users/author/AuthorGridRow.php

-18
Original file line numberDiff line numberDiff line change
@@ -101,24 +101,6 @@ public function initialize($request, $template = null)
101101
'delete'
102102
)
103103
);
104-
105-
$author = Repo::author()->get((int) $rowId, $this->getPublication()->getId());
106-
107-
if ($author && !Repo::user()->getByEmail($author->getEmail(), true)) {
108-
$this->addAction(
109-
new LinkAction(
110-
'addUser',
111-
new AjaxModal(
112-
$router->url($request, null, null, 'addUser', null, $actionArgs),
113-
__('grid.user.add'),
114-
null,
115-
true
116-
),
117-
__('grid.user.add'),
118-
'add_user'
119-
)
120-
);
121-
}
122104
}
123105
}
124106
}

locale/en/user.po

+1-1
Original file line numberDiff line numberDiff line change
@@ -855,7 +855,7 @@ msgid "orcid.field.unverified.shouldRequest"
855855
msgstr "This ORCID has not been verified. Please remove this unverified ORCID and request verification from the user/author directly."
856856

857857
msgid "user.removeRole.message"
858-
msgstr "Are you sure want remove this role permanently?"
858+
msgstr "Are you sure you want to permanently remove this role? This action will revoke the user's access to all information and permissions associated with this role"
859859

860860
msgid "user.futureRole.notification.message"
861861
msgstr "Your role is scheduled to begin on {$roleStartDate}"

pages/invitation/InvitationHandler.php

+50-16
Original file line numberDiff line numberDiff line change
@@ -17,18 +17,19 @@
1717
namespace PKP\pages\invitation;
1818

1919
use APP\core\Application;
20+
use APP\core\PageRouter;
2021
use APP\core\Request;
2122
use APP\facades\Repo;
2223
use APP\handler\Handler;
2324
use APP\template\TemplateManager;
2425
use PKP\context\Context;
25-
use PKP\core\PKPApplication;
26+
use PKP\core\PKPRequest;
2627
use PKP\facades\Locale;
27-
use PKP\i18n\LocaleMetadata;
2828
use PKP\invitation\core\enums\InvitationAction;
2929
use PKP\invitation\core\Invitation;
3030
use PKP\invitation\stepTypes\SendInvitationStep;
31-
use PKP\user\User;
31+
use PKP\security\authorization\ContextAccessPolicy;
32+
use PKP\security\Role;
3233
use PKP\userGroup\relationships\UserUserGroup;
3334

3435
class InvitationHandler extends Handler
@@ -38,6 +39,38 @@ class InvitationHandler extends Handler
3839
public const REPLY_OP_ACCEPT = 'accept';
3940
public const REPLY_OP_DECLINE = 'decline';
4041

42+
/**
43+
* @see PKPHandler::initialize()
44+
*/
45+
public function __construct()
46+
{
47+
parent::__construct();
48+
49+
$this->addRoleAssignment(
50+
[Role::ROLE_ID_SITE_ADMIN, Role::ROLE_ID_MANAGER],
51+
['invite', 'editUser']
52+
);
53+
}
54+
/**
55+
* @see PKPHandler::authorize()
56+
*
57+
* @param PKPRequest $request
58+
* @param array $args
59+
* @param array $roleAssignments
60+
*/
61+
public function authorize($request, &$args, $roleAssignments)
62+
{
63+
/** @var PageRouter */
64+
$router = $request->getRouter();
65+
$op = $router->getRequestedOp($request);
66+
$this->addPolicy(new ContextAccessPolicy($request, $roleAssignments));
67+
68+
if (in_array($op, ['accept', 'decline'])) {
69+
return true;
70+
}
71+
return parent::authorize($request, $args, $roleAssignments);
72+
}
73+
4174
/**
4275
* Accept invitation handler
4376
*/
@@ -155,8 +188,8 @@ public function invite(array $args, Request $request): void
155188
$invitationModel = $invitation->invitationModel->toArray();
156189

157190
$invitationMode = 'edit';
158-
$payload['email']=$invitationModel['email'];
159-
$invitationData = $this->generateInvitationPayload($invitationModel['userId'],$payload,$request->getContext())['invitationPayload'];
191+
$payload['email'] = $invitationModel['email'];
192+
$invitationData = $this->generateInvitationPayload($invitationModel['userId'], $payload, $request->getContext());
160193
$user = $invitationData['user'];
161194
$invitationPayload = $invitationData['invitationPayload'];
162195
}
@@ -206,7 +239,8 @@ public function invite(array $args, Request $request): void
206239
'pageTitleDescription' => $invitation ?
207240
__(
208241
'invitation.wizard.viewPageTitleDescription',
209-
['name' => $invitationPayload['givenName'][Locale::getLocale()]]
242+
['name' => $invitationPayload['givenName'][Locale::getLocale()] ?
243+
$invitationPayload['givenName'][Locale::getLocale()] : $invitationPayload['inviteeEmail']]
210244
)
211245
: __('invitation.wizard.pageTitleDescription'),
212246
]);
@@ -228,9 +262,9 @@ public function invite(array $args, Request $request): void
228262
public function editUser($args, $request): void
229263
{
230264
$invitation = null;
231-
if(!empty($args)) {
265+
if (!empty($args)) {
232266
$invitationMode = 'editUser';
233-
$invitationData = $this->generateInvitationPayload($args[0],[],$request->getContext());
267+
$invitationData = $this->generateInvitationPayload($args[0], [], $request->getContext());
234268
$user = $invitationData['user'];
235269
$invitationPayload = $invitationData['invitationPayload'];
236270
$templateMgr = TemplateManager::getManager($request);
@@ -257,7 +291,7 @@ public function editUser($args, $request): void
257291
];
258292
$steps = new SendInvitationStep();
259293
$templateMgr->setState([
260-
'steps' => $steps->getSteps($invitation, $context,$user),
294+
'steps' => $steps->getSteps($invitation, $context, $user),
261295
'emailTemplatesApiUrl' => $request
262296
->getDispatcher()
263297
->url(
@@ -295,7 +329,7 @@ public function editUser($args, $request): void
295329
* @param Context $context
296330
* @param int $id
297331
*/
298-
private function getUserUserGroups(int $id , Context $context): array
332+
private function getUserUserGroups(int $id, Context $context): array
299333
{
300334
$userGroups = [];
301335
$userUserGroups = UserUserGroup::query()
@@ -325,11 +359,11 @@ private function getUserUserGroups(int $id , Context $context): array
325359
private function generateInvitationPayload($userId, array $payload, Context $context): array
326360
{
327361
$user = null;
328-
if($userId){
329-
$user = Repo::user()->get($userId,true);
362+
if ($userId) {
363+
$user = Repo::user()->get($userId, true);
330364
}
331365

332-
$invitationPayload =[];
366+
$invitationPayload = [];
333367
$invitationPayload['userId'] = $user ? $user->getId() : $userId;
334368
$invitationPayload['inviteeEmail'] = $user ? $user->getEmail() : $payload['email'];
335369
$invitationPayload['orcid'] = $user ? $user->getData('orcid') : $payload['orcid'];
@@ -341,12 +375,12 @@ private function generateInvitationPayload($userId, array $payload, Context $con
341375
$invitationPayload['phone'] = $user?->getPhone();
342376
$invitationPayload['mailingAddress'] = $user?->getMailingAddress();
343377
$invitationPayload['signature'] = $user?->getSignature(null);
344-
$invitationPayload['locales'] = $user? $this->getWorkingLanguages($context,$user->getLocales()) : null;
378+
$invitationPayload['locales'] = $user ? $this->getWorkingLanguages($context, $user->getLocales()) : null;
345379
$invitationPayload['reviewInterests'] = $user?->getInterestString();
346380
$invitationPayload['homePageUrl'] = $user?->getUrl();
347381
$invitationPayload['disabled'] = $user?->getData('disabled');
348382
$invitationPayload['userGroupsToAdd'] = !$payload['userGroupsToAdd'] ? [] : $payload['userGroupsToAdd'];
349-
$invitationPayload['currentUserGroups'] = !$userId ? [] : $this->getUserUserGroups($userId,$context);
383+
$invitationPayload['currentUserGroups'] = !$userId ? [] : $this->getUserUserGroups($userId, $context);
350384
$invitationPayload['userGroupsToRemove'] = [];
351385
$invitationPayload['emailComposer'] = [
352386
'emailBody' => '',
@@ -364,7 +398,7 @@ private function generateInvitationPayload($userId, array $payload, Context $con
364398
* @param $userLocales
365399
* @return string
366400
*/
367-
private function getWorkingLanguages(Context $context,$userLocales): string
401+
private function getWorkingLanguages(Context $context, $userLocales): string
368402
{
369403
$locales = $context->getSupportedLocaleNames();
370404
return join(__('common.commaListSeparator'), array_map(fn($key) => $locales[$key], $userLocales));

0 commit comments

Comments
 (0)