diff --git a/app/config/actions.xml b/app/config/actions.xml index 26205c98..1ba6d586 100644 --- a/app/config/actions.xml +++ b/app/config/actions.xml @@ -2,19 +2,19 @@ - 1 + 2 ACCOUNT_SEARCH Buscar Cuentas account/search - 10 + 1 ACCOUNT Cuentas account/index - 11 + 20 ACCOUNT_FILE Archivos account/listFile @@ -26,805 +26,805 @@ account/requestAccess - 13 + 30 ACCOUNT_FAVORITE Favoritos favorite/index - 20 + 1201 WIKI Wiki wiki/index - 60 + 5001 ITEMS_MANAGE Elementos y Personalización itemManager/index - 61 + 101 CATEGORY Gestión Categorías category/index - 62 + 301 CLIENT Gestión Clientes client/index - 63 + 1001 AUTHTOKEN Gestión Autorizaciones API authToken/index - 64 + 401 CUSTOMFIELD Gestión Campos Personalizados customField/index - 65 + 501 PUBLICLINK Enlaces Públicos publicLink/index - 66 + 601 FILE Gestión de Archivos file/index - 67 + 1301 ACCOUNTMGR Gestión de Cuentas accountManager/index - 68 + 201 TAG Gestión de Etiquetas tag/index - 69 + 1101 PLUGIN Gestión Plugins plugin/index - 70 + 5002 ACCESS_MANAGE Usuarios y Accesos accessManager/index - 71 + 701 USER Gestión Usuarios user/index - 72 + 801 GROUP Gestión Grupos group/index - 73 + 901 PROFILE Gestión Perfiles profile/index - 90 + 1701 EVENTLOG Registro de Eventos eventlog/index - 905 + 1702 EVENTLOG_SEARCH Buscar Eventos eventlog/search - 906 + 1703 EVENTLOG_CLEAR Limpiar Eventos eventlog/clear - 100 + 3 ACCOUNT_VIEW Ver Cuenta account/view - 101 + 4 ACCOUNT_CREATE Nueva Cuenta account/create - 102 + 5 ACCOUNT_EDIT Editar Cuenta account/edit - 103 + 6 ACCOUNT_DELETE Eliminar Cuenta account/delete - 104 + 7 ACCOUNT_VIEW_PASS Ver Clave account/viewPass - 106 + 8 ACCOUNT_EDIT_PASS Editar Clave de Cuenta account/editPass - 107 + 9 ACCOUNT_EDIT_RESTORE Restaurar Cuenta account/restore - 108 + 10 ACCOUNT_COPY Copiar Cuenta account/copy - 109 + 11 ACCOUNT_COPY_PASS Copiar Clave account/copyPass - 111 + 21 ACCOUNT_FILE_VIEW Ver Archivo accountFile/view - 112 + 22 ACCOUNT_FILE_UPLOAD Subir Archivo accountFile/upload - 113 + 23 ACCOUNT_FILE_DOWNLOAD Descargar Archivo accountFile/download - 114 + 24 ACCOUNT_FILE_DELETE Eliminar Archivo accountFile/delete - 115 + 25 ACCOUNT_FILE_SEARCH Buscar Archivos accountFile/search - 116 + 26 ACCOUNT_FILE_LIST Listar Archivos accountFile/list - 130 + 31 ACCOUNT_FAVORITE_VIEW Ver Favoritos favorite/view - 131 + 32 ACCOUNT_FAVORITE_ADD Añadir Favorito accountFavorite/mark - 133 + 33 ACCOUNT_FAVORITE_DELETE Eliminar Favorito accountFavorite/unmark - 140 + 40 ACCOUNT_HISTORY_VIEW Ver Historial account/viewHistory - 141 + 41 ACCOUNT_HISTORY_VIEW_PASS Ver Clave account/viewPassHistory - 142 + 42 ACCOUNT_HISTORY_COPY_PASS Copiar Clave account/copyPassHistory - 200 + 1203 WIKI_VIEW Ver Wiki wiki/view - 201 - WIKI_NEW + 1204 + WIKI_CREATE Añadir Wiki wiki/create - 202 + 1205 WIKI_EDIT Editar Wiki wiki/edit - 203 + 1206 WIKI_DELETE Eliminar Wiki wiki/delete - 610 + 103 CATEGORY_VIEW Ver Categoría category/view - 611 + 104 CATEGORY_CREATE Nueva Categoría category/create - 612 + 105 CATEGORY_EDIT Editar Categoría category/edit - 613 + 106 CATEGORY_DELETE Eliminar Categoría category/delete - 615 + 102 CATEGORY_SEARCH Buscar Categoría category/search - 620 + 303 CLIENT_VIEW Ver Cliente client/view - 621 + 304 CLIENT_CREATE Nuevo CLiente client/create - 622 + 305 CLIENT_EDIT Editar Cliente client/edit - 623 + 306 CLIENT_DELETE Eliminar Cliente client/delete - 625 + 302 CLIENT_SEARCH Buscar Cliente client/search - 630 + 1004 AUTHTOKEN_CREATE Nuevo Token API authToken/create - 631 + 1003 AUTHTOKEN_VIEW Ver Token API authToken/view - 632 + 1005 AUTHTOKEN_EDIT Editar Token API authToken/edit - 633 + 1006 AUTHTOKEN_DELETE Eliminar Token API authToken/delete - 635 + 1002 AUTHTOKEN_SEARCH Buscar Token API authToken/search - 640 + 404 CUSTOMFIELD_CREATE Nuevo Campo Personalizado customField/create - 641 + 403 CUSTOMFIELD_VIEW Ver Campo Personalizado customField/view - 642 + 405 CUSTOMFIELD_EDIT Editar Campo Personalizado customField/edit - 643 + 406 CUSTOMFIELD_DELETE Eliminar Campo Personalizado customField/delete - 645 + 402 CUSTOMFIELD_SEARCH Buscar Campo Personalizado customField/search - 650 + 504 PUBLICLINK_CREATE Crear Enlace Público publicLink/create - 651 + 503 PUBLICLINK_VIEW Ver Enlace Público publicLink/view - 653 + 506 PUBLICLINK_DELETE Eliminar Enlace Público publicLink/delete - 654 + 507 PUBLICLINK_REFRESH Actualizar Enlace Público publicLink/refresh - 655 + 502 PUBLICLINK_SEARCH Buscar Enlace Público publicLink/search - 661 + 603 FILE_VIEW Ver Archivo file/view - 662 + 605 FILE_DOWNLOAD Descargar Archivo file/download - 663 + 606 FILE_DELETE Eliminar Archivo file/delete - 664 + 604 FILE_UPLOAD Subir Archivo file/upload - 665 + 602 FILE_SEARCH Buscar Archivo file/search - 671 + 1303 ACCOUNTMGR_VIEW Ver Cuenta accountManager/view - 673 + 1304 ACCOUNTMGR_DELETE Eliminar Cuenta accountManager/delete - 675 + 1302 ACCOUNTMGR_SEARCH Buscar Cuenta accountManager/search - 680 + 204 TAG_CREATE Nueva Etiqueta tag/create - 681 + 203 TAG_VIEW Ver Etiqueta tag/view - 682 + 205 TAG_EDIT Editar Etiqueta tag/edit - 683 + 206 TAG_DELETE Eliminar Etiqueta tag/delete - 685 + 202 TAG_SEARCH Buscar Etiqueta tag/search - 690 - PLUGIN_NEW + 1104 + PLUGIN_CREATE Nuevo Plugin plugin/create - 691 + 1103 PLUGIN_VIEW Ver Plugin plugin/view - 695 + 1102 PLUGIN_SEARCH Buscar Plugin plugin/search - 696 + 1105 PLUGIN_ENABLE Habilitar Plugin plugin/enable - 697 + 1106 PLUGIN_DISABLE Deshabilitar Plugin plugin/disable - 698 + 1107 PLUGIN_RESET Restablecer Plugin plugin/reset - 710 + 703 USER_VIEW Ver Usuario user/view - 711 + 704 USER_CREATE Nuevo Usuario user/create - 712 + 705 USER_EDIT Editar Usuario user/edit - 713 + 706 USER_DELETE Eliminar Usuario user/delete - 714 + 707 USER_EDIT_PASS Editar Clave Usuario user/editPass - 715 + 702 USER_SEARCH Buscar Usuario user/search - 720 + 803 GROUP_VIEW Ver Grupo userGroup/view - 721 + 804 GROUP_CREATE Nuevo Grupo userGroup/create - 722 + 805 GROUP_EDIT Editar Grupo userGroup/edit - 723 + 806 GROUP_DELETE Eliminar Grupo userGroup/delete - 725 + 802 GROUP_SEARCH Buscar Grupo userGroup/search - 730 + 903 PROFILE_VIEW Ver Perfil userProfile/view - 731 + 904 PROFILE_CREATE Nuevo Perfil userProfile/create - 732 + 905 PROFILE_EDIT Editar Perfil userProfile/edit - 733 + 906 PROFILE_DELETE Eliminar Perfil userProfile/delete - 735 + 902 PROFILE_SEARCH Buscar Perfil userProfile/search - 74 + 5010 USERSETTINGS Configuración Usuario userSettingsManager/index - 741 + 5011 USERSETTINGS_GENERAL Preferencias General userSettings/general - 76 + 1401 NOTIFICATION Notificaciones notification/index - 1000 + 1501 CONFIG Configuración configManager/index - 1001 + 1502 CONFIG_GENERAL Configuración General configManager/general - 1010 - ACCOUNT_CONFIG + 1510 + CONFIG_ACCOUNT Configuración Cuentas account/config - 1020 - WIKI_CONFIG + 1520 + CONFIG_WIKI Configuración Wiki wiki/config - 1030 - ENCRYPTION_CONFIG + 1530 + CONFIG_CRYPT Configuración Encriptación encryption/config - 1031 - ENCRYPTION_REFRESH + 1531 + CONFIG_CRYPT_REFRESH Actualizar Hash encryption/updateHash - 1032 - ENCRYPTION_TEMPPASS + 1532 + CONFIG_CRYPT_TEMPPASS Clave Maestra Temporal encryption/createTempPass - 1040 - BACKUP_CONFIG + 1540 + CONFIG_BACKUP Configuración Copia de Seguridad backup/config - 1041 - BACKUP + 1541 + CONFIG_BACKUP_RUN Copia de Seguridad backup/backup - 1050 - IMPORT_CONFIG + 1550 + CONFIG_IMPORT Configuración Importación import/config - 1051 - IMPORT_CSV + 1551 + CONFIG_IMPORT_CSV Importar CSV import/csv - 1052 - IMPORT_XML + 1552 + CONFIG_IMPORT_XML Importar XML import/xml - 1060 - EXPORT_CONFIG + 1560 + CONFIG_EXPORT Configuración Exportación export/config - 1061 - EXPORT + 1561 + CONFIG_EXPORT_RUN Exportación export/export - 1070 - MAIL_CONFIG + 1570 + CONFIG_MAIL Configuración Email mail/config - 1080 - LDAP_CONFIG + 1580 + CONFIG_LDAP Configuración LDAP ldap/config - 1081 - LDAP_SYNC + 1581 + CONFIG_LDAP_SYNC Sincronización LDAP ldap/sync - 6701 + 1311 ACCOUNTMGR_HISTORY Gestión de Cuenta (H) accountHistoryManager/index - 6731 - ACCOUNTMGR_DELETE_HISTORY + 1314 + ACCOUNTMGR_HISTORY_DELETE Eliminar Cuenta accountHistoryManager/delete - 6751 - ACCOUNTMGR_SEARCH_HISTORY + 1312 + ACCOUNTMGR_HISTORY_SEARCH Buscar Cuenta accountHistoryManager/search - 6771 - ACCOUNTMGR_RESTORE + 1315 + ACCOUNTMGR_HISTORY_RESTORE Restaurar Cuenta accountManager/restore - 760 + 1403 NOTIFICATION_VIEW Ver Notificación notification/view - 761 + 1404 NOTIFICATION_CREATE Crear Notificación notification/create - 762 + 1405 NOTIFICATION_EDIT Editar Notificación notification/edit - 763 + 1406 NOTIFICATION_DELETE Eliminar Notificación notification/delete - 764 + 1407 NOTIFICATION_CHECK Marcar Notificación notification/check - 765 + 1402 NOTIFICATION_SEARCH Buscar Notificación notification/search diff --git a/app/modules/api/Controllers/ConfigController.php b/app/modules/api/Controllers/ConfigController.php index 73f07272..578b0353 100644 --- a/app/modules/api/Controllers/ConfigController.php +++ b/app/modules/api/Controllers/ConfigController.php @@ -47,7 +47,7 @@ final class ConfigController extends ControllerBase public function backupAction() { try { - $this->setupApi(ActionsInterface::BACKUP_CONFIG); + $this->setupApi(ActionsInterface::CONFIG_BACKUP); $this->dic->get(FileBackupService::class) ->doBackup(BACKUP_PATH); @@ -74,7 +74,7 @@ final class ConfigController extends ControllerBase public function exportAction() { try { - $this->setupApi(ActionsInterface::EXPORT_CONFIG); + $this->setupApi(ActionsInterface::CONFIG_EXPORT); $password = $this->apiService->getParamString('password'); diff --git a/app/modules/web/Controllers/AccountHistoryManagerController.php b/app/modules/web/Controllers/AccountHistoryManagerController.php index bfa4f19d..6f425fa0 100644 --- a/app/modules/web/Controllers/AccountHistoryManagerController.php +++ b/app/modules/web/Controllers/AccountHistoryManagerController.php @@ -53,7 +53,7 @@ final class AccountHistoryManagerController extends ControllerBase */ public function searchAction() { - if (!$this->acl->checkUserAccess(Acl::ACCOUNTMGR_SEARCH_HISTORY)) { + if (!$this->acl->checkUserAccess(Acl::ACCOUNTMGR_HISTORY_SEARCH)) { return; } diff --git a/app/modules/web/Controllers/ConfigAccountController.php b/app/modules/web/Controllers/ConfigAccountController.php index b6ae9f38..325f529c 100644 --- a/app/modules/web/Controllers/ConfigAccountController.php +++ b/app/modules/web/Controllers/ConfigAccountController.php @@ -111,7 +111,7 @@ final class ConfigAccountController extends SimpleControllerBase { try { $this->checks(); - $this->checkAccess(ActionsInterface::ACCOUNT_CONFIG); + $this->checkAccess(ActionsInterface::CONFIG_ACCOUNT); } catch (UnauthorizedPageException $e) { $this->eventDispatcher->notifyEvent('exception', new Event($e)); diff --git a/app/modules/web/Controllers/ConfigBackupController.php b/app/modules/web/Controllers/ConfigBackupController.php index 6ddee5b3..a39719ff 100644 --- a/app/modules/web/Controllers/ConfigBackupController.php +++ b/app/modules/web/Controllers/ConfigBackupController.php @@ -140,7 +140,7 @@ final class ConfigBackupController extends SimpleControllerBase { try { $this->checks(); - $this->checkAccess(Acl::BACKUP_CONFIG); + $this->checkAccess(Acl::CONFIG_BACKUP); } catch (UnauthorizedPageException $e) { $this->eventDispatcher->notifyEvent('exception', new Event($e)); diff --git a/app/modules/web/Controllers/ConfigEncryptionController.php b/app/modules/web/Controllers/ConfigEncryptionController.php index 6a1e9651..88b7de7a 100644 --- a/app/modules/web/Controllers/ConfigEncryptionController.php +++ b/app/modules/web/Controllers/ConfigEncryptionController.php @@ -210,7 +210,7 @@ final class ConfigEncryptionController extends SimpleControllerBase { try { $this->checks(); - $this->checkAccess(Acl::ENCRYPTION_CONFIG); + $this->checkAccess(Acl::CONFIG_CRYPT); } catch (UnauthorizedPageException $e) { $this->eventDispatcher->notifyEvent('exception', new Event($e)); diff --git a/app/modules/web/Controllers/ConfigImportController.php b/app/modules/web/Controllers/ConfigImportController.php index 78612439..9f419819 100644 --- a/app/modules/web/Controllers/ConfigImportController.php +++ b/app/modules/web/Controllers/ConfigImportController.php @@ -97,7 +97,7 @@ final class ConfigImportController extends SimpleControllerBase { try { $this->checks(); - $this->checkAccess(Acl::IMPORT_CONFIG); + $this->checkAccess(Acl::CONFIG_IMPORT); } catch (UnauthorizedPageException $e) { $this->eventDispatcher->notifyEvent('exception', new Event($e)); diff --git a/app/modules/web/Controllers/ConfigLdapController.php b/app/modules/web/Controllers/ConfigLdapController.php index 71dfe2b2..6f1c8b04 100644 --- a/app/modules/web/Controllers/ConfigLdapController.php +++ b/app/modules/web/Controllers/ConfigLdapController.php @@ -279,7 +279,7 @@ final class ConfigLdapController extends SimpleControllerBase { try { $this->checks(); - $this->checkAccess(Acl::LDAP_CONFIG); + $this->checkAccess(Acl::CONFIG_LDAP); } catch (UnauthorizedPageException $e) { $this->eventDispatcher->notifyEvent('exception', new Event($e)); diff --git a/app/modules/web/Controllers/ConfigMailController.php b/app/modules/web/Controllers/ConfigMailController.php index e9cf05b9..334e3145 100644 --- a/app/modules/web/Controllers/ConfigMailController.php +++ b/app/modules/web/Controllers/ConfigMailController.php @@ -157,7 +157,7 @@ final class ConfigMailController extends SimpleControllerBase { try { $this->checks(); - $this->checkAccess(Acl::MAIL_CONFIG); + $this->checkAccess(Acl::CONFIG_MAIL); } catch (UnauthorizedPageException $e) { $this->eventDispatcher->notifyEvent('exception', new Event($e)); diff --git a/app/modules/web/Controllers/ConfigManagerController.php b/app/modules/web/Controllers/ConfigManagerController.php index b55e7d50..4d6beda3 100644 --- a/app/modules/web/Controllers/ConfigManagerController.php +++ b/app/modules/web/Controllers/ConfigManagerController.php @@ -84,31 +84,31 @@ final class ConfigManagerController extends ControllerBase $this->tabsHelper->addTab($this->getConfigGeneral()); } - if ($this->checkAccess(Acl::ACCOUNT_CONFIG)) { + if ($this->checkAccess(Acl::CONFIG_ACCOUNT)) { $this->tabsHelper->addTab($this->getAccountConfig()); } - if ($this->checkAccess(Acl::WIKI_CONFIG)) { + if ($this->checkAccess(Acl::CONFIG_WIKI)) { $this->tabsHelper->addTab($this->getWikiConfig()); } - if ($this->checkAccess(Acl::LDAP_CONFIG)) { + if ($this->checkAccess(Acl::CONFIG_LDAP)) { $this->tabsHelper->addTab($this->getLdapConfig()); } - if ($this->checkAccess(Acl::MAIL_CONFIG)) { + if ($this->checkAccess(Acl::CONFIG_MAIL)) { $this->tabsHelper->addTab($this->getMailConfig()); } - if ($this->checkAccess(Acl::ENCRYPTION_CONFIG)) { + if ($this->checkAccess(Acl::CONFIG_CRYPT)) { $this->tabsHelper->addTab($this->getEncryptionConfig()); } - if ($this->checkAccess(Acl::BACKUP_CONFIG)) { + if ($this->checkAccess(Acl::CONFIG_BACKUP)) { $this->tabsHelper->addTab($this->getBackupConfig()); } - if ($this->checkAccess(Acl::IMPORT_CONFIG)) { + if ($this->checkAccess(Acl::CONFIG_IMPORT)) { $this->tabsHelper->addTab($this->getImportConfig()); } diff --git a/app/modules/web/Controllers/ConfigWikiController.php b/app/modules/web/Controllers/ConfigWikiController.php index 7c50f6c3..7e67a762 100644 --- a/app/modules/web/Controllers/ConfigWikiController.php +++ b/app/modules/web/Controllers/ConfigWikiController.php @@ -113,7 +113,7 @@ final class ConfigWikiController extends SimpleControllerBase { try { $this->checks(); - $this->checkAccess(Acl::WIKI_CONFIG); + $this->checkAccess(Acl::CONFIG_WIKI); } catch (UnauthorizedPageException $e) { $this->eventDispatcher->notifyEvent('exception', new Event($e)); diff --git a/app/modules/web/Controllers/Helpers/ItemsGridHelper.php b/app/modules/web/Controllers/Helpers/ItemsGridHelper.php index abe13819..c689c667 100644 --- a/app/modules/web/Controllers/Helpers/ItemsGridHelper.php +++ b/app/modules/web/Controllers/Helpers/ItemsGridHelper.php @@ -525,35 +525,35 @@ final class ItemsGridHelper extends HelperBase // Grid Actions $GridActionSearch = new DataGridActionSearch(); - $GridActionSearch->setId(ActionsInterface::ACCOUNTMGR_SEARCH_HISTORY); + $GridActionSearch->setId(ActionsInterface::ACCOUNTMGR_HISTORY_SEARCH); $GridActionSearch->setType(DataGridActionType::SEARCH_ITEM); $GridActionSearch->setName('frmSearchAccountHistory'); $GridActionSearch->setTitle(__('Buscar Cuenta')); $GridActionSearch->setOnSubmitFunction('appMgmt/search'); - $GridActionSearch->addData('action-route', Acl::getActionRoute(ActionsInterface::ACCOUNTMGR_SEARCH_HISTORY)); + $GridActionSearch->addData('action-route', Acl::getActionRoute(ActionsInterface::ACCOUNTMGR_HISTORY_SEARCH)); $Grid->setDataActions($GridActionSearch); $Grid->setPager($this->getPager($GridActionSearch)); // Grid item's actions $GridActionRestore = new DataGridAction(); - $GridActionRestore->setId(ActionsInterface::ACCOUNTMGR_RESTORE); + $GridActionRestore->setId(ActionsInterface::ACCOUNTMGR_HISTORY_RESTORE); $GridActionRestore->setType(DataGridActionType::EDIT_ITEM); $GridActionRestore->setName(__('Restaurar Cuenta')); $GridActionRestore->setTitle(__('Restaurar Cuenta')); $GridActionRestore->setIcon($this->icons->getIconRestore()); - $GridActionRestore->addData('action-route', Acl::getActionRoute(ActionsInterface::ACCOUNTMGR_RESTORE)); + $GridActionRestore->addData('action-route', Acl::getActionRoute(ActionsInterface::ACCOUNTMGR_HISTORY_RESTORE)); // $Grid->setDataActions($GridActionRestore); $GridActionDel = new DataGridAction(); - $GridActionDel->setId(ActionsInterface::ACCOUNTMGR_DELETE_HISTORY); + $GridActionDel->setId(ActionsInterface::ACCOUNTMGR_HISTORY_DELETE); $GridActionDel->setType(DataGridActionType::DELETE_ITEM); $GridActionDel->setName(__('Eliminar Cuenta')); $GridActionDel->setTitle(__('Eliminar Cuenta')); $GridActionDel->setIcon($this->icons->getIconDelete()); $GridActionDel->setOnClickFunction('appMgmt/delete'); - $GridActionDel->addData('action-route', Acl::getActionRoute(ActionsInterface::ACCOUNTMGR_DELETE_HISTORY)); + $GridActionDel->addData('action-route', Acl::getActionRoute(ActionsInterface::ACCOUNTMGR_HISTORY_DELETE)); $Grid->setDataActions($GridActionDel); $Grid->setDataActions($GridActionDel, true); @@ -623,18 +623,18 @@ final class ItemsGridHelper extends HelperBase $Grid->setDataActions($GridActionNew); - if ($this->acl->checkUserAccess(ActionsInterface::IMPORT_CONFIG) + if ($this->acl->checkUserAccess(ActionsInterface::CONFIG_IMPORT) && $this->configData->isLdapEnabled() ) { $GridActionLdapSync = new DataGridAction(); - $GridActionLdapSync->setId(ActionsInterface::LDAP_SYNC); + $GridActionLdapSync->setId(ActionsInterface::CONFIG_LDAP_SYNC); $GridActionLdapSync->setType(DataGridActionType::MENUBAR_ITEM); $GridActionLdapSync->setName(__('Importar usuarios de LDAP')); $GridActionLdapSync->setTitle(__('Importar usuarios de LDAP')); $GridActionLdapSync->setIcon(new FontIcon('get_app')); $GridActionLdapSync->setSkip(true); $GridActionLdapSync->setOnClickFunction('appMgmt/ldapSync'); - $GridActionLdapSync->addData('action-route', Acl::getActionRoute(ActionsInterface::LDAP_SYNC)); + $GridActionLdapSync->addData('action-route', Acl::getActionRoute(ActionsInterface::CONFIG_LDAP_SYNC)); $Grid->setDataActions($GridActionLdapSync); } diff --git a/app/modules/web/Controllers/UpgradeController.php b/app/modules/web/Controllers/UpgradeController.php index ca61f325..4d80589f 100644 --- a/app/modules/web/Controllers/UpgradeController.php +++ b/app/modules/web/Controllers/UpgradeController.php @@ -24,6 +24,7 @@ namespace SP\Modules\Web\Controllers; +use SP\Core\Acl\Actions; use SP\Http\JsonResponse; use SP\Modules\Web\Controllers\Helpers\LayoutHelper; use SP\Modules\Web\Controllers\Traits\JsonTrait; @@ -43,12 +44,16 @@ final class UpgradeController extends ControllerBase /** * indexAction + * + * @throws \SP\Storage\File\FileException */ public function indexAction() { $layoutHelper = $this->dic->get(LayoutHelper::class); $layoutHelper->getPublicLayout('index', 'upgrade'); + $this->dic->get(Actions::class)->reset(); + $this->view(); } diff --git a/lib/SP/Core/Acl/Acl.php b/lib/SP/Core/Acl/Acl.php index f2aecd50..a0da9e93 100644 --- a/lib/SP/Core/Acl/Acl.php +++ b/lib/SP/Core/Acl/Acl.php @@ -107,12 +107,9 @@ final class Acl implements ActionsInterface /** * Comprobar los permisos de acceso del usuario a los módulos de la aplicación. - * Esta función comprueba los permisos del usuario para realizar una acción. - * Si los permisos ya han sido obtenidos desde la BBDD, se utiliza el objeto creado - * en la variable de sesión. * - * @param string $action con el nombre de la acción - * @param int $userId opcional, con el Id del usuario + * @param int $action con el Id de la acción + * @param int $userId opcional, con el Id del usuario * * @return bool */ @@ -148,17 +145,27 @@ final class Acl implements ActionsInterface case self::ACCOUNT_FILE: return ($userData->getIsAdminAcc() || $userProfile->isAccFiles()); case self::ITEMS_MANAGE: - return ($userProfile->isMgmCategories() || $userProfile->isMgmCustomers()); + return ($userData->getIsAdminAcc() + || $userProfile->isMgmCategories() + || $userProfile->isMgmCustomers() + || $userProfile->isMgmAccounts() + || $userProfile->isMgmFiles() + || $userProfile->isMgmTags() + || $userProfile->isMgmCustomFields() + || $userProfile->isMgmPublicLinks()); case self::CONFIG: - return ($userProfile->isConfigGeneral() || $userProfile->isConfigEncryption() || $userProfile->isConfigBackup() || $userProfile->isConfigImport()); + return ($userProfile->isConfigGeneral() + || $userProfile->isConfigEncryption() + || $userProfile->isConfigBackup() + || $userProfile->isConfigImport()); case self::CONFIG_GENERAL: case self::PLUGIN: - case self::ACCOUNT_CONFIG: - case self::WIKI_CONFIG: - case self::LDAP_CONFIG: - case self::MAIL_CONFIG: + case self::CONFIG_ACCOUNT: + case self::CONFIG_WIKI: + case self::CONFIG_LDAP: + case self::CONFIG_MAIL: return $userProfile->isConfigGeneral(); - case self::IMPORT_CONFIG: + case self::CONFIG_IMPORT: return $userProfile->isConfigImport(); case self::CATEGORY: case self::CATEGORY_SEARCH: @@ -193,8 +200,8 @@ final class Acl implements ActionsInterface case self::ACCOUNTMGR: case self::ACCOUNTMGR_SEARCH: case self::ACCOUNTMGR_HISTORY: - case self::ACCOUNTMGR_SEARCH_HISTORY: - return $userProfile->isMgmAccounts(); + case self::ACCOUNTMGR_HISTORY_SEARCH: + return ($userData->getIsAdminAcc() || $userProfile->isMgmAccounts()); case self::FILE: case self::FILE_SEARCH: case self::FILE_DELETE: @@ -208,12 +215,15 @@ final class Acl implements ActionsInterface case self::TAG_EDIT: case self::TAG_DELETE: return $userProfile->isMgmTags(); - case self::ENCRYPTION_CONFIG: + case self::CONFIG_CRYPT: return $userProfile->isConfigEncryption(); - case self::BACKUP_CONFIG: + case self::CONFIG_BACKUP: return $userProfile->isConfigBackup(); case self::ACCESS_MANAGE: - return ($userProfile->isMgmUsers() || $userProfile->isMgmGroups() || $userProfile->isMgmProfiles()); + return ($userProfile->isMgmUsers() + || $userProfile->isMgmGroups() + || $userProfile->isMgmProfiles() + || $userProfile->isMgmApiTokens()); case self::USER: case self::USER_SEARCH: case self::USER_VIEW: diff --git a/lib/SP/Core/Acl/Actions.php b/lib/SP/Core/Acl/Actions.php index 79fb46a9..f502530b 100644 --- a/lib/SP/Core/Acl/Actions.php +++ b/lib/SP/Core/Acl/Actions.php @@ -67,7 +67,7 @@ final class Actions * @param FileStorageInterface $fileStorage * @param \SP\Storage\File\XmlFileStorageInterface $xmlFileStorage * - * @throws \SP\Core\Exceptions\FileNotFoundException + * @throws FileException */ public function __construct(FileStorageInterface $fileStorage, XmlFileStorageInterface $xmlFileStorage) { @@ -81,7 +81,7 @@ final class Actions * Loads actions from cache file * * @return void - * @throws \SP\Core\Exceptions\FileNotFoundException + * @throws FileException */ protected function loadCache() { @@ -101,7 +101,7 @@ final class Actions } /** - * @throws \SP\Core\Exceptions\FileNotFoundException + * @throws FileException */ protected function mapAndSave() { @@ -114,20 +114,18 @@ final class Actions /** * Sets an array of actions using id as key * - * @throws \SP\Core\Exceptions\FileNotFoundException + * @throws FileException */ protected function map() { $this->actions = []; - $actionBase = new ActionData(); - foreach ($this->load() as $a) { if (isset($this->actions[$a['id']])) { throw new \RuntimeException('Duplicated action id: ' . $a['id']); } - $action = clone $actionBase; + $action = new ActionData(); $action->id = $a['id']; $action->name = $a['name']; $action->text = $a['text']; @@ -178,4 +176,14 @@ final class Actions return $this->actions[$id]; } + + /** + * @throws FileException + */ + public function reset() + { + @unlink(self::ACTIONS_CACHE_FILE); + + $this->loadCache(); + } } \ No newline at end of file diff --git a/lib/SP/Core/Acl/ActionsInterface.php b/lib/SP/Core/Acl/ActionsInterface.php index 72b4cb56..23c0891e 100644 --- a/lib/SP/Core/Acl/ActionsInterface.php +++ b/lib/SP/Core/Acl/ActionsInterface.php @@ -31,142 +31,146 @@ namespace SP\Core\Acl; */ interface ActionsInterface { - const ACCOUNT_SEARCH = 1; - const ACCOUNT = 10; - const ACCOUNT_VIEW = 100; - const ACCOUNT_CREATE = 101; - const ACCOUNT_EDIT = 102; - const ACCOUNT_DELETE = 103; - const ACCOUNT_VIEW_PASS = 104; - const ACCOUNT_EDIT_PASS = 106; - const ACCOUNT_EDIT_RESTORE = 107; - const ACCOUNT_COPY = 108; - const ACCOUNT_COPY_PASS = 109; - const ACCOUNT_FILE = 11; - const ACCOUNT_FILE_VIEW = 111; - const ACCOUNT_FILE_UPLOAD = 112; - const ACCOUNT_FILE_DOWNLOAD = 113; - const ACCOUNT_FILE_DELETE = 114; - const ACCOUNT_FILE_SEARCH = 115; - const ACCOUNT_FILE_LIST = 116; + const ACCOUNT = 1; + const ACCOUNT_SEARCH = 2; + const ACCOUNT_VIEW = 3; + const ACCOUNT_CREATE = 4; + const ACCOUNT_EDIT = 5; + const ACCOUNT_DELETE = 6; + const ACCOUNT_VIEW_PASS = 7; + const ACCOUNT_EDIT_PASS = 8; + const ACCOUNT_EDIT_RESTORE = 9; + const ACCOUNT_COPY = 10; + const ACCOUNT_COPY_PASS = 11; const ACCOUNT_REQUEST = 12; - const ACCOUNT_FAVORITE = 13; - const ACCOUNT_FAVORITE_VIEW = 130; - const ACCOUNT_FAVORITE_ADD = 131; - const ACCOUNT_FAVORITE_DELETE = 133; - const ACCOUNT_HISTORY_VIEW = 140; - const ACCOUNT_HISTORY_VIEW_PASS = 141; - const ACCOUNT_HISTORY_COPY_PASS = 142; - const WIKI = 20; - const WIKI_VIEW = 200; - const WIKI_NEW = 201; - const WIKI_EDIT = 202; - const WIKI_DELETE = 203; - const ITEMS_MANAGE = 60; - const CATEGORY = 61; - const CATEGORY_VIEW = 610; - const CATEGORY_CREATE = 611; - const CATEGORY_EDIT = 612; - const CATEGORY_DELETE = 613; - const CATEGORY_SEARCH = 615; - const CLIENT = 62; - const CLIENT_VIEW = 620; - const CLIENT_CREATE = 621; - const CLIENT_EDIT = 622; - const CLIENT_DELETE = 623; - const CLIENT_SEARCH = 625; - const AUTHTOKEN = 63; - const AUTHTOKEN_CREATE = 630; - const AUTHTOKEN_VIEW = 631; - const AUTHTOKEN_EDIT = 632; - const AUTHTOKEN_DELETE = 633; - const AUTHTOKEN_SEARCH = 635; - const CUSTOMFIELD = 64; - const CUSTOMFIELD_CREATE = 640; - const CUSTOMFIELD_VIEW = 641; - const CUSTOMFIELD_EDIT = 642; - const CUSTOMFIELD_DELETE = 643; - const CUSTOMFIELD_VIEW_PASS = 644; - const CUSTOMFIELD_SEARCH = 645; - const PUBLICLINK = 65; - const PUBLICLINK_CREATE = 650; - const PUBLICLINK_VIEW = 651; - const PUBLICLINK_EDIT = 652; - const PUBLICLINK_DELETE = 653; - const PUBLICLINK_REFRESH = 654; - const PUBLICLINK_SEARCH = 655; - const FILE = 66; - const FILE_VIEW = 661; - const FILE_DOWNLOAD = 662; - const FILE_DELETE = 663; - const FILE_UPLOAD = 664; - const FILE_SEARCH = 665; - const ACCOUNTMGR = 67; - const ACCOUNTMGR_HISTORY = 6701; - const ACCOUNTMGR_VIEW = 671; - const ACCOUNTMGR_DELETE = 673; - const ACCOUNTMGR_DELETE_HISTORY = 6731; - const ACCOUNTMGR_SEARCH = 675; - const ACCOUNTMGR_SEARCH_HISTORY = 6751; - const ACCOUNTMGR_RESTORE = 6771; - const TAG = 68; - const TAG_CREATE = 680; - const TAG_VIEW = 681; - const TAG_EDIT = 682; - const TAG_DELETE = 683; - const TAG_SEARCH = 685; - const PLUGIN = 69; - const PLUGIN_NEW = 690; - const PLUGIN_VIEW = 691; - const PLUGIN_SEARCH = 695; - const PLUGIN_ENABLE = 696; - const PLUGIN_DISABLE = 697; - const PLUGIN_RESET = 698; - const ACCESS_MANAGE = 70; - const USER = 71; - const USER_VIEW = 710; - const USER_CREATE = 711; - const USER_EDIT = 712; - const USER_DELETE = 713; - const USER_EDIT_PASS = 714; - const USER_SEARCH = 715; - const GROUP = 72; - const GROUP_VIEW = 720; - const GROUP_CREATE = 721; - const GROUP_EDIT = 722; - const GROUP_DELETE = 723; - const GROUP_SEARCH = 725; - const PROFILE = 73; - const PROFILE_VIEW = 730; - const PROFILE_CREATE = 731; - const PROFILE_EDIT = 732; - const PROFILE_DELETE = 733; - const PROFILE_SEARCH = 735; - const USERSETTINGS = 74; - const USERSETTINGS_GENERAL = 741; - const NOTIFICATION = 76; - const NOTIFICATION_VIEW = 760; - const NOTIFICATION_CREATE = 761; - const NOTIFICATION_EDIT = 762; - const NOTIFICATION_DELETE = 763; - const NOTIFICATION_CHECK = 764; - const NOTIFICATION_SEARCH = 765; - const CONFIG = 1000; - const CONFIG_GENERAL = 1001; - const ACCOUNT_CONFIG = 1010; - const WIKI_CONFIG = 1020; - const ENCRYPTION_CONFIG = 1030; - const ENCRYPTION_REFRESH = 1031; - const ENCRYPTION_TEMPPASS = 1032; - const BACKUP_CONFIG = 1040; - const BACKUP = 1041; - const IMPORT_CONFIG = 1050; - const EXPORT_CONFIG = 1060; - const EXPORT = 1061; - const MAIL_CONFIG = 1070; - const LDAP_CONFIG = 1080; - const LDAP_SYNC = 1081; - const EVENTLOG = 90; - const EVENTLOG_SEARCH = 905; - const EVENTLOG_CLEAR = 906; + const ACCOUNT_FILE = 20; + const ACCOUNT_FILE_VIEW = 21; + const ACCOUNT_FILE_UPLOAD = 22; + const ACCOUNT_FILE_DOWNLOAD = 23; + const ACCOUNT_FILE_DELETE = 24; + const ACCOUNT_FILE_SEARCH = 25; + const ACCOUNT_FILE_LIST = 26; + const ACCOUNT_FAVORITE = 30; + const ACCOUNT_FAVORITE_VIEW = 31; + const ACCOUNT_FAVORITE_ADD = 32; + const ACCOUNT_FAVORITE_DELETE = 33; + const ACCOUNT_HISTORY_VIEW = 40; + const ACCOUNT_HISTORY_VIEW_PASS = 41; + const ACCOUNT_HISTORY_COPY_PASS = 42; + const CATEGORY = 101; + const CATEGORY_SEARCH = 102; + const CATEGORY_VIEW = 103; + const CATEGORY_CREATE = 104; + const CATEGORY_EDIT = 105; + const CATEGORY_DELETE = 106; + const TAG = 201; + const TAG_SEARCH = 202; + const TAG_VIEW = 203; + const TAG_CREATE = 204; + const TAG_EDIT = 205; + const TAG_DELETE = 206; + const CLIENT = 301; + const CLIENT_SEARCH = 302; + const CLIENT_VIEW = 303; + const CLIENT_CREATE = 304; + const CLIENT_EDIT = 305; + const CLIENT_DELETE = 306; + const CUSTOMFIELD = 401; + const CUSTOMFIELD_SEARCH = 402; + const CUSTOMFIELD_VIEW = 403; + const CUSTOMFIELD_CREATE = 404; + const CUSTOMFIELD_EDIT = 405; + const CUSTOMFIELD_DELETE = 406; + const CUSTOMFIELD_VIEW_PASS = 407; + const PUBLICLINK = 501; + const PUBLICLINK_SEARCH = 502; + const PUBLICLINK_VIEW = 503; + const PUBLICLINK_CREATE = 504; + const PUBLICLINK_EDIT = 505; + const PUBLICLINK_DELETE = 506; + const PUBLICLINK_REFRESH = 507; + const FILE = 601; + const FILE_SEARCH = 602; + const FILE_VIEW = 603; + const FILE_UPLOAD = 604; + const FILE_DOWNLOAD = 605; + const FILE_DELETE = 606; + const USER = 701; + const USER_SEARCH = 702; + const USER_VIEW = 703; + const USER_CREATE = 704; + const USER_EDIT = 705; + const USER_DELETE = 706; + const USER_EDIT_PASS = 707; + const GROUP = 801; + const GROUP_SEARCH = 802; + const GROUP_VIEW = 803; + const GROUP_CREATE = 804; + const GROUP_EDIT = 805; + const GROUP_DELETE = 806; + const PROFILE = 901; + const PROFILE_SEARCH = 902; + const PROFILE_VIEW = 903; + const PROFILE_CREATE = 904; + const PROFILE_EDIT = 905; + const PROFILE_DELETE = 906; + const AUTHTOKEN = 1001; + const AUTHTOKEN_SEARCH = 1002; + const AUTHTOKEN_VIEW = 1003; + const AUTHTOKEN_CREATE = 1004; + const AUTHTOKEN_EDIT = 1005; + const AUTHTOKEN_DELETE = 1006; + const PLUGIN = 1101; + const PLUGIN_SEARCH = 1102; + const PLUGIN_VIEW = 1103; + const PLUGIN_CREATE = 1104; + const PLUGIN_ENABLE = 1105; + const PLUGIN_DISABLE = 1106; + const PLUGIN_RESET = 1107; + const WIKI = 1201; + const WIKI_SEARCH = 1202; + const WIKI_VIEW = 1203; + const WIKI_CREATE = 1204; + const WIKI_EDIT = 1205; + const WIKI_DELETE = 1206; + const ACCOUNTMGR = 1301; + const ACCOUNTMGR_SEARCH = 1302; + const ACCOUNTMGR_VIEW = 1303; + const ACCOUNTMGR_DELETE = 1304; + const ACCOUNTMGR_HISTORY = 1311; + const ACCOUNTMGR_HISTORY_SEARCH = 1312; + const ACCOUNTMGR_HISTORY_VIEW = 1313; + const ACCOUNTMGR_HISTORY_DELETE = 1314; + const ACCOUNTMGR_HISTORY_RESTORE = 1315; + const NOTIFICATION = 1401; + const NOTIFICATION_SEARCH = 1402; + const NOTIFICATION_VIEW = 1403; + const NOTIFICATION_CREATE = 1404; + const NOTIFICATION_EDIT = 1405; + const NOTIFICATION_DELETE = 1406; + const NOTIFICATION_CHECK = 1407; + const CONFIG = 1501; + const CONFIG_GENERAL = 1502; + const CONFIG_ACCOUNT = 1510; + const CONFIG_WIKI = 1520; + const CONFIG_CRYPT = 1530; + const CONFIG_CRYPT_REFRESH = 1531; + const CONFIG_CRYPT_TEMPPASS = 1532; + const CONFIG_BACKUP = 1540; + const CONFIG_BACKUP_RUN = 1541; + const CONFIG_IMPORT = 1550; + const CONFIG_IMPORT_CSV = 1551; + const CONFIG_IMPORT_XML = 1552; + const CONFIG_EXPORT = 1560; + const CONFIG_EXPORT_RUN = 1561; + const CONFIG_MAIL = 1570; + const CONFIG_LDAP = 1580; + const CONFIG_LDAP_SYNC = 1581; + const EVENTLOG = 1701; + const EVENTLOG_SEARCH = 1702; + const EVENTLOG_CLEAR = 1703; + const ITEMS_MANAGE = 5001; + const ACCESS_MANAGE = 5002; + const USERSETTINGS = 5010; + const USERSETTINGS_GENERAL = 5011; } \ No newline at end of file diff --git a/lib/SP/Repositories/AuthToken/AuthTokenRepository.php b/lib/SP/Repositories/AuthToken/AuthTokenRepository.php index cbe6df33..f8593dca 100644 --- a/lib/SP/Repositories/AuthToken/AuthTokenRepository.php +++ b/lib/SP/Repositories/AuthToken/AuthTokenRepository.php @@ -95,11 +95,30 @@ final class AuthTokenRepository extends Repository implements RepositoryItemInte /** * Returns all the items * - * @return mixed + * @return QueryResult + * + * @throws \SP\Core\Exceptions\ConstraintException + * @throws \SP\Core\Exceptions\QueryException */ public function getAll() { - throw new \RuntimeException('Not implemented'); + $query = /** @lang SQL */ + 'SELECT id, + userId, + actionId, + createdBy, + startDate, + vault, + token, + `hash` + FROM AuthToken + ORDER BY actionId, userId'; + + $queryData = new QueryData(); + $queryData->setMapClassName(AuthTokenData::class); + $queryData->setQuery($query); + + return $this->db->doSelect($queryData); } /** diff --git a/lib/SP/Services/AuthToken/AuthTokenService.php b/lib/SP/Services/AuthToken/AuthTokenService.php index 06dff51f..cd1c120e 100644 --- a/lib/SP/Services/AuthToken/AuthTokenService.php +++ b/lib/SP/Services/AuthToken/AuthTokenService.php @@ -81,8 +81,8 @@ final class AuthTokenService extends Service ActionsInterface::TAG_CREATE => Acl::getActionInfo(ActionsInterface::TAG_CREATE), ActionsInterface::TAG_EDIT => Acl::getActionInfo(ActionsInterface::TAG_EDIT), ActionsInterface::TAG_DELETE => Acl::getActionInfo(ActionsInterface::TAG_DELETE), - ActionsInterface::BACKUP => Acl::getActionInfo(ActionsInterface::BACKUP), - ActionsInterface::EXPORT => Acl::getActionInfo(ActionsInterface::EXPORT) + ActionsInterface::CONFIG_BACKUP_RUN => Acl::getActionInfo(ActionsInterface::CONFIG_BACKUP_RUN), + ActionsInterface::CONFIG_EXPORT_RUN => Acl::getActionInfo(ActionsInterface::CONFIG_EXPORT_RUN) ]; return $actions; @@ -259,6 +259,20 @@ final class AuthTokenService extends Service } } + /** + * @param AuthTokenData $itemData + * + * @throws SPException + * @throws \SP\Core\Exceptions\ConstraintException + * @throws \SP\Core\Exceptions\QueryException + */ + public function updateRaw(AuthTokenData $itemData) + { + if ($this->authTokenRepository->update($itemData) === 0) { + throw new NoSuchItemException(__u('Token no encontrado')); + } + } + /** * Devolver los datos de un token * @@ -282,11 +296,13 @@ final class AuthTokenService extends Service } /** - * @return array + * @return AuthTokenData[] + * @throws \SP\Core\Exceptions\ConstraintException + * @throws \SP\Core\Exceptions\QueryException */ public function getAllBasic() { - return $this->authTokenRepository->getAll(); + return $this->authTokenRepository->getAll()->getDataAsArray(); } /** diff --git a/lib/SP/Services/CustomField/CustomFieldDefService.php b/lib/SP/Services/CustomField/CustomFieldDefService.php index fc0a0f9b..c876e819 100644 --- a/lib/SP/Services/CustomField/CustomFieldDefService.php +++ b/lib/SP/Services/CustomField/CustomFieldDefService.php @@ -183,7 +183,7 @@ final class CustomFieldDefService extends Service /** * Get all items from the service's repository * - * @return array + * @return CustomFieldDefinitionData[] * @throws \SP\Core\Exceptions\ConstraintException * @throws \SP\Core\Exceptions\QueryException */ diff --git a/lib/SP/Services/Upgrade/UpgradeAppService.php b/lib/SP/Services/Upgrade/UpgradeAppService.php index 39286f55..4034975d 100644 --- a/lib/SP/Services/Upgrade/UpgradeAppService.php +++ b/lib/SP/Services/Upgrade/UpgradeAppService.php @@ -37,7 +37,7 @@ use SP\Util\Util; */ final class UpgradeAppService extends Service implements UpgradeInterface { - const UPGRADES = ['300.18010101']; + const UPGRADES = ['300.18010101', '300.18072901']; /** * @param $version @@ -103,6 +103,12 @@ final class UpgradeAppService extends Service implements UpgradeInterface $this->dic->get(UpgradePublicLink::class) ->upgrade_300_18010101(); return true; + case '300.18072901': + $this->dic->get(UpgradeCustomFieldDefinition::class) + ->upgrade_300_18072901(); + $this->dic->get(UpgradeAuthToken::class) + ->upgrade_300_18072901(); + return true; } } catch (\Exception $e) { processException($e); diff --git a/lib/SP/Services/Upgrade/UpgradeAuthToken.php b/lib/SP/Services/Upgrade/UpgradeAuthToken.php new file mode 100644 index 00000000..64fcef61 --- /dev/null +++ b/lib/SP/Services/Upgrade/UpgradeAuthToken.php @@ -0,0 +1,152 @@ +. + */ + +namespace SP\Services\Upgrade; + +use SP\Core\Acl\ActionsInterface; +use SP\Core\Events\Event; +use SP\Core\Events\EventMessage; +use SP\Services\AuthToken\AuthTokenService; +use SP\Services\Service; + + +/** + * Class UpgradeAuthToken + * + * @package SP\Services\Upgrade + */ +class UpgradeAuthToken extends Service +{ + /** + * @var AuthTokenService + */ + private $authtokenService; + + /** + * upgrade_300_18072901 + * + * @throws \Exception + */ + public function upgrade_300_18072901() + { + $this->eventDispatcher->notifyEvent('upgrade.authToken.start', + new Event($this, EventMessage::factory() + ->addDescription(__u('Actualización de autorizaciones API')) + ->addDescription(__FUNCTION__)) + ); + + try { + $this->transactionAware(function () { + foreach ($this->authtokenService->getAllBasic() as $item) { + + $itemData = clone $item; + $itemData->setActionId($this->actionMapper($item->getActionId())); + + $this->authtokenService->updateRaw($itemData); + + $this->eventDispatcher->notifyEvent('upgrade.authToken.process', + new Event($this, EventMessage::factory() + ->addDescription(__u('Autorización actualizada')) + ->addDetail(__u('Autorización'), $item->getId())) + ); + } + }); + } catch (\Exception $e) { + processException($e); + + $this->eventDispatcher->notifyEvent('exception', new Event($e)); + + throw $e; + } + + $this->eventDispatcher->notifyEvent('upgrade.authToken.end', + new Event($this, EventMessage::factory() + ->addDescription(__u('Actualización de autorizaciones API')) + ->addDescription(__FUNCTION__)) + ); + } + + /** + * @param int $moduleId + * + * @return int + */ + private function actionMapper(int $moduleId) + { + switch ($moduleId) { + case 1: + return ActionsInterface::ACCOUNT_SEARCH; + case 100: + return ActionsInterface::ACCOUNT_VIEW; + case 104: + return ActionsInterface::ACCOUNT_VIEW_PASS; + case 103: + return ActionsInterface::ACCOUNT_DELETE; + case 101: + return ActionsInterface::ACCOUNT_CREATE; + case 615: + return ActionsInterface::CATEGORY_SEARCH; + case 610: + return ActionsInterface::CATEGORY_VIEW; + case 611: + return ActionsInterface::CATEGORY_CREATE; + case 612: + return ActionsInterface::CATEGORY_EDIT; + case 613: + return ActionsInterface::CATEGORY_DELETE; + case 625: + return ActionsInterface::CLIENT_SEARCH; + case 620: + return ActionsInterface::CLIENT_VIEW; + case 621: + return ActionsInterface::CLIENT_CREATE; + case 622: + return ActionsInterface::CLIENT_EDIT; + case 623: + return ActionsInterface::CLIENT_DELETE; + case 685: + return ActionsInterface::TAG_SEARCH; + case 681: + return ActionsInterface::TAG_VIEW; + case 680: + return ActionsInterface::TAG_CREATE; + case 682: + return ActionsInterface::TAG_EDIT; + case 683: + return ActionsInterface::TAG_DELETE; + case 1041: + return ActionsInterface::CONFIG_BACKUP_RUN; + case 1061: + return ActionsInterface::CONFIG_EXPORT_RUN; + } + + return $moduleId; + } + + protected function initialize() + { + $this->authtokenService = $this->dic->get(AuthTokenService::class); + + } +} \ No newline at end of file diff --git a/lib/SP/Services/Upgrade/UpgradeCustomFieldDefinition.php b/lib/SP/Services/Upgrade/UpgradeCustomFieldDefinition.php index 3f2eb0bc..b419be3f 100644 --- a/lib/SP/Services/Upgrade/UpgradeCustomFieldDefinition.php +++ b/lib/SP/Services/Upgrade/UpgradeCustomFieldDefinition.php @@ -24,6 +24,7 @@ namespace SP\Services\Upgrade; +use SP\Core\Acl\ActionsInterface; use SP\Core\Events\Event; use SP\Core\Events\EventMessage; use SP\DataModel\CustomFieldDefDataOld; @@ -48,6 +49,8 @@ final class UpgradeCustomFieldDefinition extends Service /** * upgrade_300_18010101 + * + * @throws \Exception */ public function upgrade_300_18010101() { @@ -70,7 +73,7 @@ final class UpgradeCustomFieldDefinition extends Service $itemData = new CustomFieldDefinitionData(); $itemData->setId($item->id); - $itemData->setModuleId($item->moduleId); + $itemData->setModuleId($this->moduleMapper((int)$item->moduleId)); $itemData->setName($data->getName()); $itemData->setHelp($data->getHelp()); $itemData->setRequired($data->isRequired()); @@ -90,6 +93,77 @@ final class UpgradeCustomFieldDefinition extends Service processException($e); $this->eventDispatcher->notifyEvent('exception', new Event($e)); + + throw $e; + } + + $this->eventDispatcher->notifyEvent('upgrade.customField.end', + new Event($this, EventMessage::factory() + ->addDescription(__u('Actualización de campos personalizados')) + ->addDescription(__FUNCTION__)) + ); + } + + /** + * @param int $moduleId + * + * @return int + */ + private function moduleMapper(int $moduleId) + { + switch ($moduleId) { + case 10: + return ActionsInterface::ACCOUNT; + case 61: + return ActionsInterface::CATEGORY; + case 62: + return ActionsInterface::CLIENT; + case 71: + return ActionsInterface::USER; + case 72: + return ActionsInterface::GROUP; + } + + return $moduleId; + } + + /** + * upgrade_300_18072901 + * + * @throws \Exception + */ + public function upgrade_300_18072901() + { + $this->eventDispatcher->notifyEvent('upgrade.customField.start', + new Event($this, EventMessage::factory() + ->addDescription(__u('Actualización de campos personalizados')) + ->addDescription(__FUNCTION__)) + ); + + try { + $this->transactionAware(function () { + $customFieldDefService = $this->dic->get(CustomFieldDefService::class); + + foreach ($customFieldDefService->getAllBasic() as $item) { + + $itemData = clone $item; + $itemData->setModuleId($this->moduleMapper((int)$item->getModuleId())); + + $customFieldDefService->update($itemData); + + $this->eventDispatcher->notifyEvent('upgrade.customField.process', + new Event($this, EventMessage::factory() + ->addDescription(__u('Campo actualizado')) + ->addDetail(__u('Campo'), $item->getName())) + ); + } + }); + } catch (\Exception $e) { + processException($e); + + $this->eventDispatcher->notifyEvent('exception', new Event($e)); + + throw $e; } $this->eventDispatcher->notifyEvent('upgrade.customField.end', diff --git a/lib/SP/Storage/Database/Database.php b/lib/SP/Storage/Database/Database.php index 143486c3..934bf90c 100644 --- a/lib/SP/Storage/Database/Database.php +++ b/lib/SP/Storage/Database/Database.php @@ -326,12 +326,18 @@ final class Database implements DatabaseInterface { $conn = $this->dbHandler->getConnection(); - $result = !$conn->inTransaction() && $conn->beginTransaction(); + if (!$conn->inTransaction()) { + $result = $conn->beginTransaction(); - $this->eventDispatcher->notifyEvent('database.transaction.begin', - new Event($this, EventMessage::factory()->addData('result', $result))); + $this->eventDispatcher->notifyEvent('database.transaction.begin', + new Event($this, EventMessage::factory()->addData('result', $result))); - return $result; + return $result; + } else { + debugLog('beginTransaction: already in transaction'); + + return true; + } } /** diff --git a/lib/SP/Storage/File/XmlFileStorageInterface.php b/lib/SP/Storage/File/XmlFileStorageInterface.php index 464862e6..74bc00ac 100644 --- a/lib/SP/Storage/File/XmlFileStorageInterface.php +++ b/lib/SP/Storage/File/XmlFileStorageInterface.php @@ -51,4 +51,14 @@ interface XmlFileStorageInterface * @return mixed */ public function getItems(); + + /** + * Returns the given path node value + * + * @param $path + * + * @return string + * @throws FileException + */ + public function getPathValue($path); } \ No newline at end of file diff --git a/lib/SP/Storage/File/XmlHandler.php b/lib/SP/Storage/File/XmlHandler.php index b1ac086d..bcc1d90c 100644 --- a/lib/SP/Storage/File/XmlHandler.php +++ b/lib/SP/Storage/File/XmlHandler.php @@ -289,4 +289,27 @@ final class XmlHandler implements XmlFileStorageInterface return $this; } + + /** + * @param $path + * + * @return string + * @throws FileException + */ + public function getPathValue($path) + { + $this->fileHandler->checkIsReadable(); + $this->fileHandler->getFileSize(true); + + $dom = new DOMDocument('1.0', 'utf-8'); + $dom->load($this->fileHandler->getFile()); + + $query = (new \DOMXPath($dom))->query($path); + + if ($query->length === 0) { + throw new RuntimeException(__u('El nodo XML no existe')); + } + + return $query->item(0)->nodeValue; + } } \ No newline at end of file diff --git a/test/SP/Core/Acl/AclTest.php b/test/SP/Core/Acl/AclTest.php new file mode 100644 index 00000000..f159b078 --- /dev/null +++ b/test/SP/Core/Acl/AclTest.php @@ -0,0 +1,877 @@ +. + */ + +namespace SP\Tests\SP\Core\Acl; + +use PHPUnit\Framework\TestCase; +use SP\Core\Acl\Acl; +use SP\Core\Acl\ActionsInterface; +use SP\Core\Context\ContextInterface; +use SP\DataModel\ProfileData; +use SP\Services\User\UserLoginResponse; +use function SP\Test\setupContext; + +/** + * Class AclTest + * + * @package SP\Tests\SP\Core\Acl + */ +class AclTest extends TestCase +{ + /** + * @var ContextInterface + */ + private $context; + /** + * @var Acl + */ + private $acl; + + /** + * @dataProvider actionsProvider + * + * @param $id + * @param $expected + */ + public function testGetActionRoute($id, $expected) + { + $this->assertEquals($expected, Acl::getActionRoute($id)); + } + + /** + * testGetActionRouteUnknown + */ + public function testGetActionRouteUnknown() + { + $this->assertEmpty(Acl::getActionRoute(10000)); + } + + /** + * @dataProvider actionsProvider + * + * @param $id + */ + public function testCheckUserAccessAdminApp($id) + { + $this->assertTrue($this->acl->checkUserAccess($id)); + } + + /** + * testCheckUserAccessAccountView + */ + public function testCheckUserAccessAccountView() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccView(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_VIEW]); + } + + /** + * @param int[] $actionsId Masked action Id + */ + private function checkUserAccess(array $actionsId) + { + $actionsMask = array_merge([ + ActionsInterface::ACCOUNT_REQUEST, + ActionsInterface::NOTIFICATION, + ActionsInterface::NOTIFICATION_VIEW, + ActionsInterface::NOTIFICATION_SEARCH, + ActionsInterface::NOTIFICATION_CHECK, + ], $actionsId); + + $actionsFalse = array_filter($this->actionsProvider(), function ($action) use ($actionsMask) { + return !in_array($action[0], $actionsMask); + }); + + $actionsTrue = array_filter($this->actionsProvider(), function ($action) use ($actionsMask) { + return in_array($action[0], $actionsMask); + }); + + foreach ($actionsFalse as $action) { + $this->assertFalse($this->acl->checkUserAccess($action[0])); + } + + foreach ($actionsTrue as $action) { + $this->assertTrue($this->acl->checkUserAccess($action[0])); + } + } + + /** + * @return array + */ + public function actionsProvider() + { + return [ + [2, 'account/search'], + [1, 'account/index'], + [20, 'account/listFile'], + [12, 'account/requestAccess'], + [30, 'favorite/index'], + [1201, 'wiki/index'], + [5001, 'itemManager/index'], + [101, 'category/index'], + [301, 'client/index'], + [1001, 'authToken/index'], + [401, 'customField/index'], + [501, 'publicLink/index'], + [601, 'file/index'], + [1301, 'accountManager/index'], + [201, 'tag/index'], + [1101, 'plugin/index'], + [5002, 'accessManager/index'], + [701, 'user/index'], + [801, 'group/index'], + [901, 'profile/index'], + [1701, 'eventlog/index'], + [1702, 'eventlog/search'], + [1703, 'eventlog/clear'], + [3, 'account/view'], + [4, 'account/create'], + [5, 'account/edit'], + [6, 'account/delete'], + [7, 'account/viewPass'], + [8, 'account/editPass'], + [9, 'account/restore'], + [10, 'account/copy'], + [11, 'account/copyPass'], + [21, 'accountFile/view'], + [22, 'accountFile/upload'], + [23, 'accountFile/download'], + [24, 'accountFile/delete'], + [25, 'accountFile/search'], + [26, 'accountFile/list'], + [31, 'favorite/view'], + [32, 'accountFavorite/mark'], + [33, 'accountFavorite/unmark'], + [40, 'account/viewHistory'], + [41, 'account/viewPassHistory'], + [42, 'account/copyPassHistory'], + [1203, 'wiki/view'], + [1204, 'wiki/create'], + [1205, 'wiki/edit'], + [1206, 'wiki/delete'], + [103, 'category/view'], + [104, 'category/create'], + [105, 'category/edit'], + [106, 'category/delete'], + [102, 'category/search'], + [303, 'client/view'], + [304, 'client/create'], + [305, 'client/edit'], + [306, 'client/delete'], + [302, 'client/search'], + [1004, 'authToken/create'], + [1003, 'authToken/view'], + [1005, 'authToken/edit'], + [1006, 'authToken/delete'], + [1002, 'authToken/search'], + [404, 'customField/create'], + [403, 'customField/view'], + [405, 'customField/edit'], + [406, 'customField/delete'], + [402, 'customField/search'], + [504, 'publicLink/create'], + [503, 'publicLink/view'], + [506, 'publicLink/delete'], + [507, 'publicLink/refresh'], + [502, 'publicLink/search'], + [603, 'file/view'], + [605, 'file/download'], + [606, 'file/delete'], + [604, 'file/upload'], + [602, 'file/search'], + [1303, 'accountManager/view'], + [1304, 'accountManager/delete'], + [1302, 'accountManager/search'], + [204, 'tag/create'], + [203, 'tag/view'], + [205, 'tag/edit'], + [206, 'tag/delete'], + [202, 'tag/search'], + [1104, 'plugin/create'], + [1103, 'plugin/view'], + [1102, 'plugin/search'], + [1105, 'plugin/enable'], + [1106, 'plugin/disable'], + [1107, 'plugin/reset'], + [703, 'user/view'], + [704, 'user/create'], + [705, 'user/edit'], + [706, 'user/delete'], + [707, 'user/editPass'], + [702, 'user/search'], + [803, 'userGroup/view'], + [804, 'userGroup/create'], + [805, 'userGroup/edit'], + [806, 'userGroup/delete'], + [802, 'userGroup/search'], + [903, 'userProfile/view'], + [904, 'userProfile/create'], + [905, 'userProfile/edit'], + [906, 'userProfile/delete'], + [902, 'userProfile/search'], + [5010, 'userSettingsManager/index'], + [5011, 'userSettings/general'], + [1401, 'notification/index'], + [1501, 'configManager/index'], + [1502, 'configManager/general'], + [1510, 'account/config'], + [1520, 'wiki/config'], + [1530, 'encryption/config'], + [1531, 'encryption/updateHash'], + [1532, 'encryption/createTempPass'], + [1540, 'backup/config'], + [1541, 'backup/backup'], + [1550, 'import/config'], + [1551, 'import/csv'], + [1552, 'import/xml'], + [1560, 'export/config'], + [1561, 'export/export'], + [1570, 'mail/config'], + [1580, 'ldap/config'], + [1581, 'ldap/sync'], + [1311, 'accountHistoryManager/index'], + [1314, 'accountHistoryManager/delete'], + [1312, 'accountHistoryManager/search'], + [1315, 'accountManager/restore'], + [1403, 'notification/view'], + [1404, 'notification/create'], + [1405, 'notification/edit'], + [1406, 'notification/delete'], + [1407, 'notification/check'], + [1402, 'notification/search'] + ]; + } + + /** + * testCheckUserAccessAdminAcc + */ + public function testCheckUserAccessAdminAcc() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + $userData->setIsAdminAcc(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile(new ProfileData()); + + $this->checkUserAccess([ + ActionsInterface::ACCOUNT_VIEW, + ActionsInterface::ACCOUNT_VIEW_PASS, + ActionsInterface::ACCOUNT_HISTORY_VIEW, + ActionsInterface::ACCOUNT_EDIT, + ActionsInterface::ACCOUNT_EDIT_PASS, + ActionsInterface::ACCOUNT_CREATE, + ActionsInterface::ACCOUNT_COPY, + ActionsInterface::ACCOUNT_DELETE, + ActionsInterface::ACCOUNT_FILE, + ActionsInterface::ACCOUNTMGR, + ActionsInterface::ACCOUNTMGR_SEARCH, + ActionsInterface::ACCOUNTMGR_HISTORY, + ActionsInterface::ACCOUNTMGR_HISTORY_SEARCH, + ActionsInterface::ITEMS_MANAGE + ]); + } + + /** + * testCheckUserAccessAccountEdit + */ + public function testCheckUserAccessAccountEdit() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccEdit(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_EDIT, ActionsInterface::ACCOUNT_VIEW]); + } + + /** + * testCheckUserAccessAccountEditPass + */ + public function testCheckUserAccessAccountEditPass() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccEditPass(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_EDIT_PASS]); + } + + /** + * testCheckUserAccessAccountCreate + */ + public function testCheckUserAccessAccountCreate() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccAdd(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_CREATE]); + } + + /** + * testCheckUserAccessAccountCopy + */ + public function testCheckUserAccessAccountCopy() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccAdd(true); + $userProfile->setAccView(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ACCOUNT_COPY, + ActionsInterface::ACCOUNT_VIEW, + ActionsInterface::ACCOUNT_CREATE + ]); + } + + /** + * testCheckUserAccessAccountDelete + */ + public function testCheckUserAccessAccountDelete() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccDelete(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_DELETE]); + } + + /** + * testCheckUserAccessAccountFile + */ + public function testCheckUserAccessAccountFile() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccFiles(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_FILE]); + } + + /** + * testCheckUserAccessConfigGeneral + */ + public function testCheckUserAccessConfigGeneral() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setConfigGeneral(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::CONFIG, + ActionsInterface::CONFIG_GENERAL, + ActionsInterface::PLUGIN, + ActionsInterface::CONFIG_ACCOUNT, + ActionsInterface::CONFIG_WIKI, + ActionsInterface::CONFIG_LDAP, + ActionsInterface::CONFIG_MAIL + ]); + } + + /** + * testCheckUserAccessConfigImport + */ + public function testCheckUserAccessConfigImport() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setConfigImport(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::CONFIG, + ActionsInterface::CONFIG_IMPORT + ]); + } + + /** + * testCheckUserAccessCategory + */ + public function testCheckUserAccessCategory() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmCategories(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ITEMS_MANAGE, + ActionsInterface::CATEGORY, + ActionsInterface::CATEGORY_SEARCH, + ActionsInterface::CATEGORY_VIEW, + ActionsInterface::CATEGORY_CREATE, + ActionsInterface::CATEGORY_EDIT, + ActionsInterface::CATEGORY_DELETE + ]); + } + + /** + * testCheckUserAccessClient + */ + public function testCheckUserAccessClient() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmCustomers(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ITEMS_MANAGE, + ActionsInterface::CLIENT, + ActionsInterface::CLIENT_SEARCH, + ActionsInterface::CLIENT_VIEW, + ActionsInterface::CLIENT_CREATE, + ActionsInterface::CLIENT_EDIT, + ActionsInterface::CLIENT_DELETE + ]); + } + + /** + * testCheckUserAccessCustomField + */ + public function testCheckUserAccessCustomField() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmCustomFields(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ITEMS_MANAGE, + ActionsInterface::CUSTOMFIELD, + ActionsInterface::CUSTOMFIELD_SEARCH, + ActionsInterface::CUSTOMFIELD_VIEW, + ActionsInterface::CUSTOMFIELD_CREATE, + ActionsInterface::CUSTOMFIELD_EDIT, + ActionsInterface::CUSTOMFIELD_DELETE + ]); + } + + /** + * testCheckUserAccessPublicLink + */ + public function testCheckUserAccessPublicLink() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmPublicLinks(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ITEMS_MANAGE, + ActionsInterface::PUBLICLINK, + ActionsInterface::PUBLICLINK_SEARCH, + ActionsInterface::PUBLICLINK_CREATE, + ActionsInterface::PUBLICLINK_REFRESH, + ActionsInterface::PUBLICLINK_VIEW, + ActionsInterface::PUBLICLINK_EDIT, + ActionsInterface::PUBLICLINK_DELETE + ]); + } + + /** + * testCheckUserAccessPublicLinkCreate + */ + public function testCheckUserAccessPublicLinkCreate() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccPublicLinks(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::PUBLICLINK_CREATE, + ActionsInterface::PUBLICLINK_REFRESH + ]); + } + + /** + * testCheckUserAccessAccount + */ + public function testCheckUserAccessAccount() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmAccounts(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ITEMS_MANAGE, + ActionsInterface::ACCOUNTMGR, + ActionsInterface::ACCOUNTMGR_SEARCH, + ActionsInterface::ACCOUNTMGR_HISTORY, + ActionsInterface::ACCOUNTMGR_HISTORY_SEARCH + ]); + } + + /** + * testCheckUserAccessFile + */ + public function testCheckUserAccessFile() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmFiles(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ITEMS_MANAGE, + ActionsInterface::FILE, + ActionsInterface::FILE_SEARCH, + ActionsInterface::FILE_DELETE, + ActionsInterface::FILE_VIEW, + ActionsInterface::FILE_DOWNLOAD + ]); + } + + /** + * testCheckUserAccessTag + */ + public function testCheckUserAccessTag() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmTags(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ITEMS_MANAGE, + ActionsInterface::TAG, + ActionsInterface::TAG_SEARCH, + ActionsInterface::TAG_VIEW, + ActionsInterface::TAG_CREATE, + ActionsInterface::TAG_EDIT, + ActionsInterface::TAG_DELETE + ]); + } + + /** + * testCheckUserAccessConfigCrypt + */ + public function testCheckUserAccessConfigCrypt() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setConfigEncryption(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::CONFIG, + ActionsInterface::CONFIG_CRYPT + ]); + } + + /** + * testCheckUserAccessConfigBackup + */ + public function testCheckUserAccessConfigBackup() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setConfigBackup(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::CONFIG, + ActionsInterface::CONFIG_BACKUP + ]); + } + + /** + * testCheckUserAccessUser + */ + public function testCheckUserAccessUser() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmUsers(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ACCESS_MANAGE, + ActionsInterface::USER, + ActionsInterface::USER_SEARCH, + ActionsInterface::USER_VIEW, + ActionsInterface::USER_CREATE, + ActionsInterface::USER_EDIT, + ActionsInterface::USER_DELETE, + ActionsInterface::USER_EDIT_PASS + ]); + } + + /** + * testCheckUserAccessUserGroup + */ + public function testCheckUserAccessUserGroup() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmGroups(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ACCESS_MANAGE, + ActionsInterface::GROUP, + ActionsInterface::GROUP_SEARCH, + ActionsInterface::GROUP_VIEW, + ActionsInterface::GROUP_CREATE, + ActionsInterface::GROUP_EDIT, + ActionsInterface::GROUP_DELETE + ]); + } + + /** + * testCheckUserAccessUserProfile + */ + public function testCheckUserAccessUserProfile() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmProfiles(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ACCESS_MANAGE, + ActionsInterface::PROFILE, + ActionsInterface::PROFILE_SEARCH, + ActionsInterface::PROFILE_VIEW, + ActionsInterface::PROFILE_CREATE, + ActionsInterface::PROFILE_EDIT, + ActionsInterface::PROFILE_DELETE + ]); + } + + /** + * testCheckUserAccessAuthToken + */ + public function testCheckUserAccessAuthToken() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setMgmApiTokens(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::ACCESS_MANAGE, + ActionsInterface::AUTHTOKEN, + ActionsInterface::AUTHTOKEN_SEARCH, + ActionsInterface::AUTHTOKEN_VIEW, + ActionsInterface::AUTHTOKEN_CREATE, + ActionsInterface::AUTHTOKEN_EDIT, + ActionsInterface::AUTHTOKEN_DELETE + ]); + } + + /** + * testCheckUserAccessEventlog + */ + public function testCheckUserAccessEventlog() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setEvl(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ + ActionsInterface::EVENTLOG, + ActionsInterface::EVENTLOG_SEARCH, + ActionsInterface::EVENTLOG_CLEAR + ]); + } + + /** + * testCheckUserAccessAccountViewPass + */ + public function testCheckUserAccessAccountViewPass() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccViewPass(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_VIEW_PASS, ActionsInterface::CUSTOMFIELD_VIEW_PASS]); + } + + /** + * testCheckUserAccessAccountHistoryView + */ + public function testCheckUserAccessAccountHistoryView() + { + $userData = new UserLoginResponse(); + $userData->setId(2); + + $userProfile = new ProfileData(); + $userProfile->setAccViewHistory(true); + + $this->context->setUserData($userData); + $this->context->setUserProfile($userProfile); + + $this->assertTrue($this->acl->checkUserAccess(ActionsInterface::ACCOUNT_HISTORY_VIEW)); + + $this->checkUserAccess([ActionsInterface::ACCOUNT_HISTORY_VIEW]); + } + + /** + * @dataProvider actionsProvider + * + * @param $id + */ + public function testGetActionInfo($id) + { + $this->assertNotEmpty(Acl::getActionInfo($id)); + } + + /** + * testGetActionInfoUnknown + */ + public function testGetActionInfoUnknown() + { + $this->assertEmpty(Acl::getActionInfo(10000)); + } + + /** + * @throws \DI\DependencyException + * @throws \DI\NotFoundException + * @throws \SP\Core\Context\ContextException + */ + protected function setUp() + { + $dic = setupContext(); + + $this->acl = $dic->get(Acl::class); + $this->context = $dic->get(ContextInterface::class); + } +} diff --git a/test/res/config/actions.xml b/test/res/config/actions.xml index 26205c98..1ba6d586 100644 --- a/test/res/config/actions.xml +++ b/test/res/config/actions.xml @@ -2,19 +2,19 @@ - 1 + 2 ACCOUNT_SEARCH Buscar Cuentas account/search - 10 + 1 ACCOUNT Cuentas account/index - 11 + 20 ACCOUNT_FILE Archivos account/listFile @@ -26,805 +26,805 @@ account/requestAccess - 13 + 30 ACCOUNT_FAVORITE Favoritos favorite/index - 20 + 1201 WIKI Wiki wiki/index - 60 + 5001 ITEMS_MANAGE Elementos y Personalización itemManager/index - 61 + 101 CATEGORY Gestión Categorías category/index - 62 + 301 CLIENT Gestión Clientes client/index - 63 + 1001 AUTHTOKEN Gestión Autorizaciones API authToken/index - 64 + 401 CUSTOMFIELD Gestión Campos Personalizados customField/index - 65 + 501 PUBLICLINK Enlaces Públicos publicLink/index - 66 + 601 FILE Gestión de Archivos file/index - 67 + 1301 ACCOUNTMGR Gestión de Cuentas accountManager/index - 68 + 201 TAG Gestión de Etiquetas tag/index - 69 + 1101 PLUGIN Gestión Plugins plugin/index - 70 + 5002 ACCESS_MANAGE Usuarios y Accesos accessManager/index - 71 + 701 USER Gestión Usuarios user/index - 72 + 801 GROUP Gestión Grupos group/index - 73 + 901 PROFILE Gestión Perfiles profile/index - 90 + 1701 EVENTLOG Registro de Eventos eventlog/index - 905 + 1702 EVENTLOG_SEARCH Buscar Eventos eventlog/search - 906 + 1703 EVENTLOG_CLEAR Limpiar Eventos eventlog/clear - 100 + 3 ACCOUNT_VIEW Ver Cuenta account/view - 101 + 4 ACCOUNT_CREATE Nueva Cuenta account/create - 102 + 5 ACCOUNT_EDIT Editar Cuenta account/edit - 103 + 6 ACCOUNT_DELETE Eliminar Cuenta account/delete - 104 + 7 ACCOUNT_VIEW_PASS Ver Clave account/viewPass - 106 + 8 ACCOUNT_EDIT_PASS Editar Clave de Cuenta account/editPass - 107 + 9 ACCOUNT_EDIT_RESTORE Restaurar Cuenta account/restore - 108 + 10 ACCOUNT_COPY Copiar Cuenta account/copy - 109 + 11 ACCOUNT_COPY_PASS Copiar Clave account/copyPass - 111 + 21 ACCOUNT_FILE_VIEW Ver Archivo accountFile/view - 112 + 22 ACCOUNT_FILE_UPLOAD Subir Archivo accountFile/upload - 113 + 23 ACCOUNT_FILE_DOWNLOAD Descargar Archivo accountFile/download - 114 + 24 ACCOUNT_FILE_DELETE Eliminar Archivo accountFile/delete - 115 + 25 ACCOUNT_FILE_SEARCH Buscar Archivos accountFile/search - 116 + 26 ACCOUNT_FILE_LIST Listar Archivos accountFile/list - 130 + 31 ACCOUNT_FAVORITE_VIEW Ver Favoritos favorite/view - 131 + 32 ACCOUNT_FAVORITE_ADD Añadir Favorito accountFavorite/mark - 133 + 33 ACCOUNT_FAVORITE_DELETE Eliminar Favorito accountFavorite/unmark - 140 + 40 ACCOUNT_HISTORY_VIEW Ver Historial account/viewHistory - 141 + 41 ACCOUNT_HISTORY_VIEW_PASS Ver Clave account/viewPassHistory - 142 + 42 ACCOUNT_HISTORY_COPY_PASS Copiar Clave account/copyPassHistory - 200 + 1203 WIKI_VIEW Ver Wiki wiki/view - 201 - WIKI_NEW + 1204 + WIKI_CREATE Añadir Wiki wiki/create - 202 + 1205 WIKI_EDIT Editar Wiki wiki/edit - 203 + 1206 WIKI_DELETE Eliminar Wiki wiki/delete - 610 + 103 CATEGORY_VIEW Ver Categoría category/view - 611 + 104 CATEGORY_CREATE Nueva Categoría category/create - 612 + 105 CATEGORY_EDIT Editar Categoría category/edit - 613 + 106 CATEGORY_DELETE Eliminar Categoría category/delete - 615 + 102 CATEGORY_SEARCH Buscar Categoría category/search - 620 + 303 CLIENT_VIEW Ver Cliente client/view - 621 + 304 CLIENT_CREATE Nuevo CLiente client/create - 622 + 305 CLIENT_EDIT Editar Cliente client/edit - 623 + 306 CLIENT_DELETE Eliminar Cliente client/delete - 625 + 302 CLIENT_SEARCH Buscar Cliente client/search - 630 + 1004 AUTHTOKEN_CREATE Nuevo Token API authToken/create - 631 + 1003 AUTHTOKEN_VIEW Ver Token API authToken/view - 632 + 1005 AUTHTOKEN_EDIT Editar Token API authToken/edit - 633 + 1006 AUTHTOKEN_DELETE Eliminar Token API authToken/delete - 635 + 1002 AUTHTOKEN_SEARCH Buscar Token API authToken/search - 640 + 404 CUSTOMFIELD_CREATE Nuevo Campo Personalizado customField/create - 641 + 403 CUSTOMFIELD_VIEW Ver Campo Personalizado customField/view - 642 + 405 CUSTOMFIELD_EDIT Editar Campo Personalizado customField/edit - 643 + 406 CUSTOMFIELD_DELETE Eliminar Campo Personalizado customField/delete - 645 + 402 CUSTOMFIELD_SEARCH Buscar Campo Personalizado customField/search - 650 + 504 PUBLICLINK_CREATE Crear Enlace Público publicLink/create - 651 + 503 PUBLICLINK_VIEW Ver Enlace Público publicLink/view - 653 + 506 PUBLICLINK_DELETE Eliminar Enlace Público publicLink/delete - 654 + 507 PUBLICLINK_REFRESH Actualizar Enlace Público publicLink/refresh - 655 + 502 PUBLICLINK_SEARCH Buscar Enlace Público publicLink/search - 661 + 603 FILE_VIEW Ver Archivo file/view - 662 + 605 FILE_DOWNLOAD Descargar Archivo file/download - 663 + 606 FILE_DELETE Eliminar Archivo file/delete - 664 + 604 FILE_UPLOAD Subir Archivo file/upload - 665 + 602 FILE_SEARCH Buscar Archivo file/search - 671 + 1303 ACCOUNTMGR_VIEW Ver Cuenta accountManager/view - 673 + 1304 ACCOUNTMGR_DELETE Eliminar Cuenta accountManager/delete - 675 + 1302 ACCOUNTMGR_SEARCH Buscar Cuenta accountManager/search - 680 + 204 TAG_CREATE Nueva Etiqueta tag/create - 681 + 203 TAG_VIEW Ver Etiqueta tag/view - 682 + 205 TAG_EDIT Editar Etiqueta tag/edit - 683 + 206 TAG_DELETE Eliminar Etiqueta tag/delete - 685 + 202 TAG_SEARCH Buscar Etiqueta tag/search - 690 - PLUGIN_NEW + 1104 + PLUGIN_CREATE Nuevo Plugin plugin/create - 691 + 1103 PLUGIN_VIEW Ver Plugin plugin/view - 695 + 1102 PLUGIN_SEARCH Buscar Plugin plugin/search - 696 + 1105 PLUGIN_ENABLE Habilitar Plugin plugin/enable - 697 + 1106 PLUGIN_DISABLE Deshabilitar Plugin plugin/disable - 698 + 1107 PLUGIN_RESET Restablecer Plugin plugin/reset - 710 + 703 USER_VIEW Ver Usuario user/view - 711 + 704 USER_CREATE Nuevo Usuario user/create - 712 + 705 USER_EDIT Editar Usuario user/edit - 713 + 706 USER_DELETE Eliminar Usuario user/delete - 714 + 707 USER_EDIT_PASS Editar Clave Usuario user/editPass - 715 + 702 USER_SEARCH Buscar Usuario user/search - 720 + 803 GROUP_VIEW Ver Grupo userGroup/view - 721 + 804 GROUP_CREATE Nuevo Grupo userGroup/create - 722 + 805 GROUP_EDIT Editar Grupo userGroup/edit - 723 + 806 GROUP_DELETE Eliminar Grupo userGroup/delete - 725 + 802 GROUP_SEARCH Buscar Grupo userGroup/search - 730 + 903 PROFILE_VIEW Ver Perfil userProfile/view - 731 + 904 PROFILE_CREATE Nuevo Perfil userProfile/create - 732 + 905 PROFILE_EDIT Editar Perfil userProfile/edit - 733 + 906 PROFILE_DELETE Eliminar Perfil userProfile/delete - 735 + 902 PROFILE_SEARCH Buscar Perfil userProfile/search - 74 + 5010 USERSETTINGS Configuración Usuario userSettingsManager/index - 741 + 5011 USERSETTINGS_GENERAL Preferencias General userSettings/general - 76 + 1401 NOTIFICATION Notificaciones notification/index - 1000 + 1501 CONFIG Configuración configManager/index - 1001 + 1502 CONFIG_GENERAL Configuración General configManager/general - 1010 - ACCOUNT_CONFIG + 1510 + CONFIG_ACCOUNT Configuración Cuentas account/config - 1020 - WIKI_CONFIG + 1520 + CONFIG_WIKI Configuración Wiki wiki/config - 1030 - ENCRYPTION_CONFIG + 1530 + CONFIG_CRYPT Configuración Encriptación encryption/config - 1031 - ENCRYPTION_REFRESH + 1531 + CONFIG_CRYPT_REFRESH Actualizar Hash encryption/updateHash - 1032 - ENCRYPTION_TEMPPASS + 1532 + CONFIG_CRYPT_TEMPPASS Clave Maestra Temporal encryption/createTempPass - 1040 - BACKUP_CONFIG + 1540 + CONFIG_BACKUP Configuración Copia de Seguridad backup/config - 1041 - BACKUP + 1541 + CONFIG_BACKUP_RUN Copia de Seguridad backup/backup - 1050 - IMPORT_CONFIG + 1550 + CONFIG_IMPORT Configuración Importación import/config - 1051 - IMPORT_CSV + 1551 + CONFIG_IMPORT_CSV Importar CSV import/csv - 1052 - IMPORT_XML + 1552 + CONFIG_IMPORT_XML Importar XML import/xml - 1060 - EXPORT_CONFIG + 1560 + CONFIG_EXPORT Configuración Exportación export/config - 1061 - EXPORT + 1561 + CONFIG_EXPORT_RUN Exportación export/export - 1070 - MAIL_CONFIG + 1570 + CONFIG_MAIL Configuración Email mail/config - 1080 - LDAP_CONFIG + 1580 + CONFIG_LDAP Configuración LDAP ldap/config - 1081 - LDAP_SYNC + 1581 + CONFIG_LDAP_SYNC Sincronización LDAP ldap/sync - 6701 + 1311 ACCOUNTMGR_HISTORY Gestión de Cuenta (H) accountHistoryManager/index - 6731 - ACCOUNTMGR_DELETE_HISTORY + 1314 + ACCOUNTMGR_HISTORY_DELETE Eliminar Cuenta accountHistoryManager/delete - 6751 - ACCOUNTMGR_SEARCH_HISTORY + 1312 + ACCOUNTMGR_HISTORY_SEARCH Buscar Cuenta accountHistoryManager/search - 6771 - ACCOUNTMGR_RESTORE + 1315 + ACCOUNTMGR_HISTORY_RESTORE Restaurar Cuenta accountManager/restore - 760 + 1403 NOTIFICATION_VIEW Ver Notificación notification/view - 761 + 1404 NOTIFICATION_CREATE Crear Notificación notification/create - 762 + 1405 NOTIFICATION_EDIT Editar Notificación notification/edit - 763 + 1406 NOTIFICATION_DELETE Eliminar Notificación notification/delete - 764 + 1407 NOTIFICATION_CHECK Marcar Notificación notification/check - 765 + 1402 NOTIFICATION_SEARCH Buscar Notificación notification/search