From 174624a8133ca8034c5eecf6172fbc8a078900c7 Mon Sep 17 00:00:00 2001
From: Henri-Damien LAURENT <hdlaurent@afi-sa.fr>
Date: Fri, 15 Jul 2022 14:52:29 +0200
Subject: [PATCH] Fixing permissions for users RedacPortail having library set
---
.../admin/controllers/CmsController.php | 2 +-
library/Class/Bib.php | 2 +-
.../Action/Helper/ListViewMode/Article.php | 3 +-
.../controllers/CmsControllerListModeTest.php | 85 ++++++++++++++++++-
4 files changed, 88 insertions(+), 4 deletions(-)
diff --git a/application/modules/admin/controllers/CmsController.php b/application/modules/admin/controllers/CmsController.php
index 2ef7edf2824..f457ede4d0d 100644
--- a/application/modules/admin/controllers/CmsController.php
+++ b/application/modules/admin/controllers/CmsController.php
@@ -39,7 +39,7 @@ class Admin_CmsController extends ZendAfi_Controller_Action {
protected function _renderList() {
$bibs = Class_Bib::findAllForCurrentUserAndPortal();
- $current_library = ($this->identity->isAdmin())
+ $current_library = (Class_Users::isCurrentUserCanAccessAllBibs())
? null
: $this->identity->getBib();
diff --git a/library/Class/Bib.php b/library/Class/Bib.php
index c4249991999..780d919ad38 100644
--- a/library/Class/Bib.php
+++ b/library/Class/Bib.php
@@ -285,7 +285,7 @@ class BibLoader extends Storm_Model_Loader {
protected function _findAllForCurrentUser() : array {
- return (! Class_Users::isCurrentUserAdmin()) && ($user_library = Class_Users::getIdentity()->getBib())
+ return (! Class_Users::isCurrentUserCanAccessAllBibs()) && ($user_library = Class_Users::getIdentity()->getBib())
? [$user_library]
: Class_Bib::findAllBy(['order' => 'libelle']);
}
diff --git a/library/ZendAfi/Controller/Action/Helper/ListViewMode/Article.php b/library/ZendAfi/Controller/Action/Helper/ListViewMode/Article.php
index 5f9ee72b310..1130b5a94b4 100644
--- a/library/ZendAfi/Controller/Action/Helper/ListViewMode/Article.php
+++ b/library/ZendAfi/Controller/Action/Helper/ListViewMode/Article.php
@@ -315,7 +315,8 @@ class ZendAfi_Controller_Action_Helper_ListViewMode_Article
'label' => $this->getBibLabel(),
'options' => []]];
- if ($bib = $this->getParam('bib'))
+ if (! Class_Users::isCurrentUserCanAccessAllBibs()
+ && $bib = $this->getParam('bib'))
$breadcrumb = [['url' => ['module' => 'admin',
'controller' => 'cms',
'action' => 'index'],
diff --git a/tests/application/modules/admin/controllers/CmsControllerListModeTest.php b/tests/application/modules/admin/controllers/CmsControllerListModeTest.php
index bf1f18e688f..bf4e44cd744 100644
--- a/tests/application/modules/admin/controllers/CmsControllerListModeTest.php
+++ b/tests/application/modules/admin/controllers/CmsControllerListModeTest.php
@@ -73,7 +73,7 @@ class CmsControllerListModeAdminRootTest extends CmsControllerListModeTestCase {
-class CmsControllerListModeModoPortailInPortailTest extends CmsControllerListModeTestCase {
+class CmsControllerListModeModoPortailAndNoLibraryInPortailTest extends CmsControllerListModeTestCase {
public function setUp() {
parent::setUp();
$this->_bernard->beModoPortail()->setBib(null);
@@ -91,6 +91,89 @@ class CmsControllerListModeModoPortailInPortailTest extends CmsControllerListMod
+class CmsControllerListModeModoPortailIndexTest extends CmsControllerListModeTestCase {
+ public function setUp() {
+ parent::setUp();
+ $this->_bernard->beModoPortail();
+ ZendAfi_Auth::getInstance()->logUser($this->_bernard);
+ $this->dispatch('/admin/cms');
+ }
+
+
+ /** @test */
+ public function shouldDisplayPortailCategory() {
+ $this->assertXPathContentContains('//td/a[@href="/admin/cms/index/id_bib/0"]',
+ 'Portail');
+ }
+
+
+ /** @test */
+ public function shouldDisplayAnnecyCategory() {
+ $this->assertXPathContentContains('//td/a[@href="/admin/cms/index/id_bib/1"]',
+ 'Annecy');
+ }
+
+
+ /** @test */
+ public function shouldDisplayCranGevrierCategory() {
+ $this->assertXPathContentContains('//td/a[@href="/admin/cms/index/id_bib/3"]',
+ 'Cran-Gevrier');
+ }
+}
+
+
+
+
+class CmsControllerListModeModoPortailPortailCategoryEditTest extends CmsControllerListModeTestCase {
+ public function setUp() {
+ parent::setUp();
+ $this->_bernard->beModoPortail();
+ ZendAfi_Auth::getInstance()->logUser($this->_bernard);
+ $this->dispatch('/admin/cms/index/id_bib/0');
+ }
+
+
+ /** @test */
+ public function breadcrumbShouldDisplayRacine() {
+ $this->assertXPathContentContains('//div[@class="breadcrumb"]//a[@href="/admin/cms"]',
+ 'Racine', $this->_response->getBody());
+ }
+
+
+ /** @test */
+ public function breadcrumbShouldDisplayPortail() {
+ $this->assertXPathContentContains('//div[@class="breadcrumb"]/a[contains(@href,"id_bib/0")]',
+ 'Portail');
+ }
+}
+
+
+
+
+class CmsControllerListModeModoPortailInAnnecyTest extends CmsControllerListModeTestCase {
+ public function setUp() {
+ parent::setUp();
+ $this->_bernard->beModoPortail();
+ ZendAfi_Auth::getInstance()->logUser($this->_bernard);
+ $this->dispatch('/admin/cms/index/id_bib/1');
+ }
+
+ /** @test */
+ public function breadCrumbShouldDisplayRacine() {
+ $this->assertXPathContentContains('//div[contains(@class, "breadcrumb")]//a[@href= "/admin/cms"]',
+ 'Racine');
+ }
+
+ /** @test */
+ public function breadCrumbShouldDisplayAnnecy() {
+ $this->assertXPathContentContains('//div[contains(@class, "breadcrumb")]//a[contains(@href, "id_bib/1")]',
+ 'Annecy');
+ }
+}
+
+
+
+
class CmsControllerListModeAdminBibRootTest extends CmsControllerListModeTestCase {
public function setUp() {
--
GitLab