(feat) permissions rbac 600
Dynamic calculation of Mind's entities using flags defined in Zend's RBAC framework
Just the roles right now, will be adding permissions as we go.
Setup a new manager that takes a user and a list of entities.
Based on the user's relationship to the entity, it will return a Role object with all the derived flags
It returns a Permissions object which contains the Channels and the user's role within that channel Groups and the user's role within that group The entities themselves and the user's role for that entity
Full exportable as json on /v2/permissions/roles/{user guid}?guids[]=entity_guid&guids[]=entity_guid
changed milestone to %sprint: Kilted Koala
added Squad::Green scoped label
added 19 commits
- a362a518 - [Sprint/HipsterHedgehog] (fix): update thumbnails in activities
- 4f0eea59 - Merge branch 'fix/update-thumbnails-in-activities' into 'master'
- b14691c5 - [Sprint/GiddyGiraffe] (feat): ability for channels to self-declare nsfw
- b50c93d2 - Merge branch 'feat/self-declare-nsfw' into 'master'
- 84da7d65 - Sprint/JollyJellyfish: Filtering banned and deleted channels
- ef53036e - Merge branch 'fix/banned-suggested-channels-381' into 'master'
- f0a0a925 - Fixed forgot password validation
- 83d701b4 - Merge branch 'forgot-password-validation-fix-560' into 'master'
- bbf41c60 - [Sprint/CleverChipmunk] (feat): ability to disable group conversations
- 5845f667 - Merge branch 'feat/disable-group-convos' into 'master'
- 14927878 - [Sprint/KiltedKoala] (fix): groups conversations issue
- 07015d77 - Merge branch 'fix/groups-conversation-issue' into 'master'
- dffd0a4e - (feat): introduce new mwa endpoint for pageview recording
- d14ac69a - (chore): change boost existing check to include approved too
- e0140852 - (revert): d14ac69a -> also includes revoked and completed"
- 3b7aafa9 - (chore): reduce boost offset to 2.5 minutes
- c5d27f85 - (fix): comment on reminds should not go to remind_object
- 9bd4d314 - (fix): correct labels for gitlab runners
- 526aae86 - Merge remote-tracking branch 'origin/master' into feature/permissions-rbac-600
Toggle commit list
Resolved by Brian Hatchet- Resolved by Brian Hatchet
added 1 commit
- 3b020fa8 - Feature complete, role parsing for groups and channels.
resolved all threads
unmarked as a Work In Progress
changed title from WIP: Feature/permissions rbac 600 to (feat) permissions rbac 600
changed the description
11 public function get($pages) 12 { 13 Factory::isLoggedIn(); 14 if (!isset($pages[0])) { 15 return Factory::response([ 16 'status' => 'error', 17 'message' => 'User guid must be provided', 18 ]); 19 } 20 21 try { 22 /** @var Core\Permissions\Manager $manager */ 23 $manager = Di::_()->get('Permissions\Manager'); 24 $opts = [ 25 'user_guid' => $pages[0], 26 'guids' => $_GET['guids'] 
DeveloperMinor one, trailing comma missing here
16 'status' => 'error', 17 'message' => 'User guid must be provided', 18 ]); 19 } 20 21 try { 22 /** @var Core\Permissions\Manager $manager */ 23 $manager = Di::_()->get('Permissions\Manager'); 24 $opts = [ 25 'user_guid' => $pages[0], 26 'guids' => $_GET['guids'] 27 ]; 28 $permissions = $manager->getList($opts); 29 return Factory::response([ 30 'status' => 'success', 31 'roles' => $permissions - Developer
Another here
34 public function __construct(User $user, Roles $roles = null, EntitiesBuilder $entitiesBuilder) 35 { 36 $this->roles = $roles ?: new Roles(); 37 $this->user = $user; 38 $this->isAdmin = $user->isAdmin(); 39 $this->isBanned = $user->isBanned(); 40 $this->groups = []; 41 $this->channels = []; 42 $this->entities = []; 43 $this->channels[$user->getGUID()] = $user; 44 $this->channelRoleCalculator = new ChannelRoleCalculator($this->user, $this->roles); 45 $this->groupRoleCalculator = new GroupRoleCalculator($this->user, $this->roles, $entitiesBuilder); 46 } 47 48 /** 49 * @param array entities an array of entities for calculating permissions - Developer
Feels to me like the param should be at the bottom above return, but 10/10 on the description
Edited by Ben Hayward
32 32 "erusev/parsedown": "^1.7", 33 33 "zendframework/zend-diactoros": "1.8.6", 34 34 "league/oauth2-server": "7.2.0", 35 "lcobucci/jwt": "3.2.4" 35 "lcobucci/jwt": "3.2.4", 36 "zendframework/zend-permissions-rbac": "^3.0" - Developer
One here, unsure if it matters in composer.json
Edited by Ben Hayward
51 ->setEntity($attachment) 52 ->save(); 28 if ($opts['user_guid'] === null) { 29 throw new \InvalidArgumentException('user_guid is required'); 53 30 } 54 55 foreach ($this->db->getRow('activity:entitylink:'.$entity->getGUID()) as $parentGuid => $ts) { 56 $activity = $this->entitiesBuilder->single($parentGuid); 57 $activity->setAllowComments($permissions->getAllowComments()); 58 $this->save 59 ->setEntity($activity) 60 ->save(); 31 32 $user = $this->entitiesBuilder->single($opts['user_guid']); 33 $entities = $this->entitiesBuilder->get($opts); 34 error_log(var_export($user->getGroupMembership(), true)); - Developer
Error log here, could be intentional but wanted to highlight it
added MR::Requires Changes scoped label