Commit 1c8af755 authored by Yassine Doghri's avatar Yassine Doghri
Browse files

fix(users): remove required roles input when editing user + prevent owner's roles from being edited 

fixes #239
parent 7512e2ed

modules/Admin/Controllers/UserController.php

+11 −0
Original line number Diff line number Diff line
@@ -143,6 +143,17 @@ class UserController extends BaseController 
        $authorize = Services::authorization();



        $roles = $this->request->getPost('roles');



        if ($this->user->isOwner) {

            return redirect()

                ->back()

                ->with('errors', [

                    lang('User.messages.editOwnerError', [

                        'username' => $this->user->username,

                    ]),

                ]);

        }



        $authorize->setUserGroups($this->user->id, $roles ?? []);



        // Success!

modules/Admin/Language/en/User.php

+2 −0
Original line number Diff line number Diff line
@@ -45,6 +45,8 @@ return [ 
            '{username} will be prompted with a password reset upon next visit.',

        'banSuccess' => '{username} has been banned.',

        'unbanSuccess' => '{username} has been unbanned.',

        'editOwnerError' =>

            '{username} is the instance owner, you cannot edit its roles.',

        'banSuperAdminError' =>

            '{username} is a superadmin, one does not simply ban a superadmin…',

        'deleteSuperAdminError' =>

modules/Auth/Entities/User.php

+14 −0
Original line number Diff line number Diff line
@@ -13,6 +13,7 @@ namespace Modules\Auth\Entities; 
use App\Entities\Podcast;

use App\Models\NotificationModel;

use App\Models\PodcastModel;

use App\Models\UserModel;

use Myth\Auth\Entities\User as MythAuthUser;

use RuntimeException;
@@ -31,6 +32,8 @@ use RuntimeException; 
 */

class User extends MythAuthUser

{

    public bool $is_owner;



    /**

     * @var Podcast[]|null

     */
@@ -54,6 +57,17 @@ class User extends MythAuthUser 
        'podcast_role' => '?string',

    ];



    public function getIsOwner(): bool

    {

        $firstUser = (new UserModel())->first();



        if (! $firstUser instanceof self) {

            return false;

        }



        return $this->username === $firstUser->username;

    }



    /**

     * Returns the podcasts the user is contributing to

     *

themes/cp_admin/user/edit.php

+0 −1
Original line number Diff line number Diff line
@@ -23,7 +23,6 @@ 
    id="roles"

    name="roles[]"

    label="<?= lang('User.form.roles') ?>"

    required="true"

    options="<?= esc(json_encode($roleOptions)) ?>"

    selected="<?= esc(json_encode($user->roles)) ?>" />

themes/cp_admin/user/list.php

+7 −4
Original line number Diff line number Diff line
@@ -30,8 +30,11 @@ 
        [

            'header' => lang('User.list.roles'),

            'cell' => function ($user) {

                return implode(',', $user->roles) .

                    '<IconButton uri="' . route_to('user-edit', $user->id) . '" glyph="edit" variant="info">' . lang('User.edit_roles', [

                if ($user->isOwner) {

                    return 'owner, ' . implode(',', $user->roles);

                }



                return implode(',', $user->roles) . '<IconButton uri="' . route_to('user-edit', $user->id) . '" glyph="edit" variant="info">' . lang('User.edit_roles', [

                    'username' => esc($user->username),

                ]) . '</IconButton>';

            },