diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2016-09-06 16:07:30 +0100 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2016-09-09 15:51:33 +0100 |
| commit | 2835ee9d82d508e32720138702ca3879a41c19db (patch) | |
| tree | ed7de10c4898a0e897ff58074b3b822d8ab87e2d /perllib/FixMyStreet | |
| parent | 2acf9eb59867c299da568bf77c9019fe6c3eb9ff (diff) | |
Add manage screen for editing priority/category.
This is a cut-down version of the full inspect screen.
We truncate the co-ordinates just in case (they should be anyway but
e.g. the test report isn't).
Diffstat (limited to 'perllib/FixMyStreet')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin.pm | 17 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Around.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Council.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report.pm | 58 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/New.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/DB/Result/User.pm | 20 |
6 files changed, 65 insertions, 40 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm index c853827d0..1713c4ff9 100644 --- a/perllib/FixMyStreet/App/Controller/Admin.pm +++ b/perllib/FixMyStreet/App/Controller/Admin.pm @@ -859,14 +859,11 @@ $problem->bodies_str. sub report_edit_location : Private { my ($self, $c, $problem) = @_; - return 1 unless $c->forward('/report/new/determine_location'); - - if ( $c->stash->{latitude} != $problem->latitude || $c->stash->{longitude} != $problem->longitude ) { - delete $c->stash->{prefetched_all_areas}; - delete $c->stash->{all_areas}; - delete $c->stash->{fetch_all_areas}; - delete $c->stash->{all_areas_mapit}; - $c->forward('/council/load_and_check_areas'); + return 1 unless $c->forward('/location/determine_location_from_coords'); + + my ($lat, $lon) = map { Utils::truncate_coordinate($_) } $problem->latitude, $problem->longitude; + if ( $c->stash->{latitude} != $lat || $c->stash->{longitude} != $lon ) { + $c->forward('/council/load_and_check_areas', []); $c->forward('/report/new/setup_categories_and_bodies'); my %allowed_bodies = map { $_ => 1 } @{$problem->bodies_str_ids}; my @new_bodies = @{$c->stash->{bodies_to_list}}; @@ -885,8 +882,8 @@ sub categories_for_point : Private { # We have a report, stash its location $c->forward('/report/new/determine_location_from_report'); # Look up the areas for this location - $c->stash->{prefetched_all_areas} = [ grep { $_ } split ',', $c->stash->{report}->areas ]; - $c->forward('/around/check_location_is_acceptable'); + my $prefetched_all_areas = [ grep { $_ } split ',', $c->stash->{report}->areas ]; + $c->forward('/around/check_location_is_acceptable', [ $prefetched_all_areas ]); # As with a new report, fetch the bodies/categories $c->forward('/report/new/setup_categories_and_bodies'); diff --git a/perllib/FixMyStreet/App/Controller/Around.pm b/perllib/FixMyStreet/App/Controller/Around.pm index c4feca8b6..ec84ca09a 100644 --- a/perllib/FixMyStreet/App/Controller/Around.pm +++ b/perllib/FixMyStreet/App/Controller/Around.pm @@ -52,7 +52,7 @@ sub index : Path : Args(0) { } # Check to see if the spot is covered by a area - if not show an error. - return unless $c->forward('check_location_is_acceptable'); + return unless $c->forward('check_location_is_acceptable', []); # If we have a partial - redirect to /report/new so that it can be # completed. diff --git a/perllib/FixMyStreet/App/Controller/Council.pm b/perllib/FixMyStreet/App/Controller/Council.pm index 06a23aec9..0e7553dc4 100644 --- a/perllib/FixMyStreet/App/Controller/Council.pm +++ b/perllib/FixMyStreet/App/Controller/Council.pm @@ -36,7 +36,7 @@ there are no areas then return false. =cut sub load_and_check_areas : Private { - my ( $self, $c ) = @_; + my ( $self, $c, $prefetched_all_areas ) = @_; my $latitude = $c->stash->{latitude}; my $longitude = $c->stash->{longitude}; @@ -55,10 +55,10 @@ sub load_and_check_areas : Private { $params{generation} = $c->config->{MAPIT_GENERATION} if $c->config->{MAPIT_GENERATION}; - if ($c->stash->{prefetched_all_areas}) { + if ($prefetched_all_areas) { $all_areas = { map { $_ => { id => $_ } } - @{$c->stash->{prefetched_all_areas}} + @$prefetched_all_areas }; } elsif ( $c->stash->{fetch_all_areas} ) { my %area_types = map { $_ => 1 } @$area_types; diff --git a/perllib/FixMyStreet/App/Controller/Report.pm b/perllib/FixMyStreet/App/Controller/Report.pm index 6a7a14b5c..582de092c 100644 --- a/perllib/FixMyStreet/App/Controller/Report.pm +++ b/perllib/FixMyStreet/App/Controller/Report.pm @@ -3,6 +3,7 @@ package FixMyStreet::App::Controller::Report; use Moose; use namespace::autoclean; use JSON::MaybeXS; +use List::MoreUtils qw(any); BEGIN { extends 'Catalyst::Controller'; } @@ -299,7 +300,8 @@ sub inspect : Private { $c->forward('/auth/get_csrf_token'); $c->forward( 'load_problem_or_display_error', [ $id ] ); - $c->forward( 'check_has_permission_to', [ 'report_inspect' ] ); + my $permissions = $c->forward( 'check_has_permission_to', + [ qw/report_inspect report_edit_category report_edit_priority/ ] ); $c->forward( 'load_updates' ); $c->forward( 'format_problem_for_display' ); @@ -310,28 +312,32 @@ sub inspect : Private { if ( $c->get_param('save') || $c->get_param('save_inspected') ) { $c->forward('/auth/check_csrf_token'); - foreach (qw/detailed_location detailed_information traffic_information/) { - $problem->set_extra_metadata( $_ => $c->get_param($_) ); - } + if ($permissions->{report_inspect}) { + foreach (qw/detailed_location detailed_information traffic_information/) { + $problem->set_extra_metadata( $_ => $c->get_param($_) ); + } - if ( $c->get_param('save_inspected') ) { - $problem->set_extra_metadata( inspected => 1 ); - } + if ( $c->get_param('save_inspected') ) { + $problem->set_extra_metadata( inspected => 1 ); + } - # Handle the state changing - my $old_state = $problem->state; - $problem->state($c->get_param('state')); - if ( $problem->is_visible() and $old_state eq 'unconfirmed' ) { - $problem->confirmed( \'current_timestamp' ); - } - if ( $problem->state eq 'hidden' ) { - $problem->get_photoset->delete_cached; - } - if ( $problem->state ne $old_state ) { - $c->forward( '/admin/log_edit', [ $id, 'problem', 'state_change' ] ); + # Handle the state changing + my $old_state = $problem->state; + $problem->state($c->get_param('state')); + if ( $problem->is_visible() and $old_state eq 'unconfirmed' ) { + $problem->confirmed( \'current_timestamp' ); + } + if ( $problem->state eq 'hidden' ) { + $problem->get_photoset->delete_cached; + } + if ( $problem->state ne $old_state ) { + $c->forward( '/admin/log_edit', [ $id, 'problem', 'state_change' ] ); + } } - $problem->response_priority( $problem->response_priorities->find({ id => $c->get_param('priority') }) ); + if ($c->get_param('priority') && ($permissions->{report_inspect} || $permissions->{report_edit_priority})) { + $problem->response_priority( $problem->response_priorities->find({ id => $c->get_param('priority') }) ); + } my $valid = 1; if ( !$c->forward( '/admin/report_edit_location', [ $problem ] ) ) { @@ -340,7 +346,9 @@ sub inspect : Private { $c->stash->{errors} = [ _('Invalid location. New location must be covered by the same council.') ]; } - $c->forward( '/admin/report_edit_category', [ $problem ] ); + if ($permissions->{report_inspect} || $permissions->{report_edit_category}) { + $c->forward( '/admin/report_edit_category', [ $problem ] ); + } if ($valid) { $problem->update; @@ -362,18 +370,22 @@ sub map : Private { =head2 check_has_permission_to -Ensure the currently logged-in user has a particular permission that applies +Ensure the currently logged-in user has any of the provided permissions applied to the current Problem in $c->stash->{problem}. Shows the 403 page if not. =cut sub check_has_permission_to : Private { - my ( $self, $c, $permission ) = @_; + my ( $self, $c, @permissions ) = @_; my $bodies = $c->stash->{problem}->bodies_str; + my %permissions = map { $_ => $c->user->has_permission_to($_, $bodies) } @permissions + if $c->user_exists; $c->detach('/page_error_403_access_denied', [ _("Sorry, you don't have permission to do that.") ] ) - unless $c->user_exists && $c->user->has_permission_to($permission, $bodies); + unless $c->user_exists && any { $_ } values %permissions; + + return \%permissions; }; __PACKAGE__->meta->make_immutable; diff --git a/perllib/FixMyStreet/App/Controller/Report/New.pm b/perllib/FixMyStreet/App/Controller/Report/New.pm index cfb572d83..7960f5e4c 100644 --- a/perllib/FixMyStreet/App/Controller/Report/New.pm +++ b/perllib/FixMyStreet/App/Controller/Report/New.pm @@ -481,7 +481,7 @@ sub determine_location : Private { || $c->forward('/location/determine_location_from_coords') || $c->forward('determine_location_from_report') ) # - && $c->forward('/around/check_location_is_acceptable'); + && $c->forward('/around/check_location_is_acceptable', []); return; } diff --git a/perllib/FixMyStreet/DB/Result/User.pm b/perllib/FixMyStreet/DB/Result/User.pm index 6444cfe6a..0ba7e252c 100644 --- a/perllib/FixMyStreet/DB/Result/User.pm +++ b/perllib/FixMyStreet/DB/Result/User.pm @@ -240,18 +240,34 @@ sub split_name { return { first => $first || '', last => $last || '' }; } +sub permissions { + my ($self, $c, $body_id) = @_; + + if ($self->is_superuser) { + my $perms = $c->cobrand->available_permissions; + return { map { %$_ } values %$perms }; + } + + return unless $self->belongs_to_body($body_id); + + my @permissions = $self->user_body_permissions->search({ + body_id => $self->from_body->id, + })->all; + return { map { $_->permission_type => 1 } @permissions }; +} + sub has_permission_to { my ($self, $permission_type, $body_id) = @_; return 1 if $self->is_superuser; - return unless $self->belongs_to_body($body_id); + return 0 unless $self->belongs_to_body($body_id); my $permission = $self->user_body_permissions->find({ permission_type => $permission_type, body_id => $self->from_body->id, }); - return $permission ? 1 : undef; + return $permission ? 1 : 0; } =head2 has_body_permission_to |