Very crude permissions
TODO: Use Symfony Voters
This commit is contained in:
parent
c20ec66f22
commit
b41e394e9c
@ -15,6 +15,15 @@ class VocabFuncContextController extends AbstractController
|
||||
#[Route('/vocabs/functional_context', name: 'app_vocab_func_context')]
|
||||
public function index(EntityManagerInterface $em): Response
|
||||
{
|
||||
$roles = $this->getUser()->getRoles();
|
||||
|
||||
if (! in_array('ROLE_REVISOR', $roles)
|
||||
&& ! in_array('ROLE_ADMIN', $roles)
|
||||
) {
|
||||
$this->addFlash('warning', 'Only revisors and administrators can edit vocabularies');
|
||||
return $this->redirectToRoute('app_home');
|
||||
}
|
||||
|
||||
$terms = $em->getRepository(VocabFuncContext::class)->findBy([], ['term' => 'ASC']);
|
||||
|
||||
return $this->render('vocab_func_context/index.html.twig', [
|
||||
|
||||
@ -6,10 +6,21 @@
|
||||
<div class="has-text-centered">
|
||||
<img width="200px" src="{{ asset('img/Logo-ArCOA-def.png') }}" />
|
||||
</div>
|
||||
|
||||
<h1 class="is-size-1 mt-6 mb-6 has-text-centered">ArCOA Digital Archive</h1>
|
||||
<h2 class="is-size-3 mb-3 has-text-centered">Archivi e Collezioni dell'Oriente Antico</h2>
|
||||
<h2 class="is-size-3 mb-6 has-text-centered">Archives and Collections of the Ancient Near East</h2>
|
||||
|
||||
{% for message in app.flashes('warning') %}
|
||||
<article class="message is-warning" style="max-width: 35vw; margin: 0 auto;">
|
||||
<div class="message-header">
|
||||
<p>Warning</p>
|
||||
<button class="delete" aria-label="delete"></button>
|
||||
</div>
|
||||
<div class="message-body">{{ message }}</div>
|
||||
</article>
|
||||
{% endfor %}
|
||||
|
||||
<div class="columns" style="max-width: 35vw; margin: 0 auto;">
|
||||
<div class="column mt-6 mb-5">
|
||||
<div class="card content p-4 is-clickable">
|
||||
@ -28,5 +39,13 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<script type="text/javascript" defer>
|
||||
const warning = document.querySelector('.is-warning');
|
||||
|
||||
if (warning) {
|
||||
warning.querySelector('.delete').addEventListener('click', () => {
|
||||
warning.classList.add('is-hidden');
|
||||
});
|
||||
}
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
||||
@ -32,13 +32,46 @@
|
||||
Administrator
|
||||
{% elseif 'ROLE_REVISOR' in app.user.roles %}
|
||||
Revisor
|
||||
{% elseif 'ROLE_EDITOR' in app.user.roles %}
|
||||
Editor
|
||||
{% else %}
|
||||
Reader
|
||||
{% endif %}
|
||||
<span class="icon is-small is-size-5 pl-3 has-text-link">
|
||||
<i class="fa fa-question-circle"></i>
|
||||
</span>
|
||||
</p>
|
||||
<article class="message is-info">
|
||||
<div class="message-header">
|
||||
<p>
|
||||
<span class="icon is-small is-size-5 mr-3">
|
||||
<i class="fa fa-info-circle"></i>
|
||||
</span>
|
||||
Role permissions
|
||||
</p>
|
||||
</div>
|
||||
<div class="message-body">
|
||||
{% if 'ROLE_ADMIN' in app.user.roles %}
|
||||
<p>
|
||||
Administrators can create and edit users of the ArCOA data entry system,
|
||||
including changing passwords and user roles, and disabling accounts.
|
||||
</p>
|
||||
<p>
|
||||
They can perform all actions on all records and vocabularies
|
||||
(create, view, edit, delete).
|
||||
</p>
|
||||
{% elseif 'ROLE_REVISOR' in app.user.roles %}
|
||||
<p>Revisors can perform all actions (create, view, edit, delete) on all records and vocabs.</p>
|
||||
{% elseif 'ROLE_EDITOR' in app.user.roles %}
|
||||
<p>
|
||||
Editors can view vocabs, view and search all records, create new records with "draft" or "complete" status,
|
||||
edit their own records and those created by other editors; they can only delete their own records, as long as the status
|
||||
is "draft" or "complete".
|
||||
</p>
|
||||
{% else %}
|
||||
<p>
|
||||
Readers can view and search records that are either published, excluded or unindexed (draft and complete records cannot be viewed).
|
||||
</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</article>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user