Merge branch 'hotfix'

CHANGELOG.md

@@ -1,5 +1,14 @@
 # Change Log
 
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+
+## v4.1.17-alpha
+- Lock `gulp-uf-bundle-assets` at v2.28.0 until Silic0nS0ldier/gulp-uf-bundle-assets#5 is resolved (see #859)
+- Add missing getInfo methods for GroupController and RoleController (#837)
+
 ## v4.1.16-alpha
 - Fix for `merge` bundling rule (#660)
 - Fix for undefined variable exception under strict mode in `ufAlerts` (#809)

app/defines.php

@@ -3,7 +3,7 @@
 namespace UserFrosting;
 
 // Some standard defines
-define('UserFrosting\VERSION', '4.1.16-alpha');
+define('UserFrosting\VERSION', '4.1.17-alpha');
 define('UserFrosting\DS', '/');
 define('UserFrosting\PHP_MIN_VERSION', '5.6');
 define('UserFrosting\DEBUG_CONFIG', false);

app/sprinkles/admin/src/Controller/GroupController.php

@@ -200,6 +200,45 @@ public function delete($request, $response, $args)
         return $response->withStatus(200);
     }
 
+    /**
+     * Returns info for a single group.
+     *
+     * This page requires authentication.
+     * Request type: GET
+     */
+    public function getInfo($request, $response, $args)
+    {
+        /** @var UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
+        $authorizer = $this->ci->authorizer;
+
+        /** @var UserFrosting\Sprinkle\Account\Database\Models\User $currentUser */
+        $currentUser = $this->ci->currentUser;
+
+        // Access-controlled page
+        if (!$authorizer->checkAccess($currentUser, 'uri_groups')) {
+            throw new ForbiddenException();
+        }
+
+        $slug = $args['slug'];
+
+        /** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
+        $classMapper = $this->ci->classMapper;
+
+        $group = $classMapper->staticMethod('group', 'where', 'slug', $slug)->first();
+
+        // If the group doesn't exist, return 404
+        if (!$group) {
+            throw new NotFoundException($request, $response);
+        }
+
+        // Get group
+        $result = $group->toArray();
+
+        // Be careful how you consume this data - it has not been escaped and contains untrusted user-supplied content.
+        // For example, if you plan to insert it into an HTML DOM, you must escape it on the client side (or use client-side templating).
+        return $response->withJson($result, 200, JSON_PRETTY_PRINT);
+    }
+
     /**
      * Returns a list of Groups
      *

app/sprinkles/admin/src/Controller/RoleController.php

@@ -199,6 +199,45 @@ public function delete($request, $response, $args)
         return $response->withStatus(200);
     }
 
+    /**
+     * Returns info for a single role, along with associated permissions.
+     *
+     * This page requires authentication.
+     * Request type: GET
+     */
+    public function getInfo($request, $response, $args)
+    {
+        /** @var UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
+        $authorizer = $this->ci->authorizer;
+
+        /** @var UserFrosting\Sprinkle\Account\Database\Models\User $currentUser */
+        $currentUser = $this->ci->currentUser;
+
+        // Access-controlled page
+        if (!$authorizer->checkAccess($currentUser, 'uri_roles')) {
+            throw new ForbiddenException();
+        }
+
+        $slug = $args['slug'];
+
+        /** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
+        $classMapper = $this->ci->classMapper;
+
+        $role = $classMapper->staticMethod('role', 'where', 'slug', $slug)->first();
+
+        // If the role doesn't exist, return 404
+        if (!$role) {
+            throw new NotFoundException($request, $response);
+        }
+
+        // Get role
+        $result = $role->load('permissions')->toArray();
+
+        // Be careful how you consume this data - it has not been escaped and contains untrusted user-supplied content.
+        // For example, if you plan to insert it into an HTML DOM, you must escape it on the client side (or use client-side templating).
+        return $response->withJson($result, 200, JSON_PRETTY_PRINT);
+    }
+
     /**
      * Returns a list of Roles
      *

build/package.json

@@ -11,7 +11,7 @@
   "license": "MIT",
   "devDependencies": {
     "gulp": "^3.9.1",
-    "gulp-uf-bundle-assets": "^2.27.2",
+    "gulp-uf-bundle-assets": "2.28.0",
     "gulp-load-plugins": "^1.4.0",
     "merge-array-object": "^1.0.3",
     "recursive-copy": "^2.0.5",