From 4905fdac87571011a0df196a376421a76625a770 Mon Sep 17 00:00:00 2001 From: alexweissman Date: Sat, 24 Mar 2018 16:25:46 -0400 Subject: [PATCH 1/2] Lock `gulp-uf-bundle-assets` at v2.28.0 until Silic0nS0ldier/gulp-uf-bundle-assets#5 is resolved (see #859) --- CHANGELOG.md | 8 ++++++++ app/defines.php | 2 +- build/package.json | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c39f7b9c9..cbc890c3e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Change Log +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) +and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). + +## v4.1.17-alpha +- Lock `gulp-uf-bundle-assets` at v2.28.0 until Silic0nS0ldier/gulp-uf-bundle-assets#5 is resolved (see #859) + ## v4.1.16-alpha - Fix for `merge` bundling rule (#660) - Fix for undefined variable exception under strict mode in `ufAlerts` (#809) diff --git a/app/defines.php b/app/defines.php index b93f048d7..d1294240f 100755 --- a/app/defines.php +++ b/app/defines.php @@ -3,7 +3,7 @@ namespace UserFrosting; // Some standard defines -define('UserFrosting\VERSION', '4.1.16-alpha'); +define('UserFrosting\VERSION', '4.1.17-alpha'); define('UserFrosting\DS', '/'); define('UserFrosting\PHP_MIN_VERSION', '5.6'); define('UserFrosting\DEBUG_CONFIG', false); diff --git a/build/package.json b/build/package.json index c00a2090f..d9dc74a6c 100755 --- a/build/package.json +++ b/build/package.json @@ -11,7 +11,7 @@ "license": "MIT", "devDependencies": { "gulp": "^3.9.1", - "gulp-uf-bundle-assets": "^2.27.2", + "gulp-uf-bundle-assets": "2.28.0", "gulp-load-plugins": "^1.4.0", "merge-array-object": "^1.0.3", "recursive-copy": "^2.0.5", From 599635b94db1669b0a4aba915427df7e9599e9cb Mon Sep 17 00:00:00 2001 From: alexweissman Date: Sat, 24 Mar 2018 17:56:23 -0400 Subject: [PATCH 2/2] Add missing getInfo methods for GroupController and RoleController (#837) --- CHANGELOG.md | 1 + .../admin/src/Controller/GroupController.php | 39 +++++++++++++++++++ .../admin/src/Controller/RoleController.php | 39 +++++++++++++++++++ 3 files changed, 79 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cbc890c3e..44f7530d9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## v4.1.17-alpha - Lock `gulp-uf-bundle-assets` at v2.28.0 until Silic0nS0ldier/gulp-uf-bundle-assets#5 is resolved (see #859) +- Add missing getInfo methods for GroupController and RoleController (#837) ## v4.1.16-alpha - Fix for `merge` bundling rule (#660) diff --git a/app/sprinkles/admin/src/Controller/GroupController.php b/app/sprinkles/admin/src/Controller/GroupController.php index 1b50ea291..7ca94b1b1 100644 --- a/app/sprinkles/admin/src/Controller/GroupController.php +++ b/app/sprinkles/admin/src/Controller/GroupController.php @@ -200,6 +200,45 @@ public function delete($request, $response, $args) return $response->withStatus(200); } + /** + * Returns info for a single group. + * + * This page requires authentication. + * Request type: GET + */ + public function getInfo($request, $response, $args) + { + /** @var UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */ + $authorizer = $this->ci->authorizer; + + /** @var UserFrosting\Sprinkle\Account\Database\Models\User $currentUser */ + $currentUser = $this->ci->currentUser; + + // Access-controlled page + if (!$authorizer->checkAccess($currentUser, 'uri_groups')) { + throw new ForbiddenException(); + } + + $slug = $args['slug']; + + /** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */ + $classMapper = $this->ci->classMapper; + + $group = $classMapper->staticMethod('group', 'where', 'slug', $slug)->first(); + + // If the group doesn't exist, return 404 + if (!$group) { + throw new NotFoundException($request, $response); + } + + // Get group + $result = $group->toArray(); + + // Be careful how you consume this data - it has not been escaped and contains untrusted user-supplied content. + // For example, if you plan to insert it into an HTML DOM, you must escape it on the client side (or use client-side templating). + return $response->withJson($result, 200, JSON_PRETTY_PRINT); + } + /** * Returns a list of Groups * diff --git a/app/sprinkles/admin/src/Controller/RoleController.php b/app/sprinkles/admin/src/Controller/RoleController.php index b5651156e..ab86c88be 100644 --- a/app/sprinkles/admin/src/Controller/RoleController.php +++ b/app/sprinkles/admin/src/Controller/RoleController.php @@ -199,6 +199,45 @@ public function delete($request, $response, $args) return $response->withStatus(200); } + /** + * Returns info for a single role, along with associated permissions. + * + * This page requires authentication. + * Request type: GET + */ + public function getInfo($request, $response, $args) + { + /** @var UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */ + $authorizer = $this->ci->authorizer; + + /** @var UserFrosting\Sprinkle\Account\Database\Models\User $currentUser */ + $currentUser = $this->ci->currentUser; + + // Access-controlled page + if (!$authorizer->checkAccess($currentUser, 'uri_roles')) { + throw new ForbiddenException(); + } + + $slug = $args['slug']; + + /** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */ + $classMapper = $this->ci->classMapper; + + $role = $classMapper->staticMethod('role', 'where', 'slug', $slug)->first(); + + // If the role doesn't exist, return 404 + if (!$role) { + throw new NotFoundException($request, $response); + } + + // Get role + $result = $role->load('permissions')->toArray(); + + // Be careful how you consume this data - it has not been escaped and contains untrusted user-supplied content. + // For example, if you plan to insert it into an HTML DOM, you must escape it on the client side (or use client-side templating). + return $response->withJson($result, 200, JSON_PRETTY_PRINT); + } + /** * Returns a list of Roles *