Skip to content

Commit 7ce1a74

Browse files
larskemperlarskemper
authored
feat: add acl constraints (#77)
1 parent 63dbef2 commit 7ce1a74

File tree

18 files changed

+186
-61
lines changed

18 files changed

+186
-61
lines changed

src/Controller/HistoryController.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ public function __construct(private readonly HistoryServiceInterface $historySer
2929
{
3030
}
3131

32-
#[Route(path: '/api/migration/get-grouped-logs-of-run', name: 'api.admin.migration.get-grouped-logs-of-run', methods: ['GET'], defaults: ['_acl' => ['admin']])]
32+
#[Route(path: '/api/migration/get-grouped-logs-of-run', name: 'api.admin.migration.get-grouped-logs-of-run', methods: ['GET'], defaults: ['_acl' => ['swag_migration.viewer']])]
3333
public function getGroupedLogsOfRun(Request $request, Context $context): JsonResponse
3434
{
3535
$runUuid = $request->query->getAlnum('runUuid');
@@ -54,7 +54,7 @@ public function getGroupedLogsOfRun(Request $request, Context $context): JsonRes
5454
]);
5555
}
5656

57-
#[Route(path: '/api/_action/migration/download-logs-of-run', name: 'api.admin.migration.download-logs-of-run', methods: ['POST'], defaults: ['auth_required' => false, '_acl' => ['admin']])]
57+
#[Route(path: '/api/_action/migration/download-logs-of-run', name: 'api.admin.migration.download-logs-of-run', methods: ['POST'], defaults: ['auth_required' => false, '_acl' => ['swag_migration.viewer']])]
5858
public function downloadLogsOfRun(Request $request, Context $context): StreamedResponse
5959
{
6060
$runUuid = $request->request->getAlnum('runUuid');
@@ -80,7 +80,7 @@ public function downloadLogsOfRun(Request $request, Context $context): StreamedR
8080
return $response;
8181
}
8282

83-
#[Route(path: '/api/_action/migration/clear-data-of-run', name: 'api.admin.migration.clear-data-of-run', methods: ['POST'], defaults: ['_acl' => ['admin']])]
83+
#[Route(path: '/api/_action/migration/clear-data-of-run', name: 'api.admin.migration.clear-data-of-run', methods: ['POST'], defaults: ['_acl' => ['swag_migration.deleter']])]
8484
public function clearDataOfRun(Request $request, Context $context): Response
8585
{
8686
$runUuid = $request->request->getAlnum('runUuid');
@@ -98,7 +98,7 @@ public function clearDataOfRun(Request $request, Context $context): Response
9898
return new Response();
9999
}
100100

101-
#[Route(path: '/api/_action/migration/is-media-processing', name: 'api.admin.migration.is-media-processing', methods: ['GET'], defaults: ['_acl' => ['admin']])]
101+
#[Route(path: '/api/_action/migration/is-media-processing', name: 'api.admin.migration.is-media-processing', methods: ['GET'], defaults: ['_acl' => ['swag_migration_history:read']])]
102102
public function isMediaProcessing(): JsonResponse
103103
{
104104
$result = $this->historyService->isMediaProcessing();

src/Controller/PremappingController.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ public function __construct(
2828
) {
2929
}
3030

31-
#[Route(path: '/api/_action/migration/generate-premapping', name: 'api.admin.migration.generate-premapping', methods: ['POST'], defaults: ['_acl' => ['admin']])]
31+
#[Route(path: '/api/_action/migration/generate-premapping', name: 'api.admin.migration.generate-premapping', methods: ['POST'], defaults: ['_acl' => ['swag_migration.editor']])]
3232
public function generatePremapping(Request $request, Context $context): JsonResponse
3333
{
3434
$dataSelectionIds = $request->request->all('dataSelectionIds');
@@ -41,7 +41,7 @@ public function generatePremapping(Request $request, Context $context): JsonResp
4141
return new JsonResponse($this->premappingService->generatePremapping($context, $migrationContext, $dataSelectionIds));
4242
}
4343

44-
#[Route(path: '/api/_action/migration/write-premapping', name: 'api.admin.migration.write-premapping', methods: ['POST'], defaults: ['_acl' => ['admin']])]
44+
#[Route(path: '/api/_action/migration/write-premapping', name: 'api.admin.migration.write-premapping', methods: ['POST'], defaults: ['_acl' => ['swag_migration.editor']])]
4545
public function writePremapping(Request $request, Context $context): Response
4646
{
4747
$premapping = $request->request->all('premapping');

src/Controller/StatusController.php

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ public function __construct(
5050
#[Route(
5151
path: '/api/_action/migration/get-profile-information',
5252
name: 'api.admin.migration.get-profile-information',
53-
defaults: ['_acl' => ['admin']],
53+
defaults: ['_acl' => ['swag_migration.viewer']],
5454
methods: [Request::METHOD_GET]
5555
)]
5656
public function getProfileInformation(Request $request): Response
@@ -117,7 +117,7 @@ public function getProfileInformation(Request $request): Response
117117
#[Route(
118118
path: '/api/_action/migration/get-profiles',
119119
name: 'api.admin.migration.get-profiles',
120-
defaults: ['_acl' => ['admin']],
120+
defaults: ['_acl' => ['swag_migration.viewer']],
121121
methods: [Request::METHOD_GET]
122122
)]
123123
public function getProfiles(): JsonResponse
@@ -140,7 +140,7 @@ public function getProfiles(): JsonResponse
140140
#[Route(
141141
path: '/api/_action/migration/get-gateways',
142142
name: 'api.admin.migration.get-gateways',
143-
defaults: ['_acl' => ['admin']],
143+
defaults: ['_acl' => ['swag_migration.viewer']],
144144
methods: [Request::METHOD_GET]
145145
)]
146146
public function getGateways(Request $request): JsonResponse
@@ -168,7 +168,7 @@ public function getGateways(Request $request): JsonResponse
168168
#[Route(
169169
path: '/api/_action/migration/update-connection-credentials',
170170
name: 'api.admin.migration.update-connection-credentials',
171-
defaults: ['_acl' => ['admin']],
171+
defaults: ['_acl' => ['swag_migration.editor']],
172172
methods: [Request::METHOD_POST]
173173
)]
174174
public function updateConnectionCredentials(Request $request, Context $context): Response
@@ -195,7 +195,7 @@ public function updateConnectionCredentials(Request $request, Context $context):
195195
#[Route(
196196
path: '/api/_action/migration/data-selection',
197197
name: 'api.admin.migration.data-selection',
198-
defaults: ['_acl' => ['admin']],
198+
defaults: ['_acl' => ['swag_migration.viewer']],
199199
methods: [Request::METHOD_GET]
200200
)]
201201
public function getDataSelection(Request $request, Context $context): JsonResponse
@@ -222,7 +222,7 @@ public function getDataSelection(Request $request, Context $context): JsonRespon
222222
#[Route(
223223
path: '/api/_action/migration/check-connection',
224224
name: 'api.admin.migration.check-connection',
225-
defaults: ['_acl' => ['admin']],
225+
defaults: ['_acl' => ['swag_migration.viewer']],
226226
methods: [Request::METHOD_POST]
227227
)]
228228
public function checkConnection(Request $request, Context $context): JsonResponse
@@ -248,7 +248,7 @@ public function checkConnection(Request $request, Context $context): JsonRespons
248248
#[Route(
249249
path: '/api/_action/migration/start-migration',
250250
name: 'api.admin.migration.start-migration',
251-
defaults: ['_acl' => ['admin']],
251+
defaults: ['_acl' => ['swag_migration.creator']],
252252
methods: [Request::METHOD_POST]
253253
)]
254254
public function startMigration(Request $request, Context $context): Response
@@ -281,7 +281,7 @@ public function startMigration(Request $request, Context $context): Response
281281
#[Route(
282282
path: '/api/_action/migration/get-state',
283283
name: 'api.admin.migration.get-state',
284-
defaults: ['_acl' => ['admin']],
284+
defaults: ['_acl' => ['swag_migration.viewer']],
285285
methods: [Request::METHOD_GET]
286286
)]
287287
public function getState(Context $context): JsonResponse
@@ -292,7 +292,7 @@ public function getState(Context $context): JsonResponse
292292
#[Route(
293293
path: '/api/_action/migration/approve-finished',
294294
name: 'api.admin.migration.approveFinished',
295-
defaults: ['_acl' => ['admin']],
295+
defaults: ['_acl' => ['swag_migration.editor']],
296296
methods: [Request::METHOD_POST]
297297
)]
298298
public function approveFinishedMigration(Context $context): Response
@@ -313,7 +313,7 @@ public function approveFinishedMigration(Context $context): Response
313313
#[Route(
314314
path: '/api/_action/migration/abort-migration',
315315
name: 'api.admin.migration.abort-migration',
316-
defaults: ['_acl' => ['admin']],
316+
defaults: ['_acl' => ['swag_migration.editor']],
317317
methods: [Request::METHOD_POST]
318318
)]
319319
public function abortMigration(Context $context): Response
@@ -330,7 +330,7 @@ public function abortMigration(Context $context): Response
330330
#[Route(
331331
path: '/api/_action/migration/reset-checksums',
332332
name: 'api.admin.migration.reset-checksums',
333-
defaults: ['_acl' => ['admin']],
333+
defaults: ['_acl' => ['swag_migration.deleter']],
334334
methods: [Request::METHOD_POST]
335335
)]
336336
public function resetChecksums(Request $request, Context $context): Response
@@ -349,7 +349,7 @@ public function resetChecksums(Request $request, Context $context): Response
349349
#[Route(
350350
path: '/api/_action/migration/cleanup-migration-data',
351351
name: 'api.admin.migration.cleanup-migration-data',
352-
defaults: ['_acl' => ['admin']],
352+
defaults: ['_acl' => ['swag_migration.deleter']],
353353
methods: [Request::METHOD_POST]
354354
)]
355355
public function cleanupMigrationData(Context $context): Response
@@ -360,9 +360,9 @@ public function cleanupMigrationData(Context $context): Response
360360
}
361361

362362
#[Route(
363-
path: '/api/_action/migration/is-truncating-migration-data',
364-
name: 'api.admin.migration.is-truncating-migration-data',
365-
defaults: ['_acl' => ['admin']],
363+
path: '/api/_action/migration/get-reset-status',
364+
name: 'api.admin.migration.get-reset-status',
365+
defaults: ['_acl' => ['swag_migration.viewer']],
366366
methods: [Request::METHOD_GET]
367367
)]
368368
public function isTruncatingMigrationData(Context $context): JsonResponse
@@ -379,7 +379,7 @@ public function isTruncatingMigrationData(Context $context): JsonResponse
379379
#[Route(
380380
path: '/api/_action/migration/is-resetting-checksums',
381381
name: 'api.admin.migration.is-resetting-checksums',
382-
defaults: ['_acl' => ['admin']],
382+
defaults: ['_acl' => ['swag_migration.viewer']],
383383
methods: [Request::METHOD_GET]
384384
)]
385385
public function isResettingChecksums(Context $context): JsonResponse

src/Resources/app/administration/src/module/swag-migration/acl/index.ts

Lines changed: 81 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,81 @@
1+
const MIGRATION_ACL_KEY = 'swag_migration';
2+
3+
const acl = {
4+
category: 'permissions',
5+
parent: 'settings',
6+
key: MIGRATION_ACL_KEY,
7+
roles: {
8+
viewer: {
9+
privileges: [
10+
'swag_migration_connection:read',
11+
'swag_migration_data:read',
12+
'swag_migration_fix:read',
13+
'swag_migration_general_setting:read',
14+
'swag_migration_logging:read',
15+
'swag_migration_mapping:read',
16+
'swag_migration_media_file:read',
17+
'swag_migration_run:read',
18+
'swag_migration_history:read',
19+
'system_config:read',
20+
],
21+
dependencies: [],
22+
},
23+
editor: {
24+
privileges: [
25+
'swag_migration_connection:update',
26+
'swag_migration_data:update',
27+
'swag_migration_fix:update',
28+
'swag_migration_general_setting:update',
29+
'swag_migration_logging:update',
30+
'swag_migration_mapping:update',
31+
'swag_migration_media_file:update',
32+
'swag_migration_run:update',
33+
'swag_migration_history:update',
34+
],
35+
dependencies: [
36+
'swag_migration.viewer',
37+
],
38+
},
39+
creator: {
40+
privileges: [
41+
'swag_migration_connection:create',
42+
'swag_migration_data:create',
43+
'swag_migration_fix:create',
44+
'swag_migration_general_setting:create',
45+
'swag_migration_logging:create',
46+
'swag_migration_mapping:create',
47+
'swag_migration_media_file:create',
48+
'swag_migration_run:create',
49+
'swag_migration_history:create',
50+
],
51+
dependencies: [
52+
'swag_migration.viewer',
53+
'swag_migration.editor',
54+
],
55+
},
56+
deleter: {
57+
privileges: [
58+
'swag_migration_connection:delete',
59+
'swag_migration_data:delete',
60+
'swag_migration_fix:delete',
61+
'swag_migration_general_setting:delete',
62+
'swag_migration_logging:delete',
63+
'swag_migration_mapping:delete',
64+
'swag_migration_media_file:delete',
65+
'swag_migration_run:delete',
66+
'swag_migration_history:delete',
67+
],
68+
dependencies: [
69+
'swag_migration.viewer',
70+
],
71+
},
72+
},
73+
};
74+
75+
Shopware.Service('privileges').addPrivilegeMappingEntry(acl);
76+
77+
/**
78+
* @private
79+
* @sw-package fundamentals@after-sales
80+
*/
81+
export { MIGRATION_ACL_KEY, acl };

src/Resources/app/administration/src/module/swag-migration/component/card/swag-migration-shop-information/index.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,7 @@ export default Shopware.Component.wrapComponentConfig({
5454
inject: [
5555
MIGRATION_API_SERVICE,
5656
'repositoryFactory',
57+
'acl',
5758
],
5859

5960
mixins: [

0 commit comments

Comments
 (0)