Skip to content

Commit

Permalink
Merge pull request #5182 from queoGmbH/bugfix/workspace-title_media-u…
Browse files Browse the repository at this point in the history 
…sage-tab

BUGFIX: show workspace owner/title in media usage tab
  • Loading branch information
@skurfuerst
skurfuerst authored Oct 23, 2024
2 parents 18ca480 + bbeb8df commit 4da870e
Show file tree
Hide file tree
Showing 4 changed files with 47 additions and 6 deletions.
40 changes: 35 additions & 5 deletions Neos.Media.Browser/Classes/Controller/UsageController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@
use Neos\Eel\FlowQuery\FlowQuery;
use Neos\Flow\Annotations as Flow;
use Neos\Flow\Mvc\Controller\ActionController;
use Neos\Flow\Security\Authorization\PrivilegeManagerInterface;
use Neos\Flow\Security\Context;
use Neos\Media\Domain\Model\AssetInterface;
use Neos\Media\Domain\Service\AssetService;
use Neos\Neos\Controller\CreateContentContextTrait;
Expand Down Expand Up @@ -80,6 +82,18 @@ class UsageController extends ActionController
*/
protected $domainUserService;

/**
* @Flow\Inject
* @var Context
*/
protected $securityContext;

/**
* @Flow\Inject
* @var PrivilegeManagerInterface
*/
protected $privilegeManager;

/**
* Get Related Nodes for an asset
*
Expand Down Expand Up @@ -116,6 +130,7 @@ public function relatedNodesAction(AssetInterface $asset)
$workspace = $this->workspaceRepository->findByIdentifier($usage->getWorkspaceName());
$accessible = $this->domainUserService->currentUserCanReadWorkspace($workspace);

$inaccessibleRelation['label'] = $this->getLabelForInaccessibleWorkspace($workspace);
$inaccessibleRelation['nodeIdentifier'] = $usage->getNodeIdentifier();
$inaccessibleRelation['workspaceName'] = $usage->getWorkspaceName();
$inaccessibleRelation['workspace'] = $workspace;
Expand Down Expand Up @@ -165,7 +180,7 @@ public function relatedNodesAction(AssetInterface $asset)
'inaccessibleRelations' => $inaccessibleRelations,
'relatedNodes' => $relatedNodes,
'contentDimensions' => $this->contentDimensionPresetSource->getAllPresets(),
'userWorkspace' => $userWorkspace
'userWorkspace' => $userWorkspace,
]);
}

Expand All @@ -175,13 +190,28 @@ public function relatedNodesAction(AssetInterface $asset)
*/
private function getNodeFrom(AssetUsageInNodeProperties $assetUsage)
{
$context = $this->_contextFactory->create(
[
$context = $this->_contextFactory->create([
'workspaceName' => $assetUsage->getWorkspaceName(),
'dimensions' => $assetUsage->getDimensionValues(),
'invisibleContentShown' => true,
'removedContentShown' => true]
);
'removedContentShown' => true
]);
return $context->getNodeByIdentifier($assetUsage->getNodeIdentifier());
}

private function getLabelForInaccessibleWorkspace(Workspace $workspace): string
{
$currentAccount = $this->securityContext->getAccount();

if ($currentAccount != null && $this->privilegeManager->isPrivilegeTargetGranted('Neos.Media.Browser:WorkspaceName')) {
if ($workspace->isPrivateWorkspace()) {
$owner = $workspace->getOwner();
return '(' . $owner->getLabel() . ')';
} else {
return '(' . $workspace->getTitle() . ')';
}
}

return '';
}
}
9 changes: 9 additions & 0 deletions Neos.Media.Browser/Configuration/Policy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,12 @@ privilegeTargets:
label: Allowed to replace asset resources
matcher: 'method(Neos\Media\Browser\Controller\(Asset|Image)Controller->(replaceAssetResource|updateAssetResource)Action())'

# We evaluate the WorkspaceName privilegeTarget in code (UsageController) to determine whether we should show workspace names or not.
# To control access to the module in general, Neos.Media.Browser:AssetUsage is used (so that's why they have the same matcher string).
'Neos.Media.Browser:WorkspaceName':
label: Allowed to see workspace owner
matcher: 'method(Neos\Media\Browser\Controller\UsageController->relatedNodesAction())'

roles:
'Neos.Neos:AbstractEditor':
privileges:
Expand Down Expand Up @@ -55,6 +61,9 @@ roles:
-
privilegeTarget: 'Neos.Media.Browser:ManageAssetCollections'
permission: GRANT
-
privilegeTarget: 'Neos.Media.Browser:WorkspaceName'
permission: GRANT

'Neos.Flow:Everybody':
privileges:
Expand Down
3 changes: 3 additions & 0 deletions Neos.Media.Browser/Resources/Private/Templates/Usage/RelatedNodes.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,20 +39,23 @@
title="{neos:backend.translate(id: 'workspaces.personalWorkspace', source: 'Modules', package: 'Neos.Neos')}"
data-neos-toggle="tooltip"></i>
{neos:backend.translate(id: 'workspaces.personalWorkspace', source: 'Modules', package: 'Neos.Neos')}
{inaccessibleRelation.label}
</f:case>
<f:case value="{inaccessibleRelation.workspace.privateWorkspace}">
<i class="fas fa-shield"
title="{neos:backend.translate(id: 'workspaces.privateWorkspace', source: 'Modules', package: 'Neos.Neos')}"
data-neos-toggle="tooltip"></i>
{neos:backend.translate(id: 'workspaces.privateWorkspace', source: 'Modules', package:
'Neos.Neos')}
{inaccessibleRelation.label}
</f:case>
<f:case value="{inaccessibleRelation.workspace.internalWorkspace}">
<i class="fas fa-group"
title="{neos:backend.translate(id: 'workspaces.internalWorkspace', source: 'Modules', package: 'Neos.Neos')}"
data-neos-toggle="tooltip"></i>
{neos:backend.translate(id: 'workspaces.internalWorkspace', source: 'Modules', package:
'Neos.Neos')}
{inaccessibleRelation.label}
</f:case>
<f:defaultCase>
---
Expand Down
1 change: 0 additions & 1 deletion Neos.Neos/Configuration/Policy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -325,7 +325,6 @@ roles:
'Neos.Neos:Administrator':
label: Neos Administrator
description: Grants access to all modules and functionalities of the Neos backend.

parentRoles: ['Neos.Neos:Editor']
privileges:
-
Expand Down

0 comments on commit 4da870e

Please sign in to comment.