Fix some user permissions, when viewing netmails and other systems
All checks were successful
Create Docker Image / Build Docker Image (x86_64) (push) Successful in 37s
Create Docker Image / Build Docker Image (arm64) (push) Successful in 1m50s
Create Docker Image / Final Docker Image Manifest (push) Successful in 9s

This commit is contained in:
Deon George 2024-10-16 08:44:46 +11:00
parent 38fd1539a6
commit f4f8e9fa94
2 changed files with 18 additions and 19 deletions

View File

@ -19,17 +19,14 @@ class NetmailPolicy
*/ */
public function view(User $user, Netmail $o): bool public function view(User $user, Netmail $o): bool
{ {
$zones = $user->zc()->pluck('zone') $addresses = $user->addresses()->pluck('id');
//->merge($user->rc()->pluck('zone'))
//->merge($user->nc()->pluck('zone'))
//->merge($user->hub()->pluck('zone'))
->merge($user->points()->pluck('zone'));
// Site Admins can always view // Site Admins can always view
return ( return (
$user->isAdmin() $user->isAdmin()
|| ($zones->contains($o->fftn->zone)) || $user->isZC()
|| ($zones->contains($o->tftn->zone)) || ($addresses->contains($o->fftn_id))
|| ($addresses->contains($o->tftn_id))
); );
} }
} }

View File

@ -159,7 +159,7 @@ use App\Models\{Mailer,User};
<span class="input-group-text"><i class="bi bi-modem-fill"></i></span> <span class="input-group-text"><i class="bi bi-modem-fill"></i></span>
<input type="text" class="form-control text-end @error('mailer_details.'.$mo->id.'.port') is-invalid @enderror" id="mailer_port_{{ $mo->id }}" placeholder="Port" name="mailer_details[{{ $mo->id }}][port]" value="{{ old('mailer_details.'.$mo->id.'.port',$x?->pivot->port) }}" @cannot($action,$o)readonly @endcannot> <input type="text" class="form-control text-end @error('mailer_details.'.$mo->id.'.port') is-invalid @enderror" id="mailer_port_{{ $mo->id }}" placeholder="Port" name="mailer_details[{{ $mo->id }}][port]" value="{{ old('mailer_details.'.$mo->id.'.port',$x?->pivot->port) }}" @cannot($action,$o)readonly @endcannot>
<div class="input-group-text"> <div class="input-group-text">
<input type="checkbox" class="form-control-input" name="mailer_details[{{ $mo->id }}][active]" value="1" title="Active" @if(old('mailer_details.'.$mo->id.'.active',$x?->pivot->active))checked @endif> <input type="checkbox" class="form-control-input" name="mailer_details[{{ $mo->id }}][active]" value="1" title="Active" @if(old('mailer_details.'.$mo->id.'.active',$x?->pivot->active))checked @endif @cannot($action,$o)disabled @endcannot>
</div> </div>
<span class="invalid-feedback" role="alert"> <span class="invalid-feedback" role="alert">
@error('mailer_details.'.$mo->id.'.port') @error('mailer_details.'.$mo->id.'.port')
@ -177,7 +177,7 @@ use App\Models\{Mailer,User};
<label for="pkt_type" class="form-label">Mail Packet</label> <label for="pkt_type" class="form-label">Mail Packet</label>
<div class="input-group"> <div class="input-group">
<span class="input-group-text"><i class="bi bi-ui-radios"></i></span> <span class="input-group-text"><i class="bi bi-ui-radios"></i></span>
<select class="form-select @error('pkt_type') is-invalid @enderror" id="pkt_type" name="pkt_type" @cannot($action,$o)readonly @endcannot> <select class="form-select @error('pkt_type') is-invalid @enderror" id="pkt_type" name="pkt_type" @cannot($action,$o)disabled @endcannot>
@foreach (Packet::PACKET_TYPES as $type => $class) @foreach (Packet::PACKET_TYPES as $type => $class)
<option value="{{ $type }}" @if(old('pkt_type',$o->pkt_type ?: config('fido.packet_default')) === $type)selected @endif>{{ $type }}</option> <option value="{{ $type }}" @if(old('pkt_type',$o->pkt_type ?: config('fido.packet_default')) === $type)selected @endif>{{ $type }}</option>
@endforeach @endforeach
@ -217,7 +217,7 @@ use App\Models\{Mailer,User};
<label for="method" class="form-label">Connection Method</label> <label for="method" class="form-label">Connection Method</label>
<div class="input-group"> <div class="input-group">
<span class="input-group-text"><i class="bi bi-wifi"></i></span> <span class="input-group-text"><i class="bi bi-wifi"></i></span>
<select class="form-select @error('method') is-invalid @enderror" id="method" name="method" @cannot($action,$o)readonly @endcannot> <select class="form-select @error('method') is-invalid @enderror" id="method" name="method" @cannot($action,$o)disabled @endcannot>
<option></option> <option></option>
<option value="23" @if(old('method',$o->method) == 23)selected @endif>Telnet</option> <option value="23" @if(old('method',$o->method) == 23)selected @endif>Telnet</option>
<option value="22" @if(old('method',$o->method) == 22)selected @endif>SSH</option> <option value="22" @if(old('method',$o->method) == 22)selected @endif>SSH</option>
@ -303,6 +303,7 @@ use App\Models\{Mailer,User};
<div class="row"> <div class="row">
<div class="col-12"> <div class="col-12">
<div class="row p-0"> <div class="row p-0">
@can('admin',$o)
<div class="col-6"> <div class="col-6">
<label for="autohold" class="form-label">Auto Hold</label> <label for="autohold" class="form-label">Auto Hold</label>
<div class="input-group"> <div class="input-group">
@ -311,7 +312,6 @@ use App\Models\{Mailer,User};
</div> </div>
<!-- @todo This is only relevant for uplinks, so hide it if this system isnt an uplink --> <!-- @todo This is only relevant for uplinks, so hide it if this system isnt an uplink -->
@can('admin',$o)
<div class="col-6 @if((old('pollmode') === "0") || is_null($o->pollmode))d-none @endif" id="heartbeat_option"> <div class="col-6 @if((old('pollmode') === "0") || is_null($o->pollmode))d-none @endif" id="heartbeat_option">
<label for="heartbeat" class="form-label">Heartbeat <i class="bi bi-info-circle" title="Attempt contact after last seen"></i></label> <label for="heartbeat" class="form-label">Heartbeat <i class="bi bi-info-circle" title="Attempt contact after last seen"></i></label>
<div class="input-group has-validation"> <div class="input-group has-validation">
@ -438,7 +438,9 @@ use App\Models\{Mailer,User};
@else @else
<input type="hidden" name="system_id" value="{{ $o->id }}"> <input type="hidden" name="system_id" value="{{ $o->id }}">
<span><small><strong>NOTE:</strong> You'll be able to update these details after registration is completed.</small></span> <span><small><strong>NOTE:</strong> You'll be able to update these details after registration is completed.</small></span>
{{--
<button type="submit" class="btn btn-success float-end" name="submit" value="register">Register</button> <button type="submit" class="btn btn-success float-end" name="submit" value="register">Register</button>
--}}
@endcan @endcan
@else @else
<button type="submit" class="btn btn-success float-end" name="submit" value="create">Register</button> <button type="submit" class="btn btn-success float-end" name="submit" value="create">Register</button>