From 5d23cbf0ccc17ad984da240adf9fdde6adc56dbd Mon Sep 17 00:00:00 2001
From: Deon George <deon@dege.au>
Date: Thu, 1 May 2025 12:12:09 +0930
Subject: [PATCH] If a user doesnt have permission to see an entries attributes
 - but can see the entry, disable edit and dont attempt to render. Further, if
 they cant see the objectclasses, dont make additional attributes available

---
 app/Http/Controllers/HomeController.php |  8 ++++----
 app/Ldap/Entry.php                      |  9 +++++----
 resources/views/frames/dn.blade.php     | 10 ++++++++--
 3 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/app/Http/Controllers/HomeController.php b/app/Http/Controllers/HomeController.php
index b0628cf4..d19deac4 100644
--- a/app/Http/Controllers/HomeController.php
+++ b/app/Http/Controllers/HomeController.php
@@ -397,10 +397,10 @@ class HomeController extends Controller
 				->with('o',$o)
 				->with('page_actions',collect([
 					'copy'=>FALSE,
-					'create'=>TRUE,
-					'delete'=>TRUE,
-					'edit'=>TRUE,
-					'export'=>TRUE,
+					'create'=>($x=($o->getObjects()->except('entryuuid')->count() > 0)),
+					'delete'=>$x,
+					'edit'=>$x,
+					'export'=>$x,
 				])),
 
 			'import' => $view,
diff --git a/app/Ldap/Entry.php b/app/Ldap/Entry.php
index eb2a97ba..3fc735fc 100644
--- a/app/Ldap/Entry.php
+++ b/app/Ldap/Entry.php
@@ -274,7 +274,7 @@ class Entry extends Model
 	{
 		$result = collect();
 
-		foreach ($this->getObject('objectclass')->values as $oc)
+		foreach (($this->getObject('objectclass')?->values ?: []) as $oc)
 			$result = $result->merge(config('server')->schema('objectclasses',$oc)->attributes);
 
 		return $result;
@@ -439,9 +439,10 @@ class Entry extends Model
 	 */
 	public function icon(): string
 	{
-		$objectclasses = $this->getObject('objectclass')
-			->tagValues()
-			->map(fn($item)=>strtolower($item));
+		$objectclasses = ($x=$this->getObject('objectclass'))
+			? $x->tagValues()
+				->map(fn($item)=>strtolower($item))
+			: collect();
 
 		// Return icon based upon objectClass value
 		if ($objectclasses->intersect([
diff --git a/resources/views/frames/dn.blade.php b/resources/views/frames/dn.blade.php
index ef19cb0b..711beccd 100644
--- a/resources/views/frames/dn.blade.php
+++ b/resources/views/frames/dn.blade.php
@@ -88,8 +88,14 @@
 							<div class="card-header border-bottom-0">
 								<div class="btn-actions-pane-right">
 									<div role="group" class="btn-group-sm nav btn-group">
-										@foreach($langtags->prepend(Entry::TAG_NOTAG)->push('+') as $tag)
-											<a data-bs-toggle="tab" href="#tab-lang-{{ $tag ?: '_default' }}" class="btn btn-outline-light border-dark-subtle @if(! $loop->index) active @endif @if($loop->last)ndisabled @endif">
+										@php
+											$langtags->prepend(Entry::TAG_NOTAG);
+											if (isset($page_actions) && $page_actions->get('edit'))
+												$langtags->push('+');
+										@endphp
+
+										@foreach($langtags as $tag)
+											<a data-bs-toggle="tab" href="#tab-lang-{{ $tag ?: '_default' }}" @class(['btn','btn-outline-light','border-dark-subtle','active'=>!$loop->index])>
 												@switch($tag)
 													@case(Entry::TAG_NOTAG)
 														<i class="fas fa-fw fa-border-none" data-bs-toggle="tooltip" data-bs-custom-class="custom-tooltip" title="@lang('No Lang Tag')"></i>