From 7c0a752e5b9340b70e8e70ae663b5e5156b8f617 Mon Sep 17 00:00:00 2001 From: Monish Deb Date: Fri, 20 May 2022 09:31:47 +0530 Subject: [PATCH] Fix Joomla4-CiviCRM ACL page --- libraries/joomla/form/fields/civiperms.php | 132 +++++++++++++-------- 1 file changed, 82 insertions(+), 50 deletions(-) diff --git a/libraries/joomla/form/fields/civiperms.php b/libraries/joomla/form/fields/civiperms.php index 26a90bea..6073e8a0 100644 --- a/libraries/joomla/form/fields/civiperms.php +++ b/libraries/joomla/form/fields/civiperms.php @@ -2,8 +2,12 @@ defined('JPATH_PLATFORM') or die; -// for some reason Joomla doesn't autoload JFormFieldRules in this context -require_once JPATH_SITE . '/libraries/joomla/form/fields/rules.php'; +if (version_compare(JVERSION, '4.0.0', 'lt') && file_exists(JPATH_SITE . '/libraries/joomla/form/fields/rules.php')) { + require_once JPATH_SITE . '/libraries/joomla/form/fields/rules.php'; +} + +use Joomla\CMS\Access\Access; +use Joomla\CMS\Language\Text; class JFormFieldCiviperms extends JFormFieldRules { @@ -49,16 +53,16 @@ protected function getInput() { // Add Javascript for permission change JHtml::_('script', 'system/permissions.js', array('version' => 'auto', 'relative' => true)); // Load JavaScript message titles - JText::script('ERROR'); - JText::script('WARNING'); - JText::script('NOTICE'); - JText::script('MESSAGE'); + Text::script('ERROR'); + Text::script('WARNING'); + Text::script('NOTICE'); + Text::script('MESSAGE'); // Add strings for JavaScript error translations. - JText::script('JLIB_JS_AJAX_ERROR_CONNECTION_ABORT'); - JText::script('JLIB_JS_AJAX_ERROR_NO_CONTENT'); - JText::script('JLIB_JS_AJAX_ERROR_OTHER'); - JText::script('JLIB_JS_AJAX_ERROR_PARSE'); - JText::script('JLIB_JS_AJAX_ERROR_TIMEOUT'); + Text::script('JLIB_JS_AJAX_ERROR_CONNECTION_ABORT'); + Text::script('JLIB_JS_AJAX_ERROR_NO_CONTENT'); + Text::script('JLIB_JS_AJAX_ERROR_OTHER'); + Text::script('JLIB_JS_AJAX_ERROR_PARSE'); + Text::script('JLIB_JS_AJAX_ERROR_TIMEOUT'); // Initialise some field attributes. $section = $this->section; $assetField = $this->assetField; @@ -66,17 +70,7 @@ protected function getInput() { // Current view is global config? $isGlobalConfig = $component === 'root.1'; // CRM-12059: Get the list of permissions for CiviCRM core and extensions. - $actions = self::getCiviperms($component, $section); - // Iterate over the children and add to the actions. - foreach ($this->element->children() as $el) { - if ($el->getName() == 'action') { - $actions[] = (object) array( - 'name' => (string) $el['name'], - 'title' => (string) $el['title'], - 'description' => (string) $el['description'], - ); - } - } + $actions = self::getCiviperms($component, $section, $this->element->children()); // Get the asset id. // Note that for global configuration, com_config injects asset_id = 1 into the form. $assetId = $this->form->getValue($assetField); @@ -112,15 +106,36 @@ protected function getInput() { } // Full width format. // Get the rules for just this asset (non-recursive). - $assetRules = JAccess::getAssetRules($assetId, false, false); + $assetRules = Access::getAssetRules($assetId, false, false); // Get the available user groups. $groups = $this->getUserGroups(); + + if (version_compare(JVERSION, '4.0.0', 'ge')) { + $extraData = array( + 'groups', + 'section', + 'actions', + 'assetId', + 'newItem', + 'assetRules', + 'isGlobalConfig', + 'parentAssetId', + 'component', + ); + foreach ($extraData as $data) { + $this->$data = $$data; + } + // Trim the trailing line in the layout file + return trim($this->getRenderer($this->layout)->render($this->getLayoutData())); + } + // Ajax request data. $ajaxUri = JRoute::_('index.php?option=com_config&task=config.store&format=json&' . JSession::getFormToken() . '=1'); + // Prepare output $html = array(); // Description - $html[] = '

' . JText::_('JLIB_RULES_SETTINGS_DESC') . '

'; + $html[] = '

' . Text::_('JLIB_RULES_SETTINGS_DESC') . '

'; // Begin tabs $html[] = '
'; // Building tab nav @@ -145,32 +160,32 @@ protected function getInput() { $html[] = ''; $html[] = ''; $html[] = ''; - $html[] = '' . JText::_('JLIB_RULES_ACTION') . ''; + $html[] = '' . Text::_('JLIB_RULES_ACTION') . ''; $html[] = ''; $html[] = ''; - $html[] = '' . JText::_('JLIB_RULES_SELECT_SETTING') . ''; + $html[] = '' . Text::_('JLIB_RULES_SELECT_SETTING') . ''; $html[] = ''; $html[] = ''; - $html[] = '' . JText::_('JLIB_RULES_CALCULATED_SETTING') . ''; + $html[] = '' . Text::_('JLIB_RULES_CALCULATED_SETTING') . ''; $html[] = ''; $html[] = ''; $html[] = ''; $html[] = ''; // Check if this group has super user permissions - $isSuperUserGroup = JAccess::checkGroup($group->value, 'core.admin'); + $isSuperUserGroup = Access::checkGroup($group->value, 'core.admin'); foreach ($actions as $action) { $html[] = ''; $html[] = ''; $html[] = ''; $html[] = ''; $html[] = ''; $html[] = '  '; $html[] = ''; @@ -194,13 +209,13 @@ protected function getInput() { $html[] = ''; $result = array(); // Get the group, group parent id, and group global config recursive calculated permission for the chosen action. - $inheritedGroupRule = JAccess::checkGroup((int) $group->value, $action->name, $assetId); - $inheritedGroupParentAssetRule = !empty($parentAssetId) ? JAccess::checkGroup($group->value, $action->name, $parentAssetId) : null; - $inheritedParentGroupRule = !empty($group->parent_id) ? JAccess::checkGroup($group->parent_id, $action->name, $assetId) : null; + $inheritedGroupRule = Access::checkGroup((int) $group->value, $action->name, $assetId); + $inheritedGroupParentAssetRule = !empty($parentAssetId) ? Access::checkGroup($group->value, $action->name, $parentAssetId) : null; + $inheritedParentGroupRule = !empty($group->parent_id) ? Access::checkGroup($group->parent_id, $action->name, $assetId) : null; // Current group is a Super User group, so calculated setting is "Allowed (Super User)". if ($isSuperUserGroup) { $result['class'] = 'label label-success'; - $result['text'] = '' . JText::_('JLIB_RULES_ALLOWED_ADMIN'); + $result['text'] = '' . Text::_('JLIB_RULES_ALLOWED_ADMIN'); } // Not super user. else { @@ -208,12 +223,12 @@ protected function getInput() { // If recursive calculated setting is "Denied" or null. Calculated permission is "Not Allowed (Inherited)". if ($inheritedGroupRule === null || $inheritedGroupRule === false) { $result['class'] = 'label label-important'; - $result['text'] = JText::_('JLIB_RULES_NOT_ALLOWED_INHERITED'); + $result['text'] = Text::_('JLIB_RULES_NOT_ALLOWED_INHERITED'); } // If recursive calculated setting is "Allowed". Calculated permission is "Allowed (Inherited)". else { $result['class'] = 'label label-success'; - $result['text'] = JText::_('JLIB_RULES_ALLOWED_INHERITED'); + $result['text'] = Text::_('JLIB_RULES_ALLOWED_INHERITED'); } // Second part: Overwrite the calculated permissions labels if there is an explicit permission in the current group. /** @@ -224,18 +239,18 @@ protected function getInput() { // If there is an explicit permission "Not Allowed". Calculated permission is "Not Allowed". if ($assetRule === false) { $result['class'] = 'label label-important'; - $result['text'] = JText::_('JLIB_RULES_NOT_ALLOWED'); + $result['text'] = Text::_('JLIB_RULES_NOT_ALLOWED'); } // If there is an explicit permission is "Allowed". Calculated permission is "Allowed". elseif ($assetRule === true) { $result['class'] = 'label label-success'; - $result['text'] = JText::_('JLIB_RULES_ALLOWED'); + $result['text'] = Text::_('JLIB_RULES_ALLOWED'); } // Third part: Overwrite the calculated permissions labels for special cases. // Global configuration with "Not Set" permission. Calculated permission is "Not Allowed (Default)". if (empty($group->parent_id) && $isGlobalConfig === true && $assetRule === null) { $result['class'] = 'label label-important'; - $result['text'] = JText::_('JLIB_RULES_NOT_ALLOWED_DEFAULT'); + $result['text'] = Text::_('JLIB_RULES_NOT_ALLOWED_DEFAULT'); } /** * Component/Item with explicit "Denied" permission at parent Asset (Category, Component or Global config) configuration. @@ -244,7 +259,7 @@ protected function getInput() { */ elseif ($inheritedGroupParentAssetRule === false || $inheritedParentGroupRule === false) { $result['class'] = 'label label-important'; - $result['text'] = '' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED'); + $result['text'] = '' . Text::_('JLIB_RULES_NOT_ALLOWED_LOCKED'); } } $html[] = '' . $result['text'] . ''; @@ -258,26 +273,31 @@ protected function getInput() { $html[] = '
'; $html[] = '
'; if ($section === 'component' || !$section) { - $html[] = JText::_('JLIB_RULES_SETTING_NOTES'); + $html[] = Text::_('JLIB_RULES_SETTING_NOTES'); } else { - $html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM'); + $html[] = Text::_('JLIB_RULES_SETTING_NOTES_ITEM'); } $html[] = '
'; return implode("\n", $html); } /** - * Wrapper around JAccess::getActions() to retrieve CiviCRM extension as well + * Wrapper around Access::getActionsFromFile() in Joomla 4 / Access::getActions in Joomla 3 to retrieve CiviCRM extension as well * as core permissions. * * @param type $component - * @see JAccess::getActions() + * @see Access::getActions() * @param type $section - * @see JAccess::getActions() + * @see Access::getActions() */ - private static function getCiviperms($component, $section) { - $actions = JAccess::getActions($component, $section); + private static function getCiviperms($component, $section, $elements) { + if (version_compare(JVERSION, '4.0.0', 'ge')) { + $actions = Access::getActionsFromFile(JPATH_ADMINISTRATOR . "/components/{$component}/access.xml", "/access/section[@name='{$section}']/"); + } + else { + $actions = Access::getActions($component, $section); + } $extPerms = self::$civiConfig->userPermissionClass->getAllModulePermissions(TRUE); foreach ($extPerms as $key => $perm) { @@ -288,6 +308,18 @@ private static function getCiviperms($component, $section) { 'description' => $perm[1], ); } + + // Iterate over the children and add to the actions. + foreach ($elements as $el) { + if ($el->getName() == 'action') { + $actions[] = (object) array( + 'name' => (string) $el['name'], + 'title' => (string) $el['title'], + 'description' => (string) $el['description'], + ); + } + } + return $actions; }