Skip to content

Introduced granulated Media Gallery ACL resources #29715

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 30 commits into from
Sep 11, 2020
Merged

Introduced granulated Media Gallery ACL resources #29715

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
771dc31
Introduce granulated Media Gallery ACL resources and enforce for old…
Nazar65 Aug 21, 2020
dd9bdda
Improve acl resources for new media gallery
Nazar65 Aug 28, 2020
989139f
Improve button visibility
Nazar65 Aug 28, 2020
239314d
Improve button visibility per allowed actions for user
Nazar65 Aug 28, 2020
eaa20f2
Merge branch '2.4-develop' of https://github.com/magento/magento2 int…
Nazar65 Aug 28, 2020
8cdcefd
Improve buttons visibility per user permission
Nazar65 Aug 28, 2020
43fd057
Code style improvements
Nazar65 Aug 28, 2020
dfa67b0
Static test fixes
Nazar65 Aug 28, 2020
8ef07f4
fix css static tests
Nazar65 Aug 28, 2020
3af8416
Fix composer json
Nazar65 Aug 29, 2020
7940f59
cover changes with mftf tests
Nazar65 Aug 30, 2020
e690a8d
Refactor mftf tests
Nazar65 Aug 31, 2020
4c085d7
Fix flaky mftf test
Nazar65 Aug 31, 2020
0e28c91
fix actiongroup to clear filters
Nazar65 Aug 31, 2020
80dae45
Fix flaky mftf tests
Nazar65 Aug 31, 2020
67636e7
magento/magento2#29715: Moved ACL to MediaGalleryApi
sivaschenko Sep 2, 2020
739e6dc
magento/magento2#29715: Moved ACL to MediaGalleryUiApi
sivaschenko Sep 3, 2020
68bc010
magento/magento2#29715: Enforced ACL for context menu and view details
sivaschenko Sep 3, 2020
0ad0630
magento/magento2#29715: Corrected ACL resource names
sivaschenko Sep 3, 2020
9ccfdc9
magento/magento2#29715: Added data upgrade script
sivaschenko Sep 3, 2020
7b58d97
Merge branch '2.4-develop' into ASI-1487
sivaschenko Sep 3, 2020
90c9dac
magento/magento2#29715: Corrected actions order
sivaschenko Sep 4, 2020
88a0150
Merge branch '2.4-develop' into ASI-1487
sivaschenko Sep 4, 2020
748eb4f
magento/magento2#29715: Corrected dependencies
sivaschenko Sep 4, 2020
b3d5255
magento/magento2#29715: Corrected standalone actions and upgrade script
sivaschenko Sep 4, 2020
0a6156f
magento/magento2#29715: Fixed upgrade
sivaschenko Sep 4, 2020
253bafb
magento/magento2#29715: Fixed tests
sivaschenko Sep 4, 2020
2448fd8
Merge branch '2.4-develop' into ASI-1487
sivaschenko Sep 4, 2020
cf288e6
Merge branch '2.4-develop' of github.com:magento/magento2 into ASI-1487
sivaschenko Sep 7, 2020
7296cdf
magento/magento2#29715: Removed redundant dependency
sivaschenko Sep 7, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/DeleteFolder.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@
namespace Magento\Cms\Controller\Adminhtml\Wysiwyg\Images;

use Magento\Framework\App\Action\HttpPostActionInterface;
use Magento\Framework\App\Filesystem\DirectoryList;

/**
* Delete image folder.
Expand Down
2 changes: 1 addition & 1 deletion app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/NewFolder.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ public function execute()
}
/** @var \Magento\Framework\Controller\Result\Json $resultJson */
$resultJson = $this->resultJsonFactory->create();

return $resultJson->setData($result);
}
}
2 changes: 1 addition & 1 deletion app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/Upload.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ public function execute()
}
/** @var \Magento\Framework\Controller\Result\Json $resultJson */
$resultJson = $this->resultJsonFactory->create();

return $resultJson->setData($response);
}
}
18 changes: 8 additions & 10 deletions ...gento/MediaGalleryCmsUi/Test/Mftf/Test/AdminMediaGalleryAssertUsedInLinkPagesGridTest.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,6 @@
<before>
<actionGroup ref="AdminLoginActionGroup" stepKey="login"/>
</before>
<after>
<actionGroup ref="ResetAdminDataGridToDefaultViewActionGroup" stepKey="resetAdminDataGridToDefaultView"/>
</after>

<actionGroup ref="AdminOpenCreateNewCMSPageActionGroup" stepKey="navigateToCreateNewPage"/>
<actionGroup ref="FillOutCustomCMSPageContentActionGroup" stepKey="fillBasicPageDataForPageWithDefaultStore">
<argument name="title" value="Unique page title MediaGalleryUi"/>
Expand All @@ -37,9 +33,13 @@
<actionGroup ref="AdminEnhancedMediaGalleryUploadImageActionGroup" stepKey="uploadImage">
<argument name="image" value="ImageUpload3"/>
</actionGroup>
<actionGroup ref="AdminMediaGalleryClickImageInGridActionGroup" stepKey="selectContentImageInGrid">
<argument name="imageName" value="{{ImageMetadata.title}}"/>
<actionGroup ref="AdminEnhancedMediaGalleryViewImageDetails" stepKey="viewImageDetails"/>
<actionGroup ref="AdminEnhancedMediaGalleryImageDetailsEditActionGroup" stepKey="editImage"/>
<actionGroup ref="AdminEnhancedMediaGalleryImageDetailsSaveActionGroup" stepKey="saveImage">
<argument name="image" value="UpdatedImageDetails"/>
</actionGroup>
<actionGroup ref="AdminEnhancedMediaGalleryCloseViewDetailsActionGroup" stepKey="closeViewDetails"/>

<actionGroup ref="AdminMediaGalleryClickAddSelectedActionGroup" stepKey="clickAddSelectedContentImage"/>
<click selector="{{CmsNewPagePageActionsSection.saveAndContinueEdit}}" stepKey="savePage"/>
<actionGroup ref="AdminOpenStandaloneMediaGalleryActionGroup" stepKey="openStandaloneMediaGallery"/>
Expand All @@ -48,21 +48,19 @@
<argument name="entityName" value="Pages"/>
</actionGroup>
<actionGroup ref="AdminAssertMediaGalleryFilterPlaceHolderGridActionGroup" stepKey="assertFilterApplied">
<argument name="filterPlaceholder" value="{{ImageMetadata.title}}"/>
<argument name="filterPlaceholder" value="{{UpdatedImageDetails.title}}"/>
</actionGroup>

<actionGroup ref="AdminDeleteCmsPageFromGridActionGroup" stepKey="deleteCmsPage">
<argument name="urlKey" value="test-page-1"/>
</actionGroup>

<actionGroup ref="AdminOpenStandaloneMediaGalleryActionGroup" stepKey="openMediaGallery"/>
<actionGroup ref="AdminEnhancedMediaGalleryViewImageDetails" stepKey="openViewImageDetailsToVerfifyEmptyUsedIn"/>
<actionGroup ref="AssertAdminEnhancedMediaGalleryUsedInSectionNotDisplayedActionGroup" stepKey="assertThereIsNoUsedInSection"/>
<actionGroup ref="AdminEnhancedMediaGalleryCloseViewDetailsActionGroup" stepKey="closeDetails"/>

<actionGroup ref="AdminEnhancedMediaGalleryEnableMassActionModeActionGroup" stepKey="enableMassActionToDeleteImages"/>
<actionGroup ref="AdminEnhancedMediaGallerySelectImageForMassActionActionGroup" stepKey="selectFirstImageToDelete">
<argument name="imageName" value="{{ImageMetadata.title}}"/>
<argument name="imageName" value="{{UpdatedImageDetails.title}}"/>
</actionGroup>
<actionGroup ref="AdminEnhancedMediaGalleryClickDeleteImagesButtonActionGroup" stepKey="clikDeleteSelectedButton"/>
<actionGroup ref="AdminEnhancedMediaGalleryConfirmDeleteImagesActionGroup" stepKey="deleteImages"/>
Expand Down
99 changes: 99 additions & 0 deletions app/code/Magento/MediaGalleryUi/Block/Adminhtml/ImageDetails.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
declare(strict_types=1);

namespace Magento\MediaGalleryUi\Block\Adminhtml;

use Magento\Backend\Block\Template;
use Magento\Directory\Helper\Data as DirectoryHelper;
use Magento\Framework\AuthorizationInterface;
use Magento\Framework\Json\Helper\Data as JsonHelper;
use Magento\Framework\Serialize\Serializer\Json;

/**
* Image details block
*
* @api
*/
class ImageDetails extends Template
{
/**
* @var AuthorizationInterface
*/
private $authorization;

/**
* @var Json
*/
private $json;

/**
* @param Template\Context $context
* @param AuthorizationInterface $authorization
* @param Json $json
* @param array $data
* @param JsonHelper|null $jsonHelper
* @param DirectoryHelper|null $directoryHelper
*/
public function __construct(
Template\Context $context,
AuthorizationInterface $authorization,
Json $json,
array $data = [],
?JsonHelper $jsonHelper = null,
?DirectoryHelper $directoryHelper = null
) {
$this->authorization = $authorization;
$this->json = $json;
parent::__construct($context, $data, $jsonHelper, $directoryHelper);
}

/**
* Retrieve actions json
*
* @return string
*/
public function getActionsJson(): string
{
$actions = [
[
'title' => __('Cancel'),
'handler' => 'closeModal',
'name' => 'cancel',
'classes' => 'action-default scalable cancel action-quaternary'
]
];

if ($this->authorization->isAllowed('Magento_MediaGalleryUiApi::delete_assets')) {
$actions[] = [
'title' => __('Delete Image'),
'handler' => 'deleteImageAction',
'name' => 'delete',
'classes' => 'action-default scalable delete action-quaternary'
];
}

if ($this->authorization->isAllowed('Magento_MediaGalleryUiApi::edit_assets')) {
$actions[] = [
'title' => __('Edit Details'),
'handler' => 'editImageAction',
'name' => 'edit',
'classes' => 'action-default scalable edit action-quaternary'
];
}

if ($this->authorization->isAllowed('Magento_MediaGalleryUiApi::insert_assets')) {
$actions[] = [
'title' => __('Add Image'),
'handler' => 'addImage',
'name' => 'add-image',
'classes' => 'scalable action-primary add-image-action'
];
}

return $this->json->serialize($actions);
}
}
90 changes: 90 additions & 0 deletions app/code/Magento/MediaGalleryUi/Block/Adminhtml/ImageDetailsStandalone.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
declare(strict_types=1);

namespace Magento\MediaGalleryUi\Block\Adminhtml;

use Magento\Backend\Block\Template;
use Magento\Directory\Helper\Data as DirectoryHelperData;
use Magento\Framework\AuthorizationInterface;
use Magento\Framework\Json\Helper\Data as JsonHelperData;
use Magento\Framework\Serialize\Serializer\Json;

/**
* Image details block
*
* @api
*/
class ImageDetailsStandalone extends Template
{
/**
* @var AuthorizationInterface
*/
private $authorization;

/**
* @var Json
*/
private $json;

/**
* @param Template\Context $context
* @param AuthorizationInterface $authorization
* @param Json $json
* @param array $data
* @param JsonHelperData|null $jsonHelper
* @param DirectoryHelperData|null $directoryHelper
*/
public function __construct(
Template\Context $context,
AuthorizationInterface $authorization,
Json $json,
array $data = [],
?JsonHelperData $jsonHelper = null,
?DirectoryHelperData $directoryHelper = null
) {
$this->authorization = $authorization;
$this->json = $json;
parent::__construct($context, $data, $jsonHelper, $directoryHelper);
}

/**
* Retrieve actions json
*
* @return string
*/
public function getActionsJson(): string
{
$standaloneActions = [
[
'title' => __('Cancel'),
'handler' => 'closeModal',
'name' => 'cancel',
'classes' => 'action-default scalable cancel action-quaternary'
]
];

if ($this->authorization->isAllowed('Magento_MediaGalleryUiApi::delete_assets')) {
$standaloneActions[] = [
'title' => __('Delete Image'),
'handler' => 'deleteImageAction',
'name' => 'delete',
'classes' => 'action-default scalable delete action-quaternary'
];
}

if ($this->authorization->isAllowed('Magento_MediaGalleryUiApi::edit_assets')) {
$standaloneActions[] = [
'title' => __('Edit Details'),
'handler' => 'editImageAction',
'name' => 'edit',
'classes' => 'action-default scalable edit action-quaternary'
];
}

return $this->json->serialize($standaloneActions);
}
}
2 changes: 1 addition & 1 deletion app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Directories/Create.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ class Create extends Action implements HttpPostActionInterface
/**
* @see _isAllowed()
*/
public const ADMIN_RESOURCE = 'Magento_Cms::media_gallery';
public const ADMIN_RESOURCE = 'Magento_MediaGalleryUiApi::create_folder';

/**
* @var CreateDirectoriesByPathsInterface
Expand Down
2 changes: 1 addition & 1 deletion app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Directories/Delete.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ class Delete extends Action implements HttpPostActionInterface
/**
* @see _isAllowed()
*/
public const ADMIN_RESOURCE = 'Magento_Cms::media_gallery';
public const ADMIN_RESOURCE = 'Magento_MediaGalleryUiApi::delete_folder';

/**
* @var DeleteAssetsByPathsInterface
Expand Down
2 changes: 1 addition & 1 deletion app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Image/Delete.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ class Delete extends Action implements HttpPostActionInterface
/**
* @see _isAllowed()
*/
public const ADMIN_RESOURCE = 'Magento_Cms::media_gallery';
public const ADMIN_RESOURCE = 'Magento_MediaGalleryUiApi::delete_assets';

/**
* @var DeleteImage
Expand Down
2 changes: 1 addition & 1 deletion app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Image/SaveDetails.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ class SaveDetails extends Action implements HttpPostActionInterface
/**
* @see _isAllowed()
*/
public const ADMIN_RESOURCE = 'Magento_Cms::media_gallery';
public const ADMIN_RESOURCE = 'Magento_MediaGalleryUiApi::edit_assets';

/**
* @var UpdateAsset
Expand Down
2 changes: 1 addition & 1 deletion app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Image/Upload.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ class Upload extends Action implements HttpPostActionInterface
/**
* @see _isAllowed()
*/
public const ADMIN_RESOURCE = 'Magento_Cms::media_gallery';
public const ADMIN_RESOURCE = 'Magento_MediaGalleryUiApi::upload_assets';

/**
* @var UploadImage
Expand Down
Loading