viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-06-28 15:06:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

restrictedMode

Browse Source
This commit is contained in:
yuri
2015-07-27 11:02:42 +03:00
parent f74959ab00
commit c6542c0698
10 changed files with 64 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
application/Espo/Controllers/Admin.php
View File

@@ -57,6 +57,11 @@ class Admin extends \Espo\Core\Controllers\Base
public function actionUploadUpgradePackage($params, $data)
{
if ($this->getConfig('restrictedMode')) {
if (!$this->getUser()->get('isSuperAdmin')) {
throw new Forbidden();
}
}
$upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());
$upgradeId = $upgradeManager->upload($data);
@@ -70,8 +75,13 @@ class Admin extends \Espo\Core\Controllers\Base
public function actionRunUpgrade($params, $data)
{
$upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());
if ($this->getConfig('restrictedMode')) {
if (!$this->getUser()->get('isSuperAdmin')) {
throw new Forbidden();
}
}
$upgradeManager = new \Espo\Core\UpgradeManager($this->getContainer());
$upgradeManager->install($data);
return true;

24
application/Espo/Controllers/Extension.php
View File

@@ -58,6 +58,11 @@ class Extension extends \Espo\Core\Controllers\Record
if (!$request->isPost()) {
throw new Forbidden();
}
if ($this->getConfig('restrictedMode')) {
if (!$this->getUser()->get('isSuperAdmin')) {
throw new Forbidden();
}
}
$manager = new \Espo\Core\ExtensionManager($this->getContainer());
@@ -71,11 +76,14 @@ class Extension extends \Espo\Core\Controllers\Record
if (!$request->isPost()) {
throw new Forbidden();
}
if ($this->getConfig('restrictedMode')) {
if (!$this->getUser()->get('isSuperAdmin')) {
throw new Forbidden();
}
}
$manager = new \Espo\Core\ExtensionManager($this->getContainer());
$manager->uninstall($data);
return true;
}
@@ -99,12 +107,18 @@ class Extension extends \Espo\Core\Controllers\Record
throw new Forbidden();
}
public function actionDelete($params)
public function actionDelete($params, $data, $request)
{
if (!$request->isDelete()) {
throw BadRequest();
}
if ($this->getConfig('restrictedMode')) {
if (!$this->getUser()->get('isSuperAdmin')) {
throw new Forbidden();
}
}
$manager = new \Espo\Core\ExtensionManager($this->getContainer());
$manager->delete($params);
return true;
}

1
application/Espo/Core/defaults/config.php
View File

@@ -101,6 +101,7 @@ return array (
'maxEmailAccountCount' => 2,
'followCreatedEntities' => false,
'b2cMode' => false,
'restrictedMode' => false,
'isInstalled' => false,
);

3
application/Espo/Core/defaults/systemConfig.php
View File

@@ -84,7 +84,8 @@ return array (
'permissionMap',
'permissionRules',
'passwordSalt',
'cryptKey'
'cryptKey',
'restrictedMode'
),
'adminItems' =>
array (

4
application/Espo/Resources/metadata/entityDefs/Settings.json
View File

@@ -232,6 +232,10 @@
"type": "bool",
"default": false,
"tooltip": true
},
"restrictedMode": {
"type": "bool",
"default": false
}
}
}

8
application/Espo/Resources/metadata/entityDefs/User.json
View File

@@ -18,7 +18,8 @@
"password": {
"type": "password",
"maxLength": 150,
"internal": true
"internal": true,
"disabled": true
},
"salutationName": {
"type": "enum",
@@ -40,6 +41,11 @@
"tooltip": true,
"default": true
},
"isSuperAdmin": {
"type": "bool",
"default": false,
"disabled": true
},
"title": {
"type": "varchar",
"maxLength": 100

3
application/Espo/SelectManagers/User.php
View File

@@ -32,6 +32,9 @@ class User extends \Espo\Core\SelectManagers\Base
'isActive' => true
);
}
$result['whereClause'][] = array(
'isSuperAdmin' => false
);
}
protected function filterActive(&$result)

13
application/Espo/Services/User.php
View File

@@ -61,6 +61,9 @@ class User extends Record
}
$entity = parent::getEntity($id);
if ($entity->get('isSuperAdmin') && !$this->getUser()->get('isSuperAdmin')) {
throw new Forbidden();
}
return $entity;
}
@@ -86,6 +89,10 @@ class User extends Record
throw new NotFound();
}
if ($user->get('isSuperAdmin') && !$this->getUser()->get('isSuperAdmin')) {
throw new Forbidden();
}
if (empty($password)) {
throw new Error('Password can\'t be empty.');
}
@@ -196,6 +203,9 @@ class User extends Record
$newPassword = $data['password'];
$data['password'] = $this->hashPassword($data['password']);
}
if (!$this->getUser()->get('isSuperAdmin')) {
unset($data['isSuperAdmin']);
}
$user = parent::createEntity($data);
if (!is_null($newPassword)) {
@@ -221,6 +231,9 @@ class User extends Record
if ($id == $this->getUser()->id) {
unset($data['isActive']);
}
if (!$this->getUser()->get('isSuperAdmin')) {
unset($data['isSuperAdmin']);
}
$user = parent::updateEntity($id, $data);
if (!is_null($newPassword)) {

2
frontend/client/res/templates/admin/index.tpl
View File

@@ -17,7 +17,7 @@
{{/each}}
</div>
<div class="col-md-5">
<iframe src="//espocrm.com/news" style="width: 100%; height: 840px;" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>
<iframe src="{{iframeUrl}}" style="width: 100%; height: 840px;" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>
</div>
</div>

4
frontend/client/src/views/admin/index.js
View File

@@ -26,12 +26,14 @@ Espo.define('views/admin/index', 'view', function (Dep) {
data: function () {
return {
links: this.links
links: this.links,
iframeUrl: this.iframeUrl
};
},
setup: function () {
this.links = this.getMetadata().get('app.adminPanel');
this.iframeUrl = '//espocrm.com/news';
},
updatePageTitle: function () {