diff --git a/src/Api/Admin.php b/src/Api/Admin.php index 24bf5e6..39a139b 100644 --- a/src/Api/Admin.php +++ b/src/Api/Admin.php @@ -43,4 +43,52 @@ public function get_something($data): array return $result; } + + /** + * An example that checks if the staff member has permission to the `do_something` permission key. + * + * @return bool + */ + public function can_do_something($data) + { + // First, get an instance of the staff module + $staff_service = $this->di['mod_service']('Staff'); + + /* Next, we use the staff module to check if the current staff member has permission. + * We pass `null` to the first parameter to tell it to check against current staff member + * The second parameter `example` is the name of the module + * The third parameter is the name of the permission key we are checking (`do_something`) + */ + if (!$staff_service->hasPermission(null, 'example', 'do_something')) { + throw new \FOSSBilling\InformationException('You do not have permission to perform this action', [], 403); + } + + return true; + } + + + /** + * An example that checks if the staff member has permission to the `a_select` permission key depending on the specific constraint set. + * + * @return bool + */ + public function check_select($data) + { + $data['constraint'] ??= 'value_1'; + + // First, get an instance of the staff module + $staff_service = $this->di['mod_service']('Staff'); + + /* Next, we use the staff module to check if the current staff member has permission. + * We pass `null` to the first parameter to tell it to check against current staff member + * The second parameter `example` is the name of the module + * The third parameter is the name of the permission key we are checking (`a_select`) + * The final parameter is the contraint we want to apply for the staff member's permission. When using the select type pemission, this is how you check if they have a specific one. (`value_1` for example) + */ + if (!$staff_service->hasPermission(null, 'example', 'a_select', $data['constraint'])) { + throw new \FOSSBilling\InformationException('You do not have permission to perform this action', [], 403); + } + + return true; + } } diff --git a/src/Service.php b/src/Service.php index 003bb5b..21ded66 100644 --- a/src/Service.php +++ b/src/Service.php @@ -32,6 +32,37 @@ public function setDi(\Pimple\Container|null $di): void $this->di = $di; } + /** + * Any module may define this function to return an array of permission keys that are related to it. + * You may define either a `bool` or a `select` permission type. + * Modules do not need to define this function. + * + * We've included an example of how to check the permissions under the `/api/Admin.php` file and some front-end usage under `/html_admin/mod_example_index.html.twig` + * + * @return array + */ + public function getModulePermissions(): array + { + return [ + 'do_something' => [ + 'type' => 'bool', + 'display_name' => 'Do something', + 'description' => 'Allows the staff member to do something', + ], + 'a_select' => [ + 'type' => 'select', + 'display_name' => 'A select', + 'description' => 'This is an example of the select permission type', + 'options' => [ + 'value_1' => 'Value 1', + 'value_2' => 'Value 2', + 'value_3' => 'Value 3', + ] + ], + 'manage_settings' => [], // Tells FOSSBilling that there should be a permission key to manage the module's settings (admin/extension/settings/example) + ]; + } + /** * Method to install the module. In most cases you will use this * to create database tables for your module. diff --git a/src/html_admin/mod_example_index.html.twig b/src/html_admin/mod_example_index.html.twig index 9746d23..ab941d4 100644 --- a/src/html_admin/mod_example_index.html.twig +++ b/src/html_admin/mod_example_index.html.twig @@ -6,8 +6,8 @@ {% block content %}
-
-

Example module for developers

+
+

Example module for developers

@@ -24,7 +24,23 @@
- {# Check if example parameters passed to template file #} +
+

Permission tests

+
+
+

Check if you have permission to do "something"

+ + +

Check if you are assigned a specific option from a "select" permission type.

+ + +
+ + {# Check if example parameters passed to the template file #} {% if youparamname %}
{{ 'Parameters from Controller'|trans }}
@@ -34,37 +50,60 @@
{% endif %} - {# Check if example parameters passed to template file #} + {# Check if example parameters passed to the template file #} {% if userid %} -
-
{{ 'Parameters from URL'|trans }}
-
-
-

You have passed parameter userid: {{ userid }}

-
+
+
{{ 'Parameters from URL'|trans }}
+
+
+

You have passed parameter userid: {{ userid }}

+
{% endif %} {% if api_example %} - {# API example #} -
-
{{ 'API example'|trans }}
-
-
-
Data from API and passed to template from controller
- 
{{ dump(list_from_controller) }}
+ {# API example #} +
+
{{ 'API example'|trans }}
+
+
+
Data from API and passed to the template from the controller
+ 
{{ dump(list_from_controller) }}
-
Data from API accessed directly from template file
- {% set list = admin.example_get_something({"microsoft":1}) %} - 
{{ dump(list) }}
-
+
Data from API accessed directly from the template file
+ {% set list = admin.example_get_something({"microsoft":1}) %} + 
{{ dump(list) }}
+
{% endif %} -
-
{{ 'README'|trans }}
+
+
{{ 'README'|trans }}
{{ guest.example_readme | markdown }}
+ + {% endblock %} diff --git a/src/manifest.json b/src/manifest.json index 751011b..6dd87f7 100644 --- a/src/manifest.json +++ b/src/manifest.json @@ -1,5 +1,5 @@ { - "id": "Example", + "id": "example", "type": "mod", "name": "Example", "description": "An example module for developers to get started",