From 4ca93c4fd8f8ff0eeb521f79d4755248cbe2b953 Mon Sep 17 00:00:00 2001 From: Duncan McClean Date: Sat, 19 Dec 2020 18:59:23 +0000 Subject: [PATCH 1/5] Read-only Publish toggle on Entries --- resources/js/components/entries/PublishForm.vue | 3 ++- resources/views/entries/edit.blade.php | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/resources/js/components/entries/PublishForm.vue b/resources/js/components/entries/PublishForm.vue index c4075d6f6e..62e3e1634d 100644 --- a/resources/js/components/entries/PublishForm.vue +++ b/resources/js/components/entries/PublishForm.vue @@ -121,7 +121,7 @@
@@ -297,6 +297,7 @@ export default { revisionsEnabled: Boolean, preloadedAssets: Array, canEditBlueprint: Boolean, + canManagePublishState: Boolean, createAnotherUrl: String, listingUrl: String, }, diff --git a/resources/views/entries/edit.blade.php b/resources/views/entries/edit.blade.php index c3640782df..a2f870b824 100644 --- a/resources/views/entries/edit.blade.php +++ b/resources/views/entries/edit.blade.php @@ -30,6 +30,7 @@ :preloaded-assets="{{ json_encode($preloadedAssets) }}" :breadcrumbs="{{ $breadcrumbs->toJson() }}" :can-edit-blueprint="{{ $str::bool($user->can('configure fields')) }}" + :can-manage-publish-state="{{ $str::bool($user->can('publish '.$collection.' entries')) }}" create-another-url="{{ cp_route('collections.entries.create', [$collection, $locale]) }}" listing-url="{{ cp_route('collections.show', $collection) }}" > From 9f80910eb703156f8a7c1762af7a3b1021039302 Mon Sep 17 00:00:00 2001 From: Jason Varga Date: Tue, 5 Jan 2021 15:08:48 -0500 Subject: [PATCH 2/5] Prevent publish state changes on server side, and add placeholder test --- src/Http/Controllers/CP/Collections/EntriesController.php | 2 +- tests/Feature/Entries/UpdateEntryTest.php | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/Http/Controllers/CP/Collections/EntriesController.php b/src/Http/Controllers/CP/Collections/EntriesController.php index 131b90c523..e52fcfa148 100644 --- a/src/Http/Controllers/CP/Collections/EntriesController.php +++ b/src/Http/Controllers/CP/Collections/EntriesController.php @@ -189,7 +189,7 @@ public function update(Request $request, $collection, $entry) ->user(User::current()) ->save(); } else { - if (! $entry->revisionsEnabled()) { + if (! $entry->revisionsEnabled() && User::current()->can('publish', $entry)) { $entry->published($request->published); } diff --git a/tests/Feature/Entries/UpdateEntryTest.php b/tests/Feature/Entries/UpdateEntryTest.php index 480a55ab09..5d4fd958bf 100644 --- a/tests/Feature/Entries/UpdateEntryTest.php +++ b/tests/Feature/Entries/UpdateEntryTest.php @@ -177,6 +177,14 @@ public function validation_error_returns_back() ], $entry->data()); } + /** @test */ + public function user_without_permission_to_manage_publish_state_cannot_change_publish_status() + { + // when revisions are disabled + + $this->markTestIncomplete(); + } + private function save($entry, $payload) { return $this->patch($entry->updateUrl(), $payload); From 3ab47a79e89d12ab7d3d27ccc22095f83f9e3cc9 Mon Sep 17 00:00:00 2001 From: Jason Varga Date: Tue, 5 Jan 2021 15:21:08 -0500 Subject: [PATCH 3/5] Apply to create form --- resources/js/components/entries/BaseCreateForm.vue | 2 ++ resources/views/entries/create.blade.php | 1 + tests/Feature/Entries/StoreEntryTest.php | 8 ++++++++ 3 files changed, 11 insertions(+) diff --git a/resources/js/components/entries/BaseCreateForm.vue b/resources/js/components/entries/BaseCreateForm.vue index 358de8d486..ca80e9cd0f 100644 --- a/resources/js/components/entries/BaseCreateForm.vue +++ b/resources/js/components/entries/BaseCreateForm.vue @@ -17,6 +17,7 @@ :revisions-enabled="revisions" :breadcrumbs="breadcrumbs" :initial-site="site" + :can-manage-publish-state="canManagePublishState" :create-another-url="createAnotherUrl" :listing-url="listingUrl" @saved="saved" @@ -37,6 +38,7 @@ export default { 'revisions', 'breadcrumbs', 'site', + 'canManagePublishState', 'createAnotherUrl', 'listingUrl', ], diff --git a/resources/views/entries/create.blade.php b/resources/views/entries/create.blade.php index 7250140252..c7a880b62e 100644 --- a/resources/views/entries/create.blade.php +++ b/resources/views/entries/create.blade.php @@ -16,6 +16,7 @@ site="{{ $locale }}" create-another-url="{{ cp_route('collections.entries.create', [$collection, $locale, 'blueprint' => $blueprint['handle']]) }}" listing-url="{{ cp_route('collections.show', $collection) }}" + :can-manage-publish-state="{{ Statamic\Support\Str::bool($user->can('publish '.$collection.' entries')) }}" > @endsection diff --git a/tests/Feature/Entries/StoreEntryTest.php b/tests/Feature/Entries/StoreEntryTest.php index 41e9930186..efd083c009 100644 --- a/tests/Feature/Entries/StoreEntryTest.php +++ b/tests/Feature/Entries/StoreEntryTest.php @@ -114,6 +114,14 @@ public function validation_error_returns_back() $this->assertCount(0, Entry::all()); } + /** @test */ + public function user_without_permission_to_manage_publish_state_cannot_change_publish_status() + { + // when revisions are disabled + + $this->markTestIncomplete(); + } + private function store($payload) { return $this->post(cp_route('collections.entries.store', ['blog', 'en']), $payload); From 1062d239b6c7535624f94dcf198e46df726f3b25 Mon Sep 17 00:00:00 2001 From: Jason Varga Date: Tue, 5 Jan 2021 15:21:24 -0500 Subject: [PATCH 4/5] Use the policy syntax --- resources/views/entries/edit.blade.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/views/entries/edit.blade.php b/resources/views/entries/edit.blade.php index a2f870b824..ed805076b8 100644 --- a/resources/views/entries/edit.blade.php +++ b/resources/views/entries/edit.blade.php @@ -30,7 +30,7 @@ :preloaded-assets="{{ json_encode($preloadedAssets) }}" :breadcrumbs="{{ $breadcrumbs->toJson() }}" :can-edit-blueprint="{{ $str::bool($user->can('configure fields')) }}" - :can-manage-publish-state="{{ $str::bool($user->can('publish '.$collection.' entries')) }}" + :can-manage-publish-state="{{ $str::bool($user->can('publish', $entry)) }}" create-another-url="{{ cp_route('collections.entries.create', [$collection, $locale]) }}" listing-url="{{ cp_route('collections.show', $collection) }}" > From 30e0c95c7135d19cdfe25682c4187ec804156184 Mon Sep 17 00:00:00 2001 From: Jason Varga Date: Tue, 5 Jan 2021 16:36:34 -0500 Subject: [PATCH 5/5] Use props so it works within the entires fieldtype stack --- resources/views/entries/create.blade.php | 2 +- resources/views/entries/edit.blade.php | 2 +- src/Fieldtypes/Entries.php | 1 + src/Http/Controllers/CP/Collections/EntriesController.php | 2 ++ 4 files changed, 5 insertions(+), 2 deletions(-) diff --git a/resources/views/entries/create.blade.php b/resources/views/entries/create.blade.php index c7a880b62e..80d3edc93a 100644 --- a/resources/views/entries/create.blade.php +++ b/resources/views/entries/create.blade.php @@ -16,7 +16,7 @@ site="{{ $locale }}" create-another-url="{{ cp_route('collections.entries.create', [$collection, $locale, 'blueprint' => $blueprint['handle']]) }}" listing-url="{{ cp_route('collections.show', $collection) }}" - :can-manage-publish-state="{{ Statamic\Support\Str::bool($user->can('publish '.$collection.' entries')) }}" + :can-manage-publish-state="{{ Statamic\Support\Str::bool($canManagePublishState) }}" > @endsection diff --git a/resources/views/entries/edit.blade.php b/resources/views/entries/edit.blade.php index ed805076b8..187d90a958 100644 --- a/resources/views/entries/edit.blade.php +++ b/resources/views/entries/edit.blade.php @@ -30,7 +30,7 @@ :preloaded-assets="{{ json_encode($preloadedAssets) }}" :breadcrumbs="{{ $breadcrumbs->toJson() }}" :can-edit-blueprint="{{ $str::bool($user->can('configure fields')) }}" - :can-manage-publish-state="{{ $str::bool($user->can('publish', $entry)) }}" + :can-manage-publish-state="{{ $str::bool($canManagePublishState) }}" create-another-url="{{ cp_route('collections.entries.create', [$collection, $locale]) }}" listing-url="{{ cp_route('collections.show', $collection) }}" > diff --git a/src/Fieldtypes/Entries.php b/src/Fieldtypes/Entries.php index f9abc2c08a..5840b32496 100644 --- a/src/Fieldtypes/Entries.php +++ b/src/Fieldtypes/Entries.php @@ -42,6 +42,7 @@ class Entries extends Relationship 'revisionsEnabled' => 'revisionsEnabled', 'breadcrumbs' => 'breadcrumbs', 'collectionHandle' => 'collection', + 'canManagePublishState' => 'canManagePublishState', ]; protected function configFieldItems(): array diff --git a/src/Http/Controllers/CP/Collections/EntriesController.php b/src/Http/Controllers/CP/Collections/EntriesController.php index e52fcfa148..664d6d187c 100644 --- a/src/Http/Controllers/CP/Collections/EntriesController.php +++ b/src/Http/Controllers/CP/Collections/EntriesController.php @@ -127,6 +127,7 @@ public function edit(Request $request, $collection, $entry) 'preloadedAssets' => $this->extractAssetsFromValues($values), 'revisionsEnabled' => $entry->revisionsEnabled(), 'breadcrumbs' => $this->breadcrumbs($collection), + 'canManagePublishState' => User::current()->can('publish', $entry), ]; if ($request->wantsJson()) { @@ -254,6 +255,7 @@ public function create(Request $request, $collection, $site) })->all(), 'revisionsEnabled' => $collection->revisionsEnabled(), 'breadcrumbs' => $this->breadcrumbs($collection), + 'canManagePublishState' => User::current()->can('publish '.$collection->handle().' entries'), ]; if ($request->wantsJson()) {