[Perspectives] Add permissions on install (#934)

* add studio perspective permissions

* Apply php-cs-fixer changes

Author: lukmzig

src/Installer.php

@@ -27,6 +27,7 @@
 use Pimcore\Bundle\StudioBackendBundle\Entity\Grid\GridConfigurationShare;
 use Pimcore\Bundle\StudioBackendBundle\Entity\Perspective\UserPerspectiveData;
 use Pimcore\Bundle\StudioBackendBundle\Translation\Service\TranslatorService;
+use Pimcore\Bundle\StudioBackendBundle\Util\Constant\UserPermissions;
 use Pimcore\Extension\Bundle\Installer\Exception\InstallationException;
 use Pimcore\Extension\Bundle\Installer\SettingsStoreAwareInstaller;
 use Symfony\Component\HttpKernel\Bundle\BundleInterface;
@@ -36,6 +37,11 @@
  */
 final class Installer extends SettingsStoreAwareInstaller
 {
+    private const array PERSPECTIVE_PERMISSIONS = [
+        UserPermissions::PERSPECTIVE_EDITOR->value,
+        UserPermissions::WIDGET_EDITOR->value,
+    ];
+
     public function __construct(
         private readonly Connection $db,
         BundleInterface $bundle,
@@ -55,6 +61,7 @@ public function install(): void
         $this->createGridConfigurationSharesTable($schema);
         $this->createGridConfigurationFavoritesTable($schema);
         $this->createUserPerspectivesTable($schema);
+        $this->addUserPermission($schema);
         $this->executeDiffSql($schema);
 
         parent::install();
@@ -83,6 +90,7 @@ public function uninstall(): void
         if ($schema->hasTable(UserPerspectiveData::TABLE_NAME)) {
             $schema->dropTable(UserPerspectiveData::TABLE_NAME);
         }
+        $this->removeUserPermission($schema);
 
         $this->executeDiffSql($schema);
 
@@ -334,6 +342,48 @@ public function createUserPerspectivesTable(Schema $schema): void
         $table->setPrimaryKey(['user'], 'pk_' . UserPerspectiveData::TABLE_NAME);
     }
 
+    /**
+     * @throws Exception
+     */
+    private function addUserPermission(Schema $schema): void
+    {
+        if ($schema->hasTable(UserPermissions::DEFINITIONS_TABLE->value)) {
+            foreach (self::PERSPECTIVE_PERMISSIONS as $permission) {
+                $queryBuilder = $this->db->createQueryBuilder();
+                $queryBuilder
+                    ->insert(UserPermissions::DEFINITIONS_TABLE->value)
+                    ->values([
+                        $this->db->quoteIdentifier('key') => ':key',
+                        $this->db->quoteIdentifier('category') => ':category',
+                    ])
+                    ->setParameters([
+                        'key' => $permission,
+                        'category' => UserPermissions::PERMISSIONS_CATEGORY->value,
+                    ]);
+
+                $queryBuilder->executeStatement();
+            }
+        }
+    }
+
+    /**
+     * @throws Exception
+     */
+    private function removeUserPermission(Schema $schema): void
+    {
+        if ($schema->hasTable(UserPermissions::DEFINITIONS_TABLE->value)) {
+            foreach (self::PERSPECTIVE_PERMISSIONS as $permission) {
+                $queryBuilder = $this->db->createQueryBuilder();
+                $queryBuilder
+                    ->delete(UserPermissions::DEFINITIONS_TABLE->value)
+                    ->where($this->db->quoteIdentifier('key') . ' = :key')
+                    ->setParameter('key', $permission);
+
+                $queryBuilder->executeStatement();
+            }
+        }
+    }
+
     /**
      * @throws Exception
      */

src/Perspective/Controller/Widget/AddController.php

@@ -59,7 +59,7 @@ public function __construct(
         name: 'pimcore_studio_api_create_perspectives_widgets_config',
         methods: ['POST']
     )]
-    #[IsGranted(UserPermissions::WIDGET_EDIT->value)]
+    #[IsGranted(UserPermissions::WIDGET_EDITOR->value)]
     #[Post(
         path: self::PREFIX . self::ROUTE,
         operationId: 'perspective_widget_create',

src/Perspective/Controller/Widget/CollectionConfigurationController.php

@@ -56,7 +56,7 @@ public function __construct(
      * @throws InvalidArgumentException|NotFoundException
      */
     #[Route(self::ROUTE, name: 'pimcore_studio_api_get_perspectives_widgets_configurations_list', methods: ['GET'])]
-    #[IsGranted(UserPermissions::WIDGET_EDIT->value)]
+    #[IsGranted(UserPermissions::WIDGET_EDITOR->value)]
     #[Get(
         path: self::PREFIX . self::ROUTE,
         operationId: 'perspective_widget_get_config_collection',

src/Perspective/Controller/Widget/DeleteController.php

@@ -51,7 +51,7 @@ public function __construct(
      * @throws InvalidArgumentException|NotFoundException|NotWriteableException
      */
     #[Route(self::ROUTE, name: 'pimcore_studio_api_delete_perspectives_widgets_config', methods: ['DELETE'])]
-    #[IsGranted(UserPermissions::WIDGET_EDIT->value)]
+    #[IsGranted(UserPermissions::WIDGET_EDITOR->value)]
     #[Delete(
         path: self::PREFIX . self::ROUTE,
         operationId: 'perspective_widget_delete',

src/Perspective/Controller/Widget/GetConfigurationController.php

@@ -58,7 +58,7 @@ public function __construct(
         requirements: ['id' => '\d+'],
         methods: ['GET']
     )]
-    #[IsGranted(UserPermissions::WIDGET_EDIT->value)]
+    #[IsGranted(UserPermissions::WIDGET_EDITOR->value)]
     #[Get(
         path: self::PREFIX . self::ROUTE,
         operationId: 'perspective_widget_get_config_by_id',

src/Perspective/Controller/Widget/TypeController.php

@@ -45,7 +45,7 @@ public function __construct(
     }
 
     #[Route(self::ROUTE, name: 'pimcore_studio_api_get_perspectives_widgets_types', methods: ['GET'])]
-    #[IsGranted(UserPermissions::WIDGET_EDIT->value)]
+    #[IsGranted(UserPermissions::WIDGET_EDITOR->value)]
     #[Get(
         path: self::PREFIX . self::ROUTE,
         operationId: 'perspective_widget_get_type_collection',

src/Perspective/Controller/Widget/UpdateController.php

@@ -64,7 +64,7 @@ public function __construct(
         name: 'pimcore_studio_api_update_perspectives_widgets_config',
         methods: ['PUT']
     )]
-    #[IsGranted(UserPermissions::WIDGET_EDIT->value)]
+    #[IsGranted(UserPermissions::WIDGET_EDITOR->value)]
     #[Put(
         path: self::PREFIX . self::ROUTE,
         operationId: 'perspective_widget_update_config_by_id',

src/Util/Constant/UserPermissions.php

@@ -21,6 +21,8 @@
  */
 enum UserPermissions: string
 {
+    case PERMISSIONS_CATEGORY = 'Pimcore Studio Backend Bundle';
+    case DEFINITIONS_TABLE = 'users_permission_definitions';
     case ASSETS = 'assets';
     case DATA_OBJECTS = 'objects';
     case DOCUMENTS = 'documents';
@@ -40,5 +42,5 @@ enum UserPermissions: string
     case TAGS_SEARCH = 'tags_search';
     case THUMBNAILS = 'thumbnails';
     case USER_MANAGEMENT = 'users';
-    case WIDGET_EDIT = 'perspective_editor_view_edit';
+    case WIDGET_EDITOR = 'perspective_widget_editor';
 }

translations/admin.en.yaml

@@ -0,0 +1,2 @@
+perspective_editor: Perspective Editor
+perspective_widget_editor: Widget Editor