From 93da350c2134c4295b78236560acd7a1dc4fcea2 Mon Sep 17 00:00:00 2001 From: Yury Saukou Date: Tue, 21 Nov 2023 20:54:12 +0400 Subject: [PATCH 1/2] UIORGS-388 Protection of viewing and changes of banking information by permissions --- CHANGELOG.md | 1 + package.json | 41 ++++++++++++++++--- .../OrganizationDetails.js | 14 ++++--- .../OrganizationBankingInfoForm.js | 4 ++ .../OrganizationForm/OrganizationForm.js | 15 ++++--- translations/ui-organizations/en.json | 4 ++ 6 files changed, 62 insertions(+), 17 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 04f7ee24..9859bea2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ * Implement organization's banking information form. Refs UIORGS-390. * Implement organization's banking information details view. Refs UIORGS-389. * Modify summary display in organization view mode. Refs UIORGS-398. +* Protection of viewing and changes of banking information by permissions. Refs UIORGS-388. ## [5.0.0](https://github.com/folio-org/ui-organizations/tree/v5.0.0) (2023-10-12) [Full Changelog](https://github.com/folio-org/ui-organizations/compare/v4.0.0...v5.0.0) diff --git a/package.json b/package.json index e2fbba66..f50de274 100644 --- a/package.json +++ b/package.json @@ -81,8 +81,6 @@ "data-export.config.item.get", "orders.acquisition-methods.collection.get", "orders.acquisition-method.item.get", - "organizations.banking-information.collection.get", - "organizations.banking-information.item.get", "organizations.organizations.collection.get", "organizations.organizations.item.get", "organizations-storage.addresses.collection.get", @@ -111,7 +109,6 @@ "data-export.config.item.delete", "data-export.config.item.post", "data-export.config.item.put", - "organizations.banking-information.item.put", "organizations.organizations.item.put", "organizations-storage.addresses.item.put", "organizations-storage.emails.item.put", @@ -131,7 +128,6 @@ "displayName": "Organizations: View, edit, create", "visible": true, "subPermissions": [ - "organizations.banking-information.item.post", "organizations.organizations.item.post", "organizations-storage.addresses.item.post", "organizations-storage.emails.item.post", @@ -145,7 +141,6 @@ "displayName": "Organizations: View, edit, delete", "visible": true, "subPermissions": [ - "organizations.banking-information.item.delete", "organizations.organizations.item.delete", "organizations-storage.addresses.item.delete", "organizations-storage.emails.item.delete", @@ -154,6 +149,42 @@ "ui-organizations.edit" ] }, + { + "permissionName": "ui-organizations.banking-information.view", + "displayName": "Organizations: View banking information", + "visible": true, + "subPermissions": [ + "organizations.banking-information.collection.get", + "organizations.banking-information.item.get" + ] + }, + { + "permissionName": "ui-organizations.banking-information.create", + "displayName": "Organizations: View and create banking information", + "visible": true, + "subPermissions": [ + "ui-organizations.banking-information.view", + "organizations.banking-information.item.post" + ] + }, + { + "permissionName": "ui-organizations.banking-information.edit", + "displayName": "Organizations: View, create and edit banking information", + "visible": true, + "subPermissions": [ + "ui-organizations.banking-information.create", + "organizations.banking-information.item.put" + ] + }, + { + "permissionName": "ui-organizations.banking-information.delete", + "displayName": "Organizations: View, create, edit and delete banking information", + "visible": true, + "subPermissions": [ + "ui-organizations.banking-information.edit", + "organizations.banking-information.item.delete" + ] + }, { "permissionName": "ui-organizations.creds.view", "displayName": "Organizations: Interface usernames and passwords: view", diff --git a/src/Organizations/OrganizationDetails/OrganizationDetails.js b/src/Organizations/OrganizationDetails/OrganizationDetails.js index 0c9f37b4..13710cf8 100644 --- a/src/Organizations/OrganizationDetails/OrganizationDetails.js +++ b/src/Organizations/OrganizationDetails/OrganizationDetails.js @@ -405,12 +405,14 @@ const OrganizationDetails = ({ {isBankingInformationEnabled && ( - - - + + + + + )} ) diff --git a/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js b/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js index 62e253ca..020d56ff 100644 --- a/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js +++ b/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js @@ -3,6 +3,7 @@ import { FieldArray } from 'react-final-form-arrays'; import { FormattedMessage } from 'react-intl'; import { Loading } from '@folio/stripes/components'; +import { useStripes } from '@folio/stripes/core'; import { useBankingAccountTypes, @@ -27,6 +28,8 @@ const renderField = (props) => (name, index, fields) => ( ); export const OrganizationBankingInfoForm = () => { + const stripes = useStripes(); + const { bankingAccountTypes, isFetching: isBankingAccountTypesFetching, @@ -54,6 +57,7 @@ export const OrganizationBankingInfoForm = () => { } component={BankingInformationFieldArray} + canRemove={stripes.hasPerm('ui-organizations.banking-information.delete')} id="bankingInformation" name={BANKING_INFORMATION_FIELD_NAME} onAdd={createAddNewItem()} diff --git a/src/Organizations/OrganizationForm/OrganizationForm.js b/src/Organizations/OrganizationForm/OrganizationForm.js index 11826ddb..fb0854a1 100644 --- a/src/Organizations/OrganizationForm/OrganizationForm.js +++ b/src/Organizations/OrganizationForm/OrganizationForm.js @@ -3,6 +3,7 @@ import { FormattedMessage } from 'react-intl'; import { useHistory } from 'react-router'; import { mapValues } from 'lodash'; +import { IfPermission } from '@folio/stripes/core'; import stripesForm from '@folio/stripes/final-form'; import { Accordion, @@ -223,12 +224,14 @@ const OrganizationForm = ({ {isBankingInformationEnabled && ( - - - + + + + + )} ) diff --git a/translations/ui-organizations/en.json b/translations/ui-organizations/en.json index 23bd186a..21f52920 100644 --- a/translations/ui-organizations/en.json +++ b/translations/ui-organizations/en.json @@ -479,6 +479,10 @@ "permission.creds.manage": "Organizations: Interface usernames and passwords: view, edit, create, delete", "permission.acqUnits.assign": "Organizations: Assign acquisition units to new organization", "permission.acqUnits.manage": "Organizations: Manage acquisition units", + "permission.banking-information.view": "Organizations: View banking information", + "permission.banking-information.create": "Organizations: View and create banking information", + "permission.banking-information.edit": "Organizations: View, create and edit banking information", + "permission.banking-information.delete": "Organizations: View, create, edit and delete banking information", "permission.settings.view": "Settings (Organizations): View settings", "permission.settings": "Settings (Organizations): Can view and edit settings" } From ad2e98bfed46ad32b6bae8de2aee7525635ff40c Mon Sep 17 00:00:00 2001 From: Yury Saukou Date: Tue, 21 Nov 2023 21:12:43 +0400 Subject: [PATCH 2/2] UIORGS-388 Update perms hierarchy for repeatable fields usage --- package.json | 18 +++++++++--------- .../OrganizationBankingInfoForm.js | 1 + .../OrganizationForm/OrganizationForm.js | 2 +- translations/ui-organizations/en.json | 6 +++--- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/package.json b/package.json index f50de274..2ffc7a08 100644 --- a/package.json +++ b/package.json @@ -159,29 +159,29 @@ ] }, { - "permissionName": "ui-organizations.banking-information.create", - "displayName": "Organizations: View and create banking information", + "permissionName": "ui-organizations.banking-information.edit", + "displayName": "Organizations: View and edit banking information", "visible": true, "subPermissions": [ "ui-organizations.banking-information.view", - "organizations.banking-information.item.post" + "organizations.banking-information.item.put" ] }, { - "permissionName": "ui-organizations.banking-information.edit", - "displayName": "Organizations: View, create and edit banking information", + "permissionName": "ui-organizations.banking-information.create", + "displayName": "Organizations: View, edit and create banking information", "visible": true, "subPermissions": [ - "ui-organizations.banking-information.create", - "organizations.banking-information.item.put" + "ui-organizations.banking-information.edit", + "organizations.banking-information.item.post" ] }, { "permissionName": "ui-organizations.banking-information.delete", - "displayName": "Organizations: View, create, edit and delete banking information", + "displayName": "Organizations: View, edit, create and delete banking information", "visible": true, "subPermissions": [ - "ui-organizations.banking-information.edit", + "ui-organizations.banking-information.create", "organizations.banking-information.item.delete" ] }, diff --git a/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js b/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js index 020d56ff..157d5377 100644 --- a/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js +++ b/src/Organizations/OrganizationForm/OrganizationBankingInfoForm/OrganizationBankingInfoForm.js @@ -57,6 +57,7 @@ export const OrganizationBankingInfoForm = () => { } component={BankingInformationFieldArray} + canAdd={stripes.hasPerm('ui-organizations.banking-information.create')} canRemove={stripes.hasPerm('ui-organizations.banking-information.delete')} id="bankingInformation" name={BANKING_INFORMATION_FIELD_NAME} diff --git a/src/Organizations/OrganizationForm/OrganizationForm.js b/src/Organizations/OrganizationForm/OrganizationForm.js index fb0854a1..2e3785c6 100644 --- a/src/Organizations/OrganizationForm/OrganizationForm.js +++ b/src/Organizations/OrganizationForm/OrganizationForm.js @@ -224,7 +224,7 @@ const OrganizationForm = ({ {isBankingInformationEnabled && ( - +