hide credential edit files tab for shared credentials with missing FI…

…LES acl #815
nextcloud · Sep 22, 2024 · 611e7aa · 611e7aa
1 parent 6718289
commit 611e7aa
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 4 deletions.
diff --git a/js/app/controllers/edit_credential.js b/js/app/controllers/edit_credential.js
@@ -32,8 +32,8 @@
 	 * Controller of the passmanApp
 	 */
 	angular.module('passmanApp')
-		.controller('CredentialEditCtrl', ['$scope', 'VaultService', 'CredentialService', 'SettingsService', '$location', '$routeParams', 'FileService', 'EncryptService', 'TagService', 'NotificationService', 'ShareService', '$translate','$rootScope',
-			function ($scope, VaultService, CredentialService, SettingsService, $location, $routeParams, FileService, EncryptService, TagService, NotificationService, ShareService, $translate, $rootScope) {
+		.controller('CredentialEditCtrl', ['$scope', 'VaultService', 'CredentialService', 'SettingsService', '$location', '$routeParams', 'FileService', 'EncryptService', 'TagService', 'NotificationService', 'ShareService', 'SharingACL', '$translate','$rootScope',
+			function ($scope, VaultService, CredentialService, SettingsService, $location, $routeParams, FileService, EncryptService, TagService, NotificationService, ShareService, SharingACL, $translate, $rootScope) {
 				$scope.active_vault = VaultService.getActiveVault();
 				if (!SettingsService.getSetting('defaultVault') || !SettingsService.getSetting('defaultVaultPass')) {
 					if (!$scope.active_vault) {
@@ -89,7 +89,8 @@
 					}, {
 						title: translations.files,
 						url: 'views/partials/forms/edit_credential/files.html',
-						color: 'yellow'
+						color: 'yellow',
+						requiredACL: $scope.permissions.permissions.FILES
 					}, {
 						title: translations.otp,
 						url: 'views/partials/forms/edit_credential/otp.html',
@@ -135,6 +136,17 @@
 					return tab.url === $scope.currentTab.url;
 				};
 
+				$scope.permissions = new SharingACL(0);
+
+				$scope.hasPermission = function (acl, permission) {
+					if (acl) {
+						var tmp = new SharingACL(acl.permission);
+						return tmp.hasPermission(permission);
+					} else {
+						return true;
+					}
+				};
+
 				/**
 				 * Below general edit functions
 				 */

diff --git a/js/templates.js b/js/templates.js
diff --git a/templates/views/edit_credential.html b/templates/views/edit_credential.html
@@ -21,6 +21,7 @@
     <nav class="app-sidebar-tabs__nav">
         <ul>
             <li ng-repeat="tab in tabs track by $index" class="app-sidebar-tabs__tab"
+                ng-if="tab.requiredACL == undefined || storedCredential.acl == undefined || hasPermission(storedCredential.acl.permissions, tab.requiredACL)"
                 ng-class="isActiveTab(tab)? 'active' : 'inactive'"
                 ng-click="onClickTab(tab)">{{ tab.title }}
             </li>