diff --git a/core/lexicon/en/user.inc.php b/core/lexicon/en/user.inc.php index 984b0326fe0..163d78f4a28 100644 --- a/core/lexicon/en/user.inc.php +++ b/core/lexicon/en/user.inc.php @@ -39,6 +39,7 @@ $_lang['role_desc_name'] = 'A name for the Role, such as Content Editor, Publisher, System Administrator, etc.'; $_lang['role_desc_description'] = 'A short description of the Role.'; $_lang['role_err_ae'] = 'A role already exists with that name.'; +$_lang['role_err_authority_exists'] = 'The specified Authority level is being used by another Role. (Authority levels must be unique.)'; $_lang['role_err_duplicate'] = 'An error occurred while duplicating the role.'; $_lang['role_err_has_users'] = 'There are users with this role. It cannot be deleted.'; $_lang['role_err_nf'] = 'Role not found.'; diff --git a/core/src/Revolution/Processors/Security/Role/Create.php b/core/src/Revolution/Processors/Security/Role/Create.php index 9c89b24d334..8b215af441d 100644 --- a/core/src/Revolution/Processors/Security/Role/Create.php +++ b/core/src/Revolution/Processors/Security/Role/Create.php @@ -1,4 +1,5 @@ getProperty('name'); + $authority = (int)$this->getProperty('authority', 0); + if (empty($name)) { $this->addFieldError('name', $this->modx->lexicon('role_err_ns_name')); } @@ -38,6 +40,9 @@ public function beforeSave() if ($this->alreadyExists($name)) { $this->addFieldError('name', $this->modx->lexicon('role_err_ae')); } + if ($this->authorityExists($authority)) { + $this->addFieldError('authority', $this->modx->lexicon('role_err_authority_exists')); + } return parent::beforeSave(); } @@ -51,4 +56,14 @@ public function alreadyExists($name) { return $this->modx->getCount(modUserGroupRole::class, ['name' => $name]) > 0; } + + /** + * Check whether the specified authority level already exists + * @param int $authority + * @return boolean + */ + public function authorityExists(int $authority) + { + return $this->modx->getCount(modUserGroupRole::class, ['authority' => $authority]) > 0; + } } diff --git a/core/src/Revolution/Processors/Security/Role/Update.php b/core/src/Revolution/Processors/Security/Role/Update.php index f10c2406ded..0035dfb7f91 100644 --- a/core/src/Revolution/Processors/Security/Role/Update.php +++ b/core/src/Revolution/Processors/Security/Role/Update.php @@ -1,4 +1,5 @@ getProperty('name'); + $authority = (int)$this->getProperty('authority', 0); + if (empty($name)) { $this->addFieldError('name', $this->modx->lexicon('role_err_ns_name')); } + if ($this->alreadyExists($name)) { + $this->addFieldError('name', $this->modx->lexicon('role_err_ae')); + } + if ($this->authorityExists($authority)) { + $this->addFieldError('authority', $this->modx->lexicon('role_err_authority_exists')); + } return parent::beforeSave(); } + + /** + * Check to see if a role already exists with the specified name + * @param string $name + * @return boolean + */ + public function alreadyExists($name) + { + return $this->modx->getCount( + modUserGroupRole::class, + ['name' => $name, 'id:!=' => $this->getProperty('id')] + ) > 0; + } + + /** + * Check whether the specified authority level already exists + * @param int $authority + * @return boolean + */ + public function authorityExists(int $authority) + { + return $this->modx->getCount( + modUserGroupRole::class, + ['authority' => $authority, 'id:!=' => $this->getProperty('id')] + ) > 0; + } } diff --git a/manager/assets/modext/widgets/security/modx.grid.role.js b/manager/assets/modext/widgets/security/modx.grid.role.js index c3323f3a385..dd31b8344ee 100644 --- a/manager/assets/modext/widgets/security/modx.grid.role.js +++ b/manager/assets/modext/widgets/security/modx.grid.role.js @@ -153,7 +153,8 @@ MODx.window.CreateRole = function(config = {}) { action: 'Security/Role/Create', formDefaults: { allowBlank: false, - anchor: '100%' + anchor: '100%', + msgTarget: 'under' }, fields: [{ name: 'name',