Merge pull request #1463 from clpetersonucf/react/fixes-and-polish-part-three

React/fixes and polish part three

Author: clpetersonucf

docker/config/nginx/nginx-dev.conf

@@ -152,9 +152,10 @@ http {
         listen *:8008 ssl;
         listen [::]:8008 ssl;
 
-        # some js assets will be requested at /js instead of /dist/js 
-        # redirect these requests appropriately
-        location ~* ^\/js\/.+\.js$ {
+        # In the dev environment, js and css assets are emitted to public/dist instead of public/
+        # However, server pages will expect them to be in public/js or public/css instead
+        # Redirect requests for these assets to public/dist
+        location ~* ^\/(?:js|css)\/.+\.(?:js|css)$ {
             proxy_pass https://$server_addr/dist$uri;
         }
 

docker/run_build_assets.sh

@@ -22,4 +22,4 @@ docker run \
 	--mount type=bind,source="$(pwd)"/../,target=/build \
 	--mount source=materia-asset-build-vol,target=/build/node_modules \
 	node:18.13.0-alpine \
-	/bin/ash -c "apk add --no-cache git && cd build && yarn install --frozen-lockfile --non-interactive --production --silent --pure-lockfile --force"
+	/bin/ash -c "apk add --no-cache git && cd build && yarn install --frozen-lockfile --non-interactive --silent --pure-lockfile --force && npm run-script build"

docker/run_build_github_release_package.sh

@@ -29,8 +29,8 @@ DOCKER_IMAGE=$1
 
 # declare files that should have been created
 declare -a FILES_THAT_SHOULD_EXIST=(
-	"public/dist/js/materia.enginecore.js"
-	"public/dist/css/widget-player.css"
+	"public/js/materia.enginecore.js"
+	"public/css/widget-player.css"
 )
 
 # declare files to omit from zip

fuel/app/classes/materia/perm/manager.php

@@ -552,7 +552,10 @@ static public function clear_all_perms_for_object($object_id, $object_type)
 	}
 
 	/**
-	 * Gets an array of object id's that a user has permissions for matching any of the requested permissions.
+	 * Gets an array of object ids of a given type that a user has EXPLICIT permissions to that matches the perms provided.
+	 * (!!!) NOTE: Previously, this method would also return IMPLICITLY available objects based on the user's role (if elevated).
+	 * This is no longer the case. If IMPLICITLY available objects are required, use get_all_objects_for_elevated_user_role
+	 * 
 	 * If an object has any of the requested permissions, it will be returned.
 	 * Perm_Manager->get_all_objects_for_users($user->user_id, \Materia\Perm::INSTANCE, [\Materia\Perm::SHARE]);
 	 *
@@ -570,43 +573,64 @@ static public function get_all_objects_for_user($user_id, $object_type, $perms)
 			// WHERE id IN (5, 6) whould match ids that ***START*** with 5 or 6
 			foreach ($perms as &$value) $value = (string) $value;
 
-			// ====================== GET THE USERS ROLE PERMISSIONS ============================
-			// build a subquery that gets any roles the user has
-			$subquery_role_ids = \DB::select('role_id')
-				->from('perm_role_to_user')
-				->where('user_id', $user_id);
-
-			// get any perms that users roles have
-			$roles_perms = \DB::select('perm')
-				->from('perm_role_to_perm')
-				->where('role_id', 'IN', $subquery_role_ids)
+			// ==================== GET USER's EXPLICIT PERMISSSION ==============================
+			// get objects that the user has direct access to
+			$objects = \DB::select('object_id')
+				->from('perm_object_to_user')
+				->where('object_type', $object_type)
+				->where('user_id', $user_id)
 				->where('perm', 'IN', $perms)
-				->execute();
-
-			// Only super_user has role perm 30 -- get all assets/widgets
-			if ($roles_perms->count() != 0)
-			{
-				$objects = \DB::select('id')
-					->from($object_type == Perm::ASSET ? 'asset' : 'widget_instance')
-					->execute()
-					->as_array('id', 'id');
-			}
-			else
-			{
-				// ==================== GET USER's EXPLICIT PERMISSSION ==============================
-				// get objects that the user has direct access to
-				$objects = \DB::select('object_id')
-					->from('perm_object_to_user')
-					->where('object_type', $object_type)
-					->where('user_id', $user_id)
-					->where('perm', 'IN', $perms)
-					->execute()
-					->as_array('object_id', 'object_id');
-			}
+				->execute()
+				->as_array('object_id', 'object_id');
 			return $objects;
 		}
 	}
 
+	/**
+	 * Gets an array of object ids that a user has permissions to access EXCLUSIVELY based on an elevated role
+	 * This requires the user has a role with elevated perms, and that the group rights associated with those perms are present in the perm_role_to_perm table
+	 * Currently, the role must be Perm::ADMINISTRATOR or Perm::SUPERUSER
+	 * 
+	 * Perm_Manager->get_all_objects_for_users($user->user_id, \Materia\Perm::INSTANCE);
+	 *
+	 * @param int User ID the get permissions for
+	 * @param int Object type as defined in Perm constants
+	 */
+	static public function get_all_objects_for_elevated_user_role($user_id, $object_type)
+	{
+		$objects = [];
+		$user_is_admin_or_su = false;
+
+		// ====================== GET THE USERS ROLE PERMISSIONS ============================
+		// build a subquery that gets any roles the user has
+		$subquery_role_ids = \DB::select('role_id')
+			->from('perm_role_to_user')
+			->where('user_id', $user_id);
+
+		// get any perms that users roles have
+		$roles_perms = \DB::select('perm')
+			->from('perm_role_to_perm')
+			->where('role_id', 'IN', $subquery_role_ids)
+			->execute();
+
+		
+		// verify that perms returned from perm_role_to_perm table are elevated
+		// this means either Perm::ADMINISTRATOR (85) or Perm::SUPERUSER (90)
+		foreach ($roles_perms as $role)
+		{
+			if (in_array([Perm::ADMINISTRATOR, Perm::SUPERUSER], $role['perm'])) $user_is_admin_or_su = true;
+		}
+
+		if ($user_is_admin_or_su == true)
+		{
+			$objects = \DB::select('id')
+				->from($object_type == Perm::ASSET ? 'asset' : 'widget_instance')
+				->execute()
+				->as_array('id', 'id');
+		}
+		return $objects;
+	}
+
 	/**
 	 * Counts the number of users with perms to a given object
 	 *  to an object (used by Widget_Asset_Manager.can_asset_be_deleted)

fuel/app/classes/materia/session/play.php

@@ -262,7 +262,7 @@ public static function get_by_inst_id($inst_id, $semester='all', $year='all')
 
 	public static function get_by_inst_id_paginated($inst_id, $semester='all', $year='all', $page_number=1)
 	{
-		$items_per_page = 10;
+		$items_per_page = 100;
 		$data = self::get_by_inst_id($inst_id, $semester, $year);
 		$total_num_pages = ceil(sizeof($data) / $items_per_page);
 		$offset = $items_per_page * ($page_number - 1);

fuel/app/classes/materia/widget/instance/manager.php

@@ -80,7 +80,7 @@ public static function get_paginated_for_user($user_id, $page_number = 1)
 	{
 		$inst_ids = Perm_Manager::get_all_objects_for_user($user_id, Perm::INSTANCE, [Perm::FULL, Perm::VISIBLE]);
 		$displayable_inst = self::get_all($inst_ids);
-		$widgets_per_page = 10;
+		$widgets_per_page = 80;
 		$total_num_pages = ceil(sizeof($displayable_inst) / $widgets_per_page);
 		$offset = $widgets_per_page * ($page_number - 1);
 

fuel/app/config/css.php

@@ -15,12 +15,12 @@
 
 	'groups' => [
 		'core' => [$webpack.'css/core.css'],
-		'homepage' => [$webpack.'js/homepage.css'],
+		'homepage' => [$webpack.'css/homepage.css'],
 		'admin' => [$webpack.'css/admin.css'],
-		'user-admin' => [$webpack.'js/user-admin.css'],
-		'support' => [$webpack.'js/support.css'],
-		'catalog' => [$webpack.'js/catalog.css'],
-		'detail' => [$webpack.'js/detail.css'],
+		'user-admin' => [$webpack.'css/user-admin.css'],
+		'support' => [$webpack.'css/support.css'],
+		'catalog' => [$webpack.'css/catalog.css'],
+		'detail' => [$webpack.'css/detail.css'],
 		'playpage' => [
 			$webpack.'css/widget-player-page.css',
 			$webpack.'css/loading-icon.css'
@@ -29,36 +29,36 @@
 			$webpack.'css/widget-play.css',
 		],
 		'lti' => [$webpack.'css/util-lti-picker.css'],
-		'my_widgets'  => [$webpack.'js/my-widgets.css'],
+		'my_widgets'  => [$webpack.'css/my-widgets.css'],
 		'widget_create' => [
 			$webpack.'css/loading-icon.css',
-			$webpack.'js/creator-page.css',
+			$webpack.'css/creator-page.css',
 		],
 		'widget_detail' => [
 			$webpack.'css/widget-detail.css',
 		],
 		'widget_catalog' => [$webpack.'css/widget-catalog.css'],
-		'profile' => [$webpack.'js/profile.css'],
-		'login' => [$webpack.'js/login.css'],
+		'profile' => [$webpack.'css/profile.css'],
+		'login' => [$webpack.'css/login.css'],
 		'scores' => [
 			$cdnjs.'jqPlot/1.0.9/jquery.jqplot.min.css',
-			$webpack.'js/scores.css',
+			$webpack.'css/scores.css',
 		],
-		'pre_embed_placeholder' => [$webpack.'js/pre-embed-common-styles.css'],
+		'pre_embed_placeholder' => [$webpack.'css/pre-embed-common-styles.css'],
 		'embed_scores' => [$webpack.'css/scores.css'],
 		'question_import' => [
 			$vendor.'jquery.dataTables.min.css',
 			$webpack.'css/util-question-import.css',
 			$webpack.'css/question-importer.css',
 		],
-		'questionimport' => [$webpack.'js/question-importer.css'],
+		'questionimport' => [$webpack.'css/question-importer.css'],
 		'qset_history' => [
 			$webpack.'css/util-qset-history.css',
 		],
 		'rollback_dialog' => [
 			$webpack.'css/util-rollback-confirm.css'
 		],
-		'media_import' => [$webpack.'js/media.css'],
+		'media_import' => [$webpack.'css/media.css'],
 		'help' => [$webpack.'css/help.css'],
 		'errors' => [$webpack.'css/errors.css'],
 		'fonts' => [
@@ -68,8 +68,8 @@
 		'guide' => [$webpack.'css/widget-guide.css'],
 		// the following are required for the support-info styles to be embedded
 		// TODO probably consolidate the support_info styles in a common stylesheet
-		'draft-not-playable' => [$webpack.'js/draft-not-playable.css'],
-		'500' => [$webpack.'js/500.css'],
-		'no_permission' => [$webpack.'js/no-permission.css']
+		'draft-not-playable' => [$webpack.'css/draft-not-playable.css'],
+		'500' => [$webpack.'css/500.css'],
+		'no_permission' => [$webpack.'css/no-permission.css']
 	],
 ];

fuel/app/config/development/materia.php

@@ -1,5 +1,6 @@
 <?php
 
+// since this is the dev config - the assumption is that assets are located in public/dist. NGINX will reroute *.js and *.css requests for public/ to public/dist/
 $assets_exist = file_exists(DOCROOT."dist/js/my-widgets.js");
 // convert current url to https://whatever:8008/ for simulated pass through cdn
 $simulated_cdn_url = preg_replace('/(https:\/\/.+?)(\:[0-9]*){0,1}(\/.*)/', '${1}:8008${3}', \Uri::create());
@@ -12,7 +13,7 @@
 		// No port is specified so 8080 is picked by default
 		'static'  => $simulated_cdn_url,
 		'engines' => $simulated_cdn_url.'widget/',
-		'js_css'  => $assets_exist ? $simulated_cdn_url.'dist/' : '//127.0.0.1:8080/dist/',
+		'js_css'  => $assets_exist ? $simulated_cdn_url : '//127.0.0.1:8080/',
 	],
 
 	/**

fuel/app/config/materia.php

@@ -30,8 +30,8 @@
 		'static'       => $_ENV['URLS_STATIC'] ?? \Uri::create(), // allows you to host another domain for static assets http://static.siteurl.com/
 		'engines'      => $_ENV['URLS_ENGINES'] ?? \Uri::create('widget/'), // widget file locations
 		// where are js and css assets hosted?
-		// DEFAULT: public/dist (hosted as as https://site.com/dist)
-		'js_css'       => \Uri::create('dist/'),
+		// DEFAULT: public/dist (hosted as as https://site.com/)
+		'js_css'       => \Uri::create('/'),
 		// CDN PASS-THROUGH: set up aws cloudfront cdn have it load data from the default url
 		//'js_css'     => '//xxxxxxxx.cloudfront.net/dist/',
 		// CDN UNPKG.COM: load assets from npm module with the same release (version must match your version of materia)

package.json

@@ -63,6 +63,7 @@
     "webpack-cli": "^5.0.1",
     "webpack-dev-server": "^4.11.1",
     "webpack-manifest-plugin": "^5.0.0",
+    "webpack-remove-empty-scripts": "1.0.1",
     "webpack-strip-block": "^0.3.0"
   },
   "nodemonConfig": {