From 8dfe459396e8f3956a41f5aaaed45506a444fc30 Mon Sep 17 00:00:00 2001 From: danloa Date: Thu, 8 Feb 2024 10:06:39 -0400 Subject: [PATCH 1/3] Add script urls for project security rules --- ProcessMaker/Providers/AuthServiceProvider.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ProcessMaker/Providers/AuthServiceProvider.php b/ProcessMaker/Providers/AuthServiceProvider.php index 55d78fd6b5..551233dc1e 100644 --- a/ProcessMaker/Providers/AuthServiceProvider.php +++ b/ProcessMaker/Providers/AuthServiceProvider.php @@ -161,6 +161,8 @@ private function checkAllowedEndpoints(array $projectIds, string $currentPath): $allowedEndpoints[] = 'designer/screen-builder/' . $assetId . '/edit'; } elseif ($assetType === Script::class) { $allowedEndpoints[] = 'designer/scripts/' . $assetId . '/builder'; + $allowedEndpoints[] = 'designer/scripts/' . $assetId . '/edit'; + $allowedEndpoints[] = 'designer/scripts/preview'; } } From 3cc4d644bee1fdfc5d07c00d53356606edbd5e98 Mon Sep 17 00:00:00 2001 From: danloa Date: Thu, 8 Feb 2024 10:07:48 -0400 Subject: [PATCH 2/3] Support list of project Ids as a comma separated string --- ProcessMaker/Traits/ProjectAssetTrait.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ProcessMaker/Traits/ProjectAssetTrait.php b/ProcessMaker/Traits/ProjectAssetTrait.php index e4c0232c5e..cd2d36e583 100644 --- a/ProcessMaker/Traits/ProjectAssetTrait.php +++ b/ProcessMaker/Traits/ProjectAssetTrait.php @@ -41,7 +41,10 @@ private function extractProjectIds($input) $projectIds = $input->input('projects', ''); } elseif (is_int($input)) { $projectIds = $input; - } else { + } elseif (is_string($input)) { + $projectIds = $input; + } + else { return []; } From 8a239f323f59c26ec580e1fca7b5889bdf61cfce Mon Sep 17 00:00:00 2001 From: danloa Date: Thu, 8 Feb 2024 10:44:04 -0400 Subject: [PATCH 3/3] Redirect to projects page when editting scrrens,script from a project --- resources/views/processes/screens/edit.blade.php | 4 +++- resources/views/processes/scripts/edit.blade.php | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/resources/views/processes/screens/edit.blade.php b/resources/views/processes/screens/edit.blade.php index d53f444f06..6b7aecddf2 100644 --- a/resources/views/processes/screens/edit.blade.php +++ b/resources/views/processes/screens/edit.blade.php @@ -118,7 +118,9 @@ }); }, onClose() { - window.location.href = '/designer/screens'; + const queryParams = new URLSearchParams(window.location.search); + const projectId = queryParams.get("project_id"); + window.location.href = projectId ? `/designer/projects/${projectId}`: '/designer/screens'; }, onUpdate() { this.resetErrors(); diff --git a/resources/views/processes/scripts/edit.blade.php b/resources/views/processes/scripts/edit.blade.php index 55816f4217..883435d6df 100644 --- a/resources/views/processes/scripts/edit.blade.php +++ b/resources/views/processes/scripts/edit.blade.php @@ -184,7 +184,9 @@ }); }, onClose() { - window.location.href = '/designer/scripts'; + const queryParams = new URLSearchParams(window.location.search); + const projectId = queryParams.get("project_id"); + window.location.href = projectId ? `/designer/projects/${projectId}`: '/designer/scripts'; }, onUpdate() { this.resetErrors();