From 97d09fbd947d5d1d821f289326fcbc42c21c19e0 Mon Sep 17 00:00:00 2001 From: fs Date: Sun, 26 Apr 2026 20:43:28 +0200 Subject: [PATCH] fix(user-lifecycle): aside actions use normal size + repair policy ref link MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Two small follow-ups to the cockpit phase-1 commit cc2cf3a: * Drop the 'small' class from the three aside Quick Actions. The aside has plenty of room and the small variant felt cramped next to the page title — normal-size buttons match the visual weight of the form's Save button above. * Repair the Policy reference link. It pointed at a raw markdown path (docs/reference-benutzer-lifecycle-policy.md) which 404s because the static-file route never existed. The codebase has a Markdown viewer at admin/docs/ backed by DocsCatalogService; the correct slug is 'reference-benutzer-lifecycle-policy'. Link is now also gated by ABILITY_ADMIN_DOCS_VIEW so users without docs permission don't see (and 403 on) it. target=_blank dropped because it's an in-app route now, not an external file. Co-Authored-By: Claude Opus 4.7 (1M context) --- pages/admin/settings/user-lifecycle().php | 25 ++++++++++++++--------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/pages/admin/settings/user-lifecycle().php b/pages/admin/settings/user-lifecycle().php index 141031b..9d56bca 100644 --- a/pages/admin/settings/user-lifecycle().php +++ b/pages/admin/settings/user-lifecycle().php @@ -3,6 +3,7 @@ use MintyPHP\Buffer; use MintyPHP\Http\SessionStoreInterface; use MintyPHP\Router; +use MintyPHP\Service\Access\OperationsAuthorizationPolicy; use MintyPHP\Service\Access\SettingsAuthorizationPolicy; use MintyPHP\Service\Audit\NullUserLifecycleAuditDashboard; use MintyPHP\Service\Audit\UserLifecycleAuditDashboardInterface; @@ -160,6 +161,10 @@ $kpiTiles = [ ]; // ── Aside quick actions ────────────────────────────────────────────── +$canViewDocs = $authorizationService + ->authorize(OperationsAuthorizationPolicy::ABILITY_ADMIN_DOCS_VIEW, ['actor_user_id' => $currentUserId]) + ->isAllowed(); + /** @var array> $asideActions */ $asideActions = []; if ($canUpdateSettings) { @@ -168,7 +173,7 @@ if ($canUpdateSettings) { 'label' => t('Run policy now'), 'action' => 'admin/settings/run-user-lifecycle', 'method' => 'POST', - 'class' => 'secondary outline small', + 'class' => 'secondary outline', 'tone' => 'danger', 'confirm' => t('Run user lifecycle now?'), 'detailActionKind' => 'danger', @@ -180,20 +185,20 @@ if ($canUpdateSettings && $auditDashboardActive) { 'label' => t('Purge logs'), 'action' => 'admin/settings/user-lifecycle/audit-purge', 'method' => 'POST', - 'class' => 'secondary outline small', + 'class' => 'secondary outline', 'tone' => 'danger', 'confirm' => t('Purge old user lifecycle audit log entries?'), 'detailActionKind' => 'purge', ]; } -$asideActions[] = [ - 'type' => 'link', - 'label' => t('Policy reference'), - 'href' => 'docs/reference-benutzer-lifecycle-policy.md', - 'class' => 'secondary outline small', - 'target' => '_blank', - 'rel' => 'noopener', -]; +if ($canViewDocs) { + $asideActions[] = [ + 'type' => 'link', + 'label' => t('Policy reference'), + 'href' => 'admin/docs/reference-benutzer-lifecycle-policy', + 'class' => 'secondary outline', + ]; +} Buffer::set('title', t('User lifecycle settings'));