Adds tokenSelectForm() in core/Support/helpers/ui.php: an inline typeahead combobox + flat alphabetical removable list, designed for selections that outgrow the chip-header of the vendor MultiSelect (roles, permissions, and similar admin pickers). Contract: - Hidden <select multiple name="<name>[]"> is the form submission source — consumers read via $request->body() verbatim, no parsing - Items are ['id' => int, <labelKey> => string, 'key' => string?] where labelKeys default to ['description', 'label', 'name']; 'key' is an invisible fuzzy-match hint - $labelOverrides lets callers swap emptyState / removeTooltip / noMatches / clearAll / countSuffix / errorMessage with domain copy - $disabled renders pure-presentation list (no combobox, no remove) Runtime: - initTokenSelect in web/js/components/app-token-select.js is registered as 'token-select' in app-init.js; destroy()/cleanupFns contract - Syncs the hidden <select> on every mutation and dispatches 'change' so dependent UI can react Wired up: pages/admin/permissions/_form.phtml (assigned roles), pages/admin/roles/_form.phtml (permissions + assignable roles). Helper contract lives in tests/Support/Helpers/TokenSelectFormHelperTest.php; runtime contract + entrypoint registration + host usage are enforced by FrontendRuntime*ContractTest.php. Coexists with multiSelectForm() — pick tokenSelectForm() when the selected set can grow beyond ~10 items or typeahead is expected. Docs in CLAUDE.md. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
114 lines
4.2 KiB
PHTML
114 lines
4.2 KiB
PHTML
<?php
|
|
|
|
/**
|
|
* @var array $values
|
|
* @var string|null $formId
|
|
* @var bool $detailsOpenAll
|
|
* @var bool $isReadOnly
|
|
* @var array $roles
|
|
* @var array $selectedRoleIds
|
|
* @var bool $showDangerZone
|
|
* @var string|null $dangerZoneDeleteFormId
|
|
* @var string|null $dangerZoneWarning
|
|
* @var string|null $dangerZoneActionLabel
|
|
*/
|
|
|
|
use MintyPHP\Session;
|
|
|
|
$values = $values ?? [];
|
|
$formId = $formId ?? 'permission-form';
|
|
$detailsOpenAll = $detailsOpenAll ?? false;
|
|
$isReadOnly = $isReadOnly ?? false;
|
|
$roles = $roles ?? [];
|
|
$selectedRoleIds = $selectedRoleIds ?? [];
|
|
$showDangerZone = (bool) ($showDangerZone ?? false);
|
|
$dangerZoneDeleteFormId = (string) ($dangerZoneDeleteFormId ?? '');
|
|
$dangerZoneWarning = (string) ($dangerZoneWarning ?? t('This action cannot be undone.'));
|
|
$dangerZoneActionLabel = (string) ($dangerZoneActionLabel ?? t('Delete'));
|
|
$detailsOpenAttr = $detailsOpenAll ? 'open' : '';
|
|
$readonlyAttr = $isReadOnly ? 'readonly' : '';
|
|
$disabledAttr = $isReadOnly ? 'disabled' : '';
|
|
$keyReadonlyAttr = ($isReadOnly || !empty($values['is_system'])) ? 'readonly' : '';
|
|
|
|
?>
|
|
<form id="<?php e($formId); ?>" method="post" data-standard-detail-form="1">
|
|
<div class="app-tabs" data-tabs data-app-component="tabs" data-tabs-param="tab" data-tabs-storage-key="admin-permission-form"<?php if (!empty($ignoreTabStorage)) { echo ' data-tabs-ignore-storage'; } ?>>
|
|
<div class="app-tabs-nav">
|
|
<button type="button" data-tab="basic" data-tab-default><?php e(t('Master data')); ?></button>
|
|
<?php if ($roles): ?>
|
|
<button type="button" data-tab="roles"><?php e(t('Roles')); ?></button>
|
|
<?php endif; ?>
|
|
<button type="button" data-tab="visibility"><?php e(t('Visibility')); ?></button>
|
|
<?php if ($showDangerZone && $dangerZoneDeleteFormId !== ''): ?>
|
|
<button type="button" data-tab="danger"><?php e(t('Danger zone')); ?></button>
|
|
<?php endif; ?>
|
|
</div>
|
|
|
|
<div data-tab-panel="basic">
|
|
<div class="grid">
|
|
<label for="permission-description">
|
|
<span><?php e(t('Description')); ?></span>
|
|
<input type="text" name="description" id="permission-description"
|
|
value="<?php e($values['description'] ?? ''); ?>" <?php e($readonlyAttr); ?> />
|
|
</label>
|
|
<label for="permission-key">
|
|
<span><?php e(t('Permission key')); ?></span>
|
|
<input required type="text" name="key" id="permission-key" value="<?php e($values['key'] ?? ''); ?>" <?php e($keyReadonlyAttr); ?> />
|
|
</label>
|
|
</div>
|
|
</div>
|
|
|
|
<?php if ($roles): ?>
|
|
<div data-tab-panel="roles">
|
|
<?php tokenSelectForm(
|
|
'permission-roles',
|
|
'role_ids',
|
|
'Assigned roles',
|
|
'Search roles…',
|
|
$roles,
|
|
$selectedRoleIds,
|
|
$isReadOnly,
|
|
'description',
|
|
null,
|
|
[
|
|
'emptyState' => t('No roles selected'),
|
|
'removeTooltip' => t('Remove role'),
|
|
]
|
|
); ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<div data-tab-panel="visibility">
|
|
<?php
|
|
$statusFieldName = 'active';
|
|
$statusFieldId = 'permission-active';
|
|
$statusFieldValue = (string) ($values['active'] ?? '1');
|
|
require templatePath('partials/app-visibility-status-field.phtml');
|
|
?>
|
|
<fieldset>
|
|
<legend><small><?php e(t('System permission')); ?></small></legend>
|
|
<label class="app-field app-checkbox">
|
|
<?php $systemValue = (int) ($values['is_system'] ?? 0); ?>
|
|
<input type="checkbox" name="is_system" value="1" <?php if ($systemValue === 1) { ?>checked<?php } ?>
|
|
<?php e($disabledAttr); ?> />
|
|
<span><?php e(t('System permission')); ?></span>
|
|
</label>
|
|
<small class="muted"><?php e(t('System permissions are core and should rarely be disabled.')); ?></small>
|
|
</fieldset>
|
|
</div>
|
|
|
|
<?php if ($showDangerZone && $dangerZoneDeleteFormId !== ''): ?>
|
|
<div data-tab-panel="danger">
|
|
<?php
|
|
$dangerFormId = $dangerZoneDeleteFormId;
|
|
$dangerLegend = t('Delete');
|
|
$dangerWarning = $dangerZoneWarning;
|
|
$dangerButtonLabel = $dangerZoneActionLabel;
|
|
require templatePath('partials/app-danger-zone-delete-field.phtml');
|
|
?>
|
|
</div>
|
|
<?php endif; ?>
|
|
</div>
|
|
<?php Session::getCsrfInput(); ?>
|
|
</form>
|