diff --git a/docs/DataStructure.md b/docs/DataStructure.md index 4766eff11..74256a567 100644 --- a/docs/DataStructure.md +++ b/docs/DataStructure.md @@ -141,11 +141,12 @@ The actual answers of users on submission. ## Permissions Array of permissions, the user has on the form. Permissions are named by resp. routes on frontend. -| Permission | Description | -| -----------|-------------| -| edit | User is allowed to edit the form | -| results | User is allowed to access the form results | -| submit | User is allowed to submit to the form | +| Permission | Description | +| ---------------|-------------| +| edit | User is allowed to edit the form | +| results | User is allowed to access the form results | +| results_delete | User is allowed to delete form submissions | +| submit | User is allowed to submit to the form | ## Access Object Defines some extended options of sharing / access diff --git a/lib/Constants.php b/lib/Constants.php index 69c2540e0..60af263ff 100644 --- a/lib/Constants.php +++ b/lib/Constants.php @@ -115,11 +115,13 @@ class Constants { // Define Form Permissions public const PERMISSION_EDIT = 'edit'; public const PERMISSION_RESULTS = 'results'; + public const PERMISSION_RESULTS_DELETE = 'results_delete'; public const PERMISSION_SUBMIT = 'submit'; public const PERMISSION_ALL = [ self::PERMISSION_EDIT, self::PERMISSION_RESULTS, + self::PERMISSION_RESULTS_DELETE, self::PERMISSION_SUBMIT ]; diff --git a/src/components/Results/Submission.vue b/src/components/Results/Submission.vue index ed649e302..138f02206 100644 --- a/src/components/Results/Submission.vue +++ b/src/components/Results/Submission.vue @@ -25,7 +25,7 @@

{{ submission.userDisplayName }}

- + @@ -71,6 +71,10 @@ export default { type: Array, required: true, }, + canDeleteSubmission: { + type: Boolean, + required: true, + }, }, computed: { diff --git a/src/mixins/PermissionTypes.js b/src/mixins/PermissionTypes.js index 1619e0786..7cad1046d 100644 --- a/src/mixins/PermissionTypes.js +++ b/src/mixins/PermissionTypes.js @@ -29,8 +29,9 @@ export default { PERMISSION_TYPES: { PERMISSION_EDIT: 'edit', PERMISSION_RESULTS: 'results', + PERMISSION_RESULTS_DELETE: 'results_delete', PERMISSION_SUBMIT: 'submit', - PERMISSION_ALL: [this.PERMISSION_EDIT, this.PERMISSION_RESULTS, this.PERMISSION_SUBMIT], + PERMISSION_ALL: [this.PERMISSION_EDIT, this.PERMISSION_RESULTS, this.PERMISSION_RESULTS_DELETE, this.PERMISSION_SUBMIT], }, } }, diff --git a/src/views/Results.vue b/src/views/Results.vue index 30142fd9d..146011521 100644 --- a/src/views/Results.vue +++ b/src/views/Results.vue @@ -81,7 +81,7 @@ {{ t('forms', 'Download CSV') }} - + @@ -123,6 +123,7 @@ :key="submission.id" :submission="submission" :questions="form.questions" + :can-delete-submission="canDeleteSubmissions" @delete="deleteSubmission(submission.id)" /> @@ -155,6 +156,7 @@ import answerTypes from '../models/AnswerTypes.js' import logger from '../utils/Logger.js' import SetWindowTitle from '../utils/SetWindowTitle.js' import OcsResponse2Data from '../utils/OcsResponse2Data.js' +import PermissionTypes from '../mixins/PermissionTypes.js' const picker = getFilePickerBuilder(t('forms', 'Save CSV to Files')) .setMultiSelect(false) @@ -183,7 +185,7 @@ export default { TopBar, }, - mixins: [ViewsMixin], + mixins: [PermissionTypes, ViewsMixin], data() { return { @@ -193,6 +195,10 @@ export default { }, computed: { + canDeleteSubmissions() { + return this.form.permissions.includes(this.PERMISSION_TYPES.PERMISSION_RESULTS_DELETE) + }, + noSubmissions() { return this.form.submissions?.length === 0 }, diff --git a/tests/Integration/Api/ApiV2Test.php b/tests/Integration/Api/ApiV2Test.php index 297b087d2..54f49fee1 100644 --- a/tests/Integration/Api/ApiV2Test.php +++ b/tests/Integration/Api/ApiV2Test.php @@ -24,7 +24,7 @@ */ namespace OCA\Forms\Tests\Integration\Api; -use OCA\Forms\Db\Form; +use OCA\Forms\Constants; use OCA\Forms\Db\FormMapper; use OCP\DB\QueryBuilder\IQueryBuilder; @@ -356,11 +356,7 @@ public function dataGetForms() { 'hash' => 'abcdefg', 'title' => 'Title of a Form', 'expires' => 0, - 'permissions' => [ - 'edit', - 'results', - 'submit' - ], + 'permissions' => Constants::PERMISSION_ALL, 'partial' => true, 'submissionCount' => 3 ]] @@ -460,11 +456,7 @@ public function dataGetNewForm() { 'submitMultiple' => false, 'showExpiration' => false, 'canSubmit' => true, - 'permissions' => [ - 'edit', - 'results', - 'submit' - ], + 'permissions' => Constants::PERMISSION_ALL, 'questions' => [], 'shares' => [], 'submissionCount' => 0, @@ -515,11 +507,7 @@ public function dataGetFullForm() { 'submitMultiple' => false, 'showExpiration' => false, 'canSubmit' => true, - 'permissions' => [ - 'edit', - 'results', - 'submit' - ], + 'permissions' => Constants::PERMISSION_ALL, 'questions' => [ [ 'type' => 'short', diff --git a/tests/Unit/Service/FormsServiceTest.php b/tests/Unit/Service/FormsServiceTest.php index 269ed7952..69786d120 100644 --- a/tests/Unit/Service/FormsServiceTest.php +++ b/tests/Unit/Service/FormsServiceTest.php @@ -204,11 +204,7 @@ public function dataGetForm() { 'displayName' => 'Some User' ] ], - 'permissions' => [ - 'edit', - 'results', - 'submit' - ] + 'permissions' => Constants::PERMISSION_ALL ]] ]; } @@ -319,7 +315,7 @@ public function dataGetPartialForm() { 'hash' => 'abcdefg', 'title' => 'Form 1', 'expires' => 0, - 'permissions' => ['edit', 'results', 'submit'], + 'permissions' => Constants::PERMISSION_ALL, 'submissionCount' => 123, 'partial' => true ]] @@ -494,7 +490,7 @@ public function dataGetPermissions() { 'showToAllUsers' => false, ], 'shares' => [], - 'expected' => ['edit', 'results', 'submit'], + 'expected' => Constants::PERMISSION_ALL, ], 'allUsersCanSubmit' => [ 'ownerId' => 'someOtherUser',