pkp/pkp-lib#10571 limit email template access by user groups

api/v1/emailTemplates/PKPEmailTemplateController.php

@@ -153,7 +153,7 @@ public function getMany(Request $illuminateRequest): JsonResponse
 
         Hook::call('API::emailTemplates::params', [$collector, $illuminateRequest]);
 
-        $emailTemplates = $collector->getMany();
+        $emailTemplates = collect(Repo::emailTemplate()->filterTemplatesByUserAccess($collector->getMany(), $request->getUser(), $request->getContext()->getId()));
 
         return response()->json([
             'itemsMax' => $collector->getCount(),
@@ -176,6 +176,12 @@ public function get(Request $illuminateRequest): JsonResponse
             ], Response::HTTP_NOT_FOUND);
         }
 
+        if (!Repo::emailTemplate()->isTemplateAccessibleToUser($request->getUser(), $emailTemplate, $request->getContext()->getId())) {
+            return response()->json([
+                'error' => __('api.emailTemplates.404.templateNotFound')
+            ], Response::HTTP_NOT_FOUND);
+        }
+
         return response()->json(Repo::emailTemplate()->getSchemaMap()->map($emailTemplate), Response::HTTP_OK);
     }
 
@@ -198,6 +204,9 @@ public function add(Request $illuminateRequest): JsonResponse
 
         $emailTemplate = Repo::emailTemplate()->newDataObject($params);
         Repo::emailTemplate()->add($emailTemplate);
+
+        Repo::emailTemplate()->setEmailTemplateAccess($emailTemplate, $requestContext->getId(), $params['userGroupIds'], $params['isUnrestricted']);
+
         $emailTemplate = Repo::emailTemplate()->getByKey($emailTemplate->getData('contextId'), $emailTemplate->getData('key'));
 
         return response()->json(Repo::emailTemplate()->getSchemaMap()->map($emailTemplate), Response::HTTP_OK);
@@ -235,6 +244,11 @@ public function edit(Request $illuminateRequest): JsonResponse
             $params['contextId'] = $requestContext->getId();
         }
 
+
+        // If the user submitted an empty list (meaning all user groups were unchecked), the empty array is converted to null in the request's data.
+        // Convert back to an empty array.
+        $params['userGroupIds'] = $params['userGroupIds'] ?: [];
+
         $errors = Repo::emailTemplate()->validate(
             $emailTemplate,
             $params,
@@ -246,6 +260,7 @@ public function edit(Request $illuminateRequest): JsonResponse
         }
 
         Repo::emailTemplate()->edit($emailTemplate, $params);
+        Repo::emailTemplate()->setEmailTemplateAccess($emailTemplate, $requestContext->getId(), $params['userGroupIds'], $params['isUnrestricted']);
 
         $emailTemplate = Repo::emailTemplate()->getByKey(
             // context ID is null if edited for the first time
@@ -275,7 +290,7 @@ public function delete(Request $illuminateRequest): JsonResponse
 
         $props = Repo::emailTemplate()->getSchemaMap()->map($emailTemplate);
         Repo::emailTemplate()->delete($emailTemplate);
-
+        Repo::emailTemplate()->deleteTemplateGroupAccess($requestContext->getId(), [$illuminateRequest->route('key')]);
         return response()->json($props, Response::HTTP_OK);
     }
 

classes/components/forms/FieldEmailTemplateUnrestricted.php

@@ -0,0 +1,33 @@
+<?php
+
+/**
+ * @file classes/components/form/FieldEmailTemplateUnrestricted.php
+ *
+ * Copyright (c) 2014-2024 Simon Fraser University
+ * Copyright (c) 2000-2024 John Willinsky
+ * Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
+ *
+ * @class FieldEmailTemplateUnrestricted
+ *
+ * @ingroup classes_controllers_form
+ *
+ * @brief A component to indicate if an email template is unrestricted, i.e accessible to all user groups.
+ */
+
+namespace PKP\components\forms;
+
+class FieldEmailTemplateUnrestricted extends Field
+{
+    /** @copydoc Field::$component */
+    public $component = 'field-email-template-unrestricted';
+    public string $subNote = '';
+    /**
+     * @copydoc Field::getConfig()
+     */
+    public function getConfig()
+    {
+        $config = parent::getConfig();
+        $config['subNote'] = $this->subNote;
+        return $config;
+    }
+}

classes/components/forms/FieldEmailTemplateUserGroupSettings.php

@@ -0,0 +1,33 @@
+<?php
+
+/**
+ * @file classes/components/form/FieldEmailTemplateUserGroupSettings.php
+ *
+ * Copyright (c) 2014-2024 Simon Fraser University
+ * Copyright (c) 2000-2024 John Willinsky
+ * Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
+ *
+ * @class FieldEmailTemplateUserGroupSettings
+ *
+ * @ingroup classes_controllers_form
+ *
+ * @brief A component managing user groups assigned to an email template
+ */
+
+namespace PKP\components\forms;
+
+class FieldEmailTemplateUserGroupSettings extends Field
+{
+    /** @copydoc Field::$component */
+    public $component = 'field-email-template-user-group-settings';
+
+    /**
+     * @copydoc Field::getConfig()
+     */
+    public function getConfig()
+    {
+        $config = parent::getConfig();
+
+        return $config;
+    }
+}

classes/components/forms/emailTemplate/EmailTemplateForm.php

@@ -15,6 +15,8 @@
 
 namespace PKP\components\forms\emailTemplate;
 
+use PKP\components\forms\FieldEmailTemplateUnrestricted;
+use PKP\components\forms\FieldEmailTemplateUserGroupSettings;
 use PKP\components\forms\FieldPreparedContent;
 use PKP\components\forms\FieldText;
 use PKP\components\forms\FormComponent;
@@ -46,6 +48,14 @@ public function __construct(string $action, array $locales)
                 'isMultilingual' => true,
                 'toolbar' => 'bold italic superscript subscript | link | blockquote bullist numlist',
                 'plugins' => 'paste,link,lists',
+            ]))->addField(new FieldEmailTemplateUnrestricted('isUnrestricted', [
+                'type' => 'checkbox',
+                'label' => __('admin.workflow.email.userGroup.assign.unrestricted'),
+                'subNote' => __('admin.workflow.email.userGroup.unrestricted.template.note')
+            ]))
+            ->addField(new FieldEmailTemplateUserGroupSettings('userGroupIds', [
+                'type' => 'checkbox',
+                'label' => __('admin.workflow.email.userGroup.allowed'),
             ]));
     }
 }

classes/controllers/grid/users/reviewer/PKPReviewerGridHandler.php

@@ -1048,7 +1048,7 @@ public function fetchTemplateBody(array $args, PKPRequest $request): ?JSONMessag
         };
         $template = Repo::emailTemplate()->getByKey($context->getId(), $request->getUserVar('template'));
 
-        if (!$template) {
+        if (!$template || ! Repo::emailTemplate()->isTemplateAccessibleToUser($request->getUser(), $template, $context->getId())) {
             return null;
         }
 

classes/decision/steps/Email.php

@@ -128,14 +128,18 @@ protected function getEmailTemplates(): array
         $emailTemplates = collect();
         if ($this->mailable::getEmailTemplateKey()) {
             $emailTemplate = Repo::emailTemplate()->getByKey($context->getId(), $this->mailable::getEmailTemplateKey());
-            if ($emailTemplate) {
+            if ($emailTemplate && Repo::emailTemplate()->isTemplateAccessibleToUser($request->getUser(), $emailTemplate, $context->getId())) {
                 $emailTemplates->add($emailTemplate);
             }
             Repo::emailTemplate()
                 ->getCollector($context->getId())
                 ->alternateTo([$this->mailable::getEmailTemplateKey()])
                 ->getMany()
-                ->each(fn (EmailTemplate $e) => $emailTemplates->add($e));
+                ->each(function (EmailTemplate $e) use ($context, $request, $emailTemplates) {
+                    if (Repo::emailTemplate()->isTemplateAccessibleToUser($request->getUser(), $e, $context->getId())) {
+                        $emailTemplates->add($e);
+                    }
+                });
         }
 
         return Repo::emailTemplate()->getSchemaMap()->mapMany($emailTemplates)->toArray();

classes/emailTemplate/DAO.php

@@ -235,13 +235,17 @@ public function getMainEmailTemplatesFilename()
      * skipping others
      * @param bool $skipExisting If true, do not install email templates
      * that already exist in the database
+     * @param bool $recordTemplateGroupAccess - If true, records the templates as unrestricted.
+     * By default, it is set to false to ensure compatibility with older processes (e.g., migrations)
+     * where the `email_template_user_group_access` table may not exist at the time of execution.
      *
      */
     public function installEmailTemplates(
         string $templatesFile,
         array $locales = [],
         ?string $emailKey = null,
-        bool $skipExisting = false
+        bool $skipExisting = false,
+        $recordTemplateGroupAccess = false
     ): bool {
         $xmlDao = new XMLDAO();
         $data = $xmlDao->parseStruct($templatesFile, ['email']);
@@ -281,6 +285,20 @@ public function installEmailTemplates(
                     $this->installAlternateEmailTemplates($contextId, $attrs['key']);
                 }
             }
+
+            if ($recordTemplateGroupAccess) {
+                // Default to true if `isUnrestricted` is not set.
+                $isUnrestricted = $attrs['isUnrestricted'] ?? '1';
+
+                if ($isUnrestricted !== '1' && $isUnrestricted !== '0') {
+                    throw new Exception('Invalid value given for the `isUnrestricted` attribute on the ' . $attrs['key'] . ' template.');
+                }
+
+                $contextIds = app()->get('context')->getIds();
+                foreach ($contextIds as $contextId) {
+                    Repo::emailTemplate()->markTemplateAsUnrestricted($attrs['key'], (bool)$isUnrestricted, $contextId);
+                }
+            }
         }
         return true;
     }
@@ -381,7 +399,7 @@ public function installAlternateEmailTemplates(int $contextId, ?string $emailKey
                     'Tried to install email template as an alternate to `' . $alternateTo . '`, but no default template exists with this key. Installing ' . $alternateTo . ' email template first',
                     E_USER_WARNING
                 );
-                $this->installEmailTemplates(Repo::emailTemplate()->dao->getMainEmailTemplatesFilename(), [], $alternateTo);
+                $this->installEmailTemplates(Repo::emailTemplate()->dao->getMainEmailTemplatesFilename(), [], $alternateTo, false, true);
             }
 
             DB::table($this->table)->insert([
@@ -448,4 +466,37 @@ protected function getUniqueKey(EmailTemplate $emailTemplate): string
 
         return $key;
     }
+
+
+    /**
+     * Sets email template's unrestricted status to their defaults
+     */
+    public function setTemplateDefaultUnrestirctedSetting(int $contextId, ?array $emailKeys = null)
+    {
+        $xmlDao = new XMLDAO();
+        $data = $xmlDao->parseStruct($this->getMainEmailTemplatesFilename(), ['email']);
+
+        if (!isset($data['email'])) {
+            return false;
+        }
+
+        foreach ($data['email'] as $entry) {
+            $attrs = $entry['attributes'];
+
+            if ($emailKeys !== null && !in_array($attrs['key'], $emailKeys)) {
+                continue;
+            }
+
+            // Default to true if `isUnrestricted` is not set.
+            $isUnrestricted = $attrs['isUnrestricted'] ?? '1';
+
+            if ($isUnrestricted !== '1' && $isUnrestricted !== '0') {
+                throw new Exception('Invalid value given for the `isUnrestricted` attribute on the ' . $attrs['key'] . ' template.');
+            }
+
+            Repo::emailTemplate()->markTemplateAsUnrestricted($attrs['key'], (bool)$isUnrestricted, $contextId);
+        }
+
+        return true;
+    }
 }

classes/emailTemplate/EmailTemplateAccessGroup.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace PKP\emailTemplate;
+
+use Eloquence\Behaviours\HasCamelCasing;
+use Eloquence\Database\Model;
+use Illuminate\Contracts\Database\Eloquent\Builder;
+
+class EmailTemplateAccessGroup extends Model
+{
+    use HasCamelCasing;
+    public $timestamps = false;
+    protected $primaryKey = 'email_template_user_group_access_id';
+    protected $table = 'email_template_user_group_access';
+    protected $fillable = ['userGroupId', 'contextId','emailKey'];
+
+
+    public function scopeWithEmailKey(Builder $query, ?array $keys): Builder
+    {
+        return $query->when(!empty($keys), function ($query) use ($keys) {
+            return $query->whereIn('email_key', $keys);
+        });
+    }
+
+    public function scopeWithContextId(Builder $query, int $contextId): Builder
+    {
+        return $query->where('context_id', $contextId);
+    }
+
+    public function scopeWithGroupIds(Builder $query, array $ids): Builder
+    {
+        return $query->whereIn('user_group_id', $ids);
+    }
+}