diff --git a/docs/src/getting-started/auth.md b/docs/src/getting-started/auth.md index 00eeb819..6c0ccd75 100644 --- a/docs/src/getting-started/auth.md +++ b/docs/src/getting-started/auth.md @@ -49,12 +49,12 @@ coupled with custom rules. Roles and permissions are defined at two levels: -| role | description | permissions | -| ------ | --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Admin | Has complete control of podcast #{id}. | \* | -| Editor | Manages content and publications of podcast #{id}. | view, edit, manage-import, manage-persons, manage-platforms, manage-publications, interact-as, episodes.view, episodes.create, episodes.edit, episodes.delete, episodes.manage-persons, episodes.manage-clips, episodes.manage-publications, episodes.manage-comments | -| Author | Manages content of podcast #{id} but cannot publish them. | view, manage-persons, episodes.view, episodes.create, episodes.edit, episodes.manage-persons, episodes.manage-clips | -| Guest | General contributor of the podcast #{id}. | view, episodes.view | +| role | description | permissions | +| ------ | --------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin | Has complete control of podcast #{id}. | \* | +| Editor | Manages content and publications of podcast #{id}. | view, edit, manage-import, manage-persons, manage-platforms, manage-publications, interact-as, episodes.view, episodes.create, episodes.edit, episodes.delete, episodes.manage-persons, episodes.manage-clips, episodes.manage-publications, episodes.manage-comments, episodes.manage-notifications | +| Author | Manages content of podcast #{id} but cannot publish them. | view, manage-persons, episodes.view, episodes.create, episodes.edit, episodes.manage-persons, episodes.manage-clips | +| Guest | General contributor of the podcast #{id}. | view, episodes.view | @@ -73,6 +73,7 @@ coupled with custom rules. Roles and permissions are defined at two levels: | manage-contributors | Can manage contributors of podcast #{id}. | | manage-platforms | Can set/remove platform links of podcast #{id}. | | manage-publications | Can publish podcast #{id}. | +| manage-notifications | Can view and mark notifications as read for podcast #{id}. | | interact-as | Can interact as the podcast #{id} to favourite, share or reply to posts. | | episodes.view | Can view dashboard and analytics of podcast #{id}. | | episodes.create | Can create episodes for podcast #{id}. | diff --git a/modules/Admin/Config/Routes.php b/modules/Admin/Config/Routes.php index ce09a16f..a9048691 100644 --- a/modules/Admin/Config/Routes.php +++ b/modules/Admin/Config/Routes.php @@ -579,7 +579,7 @@ $routes->group( $routes->group('notifications', static function ($routes): void { $routes->get('/', 'NotificationController::list/$1', [ 'as' => 'notification-list', - 'filter' => 'permission:podcast#.view', + 'filter' => 'permission:podcast#.manage-notifications', ]); $routes->get('(:num)/mark-as-read', 'NotificationController::markAsRead/$1/$2', [ 'as' => 'notification-mark-as-read', diff --git a/modules/Auth/Config/AuthGroups.php b/modules/Auth/Config/AuthGroups.php index cfbcbada..0852afb9 100644 --- a/modules/Auth/Config/AuthGroups.php +++ b/modules/Auth/Config/AuthGroups.php @@ -150,6 +150,7 @@ class AuthGroups extends ShieldAuthGroups 'manage-contributors', 'manage-platforms', 'manage-publications', + 'manage-notifications', 'interact-as', 'episodes.view', 'episodes.create', @@ -182,6 +183,7 @@ class AuthGroups extends ShieldAuthGroups 'episodes.manage-clips', 'episodes.manage-publications', 'episodes.manage-comments', + 'episodes.manage-notifications', ], 'author' => [ 'view', diff --git a/modules/Auth/Language/en/Auth.php b/modules/Auth/Language/en/Auth.php index 09e3cd6b..a47932e3 100644 --- a/modules/Auth/Language/en/Auth.php +++ b/modules/Auth/Language/en/Auth.php @@ -70,6 +70,7 @@ return [ 'manage-contributors' => 'Can manage contributors of podcast #{id}.', 'manage-platforms' => 'Can set/remove platform links of podcast #{id}.', 'manage-publications' => 'Can publish podcast #{id}.', + 'manage-notifications' => 'Can view and mark notifications as read for podcast #{id}.', 'interact-as' => 'Can interact as the podcast #{id} to favourite, share or reply to posts.', 'episodes.view' => 'Can view dashboards and analytics of podcast #{id}\'s episodes.', 'episodes.create' => 'Can create episodes for podcast #{id}.',