Improve acl resources for new media gallery

Author: Nazar65

app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/DeleteFiles.php

@@ -13,11 +13,6 @@
  */
 class DeleteFiles extends \Magento\Cms\Controller\Adminhtml\Wysiwyg\Images implements HttpPostActionInterface
 {
-    /**
-     * @see _isAllowed()
-     */
-    public const ADMIN_RESOURCE = 'Magento_Cms::delete_assets';
-
     /**
      * @var \Magento\Framework\Controller\Result\JsonFactory
      */

app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/DeleteFolder.php

@@ -10,18 +10,12 @@
 namespace Magento\Cms\Controller\Adminhtml\Wysiwyg\Images;
 
 use Magento\Framework\App\Action\HttpPostActionInterface;
-use Magento\Framework\App\Filesystem\DirectoryList;
 
 /**
  * Delete image folder.
  */
 class DeleteFolder extends \Magento\Cms\Controller\Adminhtml\Wysiwyg\Images implements HttpPostActionInterface
 {
-    /**
-     * @see _isAllowed()
-     */
-    public const ADMIN_RESOURCE = 'Magento_Cms::delete_folder';
-
     /**
      * @var \Magento\Framework\Controller\Result\JsonFactory
      */

app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/NewFolder.php

@@ -14,11 +14,6 @@
  */
 class NewFolder extends \Magento\Cms\Controller\Adminhtml\Wysiwyg\Images implements HttpPostActionInterface
 {
-    /**
-     * @see _isAllowed()
-     */
-    public const ADMIN_RESOURCE = 'Magento_Cms::create_folder';
-
     /**
      * @var \Magento\Framework\Controller\Result\JsonFactory
      */

app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/OnInsert.php

@@ -8,10 +8,6 @@
 
 class OnInsert extends \Magento\Cms\Controller\Adminhtml\Wysiwyg\Images
 {
-    /**
-     * @see _isAllowed()
-     */
-    public const ADMIN_RESOURCE = 'Magento_Cms::insert_assets';
 
     /**
      * @var \Magento\Framework\Controller\Result\RawFactory

app/code/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/Upload.php

@@ -17,11 +17,6 @@
  */
 class Upload extends \Magento\Cms\Controller\Adminhtml\Wysiwyg\Images implements HttpPostActionInterface
 {
-    /**
-     * @see _isAllowed()
-     */
-    public const ADMIN_RESOURCE = 'Magento_Cms::upload_assets';
-
     /**
      * @var \Magento\Framework\Controller\Result\JsonFactory
      */

app/code/Magento/MediaGallery/etc/acl.xml

@@ -0,0 +1,26 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+-->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Acl/etc/acl.xsd">
+    <acl>
+        <resources>
+            <resource id="Magento_Backend::admin">
+                <resource id="Magento_Backend::content">
+                    <resource id="Magento_Backend::content_elements">
+                        <resource id="Magento_Cms::media_gallery" title="Media Gallery" translate="title">
+                            <resource id="Magento_MediaGallery::upload_assets" title="Upload Assets" translate="title" sortOrder="80"/>
+                            <resource id="Magento_MediaGallery::delete_assets" title="Delete Assets" translate="title" sortOrder="70"/>
+                            <resource id="Magento_MediaGallery::insert_assets" title="Insert Assets into the content" translate="title" sortOrder="60"/>
+                            <resource id="Magento_MediaGallery::create_folder" title="Create Folder" translate="title" sortOrder="50"/>
+                            <resource id="Magento_MediaGallery::delete_folder" title="Delete Folder" translate="title" sortOrder="40"/>
+                        </resource>
+                    </resource>
+                </resource>
+            </resource>
+        </resources>
+    </acl>
+</config>

app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Directories/Create.php

@@ -29,7 +29,7 @@ class Create extends Action implements HttpPostActionInterface
     /**
      * @see _isAllowed()
      */
-    public const ADMIN_RESOURCE = 'Magento_Cms::create_folder';
+    public const ADMIN_RESOURCE = 'Magento_MediaGallery::create_folder';
 
     /**
      * @var CreateDirectoriesByPathsInterface

app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Directories/Delete.php

@@ -30,7 +30,7 @@ class Delete extends Action implements HttpPostActionInterface
     /**
      * @see _isAllowed()
      */
-    public const ADMIN_RESOURCE = 'Magento_Cms::delete_folder';
+    public const ADMIN_RESOURCE = 'Magento_MediaGallery::delete_folder';
 
     /**
      * @var DeleteAssetsByPathsInterface

app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Image/Delete.php

@@ -31,7 +31,7 @@ class Delete extends Action implements HttpPostActionInterface
     /**
      * @see _isAllowed()
      */
-    public const ADMIN_RESOURCE = 'Magento_Cms::delete_assets';
+    public const ADMIN_RESOURCE = 'Magento_MediaGallery::delete_assets';
 
     /**
      * @var DeleteImage

app/code/Magento/MediaGalleryUi/Controller/Adminhtml/Image/Upload.php

@@ -28,7 +28,7 @@ class Upload extends Action implements HttpPostActionInterface
     /**
      * @see _isAllowed()
      */
-    public const ADMIN_RESOURCE = 'Magento_Cms::upload_assets';
+    public const ADMIN_RESOURCE = 'Magento_MediaGallery::upload_assets';
 
     /**
      * @var UploadImage

app/code/Magento/MediaGalleryUi/Ui/Component/Control/CreateFolder.php

@@ -0,0 +1,50 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\MediaGalleryUi\Ui\Component\Control;
+
+use Magento\Framework\View\Element\UiComponent\Control\ButtonProviderInterface;
+use Magento\Framework\AuthorizationInterface;
+
+/**
+ * Create Folder button
+ */
+class CreateFolder implements ButtonProviderInterface
+{
+    private const ACL_CREATE_FOLDER = 'Magento_MediaGallery::create_folder';
+
+    /**
+     * @var AuthorizationInterface
+     */
+    private $authorization;
+
+    /**
+     * Constructor.
+     *
+     * @param AuthorizationInterface $authorization
+     */
+    public function __construct(
+        AuthorizationInterface $authorization
+    ) {
+        $this->authorization = $authorization;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getButtonData()
+    {
+        if (!$this->authorization->isAllowed(self::ACL_CREATE_FOLDER)) {
+            return [];
+        }
+
+        return [
+            'label' => __('Create Folder'),
+            'on_click' => 'jQuery("#create_folder").trigger("create_folder");',
+            'class' => 'action-default scalable add media-gallery-actions-buttons',
+            'sort_order' => 10,
+        ];
+    }
+}

app/code/Magento/MediaGalleryUi/Ui/Component/Control/DeleteAssets.php

@@ -0,0 +1,50 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\MediaGalleryUi\Ui\Component\Control;
+
+use Magento\Framework\View\Element\UiComponent\Control\ButtonProviderInterface;
+use Magento\Framework\AuthorizationInterface;
+
+/**
+ * Delete images button
+ */
+class DeleteAssets implements ButtonProviderInterface
+{
+    private const ACL_DELETE_ASSETS= 'Magento_MediaGallery::delete_assets';
+
+    /**
+     * @var AuthorizationInterface
+     */
+    private $authorization;
+
+    /**
+     * Constructor.
+     *
+     * @param AuthorizationInterface $authorization
+     */
+    public function __construct(
+        AuthorizationInterface $authorization
+    ) {
+        $this->authorization = $authorization;
+    }
+
+    /**
+     * @return array
+     */
+    public function getButtonData()
+    {
+        if (!$this->authorization->isAllowed(self::ACL_DELETE_ASSETS)) {
+            return [];
+        }
+
+        return [
+            'label' => __('Delete Images...'),
+            'on_click' => 'jQuery(window).trigger("massAction.MediaGallery")',
+            'class' => 'action-default scalable add media-gallery-actions-buttons',
+            'sort_order' => 50,
+        ];
+    }
+}

app/code/Magento/MediaGalleryUi/Ui/Component/Control/DeleteFolder.php

@@ -0,0 +1,51 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\MediaGalleryUi\Ui\Component\Control;
+
+use Magento\Framework\View\Element\UiComponent\Control\ButtonProviderInterface;
+use Magento\Framework\AuthorizationInterface;
+
+/**
+ * Delete Folder button
+ */
+class DeleteFolder implements ButtonProviderInterface
+{
+    private const ACL_DELETE_FOLDER = 'Magento_MediaGallery::delete_folder';
+
+    /**
+     * @var AuthorizationInterface
+     */
+    private $authorization;
+
+    /**
+     * Constructor.
+     *
+     * @param AuthorizationInterface $authorization
+     */
+    public function __construct(
+        AuthorizationInterface $authorization
+    ) {
+        $this->authorization = $authorization;
+    }
+
+    /**
+     * @return array
+     */
+    public function getButtonData()
+    {
+        if (!$this->authorization->isAllowed(self::ACL_DELETE_FOLDER)) {
+            return [];
+        }
+
+        return [
+            'label' => __('Delete Folder'),
+            'disabled' => 'disabled',
+            'on_click' => 'jQuery("#delete_folder").trigger("delete_folder");',
+            'class' => 'action-default scalable add media-gallery-actions-buttons',
+            'sort_order' => 30,
+        ];
+    }
+}

app/code/Magento/MediaGalleryUi/Ui/Component/Control/UploadAssets.php

@@ -0,0 +1,51 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\MediaGalleryUi\Ui\Component\Control;
+
+use Magento\Framework\View\Element\UiComponent\Control\ButtonProviderInterface;
+use Magento\Framework\AuthorizationInterface;
+
+/**
+ * Upload Image button
+ */
+class UploadAssets implements ButtonProviderInterface
+{
+    private const ACL_UPLOAD_ASSETS= 'Magento_MediaGallery::upload_assets';
+
+    /**
+     * @var AuthorizationInterface
+     */
+    private $authorization;
+
+    /**
+     * Constructor.
+     *
+     * @param AuthorizationInterface $authorization
+     */
+    public function __construct(
+        AuthorizationInterface $authorization
+    ) {
+        $this->authorization = $authorization;
+    }
+
+    /**
+     * @return array
+     */
+    public function getButtonData()
+    {
+        if (!$this->authorization->isAllowed(self::ACL_UPLOAD_ASSETS)) {
+            return [];
+        }
+
+        return [
+            'label' => __('Upload Image'),
+            'disabled' => 'disabled',
+            'on_click' => 'jQuery("#image-uploader-input").click();',
+            'class' => 'action-default scalable add media-gallery-actions-buttons',
+            'sort_order' => 20,
+        ];
+    }
+}

app/code/Magento/MediaGalleryUi/etc/acl.xml

@@ -28,31 +28,10 @@
                 <class>cancel action-quaternary</class>
                 <label translate="true">Cancel</label>
             </button>
-            <button name="upload_image">
-                <param name="on_click" xsi:type="string">jQuery('#image-uploader-input').click();</param>
-                <class>action-add scalable media-gallery-actions-buttons</class>
-                <param name="sort_order" xsi:type="number">20</param>
-                <label translate="true">Upload Image</label>
-            </button>
-            <button name="delete_folder">
-                <param name="on_click" xsi:type="string">jQuery('#delete_folder').trigger('delete_folder');</param>
-                <param name="disabled" xsi:type="string">disabled</param>
-                <param name="sort_order" xsi:type="number">30</param>
-                <class>action-default scalable media-gallery-actions-buttons</class>
-                <label translate="true">Delete Folder</label>
-            </button>
-            <button name="create_folder">
-                <param name="on_click" xsi:type="string">jQuery('#create_folder').trigger('create_folder');</param>
-                <param name="sort_order" xsi:type="number">10</param>
-                <class>action-default scalable add media-gallery-actions-buttons</class>
-                <label translate="true">Create Folder</label>
-            </button>
-            <button name="delete_massaction">
-                <param name="on_click" xsi:type="string">jQuery(window).trigger('massAction.MediaGallery')</param>
-                <param name="sort_order" xsi:type="number">50</param>
-                <class>action-default scalable add media-gallery-actions-buttons</class>
-                <label translate="true">Delete Images...</label>
-            </button>
+            <button name="upload_image" class="Magento\MediaGalleryUi\Ui\Component\Control\UploadAssets"/>
+            <button name="delete_folder" class="Magento\MediaGalleryUi\Ui\Component\Control\DeleteFolder"/>
+            <button name="create_folder" class="Magento\MediaGalleryUi\Ui\Component\Control\CreateFolder"/>
+            <button name="delete_massaction" class="Magento\MediaGalleryUi\Ui\Component\Control\DeleteAssets"/>
         </buttons>
         <spinner>media_gallery_columns</spinner>
         <deps>