feat(edit-content): Add Permissions tab to Edit Content Sidebar #34421
+783
−11
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit introduces a new Permissions tab in the Edit Content Sidebar, allowing users to manage content permissions. Key changes include: - Added `DotEditContentSidebarPermissionsComponent` to render the permissions card. - Implemented a dialog for editing permissions using `DotPermissionsDialogComponent`. - Updated the sidebar component to include the new permissions tab and handle tab changes. - Enhanced tests to cover the new permissions functionality and ensure accessibility. This update improves the content editing experience by providing a dedicated section for permissions management.
…ntegration-for-new-edit-mode
… dialog template This commit modifies the `permissions-dialog.component.html` to improve the handling of the iframe source. The change introduces a local variable `src` to store the result of `iframeSrc()`, ensuring that the iframe is only rendered if `src` is defined. This enhancement contributes to better template clarity and prevents potential rendering issues when the source is not available.
![semgrep-code-dotcms-test[bot]](https://avatars.githubusercontent.com/u/1005263?s=60&v=4){kind=small}
...nents/dot-edit-content-sidebar-permissions/dot-edit-content-sidebar-permissions.component.ts
Show resolved
Hide resolved
...it-content-sidebar-permissions/components/permissions-dialog/permissions-dialog.component.ts
Show resolved
Hide resolved
|
Semgrep found 2
Risk: Affected versions of @angular/compiler and @angular/core are vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Angular's template compiler fails to classify the Fix: Upgrade this library to at least version 20.3.16 at core/core-web/yarn.lock:512. Reference(s): GHSA-jrmj-c5cx-3cw6, CVE-2026-22610 If this is a critical or high severity finding, please also link this issue in the #security channel in Slack. |
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request adds a new Permissions tab to the Edit Content Sidebar, enabling users to manage content permissions directly from the sidebar interface. The implementation follows Angular best practices and includes comprehensive test coverage.
Changes:
- Added a new Permissions tab in the Edit Content Sidebar with iframe-based permissions management
- Implemented dialog component for editing permissions with proper accessibility features
- Added translation keys for permissions UI elements
- Enhanced test suite to cover permissions functionality including edge cases and accessibility
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
dotCMS/src/main/webapp/html/portlet/ext/contentlet/permissions.jsp |
New JSP file that loads contentlet data and renders permissions interface within an iframe |
dotCMS/src/main/webapp/WEB-INF/messages/Language.properties |
Added three new translation keys for permissions tab UI |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.ts |
Updated sidebar component to import and integrate the new permissions component |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.spec.ts |
Added comprehensive tests for permissions tab functionality, navigation, and edge cases |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.html |
Added new permissions tab panel to the sidebar template with proper data bindings |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-permissions/dot-edit-content-sidebar-permissions.component.ts |
New component that renders permissions card and manages dialog lifecycle |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-permissions/dot-edit-content-sidebar-permissions.component.spec.ts |
Comprehensive test suite for permissions component including accessibility tests |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-permissions/dot-edit-content-sidebar-permissions.component.html |
Template with accessible card component that opens permissions dialog |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-permissions/components/permissions-dialog/permissions-dialog.component.ts |
Dialog component that displays permissions in an iframe with URL sanitization |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-permissions/components/permissions-dialog/permissions-dialog.component.spec.ts |
Tests for permissions dialog including iframe rendering and edge cases |
core-web/libs/edit-content/src/lib/components/dot-edit-content-sidebar/components/dot-edit-content-sidebar-permissions/components/permissions-dialog/permissions-dialog.component.html |
Dialog template with iframe or empty state based on data validity |
core-web/libs/edit-content/src/lib/components/dot-edit-content-layout/dot-edit-content.layout.component.ts |
Added DynamicDialogModule import and minor import reordering |
...nents/dot-edit-content-sidebar-permissions/dot-edit-content-sidebar-permissions.component.ts
Show resolved
Hide resolved
...it-content/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.ts
Outdated
Show resolved
Hide resolved
...it-content/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.ts
Outdated
Show resolved
Hide resolved
...it-content/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.ts
Outdated
Show resolved
Hide resolved
...ntent/src/lib/components/dot-edit-content-sidebar/dot-edit-content-sidebar.component.spec.ts
Show resolved
Hide resolved
…nhance permissions dialog error handling This commit removes the unused `DotMessageService` from the `DotEditContentSidebarComponent`, streamlining the component's dependencies. Additionally, it improves error handling in the `DotEditContentSidebarPermissionsComponent` by adding error logging when closing the permissions dialog, enhancing the robustness of the dialog's functionality.
…for-new-edit-mode' of github.com:dotCMS/core into 34387-spike-investigate-permissions-iframe-integration-for-new-edit-mode
…alog from opening This commit enhances the `DotEditContentSidebarPermissionsComponent` by adding a check to prevent multiple instances of the permissions dialog from being opened when the user clicks the card repeatedly. This improvement ensures a smoother user experience and avoids potential conflicts in dialog handling.
erickgonzalez
approved these changes
Jan 27, 2026
…ntegration-for-new-edit-mode
oidacra
approved these changes
Jan 28, 2026
nicobytes
deleted the
34387-spike-investigate-permissions-iframe-integration-for-new-edit-mode
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit introduces a new Permissions tab in the Edit Content Sidebar, allowing users to manage content permissions. Key changes include:
DotEditContentSidebarPermissionsComponentto render the permissions card.DotPermissionsDialogComponent.This update improves the content editing experience by providing a dedicated section for permissions management.
Checklist
permissions.mp4
#34387
This PR fixes: #34387