TASK: Add ability for read-only users to interact with nodes in the preview page and view node data in the inspector

Classes/Aspects/AugmentationAspect.php

@@ -22,6 +22,7 @@
 use Neos\Neos\Domain\Service\ContentContext;
 use Neos\Neos\Ui\Domain\Service\UserLocaleService;
 use Neos\Neos\Ui\Fusion\Helper\NodeInfoHelper;
+use Neos\Neos\Ui\Service\NodePolicyService;
 
 /**
  * - Serialize all nodes related to the currently rendered document
@@ -61,6 +62,12 @@ class AugmentationAspect
      */
     protected $controllerContext = null;
 
+    /**
+     * @Flow\Inject
+     * @var NodePolicyService
+     */
+    protected $nodePolicyService;
+
     /**
      * @Flow\Before("method(Neos\Neos\Fusion\ContentElementWrappingImplementation->evaluate())")
      * @param JoinPointInterface $joinPoint
@@ -145,7 +152,8 @@ public function editableElementAugmentation(JoinPointInterface $joinPoint)
             return $content;
         }
 
-        if ($this->nodeAuthorizationService->isGrantedToEditNode($node) === false) {
+        // TODO: this is where we could use a feature flag
+        if ($this->nodePolicyService->canReadNode($node) === false) {
             return $content;
         }
 

Classes/Service/NodePolicyService.php

@@ -82,6 +82,7 @@ public function getNodePolicyInformation(NodeInterface $node): array
             'disallowedNodeTypes' => $this->getDisallowedNodeTypes($node),
             'canRemove' => $this->canRemoveNode($node),
             'canEdit' => $this->canEditNode($node),
+            'canView' => $this->canReadNode($node),
             'disallowedProperties' => $this->getDisallowedProperties($node)
         ];
     }
@@ -102,6 +103,22 @@ public function isNodeTreePrivilegeGranted(NodeInterface $node): bool
         );
     }
 
+    /**
+     * @param NodeInterface $node
+     * @return bool
+     */
+    public function canReadNode(NodeInterface $node): bool
+    {
+        if (!isset(self::getUsedPrivilegeClassNames($this->objectManager)[ReadNodePropertyPrivilege::class])) {
+            return true;
+        }
+
+        return $this->privilegeManager->isGranted(
+            ReadNodePropertyPrivilege::class,
+            new NodePrivilegeSubject($node)
+        );
+    }
+
     /**
      * @param NodeInterface $node
      * @return array

composer.json

@@ -7,7 +7,7 @@
   ],
   "require": {
     "neos/neos": "^8.3.0",
-    "neos/neos-ui-compiled": "self.version"
+    "neos/neos-ui-compiled": "8.4.x-dev"
   },
   "autoload": {
     "psr-4": {

packages/neos-ui-ckeditor5-bindings/src/ckEditorApi.js

@@ -37,7 +37,7 @@ export const bootstrap = _editorConfig => {
 };
 
 export const createEditor = store => async options => {
-    const {propertyDomNode, propertyName, editorOptions, globalRegistry, userPreferences, onChange} = options;
+    const {propertyDomNode, propertyName, editorOptions, globalRegistry, userPreferences, onChange, isReadOnly} = options;
     const ckEditorConfig = editorConfig.configRegistry.getCkeditorConfig({
         editorOptions,
         userPreferences,
@@ -58,26 +58,34 @@ export const createEditor = store => async options => {
     return NeosEditor
         .create(propertyDomNode, ckEditorConfig)
         .then(editor => {
-            const debouncedOnChange = debounce(() => onChange(cleanupContentBeforeCommit(editor.getData())), 1500, {maxWait: 5000});
-            editor.model.document.on('change:data', debouncedOnChange);
-            editor.ui.focusTracker.on('change:isFocused', event => {
-                if (!event.source.isFocused) {
-                    // when another editor is focused commit all possible pending changes
-                    debouncedOnChange.flush();
-                    return
-                }
+            editor.isReadOnly = isReadOnly;
 
-                currentEditor = editor;
-                editorConfig.setCurrentlyEditedPropertyName(propertyName);
-                handleUserInteractionCallback();
-            });
+            // Set placeholder text as Data if editor is empty because readOnly mode hides the placeholder
+            if (isReadOnly && editor.getData() === '') {
+                editor.setData(ckEditorConfig.placeholder, {doNotFireChange: true});
+            } else {
+                const debouncedOnChange = debounce(() => onChange(cleanupContentBeforeCommit(editor.getData())), 1500, {maxWait: 5000});
+                editor.model.document.on('change:data', debouncedOnChange);
+                editor.ui.focusTracker.on('change:isFocused', event => {
+                    if (!event.source.isFocused) {
+                        // when another editor is focused commit all possible pending changes
+                        debouncedOnChange.flush();
+                        return
+                    }
+
+                    currentEditor = editor;
+                    editorConfig.setCurrentlyEditedPropertyName(propertyName);
+                    handleUserInteractionCallback();
+                });
 
-            editor.keystrokes.set('Ctrl+K', (_, cancel) => {
-                store.dispatch(actions.UI.ContentCanvas.toggleLinkEditor());
-                cancel();
-            });
+                editor.keystrokes.set('Ctrl+K', (_, cancel) => {
+                    store.dispatch(actions.UI.ContentCanvas.toggleLinkEditor());
+                    cancel();
+                });
+
+                editor.model.document.on('change', () => handleUserInteractionCallback());
+            }
 
-            editor.model.document.on('change', () => handleUserInteractionCallback());
             return editor;
         }).catch(e => {
             if (e instanceof TypeError && e.message.match(/Class constructor .* cannot be invoked without 'new'/)) {

packages/neos-ui-guest-frame/src/initializeGuestFrame.js

@@ -112,9 +112,11 @@ export default ({globalRegistry, store}) => function * initializeGuestFrame() {
 
     const editPreviewMode = $get(['ui', 'editPreviewMode'], state);
     const editPreviewModes = globalRegistry.get('frontendConfiguration').get('editPreviewModes');
-    const isWorkspaceReadOnly = selectors.CR.Workspaces.isWorkspaceReadOnlySelector(state);
     const currentEditMode = editPreviewModes[editPreviewMode];
-    if (!currentEditMode || !currentEditMode.isEditingMode || isWorkspaceReadOnly) {
+
+    // ReadOnly workspaces are handled by ckEditor directly
+    // TODO: this will break other editors, correct?
+    if (!currentEditMode || !currentEditMode.isEditingMode) {
         return;
     }
 

packages/neos-ui-guest-frame/src/initializePropertyDomNode.js

@@ -4,6 +4,8 @@ import {actions} from '@neos-project/neos-ui-redux-store';
 import {validateElement} from '@neos-project/neos-ui-validators';
 
 import {getGuestFrameWindow, closestContextPathInGuestFrame} from './dom';
+// TODO: this import feels foreign to the rest of neos code, but it feels strange to import the complete selectors object
+import {isWorkspaceReadOnlySelector} from '@neos-project/neos-ui-redux-store/src/CR/Workspaces/selectors';
 
 export default ({store, globalRegistry, nodeTypesRegistry, inlineEditorRegistry, nodes}) => propertyDomNode => {
     const guestFrameWindow = getGuestFrameWindow();
@@ -61,6 +63,7 @@ export default ({store, globalRegistry, nodeTypesRegistry, inlineEditorRegistry,
         try {
             if (!propertyDomNode.dataset.neosInlineEditorIsInitialized) {
                 const userPreferences = $get('user.preferences', store.getState());
+                const isReadOnly = isWorkspaceReadOnlySelector(store.getState());
 
                 createInlineEditor({
                     propertyDomNode,
@@ -70,10 +73,21 @@ export default ({store, globalRegistry, nodeTypesRegistry, inlineEditorRegistry,
                     editorOptions,
                     globalRegistry,
                     userPreferences,
-                    persistChange: change => store.dispatch(
-                        actions.Changes.persistChanges([change])
-                    ),
+                    isReadOnly,
+                    persistChange: change => {
+                        if (isReadOnly) {
+                            return;
+                        }
+
+                        store.dispatch(
+                            actions.Changes.persistChanges([change])
+                        )
+                    },
                     onChange: value => {
+                        if (isReadOnly) {
+                            return;
+                        }
+
                         const validationResult = validateElement(value, $get(['properties', propertyName], nodeType), globalRegistry.get('validators'));
                         // Update inline validation errors
                         store.dispatch(

packages/neos-ui/src/Containers/RightSideBar/Inspector/TabPanel/index.js

@@ -30,7 +30,7 @@ export default class TabPanel extends PureComponent {
             return false;
         }
 
-        return $get(['policy', 'canEdit'], node) && !$contains(item.id, 'policy.disallowedProperties', node);
+        return $get(['policy', 'canView'], node) && !$contains(item.id, 'policy.disallowedProperties', node);
     };
 
     renderTabPanel = groups => {

packages/neos-ui/src/Containers/RightSideBar/Inspector/index.js

@@ -247,7 +247,7 @@ export default class Inspector extends PureComponent {
             return false;
         }
 
-        return $get(['policy', 'canEdit'], focusedNode) && !$contains(item.id, 'policy.disallowedProperties', focusedNode);
+        return $get(['policy', 'canView'], focusedNode) && !$contains(item.id, 'policy.disallowedProperties', focusedNode);
     };
 
     /**