From 0f01430d81dd9a94d402c203e761af2421ed6d42 Mon Sep 17 00:00:00 2001 From: afornerot Date: Mon, 19 Aug 2019 10:57:31 +0200 Subject: [PATCH] =?UTF-8?q?permettre=20au=20ROLE=5FUSER=20de=20cr=C3=A9er?= =?UTF-8?q?=20des=20groupes=20de=20travail=20(fixes=20#9)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/ninegate-1.0/app/config/security.yml | 3 --- .../CoreBundle/Command/data/core-init-01.sql | 6 ++++-- .../CoreBundle/Controller/GroupController.php | 17 ++++++++++++----- .../src/Cadoles/CoreBundle/Form/ConfigType.php | 15 +++++++++++++++ .../Resources/views/Group/list.html.twig | 4 +++- tmpl/ninegate-init-01.sql | 6 ++++-- 6 files changed, 38 insertions(+), 13 deletions(-) diff --git a/src/ninegate-1.0/app/config/security.yml b/src/ninegate-1.0/app/config/security.yml index 080e8072..0a29dcf4 100644 --- a/src/ninegate-1.0/app/config/security.yml +++ b/src/ninegate-1.0/app/config/security.yml @@ -42,9 +42,6 @@ security: access_control: - { path: ^/websocket, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM, ROLE_USER] } - - { path: ^/user/group/submit, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM] } - - { path: ^/user/group/update, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM] } - - { path: ^/user/group/delete, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM] } - { path: ^/user, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM, ROLE_USER] } - { path: ^/config, roles: [ROLE_ADMIN, ROLE_MODO] } diff --git a/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/data/core-init-01.sql b/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/data/core-init-01.sql index bd52f9ad..f676e6ec 100644 --- a/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/data/core-init-01.sql +++ b/src/ninegate-1.0/src/Cadoles/CoreBundle/Command/data/core-init-01.sql @@ -8,7 +8,7 @@ INSERT IGNORE INTO `niveau01` (`id`, `label`, `siren`) VALUES (-100, 'DRAAF', '130007107'); INSERT IGNORE INTO `user` (`id`, `niveau01_id`, `username`, `firstname`, `lastname`, `password`, `email`, `avatar`, `role`,`siren`,`authlevel`) VALUES -(-100, -100, 'admin', 'Administrateur', 'draaf', '{SSHA}7d5OuaGuX92B8iwYzkNe1P7C4reX07En +(-100, -100, 'admin', 'Administrateur', 'draaf', '{SSHA}MBogNANkXtDRLDro8qSoCT65Wcm00zzJ ', 'admin@ldapbundle.ac-arno.fr', 'admin.jpg', 'ROLE_ADMIN', '130007107', 'simple'); @@ -90,7 +90,9 @@ INSERT IGNORE INTO `config` (`order`, `visible`, `changeable`, `required`, `type ('200', 1, 0, 1, 'boolean', 'PROXYactivate', '1', '', 'Définit un Proxy'), ('201', 1, 0, 1, 'string', 'PROXYserver', '192.168.57.160', 'PROXYactivate','Adresse du Proxy'), -('202', 1, 0, 1, 'string', 'PROXYport', '8080', 'PROXYactivate','Port du Proxy'); +('202', 1, 0, 1, 'string', 'PROXYport', '8080', 'PROXYactivate','Port du Proxy'), + +('500', 1, 1, 1, 'permgroup', 'permgroup', 'ROLE_ANIM', '', 'Determine quel rôle aura la permission de créer des groupes de travail'); INSERT IGNORE permmodo (`route`, `visible`) VALUES diff --git a/src/ninegate-1.0/src/Cadoles/CoreBundle/Controller/GroupController.php b/src/ninegate-1.0/src/Cadoles/CoreBundle/Controller/GroupController.php index 56f25a81..4d96ab9d 100644 --- a/src/ninegate-1.0/src/Cadoles/CoreBundle/Controller/GroupController.php +++ b/src/ninegate-1.0/src/Cadoles/CoreBundle/Controller/GroupController.php @@ -126,7 +126,7 @@ class GroupController extends Controller $qb->orderBy('table.fgcanshare',$order[0]["dir"]); break; case 5 : - $qb->orderBy('u.username',$order[0]["dir"]); + $qb->orderBy('table.owner',$order[0]["dir"]); break; case 6 : $qb->orderBy('table.fgcancreatepage',$order[0]["dir"]); @@ -489,7 +489,7 @@ class GroupController extends Controller if (!$request->isXmlHttpRequest()) { return new JsonResponse(array('message' => 'Interdit'), 400); } - + $em = $this->getDoctrine()->getManager(); $output=array(); @@ -524,7 +524,7 @@ class GroupController extends Controller if (!$request->isXmlHttpRequest()) { return new JsonResponse(array('message' => 'Interdit'), 400); } - + $em = $this->getDoctrine()->getManager(); $output=array(); @@ -596,6 +596,13 @@ class GroupController extends Controller { $em = $this->getDoctrine()->getManager(); + // Permission + $permgroup=$this->get('session')->get('permgroup'); + if($access="user") { + if($permgroup=="NO_BODY") throw $this->createNotFoundException('Permission denied'); + if($permgroup=="ROLE_ANIM" && $this->isGranted('ROLE_USER')) throw $this->createNotFoundException('Permission denied'); + } + // Initialisation de l'enregistrement $data = new Group(); $data->setFgopen(false); @@ -682,7 +689,7 @@ class GroupController extends Controller // Récupération de l'enregistrement courant $em = $this->getDoctrine()->getManager(); $data=$this->getData($id); - + // Création du formulaire $form = $this->createForm(GroupType::class,$data,array( "mode" => "update", @@ -803,7 +810,7 @@ class GroupController extends Controller } public function usersAction($id,Request $request, $access="config") - { + { // Récupération de l'enregistrement courant $data=$this->getData($id); diff --git a/src/ninegate-1.0/src/Cadoles/CoreBundle/Form/ConfigType.php b/src/ninegate-1.0/src/Cadoles/CoreBundle/Form/ConfigType.php index 83124917..265ea3ce 100644 --- a/src/ninegate-1.0/src/Cadoles/CoreBundle/Form/ConfigType.php +++ b/src/ninegate-1.0/src/Cadoles/CoreBundle/Form/ConfigType.php @@ -136,6 +136,21 @@ class ConfigType extends AbstractType "attr" => array("class" => "pick-a-color form-control"), 'required' => ($options["required"]==0?false:true))); break; + + case "permgroup": + $choices=array( + "NO_BODY" => "NO_BODY", + "ROLE_USER" => "ROLE_USER", + "ROLE_ANIM" => "ROLE_ANIM", + ); + + $builder->add("value", ChoiceType::class, + array("label" =>"Valeur", + "label_attr" => array("style" => 'margin-top:15px;'), + "attr" => array("class" => "form-control"), + 'required' => ($options["required"]==0?false:true), + "choices" => $choices)); + break; } $builder->add('help', diff --git a/src/ninegate-1.0/src/Cadoles/CoreBundle/Resources/views/Group/list.html.twig b/src/ninegate-1.0/src/Cadoles/CoreBundle/Resources/views/Group/list.html.twig index c15eb08d..e36ece62 100644 --- a/src/ninegate-1.0/src/Cadoles/CoreBundle/Resources/views/Group/list.html.twig +++ b/src/ninegate-1.0/src/Cadoles/CoreBundle/Resources/views/Group/list.html.twig @@ -9,7 +9,8 @@ {%endif%} - {% if is_granted('ROLE_ADMIN') or is_granted('ROLE_MODO') or is_granted('ROLE_ANIM') %} + {% set permgroup = app.session.get('permgroup') %} + {% if is_granted('ROLE_ADMIN') or is_granted('ROLE_MODO') or (is_granted('ROLE_ANIM') and (permgroup=="ROLE_ADMIN" or permgroup=="ROLE_USER")) or (is_granted('ROLE_USER') and permgroup=="ROLE_USER") %}

{% if access=="config" %} Ajouter @@ -18,6 +19,7 @@ {% endif %}

{% endif %} +
diff --git a/tmpl/ninegate-init-01.sql b/tmpl/ninegate-init-01.sql index 9b09ab64..d042f2fc 100644 --- a/tmpl/ninegate-init-01.sql +++ b/tmpl/ninegate-init-01.sql @@ -102,13 +102,15 @@ INSERT IGNORE INTO `config` (`order`, `visible`, `changeable`, `required`, `type %if %%activer_proxy_client == 'oui' ('200', 1, 0, 1, 'boolean', 'PROXYactivate', '1', '', 'Définit un Proxy'), ('201', 1, 0, 1, 'string', 'PROXYserver', '%%proxy_client_adresse', 'PROXYactivate','Adresse du Proxy'), -('202', 1, 0, 1, 'string', 'PROXYport', '%%proxy_client_port', 'PROXYactivate','Port du Proxy'); +('202', 1, 0, 1, 'string', 'PROXYport', '%%proxy_client_port', 'PROXYactivate','Port du Proxy'), %else ('200', 1, 0, 1, 'boolean', 'PROXYactivate', '0', '', 'Définit un Proxy'), ('201', 1, 0, 1, 'string', 'PROXYserver', '', 'PROXYactivate','Adresse du Proxy'), -('202', 1, 0, 1, 'string', 'PROXYport', '', 'PROXYactivate','Port du Proxy'); +('202', 1, 0, 1, 'string', 'PROXYport', '', 'PROXYactivate','Port du Proxy'), %end if +('500', 1, 1, 1, 'permgroup', 'permgroup', 'ROLE_ANIM', '', 'Determine quel rôle aura la permission de créer des groupes de travail'); + INSERT IGNORE permmodo (`route`, `visible`) VALUES ('cadoles_core_config_commun',0),