permettre au ROLE_USER de créer des groupes de travail (fixes #9)
This commit is contained in:
parent
2477fa187b
commit
0f01430d81
|
|
@ -42,9 +42,6 @@ security:
|
||||||
|
|
||||||
access_control:
|
access_control:
|
||||||
- { path: ^/websocket, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM, ROLE_USER] }
|
- { path: ^/websocket, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM, ROLE_USER] }
|
||||||
- { path: ^/user/group/submit, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM] }
|
|
||||||
- { path: ^/user/group/update, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM] }
|
|
||||||
- { path: ^/user/group/delete, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM] }
|
|
||||||
- { path: ^/user, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM, ROLE_USER] }
|
- { path: ^/user, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_ANIM, ROLE_USER] }
|
||||||
- { path: ^/config, roles: [ROLE_ADMIN, ROLE_MODO] }
|
- { path: ^/config, roles: [ROLE_ADMIN, ROLE_MODO] }
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,7 @@ INSERT IGNORE INTO `niveau01` (`id`, `label`, `siren`) VALUES
|
||||||
(-100, 'DRAAF', '130007107');
|
(-100, 'DRAAF', '130007107');
|
||||||
|
|
||||||
INSERT IGNORE INTO `user` (`id`, `niveau01_id`, `username`, `firstname`, `lastname`, `password`, `email`, `avatar`, `role`,`siren`,`authlevel`) VALUES
|
INSERT IGNORE INTO `user` (`id`, `niveau01_id`, `username`, `firstname`, `lastname`, `password`, `email`, `avatar`, `role`,`siren`,`authlevel`) VALUES
|
||||||
(-100, -100, 'admin', 'Administrateur', 'draaf', '{SSHA}7d5OuaGuX92B8iwYzkNe1P7C4reX07En
|
(-100, -100, 'admin', 'Administrateur', 'draaf', '{SSHA}MBogNANkXtDRLDro8qSoCT65Wcm00zzJ
|
||||||
', 'admin@ldapbundle.ac-arno.fr', 'admin.jpg', 'ROLE_ADMIN', '130007107', 'simple');
|
', 'admin@ldapbundle.ac-arno.fr', 'admin.jpg', 'ROLE_ADMIN', '130007107', 'simple');
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -90,7 +90,9 @@ INSERT IGNORE INTO `config` (`order`, `visible`, `changeable`, `required`, `type
|
||||||
|
|
||||||
('200', 1, 0, 1, 'boolean', 'PROXYactivate', '1', '', 'Définit un Proxy'),
|
('200', 1, 0, 1, 'boolean', 'PROXYactivate', '1', '', 'Définit un Proxy'),
|
||||||
('201', 1, 0, 1, 'string', 'PROXYserver', '192.168.57.160', 'PROXYactivate','Adresse du Proxy'),
|
('201', 1, 0, 1, 'string', 'PROXYserver', '192.168.57.160', 'PROXYactivate','Adresse du Proxy'),
|
||||||
('202', 1, 0, 1, 'string', 'PROXYport', '8080', 'PROXYactivate','Port du Proxy');
|
('202', 1, 0, 1, 'string', 'PROXYport', '8080', 'PROXYactivate','Port du Proxy'),
|
||||||
|
|
||||||
|
('500', 1, 1, 1, 'permgroup', 'permgroup', 'ROLE_ANIM', '', 'Determine quel rôle aura la permission de créer des groupes de travail');
|
||||||
|
|
||||||
|
|
||||||
INSERT IGNORE permmodo (`route`, `visible`) VALUES
|
INSERT IGNORE permmodo (`route`, `visible`) VALUES
|
||||||
|
|
|
||||||
|
|
@ -126,7 +126,7 @@ class GroupController extends Controller
|
||||||
$qb->orderBy('table.fgcanshare',$order[0]["dir"]);
|
$qb->orderBy('table.fgcanshare',$order[0]["dir"]);
|
||||||
break;
|
break;
|
||||||
case 5 :
|
case 5 :
|
||||||
$qb->orderBy('u.username',$order[0]["dir"]);
|
$qb->orderBy('table.owner',$order[0]["dir"]);
|
||||||
break;
|
break;
|
||||||
case 6 :
|
case 6 :
|
||||||
$qb->orderBy('table.fgcancreatepage',$order[0]["dir"]);
|
$qb->orderBy('table.fgcancreatepage',$order[0]["dir"]);
|
||||||
|
|
@ -489,7 +489,7 @@ class GroupController extends Controller
|
||||||
if (!$request->isXmlHttpRequest()) {
|
if (!$request->isXmlHttpRequest()) {
|
||||||
return new JsonResponse(array('message' => 'Interdit'), 400);
|
return new JsonResponse(array('message' => 'Interdit'), 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
$em = $this->getDoctrine()->getManager();
|
$em = $this->getDoctrine()->getManager();
|
||||||
|
|
||||||
$output=array();
|
$output=array();
|
||||||
|
|
@ -524,7 +524,7 @@ class GroupController extends Controller
|
||||||
if (!$request->isXmlHttpRequest()) {
|
if (!$request->isXmlHttpRequest()) {
|
||||||
return new JsonResponse(array('message' => 'Interdit'), 400);
|
return new JsonResponse(array('message' => 'Interdit'), 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
$em = $this->getDoctrine()->getManager();
|
$em = $this->getDoctrine()->getManager();
|
||||||
|
|
||||||
$output=array();
|
$output=array();
|
||||||
|
|
@ -596,6 +596,13 @@ class GroupController extends Controller
|
||||||
{
|
{
|
||||||
$em = $this->getDoctrine()->getManager();
|
$em = $this->getDoctrine()->getManager();
|
||||||
|
|
||||||
|
// Permission
|
||||||
|
$permgroup=$this->get('session')->get('permgroup');
|
||||||
|
if($access="user") {
|
||||||
|
if($permgroup=="NO_BODY") throw $this->createNotFoundException('Permission denied');
|
||||||
|
if($permgroup=="ROLE_ANIM" && $this->isGranted('ROLE_USER')) throw $this->createNotFoundException('Permission denied');
|
||||||
|
}
|
||||||
|
|
||||||
// Initialisation de l'enregistrement
|
// Initialisation de l'enregistrement
|
||||||
$data = new Group();
|
$data = new Group();
|
||||||
$data->setFgopen(false);
|
$data->setFgopen(false);
|
||||||
|
|
@ -682,7 +689,7 @@ class GroupController extends Controller
|
||||||
// Récupération de l'enregistrement courant
|
// Récupération de l'enregistrement courant
|
||||||
$em = $this->getDoctrine()->getManager();
|
$em = $this->getDoctrine()->getManager();
|
||||||
$data=$this->getData($id);
|
$data=$this->getData($id);
|
||||||
|
|
||||||
// Création du formulaire
|
// Création du formulaire
|
||||||
$form = $this->createForm(GroupType::class,$data,array(
|
$form = $this->createForm(GroupType::class,$data,array(
|
||||||
"mode" => "update",
|
"mode" => "update",
|
||||||
|
|
@ -803,7 +810,7 @@ class GroupController extends Controller
|
||||||
}
|
}
|
||||||
|
|
||||||
public function usersAction($id,Request $request, $access="config")
|
public function usersAction($id,Request $request, $access="config")
|
||||||
{
|
{
|
||||||
// Récupération de l'enregistrement courant
|
// Récupération de l'enregistrement courant
|
||||||
$data=$this->getData($id);
|
$data=$this->getData($id);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -136,6 +136,21 @@ class ConfigType extends AbstractType
|
||||||
"attr" => array("class" => "pick-a-color form-control"),
|
"attr" => array("class" => "pick-a-color form-control"),
|
||||||
'required' => ($options["required"]==0?false:true)));
|
'required' => ($options["required"]==0?false:true)));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case "permgroup":
|
||||||
|
$choices=array(
|
||||||
|
"NO_BODY" => "NO_BODY",
|
||||||
|
"ROLE_USER" => "ROLE_USER",
|
||||||
|
"ROLE_ANIM" => "ROLE_ANIM",
|
||||||
|
);
|
||||||
|
|
||||||
|
$builder->add("value", ChoiceType::class,
|
||||||
|
array("label" =>"Valeur",
|
||||||
|
"label_attr" => array("style" => 'margin-top:15px;'),
|
||||||
|
"attr" => array("class" => "form-control"),
|
||||||
|
'required' => ($options["required"]==0?false:true),
|
||||||
|
"choices" => $choices));
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
$builder->add('help',
|
$builder->add('help',
|
||||||
|
|
|
||||||
|
|
@ -9,7 +9,8 @@
|
||||||
{%endif%}
|
{%endif%}
|
||||||
</h1>
|
</h1>
|
||||||
|
|
||||||
{% if is_granted('ROLE_ADMIN') or is_granted('ROLE_MODO') or is_granted('ROLE_ANIM') %}
|
{% set permgroup = app.session.get('permgroup') %}
|
||||||
|
{% if is_granted('ROLE_ADMIN') or is_granted('ROLE_MODO') or (is_granted('ROLE_ANIM') and (permgroup=="ROLE_ADMIN" or permgroup=="ROLE_USER")) or (is_granted('ROLE_USER') and permgroup=="ROLE_USER") %}
|
||||||
<p><a class="btn btn-success" href={{ path('cadoles_core_'~access~'_group_submit') }}>
|
<p><a class="btn btn-success" href={{ path('cadoles_core_'~access~'_group_submit') }}>
|
||||||
{% if access=="config" %}
|
{% if access=="config" %}
|
||||||
Ajouter
|
Ajouter
|
||||||
|
|
@ -18,6 +19,7 @@
|
||||||
{% endif %}
|
{% endif %}
|
||||||
</a></p>
|
</a></p>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
<div class="panel panel-primary">
|
<div class="panel panel-primary">
|
||||||
<div class="panel-heading">
|
<div class="panel-heading">
|
||||||
|
|
|
||||||
|
|
@ -102,13 +102,15 @@ INSERT IGNORE INTO `config` (`order`, `visible`, `changeable`, `required`, `type
|
||||||
%if %%activer_proxy_client == 'oui'
|
%if %%activer_proxy_client == 'oui'
|
||||||
('200', 1, 0, 1, 'boolean', 'PROXYactivate', '1', '', 'Définit un Proxy'),
|
('200', 1, 0, 1, 'boolean', 'PROXYactivate', '1', '', 'Définit un Proxy'),
|
||||||
('201', 1, 0, 1, 'string', 'PROXYserver', '%%proxy_client_adresse', 'PROXYactivate','Adresse du Proxy'),
|
('201', 1, 0, 1, 'string', 'PROXYserver', '%%proxy_client_adresse', 'PROXYactivate','Adresse du Proxy'),
|
||||||
('202', 1, 0, 1, 'string', 'PROXYport', '%%proxy_client_port', 'PROXYactivate','Port du Proxy');
|
('202', 1, 0, 1, 'string', 'PROXYport', '%%proxy_client_port', 'PROXYactivate','Port du Proxy'),
|
||||||
%else
|
%else
|
||||||
('200', 1, 0, 1, 'boolean', 'PROXYactivate', '0', '', 'Définit un Proxy'),
|
('200', 1, 0, 1, 'boolean', 'PROXYactivate', '0', '', 'Définit un Proxy'),
|
||||||
('201', 1, 0, 1, 'string', 'PROXYserver', '', 'PROXYactivate','Adresse du Proxy'),
|
('201', 1, 0, 1, 'string', 'PROXYserver', '', 'PROXYactivate','Adresse du Proxy'),
|
||||||
('202', 1, 0, 1, 'string', 'PROXYport', '', 'PROXYactivate','Port du Proxy');
|
('202', 1, 0, 1, 'string', 'PROXYport', '', 'PROXYactivate','Port du Proxy'),
|
||||||
%end if
|
%end if
|
||||||
|
|
||||||
|
('500', 1, 1, 1, 'permgroup', 'permgroup', 'ROLE_ANIM', '', 'Determine quel rôle aura la permission de créer des groupes de travail');
|
||||||
|
|
||||||
|
|
||||||
INSERT IGNORE permmodo (`route`, `visible`) VALUES
|
INSERT IGNORE permmodo (`route`, `visible`) VALUES
|
||||||
('cadoles_core_config_commun',0),
|
('cadoles_core_config_commun',0),
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue