revu des permissions (ref #223)

This commit is contained in:
afornerot 2021-03-25 15:56:36 +01:00
parent 4ecfa70106
commit ae4debf6b9
47 changed files with 932 additions and 817 deletions

View File

@ -138,6 +138,7 @@ class InitDataCommand extends ContainerAwareCommand
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setKeyvalue($key);
$usergroup->setRolegroup(0);
$em->persist($usergroup);
$em->flush();
$em->clear();

View File

@ -287,7 +287,7 @@ class OnlyCommand extends Command
$this->em->flush();
// On ajoute le propriétaire en tant que membre du groupe
$this->addMember($group,$user,true);
$this->addMember($group,$user,100);
// On controle que le groupe a bien page / calendrier / blog / project
$this->ctrlFgcanshare($group,$user,$pagetemplate);
@ -318,7 +318,7 @@ class OnlyCommand extends Command
// On s'assure qu'il n'es pas déjà rattaché
$usergroup=$this->em->getRepository("CadolesCoreBundle:UserGroup")->findOneBy(["user"=>$user,"group"=>$group]);
if(!$usergroup) {
$this->addMember($group,$user,false);
$this->addMember($group,$user,0);
}
}
}
@ -578,12 +578,12 @@ class OnlyCommand extends Command
}
private function addMember($group,$user,$fgmanager) {
private function addMember($group,$user,$role) {
$key = Uuid::uuid4();
$usergroup=new Usergroup;
$usergroup=new UserGroup();
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setFgmanager($fgmanager);
$usergroup->setRolegroup($role);
$usergroup->setKeyvalue($key);
$this->em->persist($usergroup);
$this->em->flush();

View File

@ -239,6 +239,7 @@ class ScribeToNinegateCommand extends Command
$member= new UserGroup();
$member->setGroup($group);
$member->setUser($user);
$member->setRolegroup(0);
$this->em->persist($member);
$this->em->flush();

View File

@ -132,6 +132,18 @@ class ScriptCommand extends Command
}
$script=$this->em->getRepository("CadolesCoreBundle:Script")->findOneBy(["name"=>"rolegroup"]);
if(!$script) {
$this->writelnred("== SCRIPT = rolegroup");
$this->rolegroup();
$script=new Script();
$script->setName("rolegroup");
$this->em->persist($script);
$this->em->flush();
$this->writeln("");
}
return 1;
}
@ -289,7 +301,23 @@ class ScriptCommand extends Command
}
}
private function rolegroup(){
$usergroups = $this->em->getRepository('CadolesCoreBundle:UserGroup')->findAll();
foreach($usergroups as $usergroup) {
if(!$usergroup->getRolegroup()) {
$role=0;
if($usergroup->getFgmanager()) {
$role=50;
if($usergroup->getUser()==$usergroup->getGroup()->getOwner()) $role=100;
}
$usergroup->setRolegroup($role);
$this->em->persist($usergroup);
$this->em->flush();
}
}
}

View File

@ -899,6 +899,7 @@ class SynchroCommand extends Command
$member= new UserGroup();
$member->setGroup($group);
$member->setUser($user);
$member->setRolegroup(0);
}
// Si modèle scribe
@ -907,7 +908,7 @@ class SynchroCommand extends Command
if($ldap_template=="scribe"&&$scribe_master) {
$ldapfilter="(|(&(uid=".$user->getUsername().")(ENTPersonProfils=enseignant))(&(uid=".$user->getUsername().")(typeadmin=0))(&(uid=".$user->getUsername().")(typeadmin=2)))";
$results = $this->ldap->search($ldapfilter, ['uid'], $this->ldap_basedn);
if($results) $member->setFgmanager(true);
if($results) $member->setRolegroup(50);
}
$this->em->persist($member);

View File

@ -720,8 +720,9 @@ class FileController extends Controller
// On s'assure que l'utilisateur à la permission de voir
$page=$widget->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate,$canadd);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
return $canadd;
break;
case "projecttask":
@ -734,6 +735,7 @@ class FileController extends Controller
$user=$this->getUser();
$em->getRepository("CadolesPortalBundle:Project")->getPermission($user,$project,$cansee,$canupdate,$canadd);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
return $canupdate;
break;
case "calendarevent":
@ -744,13 +746,12 @@ class FileController extends Controller
// On s'assure que l'utilisateur à la permission de voir
$calendar=$calendarevent->getCalendar();
$user=$this->getUser();
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($user,$calendar,$cansee,$canupdate);
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($user,$calendar,$cansee,$canupdate,$canadd);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
return $canadd;
break;
}
}
else $canupdate=true;
return $canupdate;
}
}

View File

@ -178,19 +178,19 @@ class GroupController extends Controller
$action.="<a href='".$this->generateUrl('cadoles_core_'.$access.'_group_statistic', array('id'=>$data->getId()))."'><i class='fa fa-chart-area fa-fw fa-2x'></i></a>";
}
else {
$fgproprio=($user==$data->getOwner());
$fgmanager=false;
$fgcanupdate=($user==$data->getOwner());
$fgcanmanage=false;
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findOneBy(["user"=>$this->getUser(),"group"=>$data]);
if($usergroup) $fgmanager=$usergroup->getFgmanager();
if($usergroup) $fgcanmanage=($usergroup->getRolegroup()>=90);
// Modification possible uniquement si l'utilisateur est propriétaire du groupe
if($fgproprio) {
if($fgcanupdate) {
$action .="<a href='".$this->generateUrl('cadoles_core_'.$access.'_group_update', array('id'=>$data->getId()))."'><i class='fa fa-file fa-2x fa-fw'></i></a>";
$action .="<a href='".$this->generateUrl('cadoles_core_'.$access.'_group_delete', array('id'=>$data->getId()))."'><i class='fa fa-trash fa-2x fa-fw'></i></a>";
}
// Gestion des utilisateurs du groupe uniquement pour le proprio ou les managers
if($fgproprio||$fgmanager) {
if($fgcanupdate||$fgcanmanage) {
$action .="<a href='".$this->generateUrl('cadoles_core_'.$access.'_group_users', array('id'=>$data->getId()))."'><i class='fa fa-users fa-2x fa-fw'></i></a>";
}
else {
@ -370,12 +370,10 @@ class GroupController extends Controller
if($group->getLdapfilter()==""&&$group->getAttributes()=="")
$action.="<a style='cursor:pointer' onClick='addUsers(".$data->getId().")'><i class='fa fa-plus fa-fw'></i></a>";
$fgmanager="<input type='checkbox' class='switch' onChange='switchManager(".$data->getId().");'>";
// Avatar
$avatar="<img onClick='seeUser(".$data->getId().")' src='/".$this->container->getParameter('alias')."/uploads/avatar/".$data->getAvatar()."' style='width:30px;background-color:#337ab7;margin:auto;display:block;cursor:pointer;'>";
array_push($output["data"],array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),"",$fgmanager));
array_push($output["data"],array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),"",""));
}
// Retour
@ -494,6 +492,7 @@ class GroupController extends Controller
}
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
$user=$this->getUser();
foreach($datas as $data) {
// Propriétaire
@ -509,13 +508,17 @@ class GroupController extends Controller
$avatar="<img onClick='seeUser(".$data->getId().")' src='/".$this->container->getParameter('alias')."/uploads/avatar/".$data->getAvatar()."' style='width:30px;background-color:#337ab7;margin:auto;display:block;cursor:pointer'>";
// Flag manager
$fgmanager="";
$rolegroup="";
if($fgcanshare) {
if($fgproprio) $rolegroup="Propriétaire du groupe";
elseif($user==$usergroup->getUser()) $rolegroup="Gestionnaire";
else {
$selectuser=($usergroup->getRolegroup()==0?"selected='selected'":"");
$selectwritter=($usergroup->getRolegroup()==50?"selected='selected'":"");
$selectmanager=($usergroup->getRolegroup()==90?"selected='selected'":"");
$checked=($usergroup->getFgmanager()?"checked":"");
$fgmanager="<input type='checkbox' class='switch' onChange='switchManager(".$data->getId().");' $checked>";
if($fgproprio) $fgmanager="Propriétaire du groupe";
$rolegroup='<select id="roleuser-'.$data->getId().'" name="user[visible]" onChange="changeRole('.$data->getId().');"><option value="0" '.$selectuser.'>Utilisateur</option><option value="50" '.$selectwritter.'>Collaborateur</option><option value="90" '.$selectmanager.'>Gestionnaire</option></select>';
}
}
// Visite
@ -524,7 +527,7 @@ class GroupController extends Controller
$visite=$usergroup->getVisitedate()->format("d/m/Y H:i")."<br>nb = ".$usergroup->getVisitecpt();
}
array_push($output["data"],array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),$visite,$fgmanager));
array_push($output["data"],array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),$visite,$rolegroup));
}
// Retour
@ -557,11 +560,12 @@ class GroupController extends Controller
}
$key = Uuid::uuid4();
$usergroup=new Usergroup;
$usergroup=new UserGroup();
$user=$em->getRepository("CadolesCoreBundle:User")->find($userid);
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setKeyvalue($key);
$usergroup->setRolegroup(0);
$em->persist($usergroup);
$em->flush();
@ -633,10 +637,11 @@ class GroupController extends Controller
"body_html"=>nl2br($text),
"body_text"=>$text
);
$managers=$em->getRepository("CadolesCoreBundle:Usergroup")->findBy(array("group"=>$groupid,"fgmanager"=>true));
$usergroups=$em->getRepository("CadolesCoreBundle:Usergroup")->findBy(array("group"=>$groupid));
$to=array();
foreach($managers as $manager) {
array_push($to,$manager->getUser()->getEmail());
foreach($usergroups as $usergroup) {
if($usergroup->getRolegroup()>=90)
array_push($to,$usergroup->getUser()->getEmail());
}
$from = $this->getParameter('noreply');;
@ -678,10 +683,11 @@ class GroupController extends Controller
"body_html"=>nl2br($text),
"body_text"=>$text
);
$managers=$em->getRepository("CadolesCoreBundle:Usergroup")->findBy(array("group"=>$group,"fgmanager"=>true));
$usergroups=$em->getRepository("CadolesCoreBundle:Usergroup")->findBy(array("group"=>$group));
$to=array();
foreach($managers as $manager) {
array_push($to,$manager->getUser()->getEmail());
foreach($usergroups as $usergroup) {
if($usergroup->getRolegroup()>=90)
array_push($to,$usergroup->getUser()->getEmail());
}
$from = $this->getParameter('noreply');;
@ -695,7 +701,7 @@ class GroupController extends Controller
return $this->redirect($this->generateUrl("cadoles_core_user_group"));
}
public function switchmanagerAction(Request $request,$access="config")
public function changeroleAction(Request $request,$access="config")
{
// S'assurer que c'est un appel ajax
if (!$request->isXmlHttpRequest()) {
@ -707,12 +713,13 @@ class GroupController extends Controller
$output=array();
$userid=$request->request->get('user');
$groupid=$request->request->get('group');
$role=$request->request->get('role');
$group=$em->getRepository("CadolesCoreBundle:Group")->find($groupid);
$this->canManager($group,$access);
$data = $em->getRepository("CadolesCoreBundle:Usergroup")->findOneBy(array("user"=>$userid,"group"=>$groupid));
if($data) $data->setFgmanager(!$data->getFgmanager());
if($data) $data->setRolegroup($role);
$em->persist($data);
$em->flush();
@ -1241,8 +1248,8 @@ class GroupController extends Controller
protected function canManager($group,$access) {
if($access!="config") {
$em = $this->getDoctrine()->getManager();
$ismanager=$em->getRepository("CadolesCoreBundle:Usergroup")->findOneBy(["group"=>$group,"user"=>$this->getUser(),"fgmanager"=>true]);
if(!$ismanager)
$user=$em->getRepository("CadolesCoreBundle:Usergroup")->findOneBy(["group"=>$group,"user"=>$this->getUser()]);
if(!$user||$user->getRolegroup()<90)
throw $this->createNotFoundException('Permission denied');
}
}
@ -1258,19 +1265,27 @@ class GroupController extends Controller
protected function ctrlOwner($group) {
$em = $this->getDoctrine()->getManager();
// Le propriétaire passe manager
$usergroups=$em->getRepository("CadolesCoreBundle:Usergroup")->findBy(["group"=>$group,"rolegroup"=>"100"]);
foreach($usergroups as $usergroup) {
$usergroup->setRolegroup(90);
$em->persist($usergroup);
$em->flush();
}
// Le propriétaire prend son role dans le groupe
if($group->getOwner()) {
$usergroup=$em->getRepository("CadolesCoreBundle:Usergroup")->findOneBy(["group"=>$group,"user"=>$group->getOwner()]);
if(!$usergroup) {
$key = Uuid::uuid4();
$usergroup=new Usergroup;
$usergroup=new UserGroup();
$usergroup->setUser($group->getOwner());
$usergroup->setGroup($group);
$usergroup->setKeyvalue($key);
}
$usergroup->setFgmanager(true);
$usergroup->setRolegroup(100);
$em->persist($usergroup);
$em->flush();
}
}

View File

@ -544,11 +544,12 @@ class RegistrationController extends Controller
$group=$em->getRepository("CadolesCoreBundle:Group")->find($groupid);
if($group) {
$key = Uuid::uuid4();
$usergroup=new Usergroup;
$usergroup=new UserGroup();
$user=$em->getRepository("CadolesCoreBundle:User")->find($userid);
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setKeyvalue($key);
$usergroup->setRolegroup(0);
$em->persist($usergroup);
$em->flush();

View File

@ -419,6 +419,7 @@ class UserController extends Controller
$datagroup = $group;
$usergroup->setGroup($datagroup);
$usergroup->setKeyvalue($key);
$usergroup->setRolegroup(0);
$em->persist($usergroup);
$em->flush();
}
@ -569,6 +570,7 @@ class UserController extends Controller
$datagroup = $group;
$usergroup->setGroup($datagroup);
$usergroup->setKeyvalue($key);
$usergroup->setRolegroup(0);
$em->persist($usergroup);
$em->flush();
}
@ -629,12 +631,14 @@ class UserController extends Controller
"body_html"=>nl2br($text),
"body_text"=>$text
);
$managers=$em->getRepository("CadolesCoreBundle:Usergroup")->findBy(array("group"=>$group,"fgmanager"=>true));
$usergroups=$em->getRepository("CadolesCoreBundle:Usergroup")->findBy(array("group"=>$group));
$to=array();
foreach($managers as $manager) {
array_push($to,$manager->getUser()->getEmail());
foreach($usergroups as $usergroup) {
if($usergroup->getRolegroup()>=90)
array_push($to,$usergroup->getUser()->getEmail());
}
$from = $this->getParameter('noreply');;
$fromName = $this->get('session')->get('appname');
$message = $this->container->get('cadoles.core.service.mail');

View File

@ -37,9 +37,15 @@ class UserGroup
/**
* @ORM\Column(type="boolean", options={"default" : false})
* CE CHAMP N'EST PLUS UTILSE
*/
private $fgmanager = false;
/**
* @ORM\Column(type="integer", length=60, nullable=true)
*/
private $rolegroup;
/**
* @ORM\Column(type="string", length=60, nullable=true)
*/
@ -208,4 +214,28 @@ class UserGroup
{
return $this->visitecpt;
}
/**
* Set rolegroup
*
* @param integer $rolegroup
*
* @return UserGroup
*/
public function setRolegroup($rolegroup)
{
$this->rolegroup = $rolegroup;
return $this;
}
/**
* Get rolegroup
*
* @return integer
*/
public function getRolegroup()
{
return $this->rolegroup;
}
}

View File

@ -181,6 +181,7 @@ class syncUser implements EventSubscriber
$data->setUser($user);
$data->setGroup($fgall[0]);
$data->setKeyvalue($key);
$data->setRolegroup(0);
$this->em->persist($data);
$this->em->flush();
}

View File

@ -63,6 +63,7 @@ class GroupRepository extends \Doctrine\ORM\EntityRepository
$usergroup->setUser($user);
$usergroup->setGroup($retgroup);
$usergroup->setKeyvalue($key);
$usergroup->setRolegroup(0);
$this->_em->persist($usergroup);
$this->_em->flush();

View File

@ -494,9 +494,9 @@ cadoles_core_config_group_ajax_usergroup_del:
path: /config/group/ajax/usergroupdel
defaults: { _controller: CadolesCoreBundle:Group:usergroupdel, access: config }
cadoles_core_config_group_ajax_switchmanager:
path: /config/group/ajax/switchmanager
defaults: { _controller: CadolesCoreBundle:Group:switchmanager, access: config }
cadoles_core_config_group_ajax_changerole:
path: /config/group/ajax/changerole
defaults: { _controller: CadolesCoreBundle:Group:changerole, access: config }
cadoles_core_config_group_export:
path: /config/group/export
@ -559,9 +559,9 @@ cadoles_core_user_group_ajax_usergroup_del:
path: /user/group/ajax/usergroupdel
defaults: { _controller: CadolesCoreBundle:Group:usergroupdel, access: user }
cadoles_core_user_group_ajax_switchmanager:
path: /user/group/ajax/switchmanager
defaults: { _controller: CadolesCoreBundle:Group:switchmanager, access: user }
cadoles_core_user_group_ajax_changerole:
path: /user/group/ajax/changerole
defaults: { _controller: CadolesCoreBundle:Group:changerole, access: user }
cadoles_core_user_group_usergroup_export:
path: /user/group/users/export/{id}

View File

@ -9,10 +9,15 @@
<a class="btn btn-default" href={{ path('cadoles_core_home',{'id':idreturn}) }}>Fermer</a>
{% endif %}
{% if moderegistration!="none" and masteridentity=="SQL"%}
{% if moderegistration!="none" and masteridentity=="SQL" and group.fgcanshare %}
<a class="btn btn-primary" style="cursor:pointer" onClick="showMail();">Inviter des personnes non listées ci-dessous</a>
<a class="btn btn-primary" style="cursor:pointer" onClick="showInvitations();">Suivi des Invitations</a>
{%endif%}
{% if group.fgcanshare %}
<button class="btn btn-default pull-right" style="margin-left:10px" data-toggle="modal" data-target="#modalperm">Matrice des permissions</button>
{%endif%}
<a class="btn btn-default pull-right" href={{ path('cadoles_core_'~access~'_group_usergroup_export',{'id':group.id}) }}>Exporter CSV</a>
<br><br>
@ -70,6 +75,333 @@
</div>
</div>
<div id="modalperm" class="modal fade bs-item-modal" tabindex="-1" role="dialog" aria-labelledby="myLargeModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h4 class="modal-title">MATRICE DES PERMISSIONS</h4>
</div>
<div class="modal-body">
<div class="dataTable_wrapper">
<table class="table table-striped table-bordered table-hover" id="dataTablesnotin" style="width:100%; text-align:center; zoom:80%">
<thead>
<tr>
<th>Permissions</th>
<th>Propriétaire</th>
<th>Gestionnaire</th>
<th>Collaborateur</th>
<th>Utilisateur</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="5" style="font-weight: bold;">GROUPE</td>
</tr>
<tr>
<td style="text-align:left;">Modifier le groupe</td>
<td>x</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Supprimer le groupe</td>
<td>x</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Changer le propriétaire du groupe</td>
<td>x</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Affecter des utilisateurs au groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Désaffecter des utilisateurs au groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Inviter des utilisateurs dans le groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Visualiser les statistiques du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Sinscrire par soit même sur les groupes ouverts</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Se désinscrire par soit même </td>
<td></td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td colspan="5" style="font-weight: bold;">PAGE</td>
</tr>
<tr>
<td style="text-align:left;">Créer / Modifier / Supprimer / Partager des Pages sur le groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Placer en favoris une page du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td colspan="5" style="font-weight: bold;">WIDGET</td>
</tr>
<tr>
<td style="text-align:left;">Widget Favoris = Ajouter / Modifier / Supprimer Lien</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Widget Fichier = Ajouter / Modifier / Supprimer Fichiers</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Widget Lien = Modifier Lien</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Widget Editeur = Modifier Texte</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Widget Carrousel = Créer / Modifier / Supprimer Image</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Widget Gallerie Images = Créer / Modifier / Supprimer Image</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Widget Chat = Ajouter commentaires</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Widget Chat = Modifier / Supprimer Commentaires des membres du groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Widget Chat = Masquer Commentaires des membres du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td colspan="5" style="font-weight: bold;">BLOG</td>
</tr>
<tr>
<td style="text-align:left;">Créer / Modifier / Supprimer / Partager un blog sur le groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Créer des articles sur les blogs du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer ses articles sur les blogs du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer des articles de blog des autres membres du groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Ajouter des commentaires sur les articles du blog</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer ses propres commentaires</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer les commentaires des autres membre du groupe de ses articles</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer les commentaires des autres membre du groupe sur l'ensemble du blog</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td colspan="5" style="font-weight: bold;">PROJET</td>
</tr>
<tr>
<td style="text-align:left;">Créer / Modifier / Supprimer / Partager des projets sur le groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Créer des taches sur les projets du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer ses propres tâches</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Affecter des tâches aux autres membres du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer des Tâches à des autres membres du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Ajouter des commentaires sur les tâches</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer ses propres commentaires de tâches</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td>x</td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer les commentaires des autres membre du groupe de ses taches</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Modifier / Supprimer les commentaires des taches sur l'ensemble du projet</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td colspan="5" style="font-weight: bold;">CALENDRIER</td>
</tr>
<tr>
<td style="text-align:left;">Créer / Modifier / Supprimer / Partager un calendrier sur le groupe</td>
<td>x</td>
<td>x</td>
<td></td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Créer des évènements sur les calendriers du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
<tr>
<td style="text-align:left;">Créer / Modifier / Supprimer / Partager des évènements sur les calendriers du groupe</td>
<td>x</td>
<td>x</td>
<td>x</td>
<td></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
{% endblock %}
{% block localjavascript %}
@ -152,15 +484,17 @@
});
}
function switchManager(id) {
function changeRole(id) {
$.ajax({
method: "POST",
url: "{{ path('cadoles_core_'~access~'_group_ajax_switchmanager') }}",
url: "{{ path('cadoles_core_'~access~'_group_ajax_changerole') }}",
data: {
"group": {{ group.id }},
"user": id,
"role": $("#roleuser-"+id).val(),
}
});
}
function showMail() {

View File

@ -106,6 +106,7 @@ class BlogarticleController extends Controller
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Blog")->getPermission($this->getUser(),$entity->getBlog(),$cansee,$canupdate,$canadd);
if(!$canadd) throw $this->createNotFoundException('Permission denied');
elseif(!$canupdate&&$this->getUser()!=$entity->getUser()) throw $this->createNotFoundException('Permission denied');
}
// Création du formulaire
@ -157,6 +158,7 @@ class BlogarticleController extends Controller
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Blog")->getPermission($this->getUser(),$entity->getBlog(),$cansee,$canupdate,$canadd);
if(!$canadd) throw $this->createNotFoundException('Permission denied');
elseif(!$canupdate&&$this->getUser()!=$entity->getUser()) throw $this->createNotFoundException('Permission denied');
}
// Suppression
@ -208,12 +210,10 @@ class BlogarticleController extends Controller
}
else {
$em->getRepository("CadolesPortalBundle:Blog")->getPermission($user,$entity->getBlog(),$cansee,$canupdate,$canadd);
if(!$canupdate&&$this->getUser()==$entity->getUser()) $canupdate=true;
}
if(!$cansee) throw $this->createNotFoundException('Permission denied');
$canupdate=false;
if($user) $canupdate=true;
}
$em->getRepository("CadolesPortalBundle:Blogarticle")->getBlogsArticles($blogs,0,10,$count,$blogarticles);

View File

@ -145,7 +145,8 @@ class BlogcommentController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Blog")->getPermission($this->getUser(),$entity->getBlogarticle()->getBlog(),$cansee,$canupdate,$canadd);
if(!$canadd&&$this->getUser()!=$entity->getUser()) throw $this->createNotFoundException('Permission denied');
if(!$canupdate&&$this->getUser()==$entity->getBlogarticle()->getUser()) $canupdate=true;
if(!$canupdate&&$this->getUser()!=$entity->getUser()) throw $this->createNotFoundException('Permission denied');
}
// Création du formulaire
@ -196,7 +197,7 @@ class BlogcommentController extends Controller
// On s'assure que l'utilisateur à la permission de supprimer
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Blog")->getPermission($this->getUser(),$entity->getBlogarticle()->getBlog(),$cansee,$canupdate,$canadd);
if(!$canadd&&$this->getUser()!=$entity->getUser()) throw $this->createNotFoundException('Permission denied');
if(!$canupdate&&$this->getUser()!=$entity->getUser()) throw $this->createNotFoundException('Permission denied');
}
// Suppression

View File

@ -35,6 +35,19 @@ class BookmarkController extends Controller
if (!$pagewidget) throw $this->createNotFoundException('Unable to find entity.');
}
// Vérifier que cet enregistrement est modifiable
if($access=="user") {
if($usage=="user") {
$user=$pagewidget->getPage()->getUser();
if($user!=$this->getUser()) throw $this->createNotFoundException('Permission denied');
}
else {
$groupentity=$this->getDoctrine()->getRepository("CadolesCoreBundle:Group")->find($group);
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity]);
if(!$usergroup or $usergroup->getRolegroup()<50) throw $this->createNotFoundException('Permission denied');
}
}
// Création du formulaire
$form = $this->createForm(BookmarkType::class,$data,array("mode"=>"submit"));
@ -123,8 +136,8 @@ class BookmarkController extends Controller
}
else {
$groupentity=$this->getDoctrine()->getRepository("CadolesCoreBundle:Group")->find($group);
$fgmanager=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity,"fgmanager"=>true]);
if(!$fgmanager) throw $this->createNotFoundException('Permission denied');
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity]);
if(!$usergroup or $usergroup->getRolegroup()<50) throw $this->createNotFoundException('Permission denied');
}
}
@ -214,8 +227,8 @@ class BookmarkController extends Controller
}
else {
$groupentity=$this->getDoctrine()->getRepository("CadolesCoreBundle:Group")->find($group);
$fgmanager=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity,"fgmanager"=>true]);
if(!$fgmanager) throw $this->createNotFoundException('Permission denied');
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity]);
if(!$usergroup or $usergroup->getRolegroup()<50) throw $this->createNotFoundException('Permission denied');
}
}

View File

@ -220,7 +220,7 @@ class CalendarController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
$oldpassword=$entity->getPasswordDecrypt();
@ -272,7 +272,7 @@ class CalendarController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -308,7 +308,7 @@ class CalendarController extends Controller
// On s'assure que l'utilisateur à la permission de supprimer
if($access=="user") {
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -369,6 +369,7 @@ class CalendarController extends Controller
$calendar->setType(0);
$calendar->setUser($user);
$calendar->setCanupdate(true);
$calendar->setCanadd(true);
$key = Uuid::uuid4();
$calendar->setKeyvalue($key);
$em->persist($calendar);

View File

@ -40,9 +40,10 @@ class CalendareventController extends Controller
if($access=="config")
$calendar->setCanupdate(true);
else {
$this->getDoctrine()->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate);
$this->getDoctrine()->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate,$canadd);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
$calendar->setCanupdate($canupdate);
$calendar->setCanadd($canadd);
}
$calendars=[$calendar];
@ -67,7 +68,7 @@ class CalendareventController extends Controller
$tmp['color'] = "#".(is_null($calendar->getColor())?$this->get('session')->get('color')["main"]:$calendar->getColor());
$tmp['allDay'] = $calendarevent->getAllday();
$tmp['calendar'] = $calendar->getId();
$tmp['editable'] = $calendarevent->getCalendar()->getCanupdate();
$tmp['editable'] = $calendarevent->getCalendar()->getCanadd();
$tmp['files'] = $this->loadpj($tmp['id'] );
array_push($events,$tmp);
@ -154,8 +155,8 @@ class CalendareventController extends Controller
// On s'assure que l'utilisateur à la permission de supprimer
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate,$canadd);
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}
$calendarevent=new Calendarevent();
@ -208,8 +209,8 @@ class CalendareventController extends Controller
// On s'assure que l'utilisateur à la permission
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate,$canadd);
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}
$calendarevent = $this->getDoctrine()->getRepository("CadolesPortalBundle:Calendarevent")->find($id);
@ -266,8 +267,8 @@ class CalendareventController extends Controller
// On s'assure que l'utilisateur à la permission
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate,$canadd);
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}
$calendarevent = $this->getDoctrine()->getRepository("CadolesPortalBundle:Calendarevent")->find($id);
@ -291,8 +292,8 @@ class CalendareventController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate,$canadd);
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}
// Création du formulaire
@ -329,8 +330,8 @@ class CalendareventController extends Controller
// On s'assure que l'utilisateur à la permission
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
$em->getRepository("CadolesPortalBundle:Calendar")->getPermission($this->getUser(),$calendar,$cansee,$canupdate,$canadd);
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}
$files = $this->loadpj($id);

View File

@ -286,7 +286,7 @@ class PageController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -369,7 +369,7 @@ class PageController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -408,7 +408,7 @@ class PageController extends Controller
// On s'assure que l'utilisateur à la permission de supprimer
if($access=="user") {
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -438,7 +438,7 @@ class PageController extends Controller
// On s'assure que l'utilisateur à la permission
if($access=="user") {
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -474,7 +474,7 @@ class PageController extends Controller
}
else {
// On s'assure que l'utilisateur à la permission de voir
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate);
$em->getRepository($this->labelentity)->getPermission($this->getUser(),$entity,$cansee,$canupdate,$canadd);
if(!$cansee) {
return $this->render('CadolesCoreBundle:Core:reconnect.html.twig', [
'useheader' => false,

View File

@ -31,13 +31,14 @@ class PagewidgetController extends Controller
private $look;
private $mini;
private $selwidget;
private $usage;
private $group;
private $cansee;
private $canudate;
private $canupdate;
private $canadd;
private function searchArray($array, $key, $value)
{
private function searchArray($array, $key, $value) {
$results = array();
if (is_array($array))
@ -52,8 +53,7 @@ class PagewidgetController extends Controller
return $results;
}
private function entityForm(Pagewidget $entity,$idpage,$id,$access="config",$by="view")
{
private function entityForm(Pagewidget $entity,$idpage,$id,$access="config",$by="view") {
if ($this->getDoctrine()->getManager()->contains($entity)) {
$widgettype= $this->getDoctrine()->getManager()->getRepository("CadolesPortalBundle:Pagewidget")->find($id)->getWidget();
$params = $widgettype->getParameter();
@ -97,8 +97,7 @@ class PagewidgetController extends Controller
}
}
public function submitAction(Request $request,$idpage,$idwidgettype,$access="config")
{
public function submitAction(Request $request,$idpage,$idwidgettype,$access="config") {
$by=$request->query->get('by');
$entity = new Pagewidget();
$form = $this->entityForm($entity,$idpage,$idwidgettype,$access,$by);
@ -190,8 +189,7 @@ class PagewidgetController extends Controller
]);
}
public function updateAction(Request $request,$idpage,$idwidget,$access="config")
{
public function updateAction(Request $request,$idpage,$idwidget,$access="config") {
$by=$request->query->get('by');
$usage=$request->query->get('usage');
$group=$request->query->get('group');
@ -203,7 +201,7 @@ class PagewidgetController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$entity->getPage(),$cansee,$canupdate);
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$entity->getPage(),$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -273,8 +271,7 @@ class PagewidgetController extends Controller
]);
}
public function deleteAction(Request $request,$access="config")
{
public function deleteAction(Request $request,$access="config") {
// S'assurer que c'est un appel ajax
if (!$request->isXmlHttpRequest()) return new JsonResponse(array('message' => 'Interdit'), 400);
@ -289,7 +286,7 @@ class PagewidgetController extends Controller
// On s'assure que l'utilisateur à la permission de supprimer
if($access=="user") {
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$entity->getPage(),$cansee,$canupdate);
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$entity->getPage(),$cansee,$canupdate,$canadd);
if(!$canupdate) throw $this->createNotFoundException('Permission denied');
}
@ -315,8 +312,7 @@ class PagewidgetController extends Controller
return $response;
}
public function orderAction(Request $request)
{
public function orderAction(Request $request) {
// S'assurer que c'est un appel ajax
if (!$request->isXmlHttpRequest()) return new JsonResponse(array('message' => 'Interdit'), 400);
@ -367,7 +363,6 @@ class PagewidgetController extends Controller
}
protected function getErrorForm($id,$form,$request,$idwidgettype,$page,$data,$mode) {
if ($form->get('submit')->isClicked()&&$mode=="delete") {
@ -405,6 +400,8 @@ class PagewidgetController extends Controller
$this->access = $access;
$this->look = $request->query->get('look');
$this->selwidget = $request->query->get('selwidget');
$this->usage = $request->query->get('usage');
$this->group = $request->query->get('group');
// Le widget existe-t-il ?
$this->entity = $this->em->getRepository($this->labelentity)->find($this->id);
@ -417,7 +414,7 @@ class PagewidgetController extends Controller
else {
// On s'assure que l'utilisateur à la permission de voir
$this->page=$this->entity->getPage();
$this->em->getRepository("CadolesPortalBundle:Page")->getPermission($this->user,$this->page,$this->cansee,$this->canupdate);
$this->em->getRepository("CadolesPortalBundle:Page")->getPermission($this->user,$this->page,$this->cansee,$this->canupdate,$this->canadd);
if(!$this->cansee) throw $this->createNotFoundException('Permission denied');
}
@ -687,7 +684,6 @@ class PagewidgetController extends Controller
]);
}
public function viewfluxAction(Request $request,$id,$access="config") {
// Récupération de la requete
$this->setRequest($request,$id,$access);
@ -894,7 +890,6 @@ class PagewidgetController extends Controller
]);
}
public function viewrssAction(Request $request,$id,$access="config") {
// Récupération de la requete
$this->setRequest($request,$id,$access);
@ -1115,34 +1110,20 @@ class PagewidgetController extends Controller
// Render
return $this->getRender('viewbookmark.html.twig', [
'canadd' => $this->canadd,
'modedesktop' => $modedesktop,
'bookmarks' => $bookmarks,
]);
}
public function viewlinkAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$url="";
$target="_blank";
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "url":
$url=$parameter["value"];
@ -1153,44 +1134,21 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// Render
return $this->render($this->labelentity.':viewlink.html.twig', [
'entity' => $entity,
return $this->getRender('viewlink.html.twig', [
'canadd' => false,
'canupdate' => $canupdate,
'url' => $url,
'target' => $target,
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function vieweditorAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$html="";
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "html":
$html=$parameter["value"];
@ -1199,43 +1157,20 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// Render
return $this->render($this->labelentity.':vieweditor.html.twig', [
'entity' => $entity,
return $this->getRender('vieweditor.html.twig', [
'canadd' => false,
'canupdate' => $canupdate,
'html' => $html,
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewslideAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$interval="2";
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "interval":
$interval=$parameter["value"];
@ -1243,47 +1178,24 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// Récupération des slides
$slides=$em->getRepository("CadolesPortalBundle:Slide")->findBy(["pagewidget"=>$entity],['roworder'=>'ASC','title'=>'ASC']);
$slides=$this->em->getRepository("CadolesPortalBundle:Slide")->findBy(["pagewidget"=>$this->entity],['roworder'=>'ASC','title'=>'ASC']);
// Render
return $this->render($this->labelentity.':viewslide.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewslide.html.twig', [
'canadd' => $this->canadd,
'slides' => $slides,
'interval' => $interval,
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewfileAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$view="small";
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "modelist":
$view=($parameter["value"]==0?"small":"list");
@ -1291,45 +1203,17 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
return $this->render($this->labelentity.':viewfile.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
'access' => $access,
// Render
return $this->getRender('viewfile.html.twig', [
'canadd' => $this->canadd,
'directory' => "widget-".$id,
'view' => $view,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewgaleryAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Préference utilisateur
$this->getPreference($entity);
// Récupération de la requete
$this->setRequest($request,$id,$access);
$directory=$this->get('kernel')->getRootDir()."/../uploads/file/widget-".$id;
$files=[];
@ -1359,43 +1243,19 @@ class PagewidgetController extends Controller
// Render
return $this->render($this->labelentity.':viewgalery.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewgalery.html.twig', [
'canadd' => $this->canadd,
'files' => $files,
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewcalendarAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
if($group) $groupentity=$em->getRepository("CadolesCoreBundle:Group")->find($group);
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$nbday="0";
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "nbday":
$nbday=$parameter["value"];
@ -1403,52 +1263,27 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// Récupérer les events de l'utilisateur
$user=$this->getUser();
$events=$em->getRepository("CadolesPortalBundle:Calendarevent")->getUserCalendarevents($user,$this->get('session')->get('color')["main"],$usage,$group,$firstcalendar);
$events=$this->em->getRepository("CadolesPortalBundle:Calendarevent")->getUserCalendarevents($user,$this->get('session')->get('color')["main"],$this->usage,$this->group,$firstcalendar);
// Render
return $this->render($this->labelentity.':viewcalendar.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewcalendar.html.twig', [
'canadd' => $this->canadd,
'events' => $events,
'nbday' => $nbday,
'access' => $access,
'firstcalendar' => $firstcalendar,
'usage' => $usage,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
'usage' => $this->usage,
]);
}
public function viewblogAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$nbarticle=10;
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "nbarticle":
$nbarticle=$parameter["value"];
@ -1456,64 +1291,38 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// On récupère soit les blogs du group en cours soit l'ensemble des blogs de l'utilisateur
if($usage=="group") {
$blogs=$em->getRepository("CadolesPortalBundle:Blog")->getBlogsGroup($this->getUser(),$group);
if($this->usage=="group") {
$blogs=$this->em->getRepository("CadolesPortalBundle:Blog")->getBlogsGroup($this->getUser(),$this->group);
if($blogs) $firstblog=$blogs[0]->getId();
}
else {
$em->getRepository("CadolesPortalBundle:Blog")->getBlogsUser($this->getUser(),$blogsuser,$blogsadmin,$blogsshared);
$this->em->getRepository("CadolesPortalBundle:Blog")->getBlogsUser($this->getUser(),$blogsuser,$blogsadmin,$blogsshared);
$blogs=array_merge($blogsuser,$blogsadmin->toArray(),$blogsshared);
$firstblog="all";
}
// On récupère les nbarticle de ses blogs
$em->getRepository("CadolesPortalBundle:Blogarticle")->getBlogsArticles($blogs,0,$nbarticle,$count,$blogarticles);
$this->em->getRepository("CadolesPortalBundle:Blogarticle")->getBlogsArticles($blogs,0,$nbarticle,$count,$blogarticles);
// Render
return $this->render($this->labelentity.':viewblog.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewblog.html.twig', [
'canadd' => $this->canadd,
'blogarticles' => $blogarticles,
'nbarticle' => $nbarticle,
'access' => $access,
'firstblog' => $firstblog,
'usage' => $usage,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
'usage' => $this->usage,
]);
}
public function viewprojectAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Parametres
$nbarticle=10;
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "nbarticle":
$nbarticle=$parameter["value"];
@ -1521,76 +1330,56 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// On récupère soit les projects du group en cours soit l'ensemble des projects de l'utilisateur
$user=$this->getUser();
if($usage=="group") {
$projects=$em->getRepository("CadolesPortalBundle:Project")->getProjectsGroup($this->getUser(),$group);
if($this->usage=="group") {
$projects=$this->em->getRepository("CadolesPortalBundle:Project")->getProjectsGroup($this->getUser(),$this->group);
if($projects) $firstproject=$projects[0]->getId();
}
else {
$em->getRepository("CadolesPortalBundle:Project")->getProjectsUser($user,$projectsuser,$projectsadmin,$projectsshared);
$this->em->getRepository("CadolesPortalBundle:Project")->getProjectsUser($user,$projectsuser,$projectsadmin,$projectsshared);
$projects=array_merge($projectsuser,$projectsadmin->toArray(),$projectsshared);
$firstproject="all";
}
// On récupère les nbarticle de ses projects
$em->getRepository("CadolesPortalBundle:Projecttask")->getProjectsTasks($projects,0,$nbarticle,$count,$projecttasks);
$this->em->getRepository("CadolesPortalBundle:Projecttask")->getProjectsTasks($projects,0,$nbarticle,$count,$projecttasks);
foreach($projecttasks as $key => $projecttask) {
if($projecttask->getPercentage()==100) unset($projecttasks[$key]);
}
if($usage!="group") {
if($this->usage!="group") {
foreach($projecttasks as $key => $projecttask) {
if(!$user) unset($projecttasks[$key]);
else {
if($projecttask->getUser() && $projecttask->getUser()!=$user) unset($projecttasks[$key]);
elseif($projecttask->getOwner() && $projecttask->getOwner()!=$user) unset($projecttasks[$key]);
if($projecttask->getUser() && $projecttask->getUser()!=$user)
unset($projecttasks[$key]);
elseif(!$projecttask->getUser() && $projecttask->getOwner() && $projecttask->getOwner()!=$user)
unset($projecttasks[$key]);
}
}
}
// Render
return $this->render($this->labelentity.':viewproject.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewproject.html.twig', [
'canadd' => $this->canupdate,
'projecttasks' => $projecttasks,
'nbarticle' => $nbarticle,
'access' => $access,
'firstproject' => $firstproject,
'usage' => $usage,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
'usage' => $this->usage,
]);
}
public function viewseparatorAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Parametres
$seetitle=false;
$seeicon=false;
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "seetitle":
$seetitle=boolval($parameter["value"]);
@ -1601,44 +1390,21 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// Render
return $this->render($this->labelentity.':viewseparator.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewseparator.html.twig', [
'canadd' => $this->canupdate,
'seetitle' => $seetitle,
'seeicon' => $seeicon,
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewclockAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Parametres
$clock="0";
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "clock":
$clock=$parameter["value"];
@ -1646,79 +1412,33 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
// Render
return $this->render($this->labelentity.':viewframe.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewframe.html.twig', [
'canadd' => $this->canupdate,
'onheader' => true,
'tool' => ($clock==0?"cadoles_portal_user_tool_clockanalogique":"cadoles_portal_user_tool_clocknumerique"),
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewcalculatorAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Préference utilisateur
$this->getPreference($entity);
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Render
return $this->render($this->labelentity.':viewframe.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewframe.html.twig', [
'canadd' => $this->canupdate,
'onheader' => true,
'tool' => "cadoles_portal_user_tool_calculator",
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewappexternalAction(Request $request,$id,$access="config") {
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$idappexternal=null;
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "appexternal":
$idappexternal=$parameter["value"];
@ -1729,15 +1449,12 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
$user=$this->getUser();
$items=[];
$itemcategorys=[];
if($user) {
if($idappexternal) $appextenals=$em->getRepository("CadolesPortalBundle:Appexternal")->findBy(["id"=>$idappexternal]);
else $appextenals=$em->getRepository("CadolesPortalBundle:Appexternal")->findAll();
if($idappexternal) $appextenals=$this->em->getRepository("CadolesPortalBundle:Appexternal")->findBy(["id"=>$idappexternal]);
else $appextenals=$this->em->getRepository("CadolesPortalBundle:Appexternal")->findAll();
foreach($appextenals as $appexternal) {
switch($appexternal->getName()) {
case "Limesurvey":
@ -1790,161 +1507,86 @@ class PagewidgetController extends Controller
array_multisort($title, SORT_ASC, $items);
// Render
return $this->render($this->labelentity.':viewappexternal.html.twig', [
'entity' => $entity,
return $this->getRender('viewappexternal.html.twig', [
'canadd' => ($user),
'canupdate' => $canupdate,
'modedesktop' => $modedesktop,
'items' => $items,
'itemcategorys' => $itemcategorys,
'access' => $access,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewinfoAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$user=$this->getUser();
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
$page=$entity->getPage();
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Préference utilisateur
$this->getPreference($entity);
// Récupération de la requete
$this->setRequest($request,$id,$access);
$icon=null;
$title=null;
$description=null;
$members=[];
if($usage=="group") {
$group=$em->getRepository("CadolesCoreBundle:Group")->find($group);
if($group) {
$title=$group->getLabel();
$id=$group->getId();
if($group->getDescription())
$description="<strong>Description</strong><br>".$group->getDescription();
if($group->getIcon())
$icon="/".$group->getIcon()->getLabel();
if($this->usage=="group") {
$groupentity=$this->em->getRepository("CadolesCoreBundle:Group")->find($this->group);
if($groupentity) {
$title=$groupentity->getLabel();
$id=$groupentity->getId();
if($groupentity->getDescription())
$description="<strong>Description</strong><br>".$groupentity->getDescription();
if($groupentity->getIcon())
$icon="/".$groupentity->getIcon()->getLabel();
foreach($group->getUsers() as $usergroup) {
foreach($groupentity->getUsers() as $usergroup) {
array_push($members,$usergroup);
}
}
}
else {
$title=$entity->getPage()->getName();
$proprio=$entity->getPage()->getUser();
$title=$this->entity->getPage()->getName();
$proprio=$this->entity->getPage()->getUser();
$id=0;
if($proprio) {
$description="Propriétaire de la page<br>".$proprio->getLastname()." ".$proprio->getLastname();
$icon="/uploads/avatar/".$proprio->getAvatar();
}
}
// Render
return $this->render($this->labelentity.':viewinfo.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
'usage' => $usage,
return $this->getRender('viewinfo.html.twig', [
'canadd' => $this->canupdate,
'usage' => $this->usage,
'icon' => $icon,
'title' => $title,
'description' => $description,
'members' => $members,
'id' => $id,
'idpage' => $page->getId(),
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
'idpage' => $this->entity->getPage()->getId(),
]);
}
public function viewchatAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
// Récupération de la requete
$this->setRequest($request,$id,$access);
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Préference utilisateur
$this->getPreference($entity);
if($usage!="group"||!$group) {
$group=$em->getRepository("CadolesCoreBundle:Group")->findOneBy(["fgall"=>true])->getId();
$group=$this->group;
if($this->usage!="group"||!$group) {
$group=$this->em->getRepository("CadolesCoreBundle:Group")->findOneBy(["fgall"=>true])->getId();
}
// Render
return $this->render($this->labelentity.':viewchat.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
return $this->getRender('viewchat.html.twig', [
'canadd' => $this->canupdate,
'onheader' => false,
'tool' => "cadoles_websocket_chat",
'access' => $access,
'usage' => $usage,
'usage' => $this->usage,
'group' => $group,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewgroupAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
// Récupération de la requete
$this->setRequest($request,$id,$access);
$user=$this->getUser();
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Préference utilisateur
$this->getPreference($entity);
$mygroups=[];
$this->getDoctrine()->getRepository("CadolesPortalBundle:Page")->getPagesUser($user,null,$default,$pagesuser,$pagesadmin,$groupsshared);
if(is_array($groupsshared)) {
@ -1962,47 +1604,21 @@ class PagewidgetController extends Controller
}
// Render
return $this->render($this->labelentity.':viewgroup.html.twig', [
'entity' => $entity,
return $this->getRender('viewgroup.html.twig', [
'canadd' => ($user),
'canupdate' => $canupdate,
'usage' => $usage,
'usage' => $this->usage,
'groups' => $mygroups,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewgroupmessageAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$user=$this->getUser();
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Préference utilisateur
$this->getPreference($entity);
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$modelist=1;
$nbarticle=5;
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "modelist":
$modelist=$parameter["value"];
@ -2013,8 +1629,8 @@ class PagewidgetController extends Controller
}
}
$mygroups=[];
$mymsg= [];
$user=$this->getUser();
$this->getDoctrine()->getRepository("CadolesPortalBundle:Page")->getPagesUser($user,null,$default,$pagesuser,$pagesadmin,$groupsshared);
if(is_array($groupsshared)) {
foreach($groupsshared as $groupshared) {
@ -2050,48 +1666,23 @@ class PagewidgetController extends Controller
// Render
return $this->render($this->labelentity.':viewgroupmessage.html.twig', [
'entity' => $entity,
return $this->getRender('viewgroupmessage.html.twig', [
'canadd' => ($user),
'canupdate' => $canupdate,
'usage' => $usage,
'usage' => $this->usage,
'modelist' => $modelist,
'messages' => $mymsg,
'nbarticle' => $nbarticle,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
public function viewOnlydocAction(Request $request,$id,$access="config") {
$usage=$request->query->get('usage');
$group=$request->query->get('group');
$look=$request->query->get('look');
$selwidget=$request->query->get('selwidget');
$user=$this->getUser();
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository($this->labelentity)->find($id);
if (!$entity) throw $this->createNotFoundException('Unable to find entity.');
// Permissions
if($access=="config") {
$canupdate = true;
$cansee = true;
}
else {
// On s'assure que l'utilisateur à la permission de voir
$page=$entity->getPage();
$em->getRepository("CadolesPortalBundle:Page")->getPermission($this->getUser(),$page,$cansee,$canupdate);
if(!$cansee) throw $this->createNotFoundException('Permission denied');
}
// Récupération de la requete
$this->setRequest($request,$id,$access);
// Récupération des paramétres du widget
$apponly=0;
$view="small";
foreach($entity->getParameter()["fields"] as $parameter) {
foreach($this->entity->getParameter()["fields"] as $parameter) {
switch($parameter["id"]) {
case "apponly":
$apponly=$parameter["value"];
@ -2102,18 +1693,10 @@ class PagewidgetController extends Controller
}
}
// Préference utilisateur
$this->getPreference($entity);
return $this->render($this->labelentity.':viewonlydoc.html.twig', [
'entity' => $entity,
'canadd' => $canupdate,
'canupdate' => $canupdate,
'access' => $access,
return $this->getRender('viewonlydoc.html.twig', [
'canadd' => $this->canupdate,
'directory' => $id,
'view' => $view,
'look' => $look,
'mini' => ($look=="list"&&$entity->getId()!=$selwidget),
]);
}
}

View File

@ -410,7 +410,6 @@ class ProjectController extends Controller
}
if(!$cansee) throw $this->createNotFoundException('Permission denied');
$canupdate=$this->get('session')->get('cancreateproject');
}

View File

@ -116,6 +116,7 @@ class ProjecttaskController extends Controller
$user=$this->getUser();
$em->getRepository("CadolesPortalBundle:Project")->getPermission($user,$entity->getProject(),$cansee,$canupdate,$canadd);
if($user && ((is_null($entity->getUser()) && $user==$entity->getOwner()) || $user==$entity->getUser())) $canadd=true;
else $canadd = $em->getRepository("CadolesPortalBundle:Project")->getInvalideur($user,$entity->getProject());
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}
@ -180,6 +181,7 @@ class ProjecttaskController extends Controller
$user=$this->getUser();
$em->getRepository("CadolesPortalBundle:Project")->getPermission($user,$entity->getProject(),$cansee,$canupdate,$canadd);
if($user && ((is_null($entity->getUser()) && $user==$entity->getOwner()) || $user==$entity->getUser())) $canadd=true;
else $canadd = $em->getRepository("CadolesPortalBundle:Project")->getInvalideur($user,$entity->getProject());
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}
@ -233,6 +235,7 @@ class ProjecttaskController extends Controller
}
else {
$em->getRepository("CadolesPortalBundle:Project")->getPermission($user,$entity->getProject(),$cansee,$canupdate,$canadd);
$canadd = $em->getRepository("CadolesPortalBundle:Project")->getInvalideur($user,$entity->getProject());
}
if(!$cansee) throw $this->createNotFoundException('Permission denied');
@ -266,17 +269,6 @@ class ProjecttaskController extends Controller
$tmp["thumb"]="";
if($tmp["extension"]=="pdf") {
$tmp["thumb"]="/".$this->getParameter('alias')."/bundles/cadolescore/images/files/".$tmp["extension"].".png";
/* ne plus afficher l'apercu du pdf
if($fs->exists($directory."/thumbmini/".$tmp["name"])) {
$data = file_get_contents($directory."/thumbmini/".$tmp["name"]);
$tmp["thumb"]="data:image/jpg;base64," . base64_encode($data);
}
elseif($fs->exists($directory."/thumb/".$tmp["name"])) {
$data = file_get_contents($directory."/thumb/".$tmp["name"]);
$tmp["thumb"]="data:image/jpg;base64," . base64_encode($data);
}
*/
}
elseif($fs->exists($directory."/thumbmini/".$tmp["name"])) {
$data = file_get_contents($directory."/thumbmini/".$tmp["name"]);
@ -353,7 +345,7 @@ class ProjecttaskController extends Controller
$project=$em->getRepository("CadolesPortalBundle:Project")->find($projectid);
if($project) {
$user=$this->getUser();
$em->getRepository("CadolesPortalBundle:Project")->getPermission($user,$project,$cansee,$canupdate,$canadd);
$canadd = $em->getRepository("CadolesPortalBundle:Project")->getInvalideur($user,$project);
// Si permission alors il peut affecter tt les personnes du groupe
if($canadd||$access=="config") {
@ -405,9 +397,8 @@ class ProjecttaskController extends Controller
// On s'assure que l'utilisateur à la permission de modifier
if($access=="user") {
$user=$this->getUser();
$em->getRepository("CadolesPortalBundle:Project")->getPermission($user,$entity->getProject(),$cansee,$canupdate,$canadd);
if($user && ((is_null($entity->getUser()) && $user==$entity->getOwner()) || $user==$entity->getUser())) $canadd=true;
else $canadd = $em->getRepository("CadolesPortalBundle:Project")->getInvalideur($user,$entity->getProject());
if(!$canadd) throw $this->createNotFoundException('Permission denied');
}

View File

@ -37,8 +37,8 @@ class SlideController extends Controller
}
else {
$groupentity=$this->getDoctrine()->getRepository("CadolesCoreBundle:Group")->find($group);
$fgmanager=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity,"fgmanager"=>true]);
if(!$fgmanager) throw $this->createNotFoundException('Permission denied');
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity]);
if(!$usergroup||$usergroup->getRolegroup()<50) throw $this->createNotFoundException('Permission denied');
}
}
@ -81,8 +81,8 @@ class SlideController extends Controller
}
else {
$groupentity=$this->getDoctrine()->getRepository("CadolesCoreBundle:Group")->find($group);
$fgmanager=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity,"fgmanager"=>true]);
if(!$fgmanager) throw $this->createNotFoundException('Permission denied');
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity]);
if(!$usergroup||$usergroup->getRolegroup()<50) throw $this->createNotFoundException('Permission denied');
}
}
@ -142,8 +142,8 @@ class SlideController extends Controller
}
else {
$groupentity=$this->getDoctrine()->getRepository("CadolesCoreBundle:Group")->find($group);
$fgmanager=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity,"fgmanager"=>true]);
if(!$fgmanager) throw $this->createNotFoundException('Permission denied');
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity]);
if(!$usergroup||$usergroup->getRolegroup()<50) throw $this->createNotFoundException('Permission denied');
}
}
@ -206,8 +206,8 @@ class SlideController extends Controller
}
else {
$groupentity=$this->getDoctrine()->getRepository("CadolesCoreBundle:Group")->find($group);
$fgmanager=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity,"fgmanager"=>true]);
if(!$fgmanager) throw $this->createNotFoundException('Permission denied');
$usergroup=$this->getDoctrine()->getRepository("CadolesCoreBundle:UserGroup")->findoneby(["user"=>$this->getUser(),"group"=>$groupentity]);
if(!$usergroup||$usergroup->getRolegroup()<50) throw $this->createNotFoundException('Permission denied');
}
}

View File

@ -132,6 +132,17 @@ class Calendar
return $this;
}
private $canadd;
public function getCanadd()
{
return $this->canadd;
}
public function setCanadd($canadd)
{
$this->canadd = $canadd;
return $this;
}
/* Password User */
public function setPassword($password)
{

View File

@ -35,8 +35,9 @@ class BlogShareType extends AbstractType
->where('g.fgcanshare=:fgcanshare')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('ug.fgmanager=:fgcanshare')
->andWhere('ug.rolegroup>=:role')
->setParameter('fgcanshare',true)
->setParameter('role',90)
->setParameter('user',$user);
},
'choice_label' => 'label',

View File

@ -75,13 +75,13 @@ class BlogarticleType extends AbstractType
->orwhere(':user MEMBER OF blog.writers')
->from('CadolesCoreBundle:UserGroup','usergroup')
->orwhere('usergroup.group MEMBER OF blog.groups AND usergroup.user=:user AND usergroup.fgmanager=:flag')
->orwhere('usergroup.group MEMBER OF blog.groups AND usergroup.user=:user AND usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:User','user')
->andwhere("user=:user")
->setparameter('user',$user)
->setparameter('flag',true);
->setparameter('role',50);
},
]);

View File

@ -35,8 +35,9 @@ class CalendarShareType extends AbstractType
->where('g.fgcanshare=:fgcanshare')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('ug.fgmanager=:fgcanshare')
->andWhere('ug.rolegroup>=:role')
->setParameter('fgcanshare',true)
->setParameter('role',90)
->setParameter('user',$user);
},
'choice_label' => 'label',

View File

@ -35,8 +35,9 @@ class PageShareType extends AbstractType
->where('g.fgcanshare=:fgcanshare')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('ug.fgmanager=:fgcanshare')
->andWhere('ug.rolegroup>=:role')
->setParameter('fgcanshare',true)
->setParameter('role',90)
->setParameter('user',$user);
},
'choice_label' => 'label',

View File

@ -100,8 +100,9 @@ class PageSubmitType extends AbstractType
->where('g.fgcanshare=:fgcanshare')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('ug.fgmanager=:fgcanshare')
->andWhere('ug.rolegroup>=:role')
->setParameter('fgcanshare',true)
->setParameter('role',90)
->setParameter('user',$user);
},
])

View File

@ -35,8 +35,9 @@ class ProjectShareType extends AbstractType
->where('g.fgcanshare=:fgcanshare')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('ug.fgmanager=:fgcanshare')
->andWhere('ug.rolegroup>=:role')
->setParameter('fgcanshare',true)
->setParameter('role',90)
->setParameter('user',$user);
},
'choice_label' => 'label',

View File

@ -129,7 +129,7 @@ class BlogRepository extends EntityRepository
// Permission sur les blogs
foreach($blogsadmin as $blogadmin) {
$blogadmin->setCanupdate(false);
$blogadmin->setCanupdate($this->getInmanager($user,$blogadmin));
$blogadmin->setCanadd($this->getInwriter($user,$blogadmin));
}
}
@ -150,28 +150,6 @@ class BlogRepository extends EntityRepository
$roles=($user?$user->getRoles():["ROLE_ANONYME"]);
$groups=($user?$user->getGroups():[]);
// La blog est-elle dans les blogs associées à un partage de group ?
/*
$inblogsshared=$this->createQueryBuilder('blog')
->from('CadolesCoreBundle:Group','g')
->from('CadolesCoreBundle:UserGroup','ug')
->from('CadolesCoreBundle:UserGroup','proprio')
->where('g.fgcanshare=:fgcanshare')
->andWhere('blog.id = :id')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('g MEMBER OF blog.groups')
->andWhere('blog.user != :user')
->andWhere('blog.user is not null')
->andWhere('proprio.user=blog.user')
->andWhere('proprio.group=g')
->setParameter("id",$blog->getId())
->setParameter('fgcanshare',true)
->setParameter('user',$user)
->getQuery()->getResult();
if($inblogsshared) $cansee=true;
*/
// La blog est-elle dans les blogs associées au role de l'utilisateur ?
foreach($roles as $role) {
$qb = $this->createQueryBuilder("blog");
@ -196,9 +174,12 @@ class BlogRepository extends EntityRepository
if($inbloggroup) {
$cansee=true;
// Est-il manager du groupe
if($group->getGroup()->getFgcanshare()) {
if($group->getFgmanager()) $canadd=true;
// Est-il collaborateur du groupe
if($group->getRolegroup()>=50) $canadd=true;
// Est-il gestionnaire du groupe
if($group->getRolegroup()>=90) $canupdate=true;
}
}
}
@ -210,7 +191,7 @@ class BlogRepository extends EntityRepository
}
public function getInwriter($user,$blog) {
$canadd=false;
$can=false;
if($user) {
// Peut ecrire ceux qui sont déclaré comme écrivain
@ -229,9 +210,9 @@ class BlogRepository extends EntityRepository
->setparameter('user',$user);
$inblogwriters=$qb->getQuery()->getResult();
if($inblogwriters) $canadd=true;
if($inblogwriters) $can=true;
// Peut ecrire ceux qui sont manager du groupe auquel est rattaché le blog
// Peut ecrire ceux qui sont collaborateur du groupe auquel est rattaché le blog
$qb = $this->createQueryBuilder("blog");
$qb ->andWhere("blog.id=:id")
->from('CadolesCoreBundle:User','user')
@ -240,7 +221,7 @@ class BlogRepository extends EntityRepository
->from('CadolesCoreBundle:UserGroup','usergroup')
->andwhere('usergroup.group MEMBER OF blog.groups')
->andwhere('usergroup.user=:user')
->andwhere('usergroup.fgmanager=:flag')
->andwhere('usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:Group','groupe')
->andwhere('groupe=usergroup.group')
@ -248,13 +229,47 @@ class BlogRepository extends EntityRepository
->setParameter("id",$blog->getId())
->setparameter('user',$user)
->setparameter('flag',true);
->setparameter('flag',true)
->setparameter('role',50);
$inblogwriters=$qb->getQuery()->getResult();
if($inblogwriters) $can=true;
}
return $can;
}
public function getInmanager($user,$blog) {
$can=false;
if($user) {
// Peut ecrire ceux qui sont manager du groupe auquel est rattaché le calendar
$qb = $this->createQueryBuilder("blog");
$qb ->andWhere("blog.id=:id")
->from('CadolesCoreBundle:User','user')
->andwhere("user=:user")
->from('CadolesCoreBundle:UserGroup','usergroup')
->andwhere('usergroup.group MEMBER OF blog.groups')
->andwhere('usergroup.user=:user')
->andwhere('usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:Group','groupe')
->andwhere('groupe=usergroup.group')
->andwhere('groupe.fgcanshare=:flag')
->setParameter("id",$blog->getId())
->setparameter('user',$user)
->setparameter('flag',true)
->setparameter('role',90);
$inblogwriters=$qb->getQuery()->getResult();
if($inblogwriters) $canadd=true;
if($inblogwriters) $can=true;
}
return $canadd;
return $can;
}
}

View File

@ -53,6 +53,7 @@ class CalendarRepository extends EntityRepository
if($calendarsuser) {
foreach($calendarsuser as $calendaruser) {
$calendaruser->setCanupdate(true);
$calendaruser->setCanadd(true);
}
}
@ -109,18 +110,21 @@ class CalendarRepository extends EntityRepository
// Permission sur les calendars
foreach($calendarsadmin as $calendaradmin) {
$calendaradmin->setCanupdate($this->getInwriter($user,$calendaradmin));
$calendaradmin->setCanupdate($this->getInmanager($user,$calendaradmin));
$calendaradmin->setCanadd($this->getInwriter($user,$calendaradmin));
}
}
public function getPermission($user,$calendar,&$cansee,&$canupdate) {
public function getPermission($user,$calendar,&$cansee,&$canupdate,&$canadd) {
// si calendar de l'utilisateur
if($calendar->getUser()==$user&&!is_null($user)) {
$cansee=true;
$canupdate=true;
$canadd=true;
}
else {
$canupdate=false;
$canadd=false;
$cansee=false;
// Profilage
@ -153,7 +157,8 @@ class CalendarRepository extends EntityRepository
// Est-il manager du groupe
if($group->getGroup()->getFgcanshare()) {
if($group->getFgmanager()) $canupdate=true;
if($group->getRolegroup()>=90) $canupdate=true;
if($group->getRolegroup()>=50) $canadd=true;
}
}
}
@ -161,7 +166,7 @@ class CalendarRepository extends EntityRepository
}
public function getInwriter($user,$calendar) {
$canadd=false;
$can=false;
if($user) {
// Peut ecrire ceux qui sont manager du groupe auquel est rattaché le calendar
@ -173,22 +178,56 @@ class CalendarRepository extends EntityRepository
->from('CadolesCoreBundle:UserGroup','usergroup')
->andwhere('usergroup.group MEMBER OF calendar.groups')
->andwhere('usergroup.user=user')
->andwhere('usergroup.fgmanager=:flag')
->andwhere('usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:Group','groupe')
->andwhere('groupe=usergroup.group')
->andwhere('groupe.fgcanshare=:flag')
->setParameter("id",$calendar->getId())
->setParameter("role",50)
->setparameter('user',$user)
->setparameter('flag',true);
$inblogwriters=$qb->getQuery()->getResult();
if($inblogwriters) $canadd=true;
if($inblogwriters) $can=true;
}
return $canadd;
return $can;
}
public function getInmanager($user,$calendar) {
$can=false;
if($user) {
// Peut ecrire ceux qui sont manager du groupe auquel est rattaché le calendar
$qb = $this->createQueryBuilder("calendar");
$qb ->andWhere("calendar.id=:id")
->from('CadolesCoreBundle:User','user')
->andwhere("user=:user")
->from('CadolesCoreBundle:UserGroup','usergroup')
->andwhere('usergroup.group MEMBER OF calendar.groups')
->andwhere('usergroup.user=user')
->andwhere('usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:Group','groupe')
->andwhere('groupe=usergroup.group')
->andwhere('groupe.fgcanshare=:flag')
->setParameter("id",$calendar->getId())
->setParameter("role",90)
->setparameter('user',$user)
->setparameter('flag',true);
$inblogwriters=$qb->getQuery()->getResult();
if($inblogwriters) $can=true;
}
return $can;
}
}

View File

@ -100,10 +100,12 @@ class CalendareventRepository extends EntityRepository
// On récupère soit les calendriers du group en cours soit l'ensemble des calendriers de l'utilisateur
if($usage=="group") {
$calendars=$em->getRepository("CadolesPortalBundle:Calendar")->getCalendarsGroup($user,$group);
if($calendars) $firstcalendar=$calendars[0]->getId();
}
else {
$em->getRepository("CadolesPortalBundle:Calendar")->getCalendarsUser($user,$calendarssuser,$calendarsadmin,$calendarsshared);
$calendars=array_merge($calendarssuser,$calendarsadmin->toArray(),$calendarsshared);
$firstcalendar="all";
}
// Début & fin
@ -184,7 +186,6 @@ class CalendareventRepository extends EntityRepository
else {
$em->getRepository("CadolesPortalBundle:Project")->getProjectsUser($user,$projectssuser,$projectsadmin,$projectsshared);
$projects=array_merge($projectssuser,$projectsadmin->toArray(),$projectsshared);
$firstcalendar="all";
}
foreach($projects as $project) {

View File

@ -128,7 +128,7 @@ class PageRepository extends EntityRepository
else {
// Si l'utilisateur est manager du group il aura les permissions de modification sur la page
$usergroup=$this->getEntityManager()->getRepository("CadolesCoreBundle:UserGroup")->findOneBy(["user"=>$user,"group"=>$groupshared]);
if($usergroup&&$usergroup->getFgmanager()) {
if($usergroup&&$usergroup->getRolegroup()>=90) {
foreach($pagesshared as $key2 => $pageshared) {
$pagesshared[$key2]->setCanupdate(true);
}
@ -298,11 +298,12 @@ class PageRepository extends EntityRepository
}
}
public function getPermission($user,$page,&$cansee,&$canupdate) {
public function getPermission($user,$page,&$cansee,&$canupdate,&$canadd) {
// si page de l'utilisateur
if($page->getUser()==$user&&!is_null($user)) {
$cansee=true;
$canupdate=true;
$canadd=true;
}
else {
$canupdate=false;
@ -361,7 +362,8 @@ class PageRepository extends EntityRepository
$cansee=true;
// Est-il manager du groupe
if($group->getGroup()->getFgcanshare()) {
if($group->getFgmanager()) $canupdate=true;
if($group->getRolegroup()>=90) $canupdate=true;
if($group->getRolegroup()>=50) $canadd=true;
}
}
}

View File

@ -68,34 +68,6 @@ class ProjectRepository extends EntityRepository
// projects partagées
$projectsshared=[];
/*
if($user) {
$projectsshared=$this->createQueryBuilder('project')
->from('CadolesCoreBundle:Group','g')
->from('CadolesCoreBundle:UserGroup','ug')
->from('CadolesCoreBundle:UserGroup','proprio')
->where('g.fgcanshare=:fgcanshare')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('g MEMBER OF project.groups')
->andWhere('project.user != :user')
->andWhere('project.user is not null')
->andWhere('proprio.user=project.user')
->andWhere('proprio.group=g')
->setParameter('fgcanshare',true)
->setParameter('user',$user)
->addOrderBy('project.name', 'ASC')
->getQuery()->getResult();
}
// Permission sur les projects
if($projectsshared) {
foreach($projectsshared as $projectshared) {
$projectshared->setCanupdate(false);
$projectshared->setCanadd($this->getInwriter($user,$projectshared));
}
}
*/
// Initialisation du calcul des projects
$projectsadmin=new ArrayCollection();
@ -129,7 +101,7 @@ class ProjectRepository extends EntityRepository
// Permission sur les projects
foreach($projectsadmin as $projectadmin) {
$projectadmin->setCanupdate(false);
$projectadmin->setCanupdate($this->getInmanager($user,$projectadmin));
$projectadmin->setCanadd($this->getInwriter($user,$projectadmin));
}
}
@ -150,28 +122,6 @@ class ProjectRepository extends EntityRepository
$roles=($user?$user->getRoles():["ROLE_ANONYME"]);
$groups=($user?$user->getGroups():[]);
// Le project est-il dans les projects associés à un partage de group ?
/*
$inprojectsshared=$this->createQueryBuilder('project')
->from('CadolesCoreBundle:Group','g')
->from('CadolesCoreBundle:UserGroup','ug')
->from('CadolesCoreBundle:UserGroup','proprio')
->where('g.fgcanshare=:fgcanshare')
->andWhere('project.id = :id')
->andWhere('g=ug.group')
->andWhere('ug.user=:user')
->andWhere('g MEMBER OF project.groups')
->andWhere('project.user != :user')
->andWhere('project.user is not null')
->andWhere('proprio.user=project.user')
->andWhere('proprio.group=g')
->setParameter("id",$project->getId())
->setParameter('fgcanshare',true)
->setParameter('user',$user)
->getQuery()->getResult();
if($inprojectsshared) $cansee=true;
*/
// Le project est-il dans les projects associés au role de l'utilisateur ?
foreach($roles as $role) {
$qb = $this->createQueryBuilder("project");
@ -198,7 +148,8 @@ class ProjectRepository extends EntityRepository
// Est-il manager du groupe
if($group->getGroup()->getFgcanshare()) {
if($group->getFgmanager()) $canadd=true;
if($group->getRolegroup()>=90) $canupdate=true;
if($group->getRolegroup()>=0) $canadd=true;
}
}
}
@ -210,7 +161,7 @@ class ProjectRepository extends EntityRepository
}
public function getInwriter($user,$project) {
$canadd=false;
$can=false;
if($user) {
// Peut ecrire ceux qui sont déclaré comme écrivain
@ -229,7 +180,7 @@ class ProjectRepository extends EntityRepository
->setparameter('user',$user);
$inprojectwriters=$qb->getQuery()->getResult();
if($inprojectwriters) $canadd=true;
if($inprojectwriters) $can=true;
// Peut ecrire ceux qui sont manager du groupe auquel est rattaché le project
$qb = $this->createQueryBuilder("project");
@ -240,7 +191,7 @@ class ProjectRepository extends EntityRepository
->from('CadolesCoreBundle:UserGroup','usergroup')
->andwhere('usergroup.group MEMBER OF project.groups')
->andwhere('usergroup.user=:user')
->andwhere('usergroup.fgmanager=:flag')
->andwhere('usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:Group','groupe')
->andwhere('groupe=usergroup.group')
@ -248,13 +199,80 @@ class ProjectRepository extends EntityRepository
->setParameter("id",$project->getId())
->setparameter('user',$user)
->setparameter('flag',true);
->setparameter('flag',true)
->setparameter('role',0);
$inprojectwriters=$qb->getQuery()->getResult();
if($inprojectwriters) $canadd=true;
if($inprojectwriters) $can=true;
}
return $canadd;
return $can;
}
public function getInmanager($user,$project) {
$can=false;
if($user) {
// Peut ecrire ceux qui sont manager du groupe auquel est rattaché le project
$qb = $this->createQueryBuilder("project");
$qb ->andWhere("project.id=:id")
->from('CadolesCoreBundle:User','user')
->andwhere("user=:user")
->from('CadolesCoreBundle:UserGroup','usergroup')
->andwhere('usergroup.group MEMBER OF project.groups')
->andwhere('usergroup.user=user')
->andwhere('usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:Group','groupe')
->andwhere('groupe=usergroup.group')
->andwhere('groupe.fgcanshare=:flag')
->setParameter("id",$project->getId())
->setParameter("role",90)
->setparameter('user',$user)
->setparameter('flag',true);
$inblogwriters=$qb->getQuery()->getResult();
if($inblogwriters) $can=true;
}
return $can;
}
public function getInvalideur($user,$project) {
$can=false;
if($user) {
// Peut ecrire ceux qui sont manager du groupe auquel est rattaché le project
$qb = $this->createQueryBuilder("project");
$qb ->andWhere("project.id=:id")
->from('CadolesCoreBundle:User','user')
->andwhere("user=:user")
->from('CadolesCoreBundle:UserGroup','usergroup')
->andwhere('usergroup.group MEMBER OF project.groups')
->andwhere('usergroup.user=user')
->andwhere('usergroup.rolegroup>=:role')
->from('CadolesCoreBundle:Group','groupe')
->andwhere('groupe=usergroup.group')
->andwhere('groupe.fgcanshare=:flag')
->setParameter("id",$project->getId())
->setParameter("role",50)
->setparameter('user',$user)
->setparameter('flag',true);
$inblogwriters=$qb->getQuery()->getResult();
if($inblogwriters) $can=true;
}
return $can;
}
}

View File

@ -69,7 +69,7 @@
<div class="blogtitle">
<legend><h1>{{entity.name}}</h1></legend>
<small>publié par {{ entity.user.username }} le {{ entity.submit|date("d/m/Y à H:i") }} dans le blog {{entity.blog.name }}</small>
{% if canadd %}
{% if canupdate %}
<a href="{{ path("cadoles_portal_"~access~"_blogarticle_update",{'id':entity.id}) }}"><i class="fa fa-file"></i></a>
{% endif %}
</div>
@ -87,7 +87,7 @@
<div class="blogtitle">
<legend><h2>{{comment.name}}</h2></legend>
<small>publié par {{ comment.user.username }} le {{ comment.submit|date("d/m/Y à H:i") }}</small>
{% if canadd or app.user==comment.user%}
{% if canupdate or app.user==comment.user%}
<a href="{{ path("cadoles_portal_"~access~"_blogcomment_update",{'id':comment.id}) }}"><i class="fa fa-file"></i></a>
{% endif %}
</div>
@ -100,7 +100,7 @@
<div class="blogtitle">
<legend><h2 style="font-size:85%">{{reply.name}}</h2></legend>
<small>publié par {{ reply.user.username }} le {{ reply.submit|date("d/m/Y à H:i") }}</small>
{% if canadd or app.user==reply.user%}
{% if canupdate or app.user==reply.user%}
<a href="{{ path("cadoles_portal_"~access~"_blogcomment_update",{'id':reply.id}) }}"><i class="fa fa-file"></i></a>
{% endif %}
</div>

View File

@ -24,8 +24,6 @@
{% for calendar in calendars %}
<li id="menucalendar-{{calendar.id}}" data-open="{% if calendar.canupdate %}true{%endif%}" class="{% if entity.id is defined and entity.id==calendar.id%}active{%endif%}" style="cursor:pointer">
<a href="{{ path("cadoles_portal_user_calendar_view",{'id':calendar.id}) }}">
{% if not calendar.groups is empty %}
<i class="fa fa-users fa-fw"></i>
@ -33,7 +31,7 @@
<i class="fa fa-user fa-fw"></i>
{%endif%}
{{ calendar.name }}
{% if calendar.canupdate %}
{% if calendar.canadd %}
<i class="fa fa-pencil"></i>
{% else %}
<i class="fa fa-lock"></i>
@ -81,7 +79,7 @@
{% endfor %}
{% else %}
{% for calendar in calendars %}
{% if calendar.canupdate %}
{% if calendar.canadd %}
<option value='{{ calendar.id}}'>{{ calendar.name}}</option>
{% endif %}
{% endfor %}
@ -162,7 +160,7 @@
{% endfor %}
{% else %}
{% for calendar in calendars %}
{% if calendar.canupdate %}
{% if calendar.canadd %}
<option value='{{ calendar.id}}'>{{ calendar.name}}</option>
{% endif %}
{% endfor %}
@ -290,13 +288,13 @@
{% if entity.id is defined %}
{% for calendar in calendars %}
{% if calendar.id==entity.id %}
showCalendar({{ calendar.id }}, {{ calendar.canupdate }});
showCalendar({{ calendar.id }}, {{ calendar.canadd }});
{% endif %}
{% endfor %}
{% else %}
{% set onecalendarcanupdate = false %}
{% for calendar in calendars %}
{% if calendar.canupdate %}
{% if calendar.canadd %}
{% set onecalendarcanupdate = true %}
{% endif %}
{% endfor %}
@ -334,7 +332,7 @@
}
// Affichages des calendars
function showCalendar(id,canupdate) {
function showCalendar(id,canadd) {
idcalendar=id;
@ -359,9 +357,9 @@
$('#calendar').fullCalendar( 'destroy' );
$('#calendar').fullCalendar({
lang: 'fr',
selectable: canupdate,
selectable: canadd,
selectHelper: true,
editable: canupdate,
editable: canadd,
eventLimit: true,
defaultView: defautView,

View File

@ -33,8 +33,9 @@
{% endif %}
{% if access=="config" %}
<a title="Gérer mes Blogs" href='{{ path('cadoles_portal_config_blog') }}' style="{{ stylewidgetmenu }}"><i class="fa fa-plus fa-fw"></i></a>
<a title="Gérer mes Blogs" href='{{ path('cadoles_portal_config_blog') }}' style="{{ stylewidgetmenu }}"><i class="fa fa-th fa-fw"></i></a>
{% else %}
{% if canadd %}
{% set idblog = "" %}
{% set url= path('cadoles_portal_user_blogarticle_submit') %}
{% if usage=="group" and firstblog is defined %}
@ -44,6 +45,13 @@
<a title="Créer un Article" onClick="showFrameitem('blog','{{ url }}',true)" style="{{ stylewidgetmenu }}"><i class="fa fa-plus fa-fw"></i></a>
{% endif %}
{% set url= path('cadoles_portal_user_blog_view') %}
{% if usage=="group" and firstblog is defined %}
{% set url= path('cadoles_portal_user_blog_view',{id:firstblog}) %}
{% endif %}
<a title="Voir mes Blogs" onClick="showFrameitem('blog','{{ url }}',true)" style="{{ stylewidgetmenu }}"><i class="fa fa-th fa-fw"></i></a>
{% endif %}
{% if look=="list" %}
<i class="glyphicon glyphicon-resize-small" title="Réduire le Widget" onClick="smallWidget({{ entity.id }})" style="{{ stylewidgetmenu }}"></i>

View File

@ -51,6 +51,9 @@
{% if canupdate %}
<i class="fa fa-trash fa-fw" title="Supprimer le Widget" onClick="delWidget({{ entity.id }})" style="{{ stylewidgetmenu }}"></i>
<i class="fa fa-file fa-fw" title="Modifier le Widget" onClick="modWidget({{ entity.id }})" style="{{ stylewidgetmenu }}"></i>
{% endif %}
{% if canadd %}
<i class="fa fa-plus fa-fw" title="Ajouter un Favori" onClick="addBookmark({{ entity.id }},false)" style="{{ stylewidgetmenu }}"></i>
{% endif %}
@ -70,7 +73,7 @@
<span class="title">{{ entity.name }}</span>
</div>
{% if bookmarks is not empty or canupdate %}
{% if bookmarks is not empty or canadd %}
<div class="widgetbody" style="{{ stylewidgetbody }}">
<div class="bookmark-container">
<div class="grid clearfix">
@ -79,7 +82,7 @@
{% for bookmark in bookmarks %}
<div class="grid-item {{ stylegrid }}">
<div class="grid-item-content" style="background-color: {{ bookmark.color ? "#"~bookmark.color : "#"~color['main'] }};">
{% if canupdate %}
{% if canadd %}
<a style="cursor:pointer" onClick="modBookmark({{ bookmark.id }})" class="item-update"><i style="color: #FFF" class="fa fa-file" title="Modifier le favori"></i></a>
{% endif %}
@ -110,7 +113,7 @@
</div>
{% endfor %}
{% if canupdate %}
{% if canadd %}
<div class="grid-item {{ stylegrid }}">
<div title="Ajouter un Favori" onClick="addBookmark({{ entity.id }},false)" class="grid-item-content" style="background-color: #{{color['main']}};cursor:pointer;">
<div class="item-link clearfix">

View File

@ -64,16 +64,16 @@
<span class="title">{{ entity.name }}</span>
</div>
{% if files|length>0 or canupdate %}
{% if files|length>0 or canadd %}
<div class="widgetbody" style="{{ stylewidgetbody }}">
<div class="grid clearfix">
{% if canupdate %}
{% if canadd %}
<div class="grid-sizer grid-image"></div>
<div class="grid-gutter-sizer"></div>
{% endif %}
{% for file in files|sort %}
{% if loop.index==1 and not canupdate %}
{% if loop.index==1 and not canadd %}
<div class="grid-sizer grid-image"></div>
<div class="grid-gutter-sizer grid-gutter-sizer-image"></div>
{% endif %}

View File

@ -99,7 +99,11 @@
<div class="grid-item-title">
<h2 style="{{ stylewidgetbodyreverse }};">
{{ member.user.lastname }} {{ member.user.firstname }}
{% if member.fgmanager %}
{% if member.rolegroup==100 %}
<br><i class="fa fa-star"></i><i class="fa fa-star"></i><i class="fa fa-star"></i>
{% elseif member.rolegroup==90 %}
<br><i class="fa fa-star"></i><i class="fa fa-star"></i>
{% elseif member.rolegroup==50 %}
<br><i class="fa fa-star"></i>
{% endif %}
</h2>

View File

@ -40,13 +40,16 @@
{% if access=="config" %}
<a href='{{ path('cadoles_portal_config_project') }}' style="{{ stylewidgetmenu }}"><i class="fa fa-plus fa-fw"></i></a>
{% else %}
{% elseif app.user %}
{% set idproject = "" %}
{% set url= path('cadoles_portal_user_projecttask_submit') %}
{% set urladd= path('cadoles_portal_user_projecttask_submit') %}
{% set urlview= path('cadoles_portal_user_project_view') %}
{% if usage=="group" and firstproject is defined %}
{% set url= path('cadoles_portal_user_projecttask_submit',{idproject:firstproject,page:entity.page.id}) %}
{% set urladd= path('cadoles_portal_user_projecttask_submit',{idproject:firstproject,page:entity.page.id}) %}
{% set urlview= path('cadoles_portal_user_project_view',{id:firstproject}) %}
{% endif %}
<a onClick="showFrameitem('project','{{ url }}',true)" style="{{ stylewidgetmenu }}" title="Ajouter une Tâche"><i class="fa fa-plus fa-fw"></i></a>
<a onClick="showFrameitem('project','{{ urladd }}',true)" style="{{ stylewidgetmenu }}" title="Ajouter une Tâche"><i class="fa fa-plus fa-fw"></i></a>
<a onClick="showFrameitem('project','{{ urlview }}',true)" style="{{ stylewidgetmenu }}" title="Gérer mes Tâches"><i class="fa fa-th fa-fw"></i></a>
{% endif %}
{% if look=="list" %}

View File

@ -170,7 +170,7 @@
{% if entity.id is defined %}
{% for project in projects %}
{% if project.id==entity.id %}
showProject({{ project.id }}, {{ project.canupdate }});
showProject({{ project.id }}, {{ project.canadd }});
{% endif %}
{% endfor %}
{% else %}

View File

@ -61,7 +61,7 @@ class ChatController extends Controller
// Récupération des message parent du groupe
$messages=$em->getRepository("CadolesWebsocketBundle:Message")->findBy(["group"=>$group,"parent"=>null],["submitdate"=>"DESC"],30);
$messages=$em->getRepository("CadolesWebsocketBundle:Message")->findBy(["group"=>$group,"parent"=>null],["submitdate"=>"DESC"]);
foreach($messages as $message) {
$haveread = ($message->getReaders()->contains($user));
$havesee = ($message->getSees()->contains($user));
@ -109,7 +109,7 @@ class ChatController extends Controller
'colorbody' => $colorbody,
'colormain' => $colormain,
'ingroup' => ($usergroup),
'fgmanager' => ($usergroup&&($usergroup->getFgmanager()||$user->getRole()=="ROLE_ADMIN"||$user->getRole()=="ROLE_MODO")),
'canmanage' => ($usergroup&&($usergroup->getRolegroup()>=90||$user->getRole()=="ROLE_ADMIN"||$user->getRole()=="ROLE_MODO")),
'form' => $form->createView()
]);
}

View File

@ -71,6 +71,7 @@
width:100%;
margin:20px 0px 5px 0px;
height:150px;
color:#000000;
}
.sendreply { width:100%}
@ -127,7 +128,7 @@
<div id='message-{{message.id}}' class='message row {{classread}} {{classsee}}'>
<div class='msgavatar'>
<img style='cursor:pointer' onclick='seeUser({{message.user.id}})' id='user_avatar_img' src='/{{ alias }}/uploads/avatar/{{message.user.avatar}}' class='avatar'><br>
{% if fgmanager or message.user == app.user %}
{% if canmanage or message.user == app.user %}
<i class='delmessage fa fa-trash fa-fw' data-id='{{message.id}}' title='Supprimer' style='cursor: pointer;'></i>
{% endif %}
{% if not message.havesee %}
@ -158,7 +159,7 @@
<div style='cursor:pointer' onclick='seeUser({{child.user.id}})'><small>{{ child.user.lastname }} {{ child.user.firstname }}</small></div>
<small>{{child.submitdate|date('d/m/Y H:i')}}</small>
{% if fgmanager or child.user == app.user %}
{% if canmanage or child.user == app.user %}
<i class='delmessage fa fa-trash fa-fw' data-id='{{child.id}}' title='Supprimer' style='cursor: pointer;'></i>
{% endif %}
{% if not child.havesee %}
@ -390,7 +391,7 @@
html ="<div id='message-"+payload.msg.id+"' class='message row message-toread'>";
html+="<div class='msgavatar'>";
html+="<img style='pointer:cursor' onclick='seeUser("+payload.msg.userid+")' id='user_avatar_img' src='/{{ alias }}/uploads/avatar/"+payload.msg.avatar+"' class='avatar'><br>";
if(payload.msg.userid=={{app.user.id}} || '{{ fgmanager }}'=='1') {
if(payload.msg.userid=={{app.user.id}} || '{{ canmanage }}'=='1') {
html+="<i class='delmessage fa fa-trash fa-fw' data-id='"+payload.msg.id+"' title='Supprimer' style='cursor: pointer;'></i>";
}
html+="<i id='hidemessage-"+payload.msg.id+"' class='hidemessage fa fa-eye-slash fa-fw' data-id='"+payload.msg.id+"' title='Ne plus afficher' style='cursor: pointer;'></i>";
@ -422,7 +423,7 @@
html+=nl2br(payload.msgreply.message);
html+="<div style='cursor:pointer' onclick='seeUser("+payload.msgreply.userid+")'><small>"+payload.msgreply.lastname+"</small></div>";
html+="<small>"+new Date(payload.msgreply.submitdate.date).toLocaleDateString("fr-FR", dateoptions)+"</small>";
if(payload.msgreply.userid=={{app.user.id}} || '{{ fgmanager }}'=='1') {
if(payload.msgreply.userid=={{app.user.id}} || '{{ canmanage }}'=='1') {
html+="<i class='delmessage fa fa-trash fa-fw' data-id='"+payload.msgreply.id+"' title='Supprimer' style='cursor: pointer;'></i>";
}
html+="<i id='hidemessage-"+payload.msgreply.id+"' class='hidemessage fa fa-eye-slash fa-fw' data-id='"+payload.msgreply.id+"' title='Ne plus afficher' style='cursor: pointer;'></i>";
@ -791,7 +792,7 @@
html ="<div id='message-"+data.id+"' class='message row message-toread'>";
html+="<div class='msgavatar'>";
html+="<img style='cursor:pointer' onclick='seeUser("+data.userid+")' id='user_avatar_img' src='/{{ alias }}/uploads/avatar/"+data.useravatar+"' class='avatar'><br>";
if(data.userid=={{app.user.id}} || '{{ fgmanager }}'=='1') {
if(data.userid=={{app.user.id}} || '{{ canmanage }}'=='1') {
html+="<i class='delmessage fa fa-trash fa-fw' data-id='"+data.id+"' style='cursor: pointer;'></i>";
}
if (!data.havesee) {
@ -821,7 +822,7 @@
html+=nl2br(child.message);
html+="<div style='cursor:pointer' onclick='seeUser("+child.userid+")'><small>"+child.userlastname+"</small></div>";
html+="<small>"+new Date(child.submitdate.date).toLocaleDateString("fr-FR", dateoptions)+"</small>";
if(child.userid=={{app.user.id}} || '{{ fgmanager }}'=='1') {
if(child.userid=={{app.user.id}} || '{{ canmanage }}'=='1') {
html+="<i class='delmessage fa fa-trash fa-fw' data-id='"+child.id+"' title='Supprimer' style='cursor: pointer;'></i>";
}
html+="<i id='hidemessage-"+child.id+"' class='hidemessage fa fa-eye-slash fa-fw' data-id='"+child.id+"' title='Ne plus afficher' style='cursor: pointer;'></i>";

View File

@ -210,7 +210,7 @@ class WebsocketTopic implements TopicInterface
if($event["type"]=="del") {
$message=$this->em->getRepository("CadolesWebsocketBundle:Message")->find($event["id"]);
if($message&&($usergroup->getFgmanager()||$message->getUser()==$user||$user->getRole()=="ROLE_ADMIN"||$user->getRole()=="ROLE_MODO" )) {
if($message&&($usergroup->getRolegroup()>=90||$message->getUser()==$user||$user->getRole()=="ROLE_ADMIN"||$user->getRole()=="ROLE_MODO" )) {
$id=$message->getId();
$this->em->remove($message);
$this->em->flush();