Cadoles
/
ninegate
18
0
Fork 0
Code Issues 29 Pull Requests Projects 1 Releases Wiki Activity
ninegate/src/ninegate-1.0/src/Cadoles/CoreBundle/Controller/UserController.php

676 lines
27 KiB
PHP
Raw Blame History

<?php
namespace Cadoles\CoreBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Form\FormError;
use Symfony\Bundle\FrameworkBundle\Console\Application;
use Symfony\Component\Console\Input\ArrayInput;
use Symfony\Component\Console\Output\BufferedOutput;
use Symfony\Component\Console\Output\OutputInterface;
use Cadoles\CoreBundle\Entity\User;
use Cadoles\CoreBundle\Entity\UserGroup;
use Cadoles\CoreBundle\Entity\UserModo;
use Cadoles\CoreBundle\Form\UserType;
class UserController extends Controller
{
private $labelroute = 'cadoles_core_config_user';
private $labelentity = 'CadolesCoreBundle:User';
private $labeldata = 'user';
private $labeldatas = 'users';
public function listAction($access)
{
return $this->render('CadolesCoreBundle:User:list.html.twig',[
'useheader' => true,
'usemenu' => false,
'usesidebar' => ($access=="config"),
'access' => $access
]);
}
public function ajaxlistAction($access, Request $request)
{
// S'assurer que c'est un appel ajax
if (!$request->isXmlHttpRequest()) {
return new JsonResponse(array('message' => 'Interdit'), 400);
}
$em = $this->getDoctrine()->getManager();
$start=$request->query->get('start');
$length= $request->query->get('length');
$search= $request->query->get('search');
$draw= $request->query->get('draw');
$order= $request->query->get('order');
$viewniveau02=$this->getParameter('viewniveau02');
// Nombre total d'enregistrement
if($this->isGranted('ROLE_ADMIN'))
$total = $em->createQueryBuilder()->select('COUNT(user)')->from($this->labelentity,'user')->getQuery()->getSingleScalarResult();
elseif($this->isGranted('ROLE_MODO')) {
$usermodo=$this->get('security.token_storage')->getToken()->getUser()->getId();
$total = $em->createQueryBuilder()
->select('COUNT(user)')
->from($this->labelentity,'user')
->from("CadolesCoreBundle:UserModo",'usermodo')
->where("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo)
->getQuery()->getSingleScalarResult();
}
elseif($this->isGranted('ROLE_USER')) {
$niveau01=$this->get('security.token_storage')->getToken()->getUser()->getNiveau01();
$total = $em->createQueryBuilder()
->select('COUNT(user)')
->from($this->labelentity,'user')
->where("user.niveau01 = :niveau01")
->setParameter("niveau01", $niveau01)
->getQuery()->getSingleScalarResult();
}
// Nombre d'enregistrement filtré
if($search["value"]=="")
$totalf = $total;
else {
if($this->isGranted('ROLE_ADMIN'))
$totalf= $em->createQueryBuilder()
->select('COUNT(user)')
->from('CadolesCoreBundle:User','user')
->from('CadolesCoreBundle:Niveau01', 'niveau01')
->where('user.niveau01=niveau01.id')
->andWhere('user.username LIKE :value OR user.firstname LIKE :value OR user.lastname LIKE :value OR user.email LIKE :value OR user.role LIKE :value OR niveau01.label LIKE :value')
->setParameter("value", "%".$search["value"]."%")
->getQuery()
->getSingleScalarResult();
elseif($this->isGranted('ROLE_MODO'))
$totalf= $em->createQueryBuilder()
->select('COUNT(user)')
->from('CadolesCoreBundle:User','user')
->from('CadolesCoreBundle:Niveau01', 'niveau01')
->from('CadolesCoreBundle:UserModo', 'usermodo')
->where('user.niveau01=niveau01.id')
->andWhere('user.username LIKE :value OR user.firstname LIKE :value OR user.lastname LIKE :value OR user.email LIKE :value OR user.role LIKE :value OR niveau01.label LIKE :value')
->andwhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo)
->setParameter("value", "%".$search["value"]."%")
->getQuery()
->getSingleScalarResult();
elseif($this->isGranted('ROLE_USER'))
$totalf= $em->createQueryBuilder()
->select('COUNT(user)')
->from('CadolesCoreBundle:User','user')
->from('CadolesCoreBundle:Niveau01', 'niveau01')
->where('user.niveau01=niveau01.id')
->andWhere('user.username LIKE :value OR user.firstname LIKE :value OR user.lastname LIKE :value OR user.email LIKE :value OR user.role LIKE :value OR niveau01.label LIKE :value')
->andWhere("user.niveau01 = :niveau01")
->setParameter("niveau01", $niveau01)
->setParameter("value", "%".$search["value"]."%")
->getQuery()
->getSingleScalarResult();
}
// Construction du tableau de retour
$output = array(
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => array(),
);
// Parcours des Enregistrement
$qb = $em->createQueryBuilder();
if($this->isGranted('ROLE_ADMIN')) {
$qb->select('user')->from($this->labelentity,'user')->from('CadolesCoreBundle:Niveau01','niveau01');
$qb->where('user.niveau01=niveau01.id');
}
elseif($this->isGranted('ROLE_MODO')) {
$qb->select('user')->from($this->labelentity,'user')->from('CadolesCoreBundle:Niveau01','niveau01')->from('CadolesCoreBundle:UserModo', 'usermodo');
$qb->where('user.niveau01=niveau01.id')
->andwhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo);
}
elseif($this->isGranted('ROLE_USER')) {
$qb->select('user')->from($this->labelentity,'user')->from('CadolesCoreBundle:Niveau01','niveau01');
$qb->where('user.niveau01=niveau01.id')
->andwhere("user.niveau01 = :niveau01")
->setParameter("niveau01", $niveau01);
}
if($search["value"]!="") {
$qb ->andWhere('user.username LIKE :value OR user.firstname LIKE :value OR user.lastname LIKE :value OR user.email LIKE :value OR user.role LIKE :value OR niveau01.label LIKE :value')
->setParameter("value", "%".$search["value"]."%");
}
if($access=="config") {
switch($order[0]["column"]) {
case 2 :
$qb->orderBy('user.username',$order[0]["dir"]);
break;
case 3 :
$qb->orderBy('user.lastname',$order[0]["dir"]);
break;
case 4 :
$qb->orderBy('user.firstname',$order[0]["dir"]);
break;
case 5 :
$qb->orderBy('user.email',$order[0]["dir"]);
break;
case 6 :
$qb->orderBy('niveau01.label',$order[0]["dir"]);
break;
case 9 :
$qb->orderBy('user.role',$order[0]["dir"]);
break;
}
}
else {
switch($order[0]["column"]) {
case 1 :
$qb->orderBy('user.username',$order[0]["dir"]);
break;
case 2 :
$qb->orderBy('user.lastname',$order[0]["dir"]);
break;
case 3 :
$qb->orderBy('user.firstname',$order[0]["dir"]);
break;
case 4 :
$qb->orderBy('user.email',$order[0]["dir"]);
break;
case 5 :
$qb->orderBy('niveau01.label',$order[0]["dir"]);
break;
case 7 :
$qb->orderBy('user.role',$order[0]["dir"]);
break;
}
}
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
foreach($datas as $data) {
// Action
$action = "";
if($access=="config") {
$action.="<a href='".$this->generateUrl('cadoles_core_config_user_update', array('id'=>$data->getId()))."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
if($data->getId()>0&&$this->GetParameter("masteridentity")!="LDAP") {
$action.="<a href='".$this->generateUrl('cadoles_core_config_user_delete', array('id'=>$data->getId()))."'><i class='fa fa-trash fa-fw fa-2x'></i></a>";
}
}
// Groupes
$groups="";
foreach($data->getGroups() as $usergroup) {
$groups.=$usergroup->getGroup()->getLabel()."<br>";
}
$tmp=array();
if($access=="config") array_push($tmp,$action);
array_push($tmp,"<img src='/".$this->container->getParameter('alias')."/uploads/avatar/".$data->getAvatar()."' class='avatar' style='margin:auto;display:block;'>");
array_push($tmp,$data->getUsername());
array_push($tmp,$data->getLastname());
array_push($tmp,$data->getFirstname());
array_push($tmp,"<a href='mailto:".$data->getEmail()."'>".$data->getEmail()."</a>");
array_push($tmp,$data->getNiveau01()->getLabel());
if($viewniveau02) array_push($tmp,($data->getNiveau02()!==null?$data->getNiveau02()->getLabel():""));
array_push($tmp,$groups);
array_push($tmp,$data->getRole());
array_push($output["data"],$tmp);
}
// Retour
return new Response(json_encode($output), 200);
}
public function submitAction(Request $request)
{
// Vérifier que l'on puisse créer
if($this->GetParameter("masteridentity")!="SQL")
throw $this->createNotFoundException('Permission denied');
// Initialisation de l'enregistrement
$data = new User();
// Création du formulaire
$form = $this->createForm(UserType::class,$data,array(
"mode"=>"submit",
"access"=>"config",
"perm"=>$this->isGranted('ROLE_ADMIN'),"userid"=>$this->get('security.token_storage')->getToken()->getUser()->getId(),
"masteridentity"=>$this->GetParameter("masteridentity")
));
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur erreur
$this->getErrorForm(null,$form,$request,$data,"submit");
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
$em = $this->getDoctrine()->getManager();
// On récupère le SIREN et le SIRET
$data->setSiren($data->getNiveau01()->getSiren());
$data->setSiret($data->getNiveau02()!==null?$data->getNiveau02()->getSiret():"");
// On récupère les groupes et on cacule ceux à ajouter ou à supprimer
$lstgroups=array_filter(explode(",",$form->get("linkgroups")->getData()));
$lstmodos=array_filter(explode(",",$form->get("linkmodos")->getData()));
// Sauvegarde
$em->persist($data);
$em->flush();
// On récupére l'enregistrement inséré
$iduser=$data->getId();
// Ajout des groupes
foreach($lstgroups as $idgroup) {
$group= new UserGroup();
$group->setUser($data);
$datagroup = $em->getRepository("CadolesCoreBundle:Group")->find($idgroup);
$user->setGroup($datagroup);
$em->persist($group);
$em->flush();
}
// Ajout des modos
foreach($lstmodos as $idmodo) {
$modo= new UserModo();
$modo->setUser($data);
$dataniveau01 = $em->getRepository("CadolesCoreBundle:Niveau01")->find($idmodo);
$modo->setNiveau01($dataniveau01);
$em->persist($modo);
$em->flush();
}
// Retour à la liste
return $this->redirectToRoute($this->labelroute);
}
// Affichage du formulaire
return $this->render($this->labelentity.':edit.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => true,
$this->labeldata => $data,
'mode' => 'submit',
'access' => 'config',
'listgroups' => $this->getListGroups("config"),
'listmodos' => $this->getListModos(),
'form' => $form->createView()
]);
}
public function updateAction($id,$access,Request $request)
{
// Récupération de l'enregistrement courant
$data=$this->getData($id);
$oldpassword=$data->getPassword();
// Si un acces modo via console d'admin on s'assure qu'il a les droit dessus sinon retour à la liste
if($this->isGranted('ROLE_MODO')&&$access=="config") {
$niveau01=$data->getNiveau01();
$modos=$this->get('security.token_storage')->getToken()->getUser()->getmodos();
$fgperm=false;
foreach($modos as $modo) {
if($modo->getNiveau01()==$niveau01) $fgperm=true;
}
if(!$fgperm) return $this->redirectToRoute($this->labelroute);
}
// Récuparation des groupes associés
$oldlstgroups=[];
foreach($data->getGroups() as $group){
$oldlstgroups[] = $group->getGroup()->getId();
}
// Récuparation des modos associés
$oldlstmodos=[];
foreach($data->getModos() as $modo){
$oldlstmodos[] = $modo->getNiveau01()->getId();
}
// Vérifier que cet enregistrement est modifiable
// Création du formulaire
$form = $this->createForm(UserType::class,$data,array(
"mode"=>"update",
"access"=>$access,
"perm"=>($access=="config"?$this->isGranted('ROLE_ADMIN'):false),
"userid"=>$this->get('security.token_storage')->getToken()->getUser()->getId(),
"masteridentity"=>$this->GetParameter("masteridentity")
));
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur erreur
$this->getErrorForm($id,$form,$request,$data,"update");
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$em = $this->getDoctrine()->getManager();
$data = $form->getData();
// Si pas de changement de password on replace l'ancien
if($data->getPassword()=="") {
$data->setPassword($oldpassword);
}
// Sinon on encode le nouveau
else {
$data->setPassword($data->getPassword());
}
// Sauvegarde
$em->persist($data);
$em->flush();
// On récupère les groupes et on cacule ceux à ajouter ou à supprimer
$lstgroups=array_filter(explode(",",$form->get("linkgroups")->getData()));
$removegroups=array_diff($oldlstgroups,$lstgroups);
$addgroups=array_diff($lstgroups,$oldlstgroups);
// Ajout des nouveaux groupes
foreach($addgroups as $idgroup) {
$group= new UserGroup();
$group->setUser($data);
$datagroup = $em->getRepository("CadolesCoreBundle:Group")->find($idgroup);
$group->setGroup($datagroup);
$em->persist($group);
$em->flush();
}
// Suppression des groupes obsolètes
foreach($removegroups as $idgroup) {
// Lien Group User
$usergroups = $em ->createQueryBuilder()
->select('table')
->from('CadolesCoreBundle:UserGroup', 'table')
->where('table.user = :user AND table.group = :group')
->setParameter('user', $id)
->setParameter('group', $idgroup)
->getQuery()
->getResult();
foreach($usergroups as $usergroup) {
$em->remove($usergroup);
$em->flush();
}
}
// On récupère les modos et on cacule ceux à ajouter ou à supprimer
$lstmodos=array_filter(explode(",",$form->get("linkmodos")->getData()));
if($data->getRole()!="ROLE_MODO")
$lstmodos=array();
$removemodos=array_diff($oldlstmodos,$lstmodos);
$addmodos=array_diff($lstmodos,$oldlstmodos);
// Ajout des nouveaux modos
foreach($addmodos as $idmodo) {
$modo= new UserModo();
$modo->setUser($data);
$dataniveau01 = $em->getRepository("CadolesCoreBundle:Niveau01")->find($idmodo);
$modo->setNiveau01($dataniveau01);
$em->persist($modo);
$em->flush();
}
// Suppression des modos obsolètes
foreach($removemodos as $idmodo) {
// Lien Group User
$usermodos = $em ->createQueryBuilder()
->select('table')
->from('CadolesCoreBundle:UserModo', 'table')
->where('table.user = :user AND table.niveau01 = :niveau01')
->setParameter('user', $id)
->setParameter('niveau01', $idmodo)
->getQuery()
->getResult();
foreach($usermodos as $usermodo) {
$em->remove($usermodo);
$em->flush();
}
}
// Retour à la liste
if($access=="config")
return $this->redirectToRoute($this->labelroute);
else
return $this->redirectToRoute("cadoles_core_home");
}
// Affichage du formulaire
return $this->render($this->labelentity.':edit.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ($access=="config"),
'maxwidth' => ($access=="user"),
$this->labeldata => $data,
'mode' => 'update',
'access' => $access,
'listgroups' => $this->getListGroups($access),
'listmodos' => $this->getListModos(),
'form' => $form->createView()
]);
}
public function deleteAction($id,Request $request)
{
// Récupération de l'enregistrement courant
$data=$this->getData($id);
// Si un acces modo via console d'admin on s'assure qu'il a les droit dessus sinon retour à la liste
if($this->isGranted('ROLE_MODO')&&$access=="config") {
$niveau01=$data->getNiveau01();
$modos=$this->get('security.token_storage')->getToken()->getUser()->getmodos();
$fgperm=false;
foreach($modos as $modo) {
if($modo->getNiveau01()==$niveau01) $fgperm=true;
}
if(!$fgperm) return $this->redirectToRoute($this->labelroute);
}
// Vérifier que cet enregistrement est supprimable
if($this->GetParameter("masteridentity")=="LDAP")
throw $this->createNotFoundException('Permission denied');
// Création du formulaire
$form = $this->createForm(UserType::class,$data,array(
"mode"=>"delete",
"access"=>"config",
"perm"=>false,
"userid"=>$this->get('security.token_storage')->getToken()->getUser()->getId(),
"masteridentity"=>$this->GetParameter("masteridentity")
));
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur erreur
$this->getErrorForm($id,$form,$request,$data,"delete");
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->remove($data);
$em->flush();
return $this->redirectToRoute($this->labelroute);
}
// Affichage du formulaire
return $this->render($this->labelentity.':edit.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => true,
$this->labeldata => $data,
'mode' => 'delete',
'access' => 'config',
'listgroups' => $this->getListGroups("config"),
'listmodos' => $this->getListModos(),
'form' => $form->createView()
]);
}
public function syncAction(Request $request)
{
$kernel = $this->get('kernel');
$application = new Application($kernel);
$application->setAutoExit(false);
$command = $application->find('Core:Synchro');
$parameter = new ArrayInput(['simulate' => 'false']);
$output = new BufferedOutput(OutputInterface::VERBOSITY_NORMAL,false);
$command->run($parameter, $output);
$content = $output->fetch();
return $this->render('CadolesCoreBundle:Core:command.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => true,
"title" =>"Synchronisation avec Annuaire",
"return_path" =>"cadoles_core_config_user",
"content" =>$content
]);
}
public function profilAction(Request $request)
{
$user = $this->get('security.token_storage')->getToken()->getUser();
return $this->updateAction($user->getId(),"user",$request);
}
protected function getDatas()
{
$em = $this->getDoctrine()->getManager();
$datas = $em->getRepository($this->labelentity)->findAll();
return $datas;
}
protected function getData($id)
{
$em = $this->getDoctrine()->getManager();
$data = $em->getRepository($this->labelentity)->find($id);
if (!$data) {
throw $this->createNotFoundException('Unable to find '.$this->labeldata);
}
return $data;
}
protected function getRegistrationBy($key,$value)
{
$em = $this->getDoctrine()->getManager();
$datas = $em->createQueryBuilder()
->select('u')
->from('CadolesCoreBundle:registration', 'u')
->where('u.'.$key.'=:value')
->getQuery()->setParameter("value", $value)
->getResult();
if (!$datas) return false;
else return true;
}
protected function getListGroups($access)
{
$em = $this->getDoctrine()->getManager();
$qb=$em->createQueryBuilder();
$qb->select('b')->from('CadolesCoreBundle:Group','b');
if($access!="config")
$qb->where("b.fgopen=true");
$qb->andWhere("b.ldapfilter IS NULL");
$qb->andWhere("b.attributes IS NULL");
$datas=$qb->getQuery()->getResult();
return $datas;
}
protected function getListModos()
{
$em = $this->getDoctrine()->getManager();
$qb=$em->createQueryBuilder();
$qb->select('b')->from('CadolesCoreBundle:Niveau01','b');
$datas=$qb->getQuery()->getResult();
return $datas;
}
protected function getErrorForm($id,$form,$request,$data,$mode) {
if ($form->get('submit')->isClicked()&&$mode=="delete") {
}
if ($form->get('submit')->isClicked() && ($mode=="submit" || $mode=="update")) {
// Taille du login > 5
if (is_null($data->getUsername()) || strlen($data->getUsername()) < '5') {
$form->addError(new FormError('Taille minimum du login 5 caractères'));
}
// On s'assure que le username ne contient pas des caractères speciaux
$string = preg_replace('~[^@a-zA-Z0-9._-]~', '', $data->getUsername());
if($string!=$data->getUsername())
{
$form->addError(new FormError('Caractères interdit dans votre login'));
}
// On s'assure que le username et le mail n'existe pas dans la table des users
if($this->getRegistrationBy("username",$data->getUsername())||$this->getRegistrationBy("email",$data->getEmail())) {
$form->addError(new FormError('Une inscription utilise déjà ce login ou cet email'));
}
}
if ($form->get('submit')->isClicked() && !$form->isValid()) {
$this->get('session')->getFlashBag()->clear();
$validator = $this->get('validator');
$errors = $validator->validate($data);
foreach( $errors as $error ) {
$request->getSession()->getFlashBag()->add("error", $error->getMessage());
}
$errors = $form->getErrors();
foreach( $errors as $error ) {
$request->getSession()->getFlashBag()->add("error", $error->getMessage());
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink