fix(manager): manager access && flag isvisible
All checks were successful
Cadoles/nineskeletor/pipeline/head This commit looks good
Cadoles/nineskeletor/pipeline/pr-master This commit looks good

This commit is contained in:
Arnaud Fornerot 2022-10-04 11:32:05 +02:00
parent 5fa52efe9f
commit 58518ec70d
13 changed files with 163 additions and 35 deletions

12
.env
View File

@ -50,11 +50,13 @@ APP_NIVEAU04MANDATORY='[""]'
APP_GROUPUSE=1
APP_GROUPSUBMITER='["ALL"]'
APP_ANNUSCOPEADMIN=ALL
APP_ANNUSCOPEMODO=ALL
APP_ANNUSCOPEMASTER=ALL
APP_ANNUSCOPEMANAGER=ALL
APP_ANNUSCOPEUSER=ALL
APP_ANNUSCOPEADMIN=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEMODO=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEMASTER=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEMANAGER=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEUSER=ALL # ALL or number of niveau view : 1||2||3||4
APP_USERVIEWISVISIBLE=1 # Profil user with isvisible field
# Synchronisation
APP_SYNCHRO= # Synchronisation null | LDAP2NINE | NINE2LDAP | NINE2NINE

View File

@ -8,7 +8,7 @@ body {
color: var(--colorfttitledark);
}
.header a, #sidebar a, #sidebar hr{
.header h1, .header a, #sidebar a, #sidebar hr{
color: var(--colorfttitledark);
}

View File

@ -738,6 +738,37 @@ app_modo_user_delete:
controller: App\Controller\UserController::delete
defaults: { access: modo }
#-- Access manager
app_manager_user:
path: /manager/user
controller: App\Controller\UserController::list
defaults: { access: manager }
app_manager_user_tablelist:
path: /manager/user/tablelist
controller: App\Controller\UserController::tablelist
defaults: { access: manager }
app_manager_user_selectlist:
path: /manager/user/selectlist
controller: App\Controller\UserController::selectlist
defaults: { access: manager }
app_manager_user_submit:
path: /manager/user/submit
controller: App\Controller\UserController::submit
defaults: { access: manager }
app_manager_user_update:
path: /manager/user/update/{id}
controller: App\Controller\UserController::update
defaults: { access: manager }
app_manager_user_delete:
path: /manager/user/delete/{id}
controller: App\Controller\UserController::delete
defaults: { access: manager }
#-- Access all
app_all_user:
path: /all/update

View File

@ -40,6 +40,8 @@ parameters:
appAnnuscopemanager: '%env(resolve:APP_ANNUSCOPEMANAGER)%'
appAnnuscopeuser: '%env(resolve:APP_ANNUSCOPEUSER)%'
appUserviewisvisible: '%env(resolve:APP_USERVIEWISVISIBLE)%'
appSynchro: '%env(resolve:APP_SYNCHRO)%'
appSynchroPurgeNiveau01: '%env(resolve:APP_SYNDCHROPURGENIVEAU01)%'
appSynchroPurgeNiveau02: '%env(resolve:APP_SYNDCHROPURGENIVEAU02)%'

View File

@ -10,16 +10,36 @@ class HomeController extends AbstractController
{
public function home(Request $request): Response
{
if ($request->getSession()->get('fgforceconnect')) {
return $this->redirectToRoute('app_user_home');
if ($request->getSession()->get('fgforceconnect')&&!$this->getUser()) {
return $this->redirectToRoute('app_login');
}
return $this->render('Home/home.html.twig', [
'useheader' => true,
'usemenu' => true,
'usesidebar' => false,
'maxsize' => 1000,
]);
if(!$this->getUser()) {
dump("here");
return $this->render('Home/home.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => false,
'maxsize' => 1000,
]);
}
if ($this->getUser()->hasRole("ROLE_USER"))
return $this->redirectToRoute('app_user_home');
if ($this->getUser()->hasRole("ROLE_MANAGER"))
return $this->redirectToRoute('app_manager_home');
if ($this->getUser()->hasRole("ROLE_MASTER"))
return $this->redirectToRoute('app_master_home');
if ($this->getUser()->hasRole("ROLE_MODO"))
return $this->redirectToRoute('app_modo_home');
if ($this->getUser()->hasRole("ROLE_ADMIN"))
return $this->redirectToRoute('app_admin_home');
}
public function homeuser($access): Response
@ -32,9 +52,19 @@ class HomeController extends AbstractController
]);
}
public function homeadmin($access): Response
public function homemaster($access): Response
{
return $this->redirectToRoute('app_admin_config');
return $this->render('Home/home.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => false,
'maxsize' => 1000,
]);
}
public function homemanager($access): Response
{
return $this->redirectToRoute('app_manager_user');
}
public function homemodo($access): Response
@ -42,6 +72,12 @@ class HomeController extends AbstractController
return $this->redirectToRoute('app_modo_niveau02');
}
public function homeadmin($access): Response
{
return $this->redirectToRoute('app_admin_config');
}
public function docrest(): Response
{
return $this->render('Home/docrest.html.twig', [

View File

@ -79,7 +79,8 @@ class UserController extends AbstractController
break;
default:
$isactive = true;
$isactive = ($access=="manager"?$em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true):true);
$niveau01 = $this->getUser()->getNiveau01();
$niveau02 = $this->getUser()->getNiveau02();
$niveau03 = $this->getUser()->getNiveau03();
@ -247,7 +248,7 @@ class UserController extends AbstractController
}
if ($ordercolumn) {
if ('admin' == $access || 'modo' == $access) {
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
$ordercolumn = $ordercolumn - 1;
}
@ -298,6 +299,17 @@ class UserController extends AbstractController
case 'modo':
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
break;
case 'manager':
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$data->getNiveau03()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
elseif(!$this->getUser()->getNiveau03()&&$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$data->getNiveau02()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
elseif(!$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$data->getNiveau01()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
break;
}
// Groupes
@ -313,7 +325,7 @@ class UserController extends AbstractController
}
$tmp = [];
if ('admin' == $access || 'modo' == $access) {
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
array_push($tmp, $action);
}
@ -381,6 +393,14 @@ class UserController extends AbstractController
$data->setIsactive(true);
$data->setApikey(Uuid::uuid4());
// If manager set same niveau to usertosubmit
if($access=="manager") {
$data->setNiveau01($this->getUser()->getNiveau01());
$data->setNiveau02($this->getUser()->getNiveau02());
$data->setNiveau03($this->getUser()->getNiveau03());
$data->setRoles(["ROLE_USER"]);
}
// Création du formulaire
$form = $this->createForm(Form::class, $data, [
'mode' => 'submit',
@ -395,6 +415,7 @@ class UserController extends AbstractController
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]);
// Récupération des data du formulaire
@ -514,6 +535,7 @@ class UserController extends AbstractController
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]);
// Récupération des data du formulaire
@ -678,6 +700,8 @@ class UserController extends AbstractController
break;
case 'modo': return true;
break;
case 'manager': return true;
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
@ -687,6 +711,7 @@ class UserController extends AbstractController
switch ($access) {
case 'admin': return true;
break;
case 'modo':
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
if (!$usermodo) {
@ -695,6 +720,21 @@ class UserController extends AbstractController
return true;
break;
case 'manager':
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$entity->getNiveau03()) {
return true;
}
elseif($this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$entity->getNiveau02()) {
return true;
}
elseif($this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$entity->getNiveau01()) {
return true;
}
throw $this->createAccessDeniedException('Permission denied');
break;
case 'all':
if ($this->getUser()->getId() != $entity->getId()) {
throw $this->createAccessDeniedException('Permission denied');

View File

@ -270,7 +270,7 @@ class AppFixtures extends Fixture
// User USER
$this->writeln("User User");
$userid=-299;
$userid=-399;
$usercpt=0;
$niveau03s=$manager->getRepository('App\Entity\Niveau03')->findAll();
foreach($niveau03s as $niveau03) {

View File

@ -181,13 +181,15 @@ class UserType extends AbstractType
);
}
$choices = ['oui' => '1', 'non' => '0'];
$builder->add('isvisible',
ChoiceType::class, [
'label' => 'Visible',
'choices' => $choices,
]
);
if(($access!="all"&&$access!="manager")||$options["appUserviewisvisible"]) {
$choices = ['oui' => '1', 'non' => '0'];
$builder->add('isvisible',
ChoiceType::class, [
'label' => 'Visible',
'choices' => $choices,
]
);
}
$builder->add('postaladress',
TextareaType::class, [
@ -285,6 +287,7 @@ class UserType extends AbstractType
'appNiveau04use' => 'string',
'appNiveau04label' => 'string',
'appNiveauupdatable' => 'string',
'appUserviewisvisible' => 'string',
]);
}
}

View File

@ -44,6 +44,11 @@ class AppSession
$session->set('colorbgbodydark-darkrgb', $this->hexToRgb($session->get('colorbgbodydark-darker')));
$session->set('colorbgbodydark-lightrgb', $this->hexToRgb($session->get('colorbgbodydark-lighter')));
// Préférence par défaut
$session->set('fgheader', true);
$session->set('fgaudit', false);
// Current user
$token = $this->token->getToken();
if (!$token) {
@ -51,10 +56,6 @@ class AppSession
}
$curentuser = $token->getUser();
// Préférence par défaut
$session->set('fgheader', true);
$session->set('fgaudit', false);
// Préférence
if ('anon.' != $curentuser) {
$preference = $curentuser->getPreference();

View File

@ -13,5 +13,13 @@
{{ render(path("app_publish_sample",{id:2})) }}
</div>
</div>
{% else %}
<div style="text-align:center">
<img src="{{ path('app_minio_image',{file:"logo/"~app.session.get("logolight")}) }}" style="height:120px;margin-top:10px;margin-bottom:20px;">
<h1 style="border:none">{{app.session.get('appname')}}</h1>
<div style="max-width:600px; text-align:justify; margin:auto ">{{app.session.get('appdescription')|raw}}</div>
</div>
{% endif %}
{% endblock %}

View File

@ -11,7 +11,7 @@
{% block body %}
{{ form_start(form) }}
<h1 class="page-header">
{% if access=="admin" or access=="modo" %}
{% if access=="admin" or access=="modo" or access=="manager" %}
{% if mode=="update" %}
Modification Utilisateur = {{ user.username}}
{% else %}
@ -191,7 +191,7 @@
{{ form_row(form.firstname) }}
{{ form_row(form.lastname) }}
{{ form_row(form.email) }}
{{ form_row(form.isvisible) }}
{%if form.isvisible is defined %}{{ form_row(form.isvisible) }}{%endif%}
</div>
</div>

View File

@ -29,7 +29,7 @@
<table class="table table-striped table-bordered table-hover wrap" id="dataTables" style="width:100%; font-size:11px;">
<thead>
<tr>
{% if access=="admin" or access=="modo"%}
{% if access=="admin" or access=="modo" or access=="manager"%}
<th class="no-sort">Action</th>
{% endif %}
@ -67,6 +67,9 @@
{% elseif access=="modo" %}
order: [[ 2, "asc" ]],
ajax: "{{ path('app_modo_user_tablelist') }}",
{% elseif access=="manager" %}
order: [[ 2, "asc" ]],
ajax: "{{ path('app_manager_user_tablelist') }}",
{% else %}
order: [[ 1, "asc" ]],
ajax: "{{ path('app_all_user_tablelist') }}",

View File

@ -3,6 +3,8 @@
<head>
<meta http-equiv="Content-Type" content="text/html"; charset="utf-8" />
<title>{% block title %}{{app.session.get("appname")}}{% endblock %}</title>
<meta name="description" content="{{app.session.get("appdescription")|striptags|raw}}">
<link rel="shortcut icon" href="{{ path('app_minio_image',{file:"logo/"~app.session.get("logodark")}) }}" />
@ -33,7 +35,7 @@
{{app.session.get("appname")}}
</a>
<br>
<small>{{app.session.get("appsubname")}}</small>
<small><a href="{{ path('app_home')}}">{{app.session.get("appsubname")}}</a></small>
</h1>
<div class="pe-3">