fix(manager): manager access && flag isvisible
This commit is contained in:
parent
5fa52efe9f
commit
58518ec70d
12
.env
12
.env
|
|
@ -50,11 +50,13 @@ APP_NIVEAU04MANDATORY='[""]'
|
|||
APP_GROUPUSE=1
|
||||
APP_GROUPSUBMITER='["ALL"]'
|
||||
|
||||
APP_ANNUSCOPEADMIN=ALL
|
||||
APP_ANNUSCOPEMODO=ALL
|
||||
APP_ANNUSCOPEMASTER=ALL
|
||||
APP_ANNUSCOPEMANAGER=ALL
|
||||
APP_ANNUSCOPEUSER=ALL
|
||||
APP_ANNUSCOPEADMIN=ALL # ALL or number of niveau view : 1||2||3||4
|
||||
APP_ANNUSCOPEMODO=ALL # ALL or number of niveau view : 1||2||3||4
|
||||
APP_ANNUSCOPEMASTER=ALL # ALL or number of niveau view : 1||2||3||4
|
||||
APP_ANNUSCOPEMANAGER=ALL # ALL or number of niveau view : 1||2||3||4
|
||||
APP_ANNUSCOPEUSER=ALL # ALL or number of niveau view : 1||2||3||4
|
||||
|
||||
APP_USERVIEWISVISIBLE=1 # Profil user with isvisible field
|
||||
|
||||
# Synchronisation
|
||||
APP_SYNCHRO= # Synchronisation null | LDAP2NINE | NINE2LDAP | NINE2NINE
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ body {
|
|||
color: var(--colorfttitledark);
|
||||
}
|
||||
|
||||
.header a, #sidebar a, #sidebar hr{
|
||||
.header h1, .header a, #sidebar a, #sidebar hr{
|
||||
color: var(--colorfttitledark);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -738,6 +738,37 @@ app_modo_user_delete:
|
|||
controller: App\Controller\UserController::delete
|
||||
defaults: { access: modo }
|
||||
|
||||
#-- Access manager
|
||||
app_manager_user:
|
||||
path: /manager/user
|
||||
controller: App\Controller\UserController::list
|
||||
defaults: { access: manager }
|
||||
|
||||
app_manager_user_tablelist:
|
||||
path: /manager/user/tablelist
|
||||
controller: App\Controller\UserController::tablelist
|
||||
defaults: { access: manager }
|
||||
|
||||
app_manager_user_selectlist:
|
||||
path: /manager/user/selectlist
|
||||
controller: App\Controller\UserController::selectlist
|
||||
defaults: { access: manager }
|
||||
|
||||
app_manager_user_submit:
|
||||
path: /manager/user/submit
|
||||
controller: App\Controller\UserController::submit
|
||||
defaults: { access: manager }
|
||||
|
||||
app_manager_user_update:
|
||||
path: /manager/user/update/{id}
|
||||
controller: App\Controller\UserController::update
|
||||
defaults: { access: manager }
|
||||
|
||||
app_manager_user_delete:
|
||||
path: /manager/user/delete/{id}
|
||||
controller: App\Controller\UserController::delete
|
||||
defaults: { access: manager }
|
||||
|
||||
#-- Access all
|
||||
app_all_user:
|
||||
path: /all/update
|
||||
|
|
|
|||
|
|
@ -40,6 +40,8 @@ parameters:
|
|||
appAnnuscopemanager: '%env(resolve:APP_ANNUSCOPEMANAGER)%'
|
||||
appAnnuscopeuser: '%env(resolve:APP_ANNUSCOPEUSER)%'
|
||||
|
||||
appUserviewisvisible: '%env(resolve:APP_USERVIEWISVISIBLE)%'
|
||||
|
||||
appSynchro: '%env(resolve:APP_SYNCHRO)%'
|
||||
appSynchroPurgeNiveau01: '%env(resolve:APP_SYNDCHROPURGENIVEAU01)%'
|
||||
appSynchroPurgeNiveau02: '%env(resolve:APP_SYNDCHROPURGENIVEAU02)%'
|
||||
|
|
|
|||
|
|
@ -10,16 +10,36 @@ class HomeController extends AbstractController
|
|||
{
|
||||
public function home(Request $request): Response
|
||||
{
|
||||
if ($request->getSession()->get('fgforceconnect')) {
|
||||
return $this->redirectToRoute('app_user_home');
|
||||
if ($request->getSession()->get('fgforceconnect')&&!$this->getUser()) {
|
||||
return $this->redirectToRoute('app_login');
|
||||
}
|
||||
|
||||
return $this->render('Home/home.html.twig', [
|
||||
'useheader' => true,
|
||||
'usemenu' => true,
|
||||
'usesidebar' => false,
|
||||
'maxsize' => 1000,
|
||||
]);
|
||||
if(!$this->getUser()) {
|
||||
dump("here");
|
||||
|
||||
return $this->render('Home/home.html.twig', [
|
||||
'useheader' => true,
|
||||
'usemenu' => false,
|
||||
'usesidebar' => false,
|
||||
'maxsize' => 1000,
|
||||
]);
|
||||
}
|
||||
if ($this->getUser()->hasRole("ROLE_USER"))
|
||||
return $this->redirectToRoute('app_user_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_MANAGER"))
|
||||
return $this->redirectToRoute('app_manager_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_MASTER"))
|
||||
return $this->redirectToRoute('app_master_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_MODO"))
|
||||
return $this->redirectToRoute('app_modo_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_ADMIN"))
|
||||
return $this->redirectToRoute('app_admin_home');
|
||||
|
||||
|
||||
}
|
||||
|
||||
public function homeuser($access): Response
|
||||
|
|
@ -32,9 +52,19 @@ class HomeController extends AbstractController
|
|||
]);
|
||||
}
|
||||
|
||||
public function homeadmin($access): Response
|
||||
public function homemaster($access): Response
|
||||
{
|
||||
return $this->redirectToRoute('app_admin_config');
|
||||
return $this->render('Home/home.html.twig', [
|
||||
'useheader' => true,
|
||||
'usemenu' => false,
|
||||
'usesidebar' => false,
|
||||
'maxsize' => 1000,
|
||||
]);
|
||||
}
|
||||
|
||||
public function homemanager($access): Response
|
||||
{
|
||||
return $this->redirectToRoute('app_manager_user');
|
||||
}
|
||||
|
||||
public function homemodo($access): Response
|
||||
|
|
@ -42,6 +72,12 @@ class HomeController extends AbstractController
|
|||
return $this->redirectToRoute('app_modo_niveau02');
|
||||
}
|
||||
|
||||
public function homeadmin($access): Response
|
||||
{
|
||||
return $this->redirectToRoute('app_admin_config');
|
||||
}
|
||||
|
||||
|
||||
public function docrest(): Response
|
||||
{
|
||||
return $this->render('Home/docrest.html.twig', [
|
||||
|
|
|
|||
|
|
@ -79,7 +79,8 @@ class UserController extends AbstractController
|
|||
break;
|
||||
|
||||
default:
|
||||
$isactive = true;
|
||||
$isactive = ($access=="manager"?$em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true):true);
|
||||
|
||||
$niveau01 = $this->getUser()->getNiveau01();
|
||||
$niveau02 = $this->getUser()->getNiveau02();
|
||||
$niveau03 = $this->getUser()->getNiveau03();
|
||||
|
|
@ -247,7 +248,7 @@ class UserController extends AbstractController
|
|||
}
|
||||
|
||||
if ($ordercolumn) {
|
||||
if ('admin' == $access || 'modo' == $access) {
|
||||
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
|
||||
$ordercolumn = $ordercolumn - 1;
|
||||
}
|
||||
|
||||
|
|
@ -298,6 +299,17 @@ class UserController extends AbstractController
|
|||
case 'modo':
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
break;
|
||||
case 'manager':
|
||||
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$data->getNiveau03()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
elseif(!$this->getUser()->getNiveau03()&&$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$data->getNiveau02()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
elseif(!$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$data->getNiveau01()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
// Groupes
|
||||
|
|
@ -313,7 +325,7 @@ class UserController extends AbstractController
|
|||
}
|
||||
|
||||
$tmp = [];
|
||||
if ('admin' == $access || 'modo' == $access) {
|
||||
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
|
||||
array_push($tmp, $action);
|
||||
}
|
||||
|
||||
|
|
@ -381,6 +393,14 @@ class UserController extends AbstractController
|
|||
$data->setIsactive(true);
|
||||
$data->setApikey(Uuid::uuid4());
|
||||
|
||||
// If manager set same niveau to usertosubmit
|
||||
if($access=="manager") {
|
||||
$data->setNiveau01($this->getUser()->getNiveau01());
|
||||
$data->setNiveau02($this->getUser()->getNiveau02());
|
||||
$data->setNiveau03($this->getUser()->getNiveau03());
|
||||
$data->setRoles(["ROLE_USER"]);
|
||||
}
|
||||
|
||||
// Création du formulaire
|
||||
$form = $this->createForm(Form::class, $data, [
|
||||
'mode' => 'submit',
|
||||
|
|
@ -395,6 +415,7 @@ class UserController extends AbstractController
|
|||
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
|
||||
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
|
||||
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
|
||||
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
|
||||
]);
|
||||
|
||||
// Récupération des data du formulaire
|
||||
|
|
@ -514,6 +535,7 @@ class UserController extends AbstractController
|
|||
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
|
||||
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
|
||||
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
|
||||
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
|
||||
]);
|
||||
|
||||
// Récupération des data du formulaire
|
||||
|
|
@ -678,6 +700,8 @@ class UserController extends AbstractController
|
|||
break;
|
||||
case 'modo': return true;
|
||||
break;
|
||||
case 'manager': return true;
|
||||
break;
|
||||
}
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
}
|
||||
|
|
@ -687,6 +711,7 @@ class UserController extends AbstractController
|
|||
switch ($access) {
|
||||
case 'admin': return true;
|
||||
break;
|
||||
|
||||
case 'modo':
|
||||
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
|
||||
if (!$usermodo) {
|
||||
|
|
@ -695,6 +720,21 @@ class UserController extends AbstractController
|
|||
|
||||
return true;
|
||||
break;
|
||||
|
||||
case 'manager':
|
||||
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$entity->getNiveau03()) {
|
||||
return true;
|
||||
}
|
||||
elseif($this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$entity->getNiveau02()) {
|
||||
return true;
|
||||
}
|
||||
elseif($this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$entity->getNiveau01()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
break;
|
||||
|
||||
case 'all':
|
||||
if ($this->getUser()->getId() != $entity->getId()) {
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
|
|
|
|||
|
|
@ -270,7 +270,7 @@ class AppFixtures extends Fixture
|
|||
|
||||
// User USER
|
||||
$this->writeln("User User");
|
||||
$userid=-299;
|
||||
$userid=-399;
|
||||
$usercpt=0;
|
||||
$niveau03s=$manager->getRepository('App\Entity\Niveau03')->findAll();
|
||||
foreach($niveau03s as $niveau03) {
|
||||
|
|
|
|||
|
|
@ -181,13 +181,15 @@ class UserType extends AbstractType
|
|||
);
|
||||
}
|
||||
|
||||
$choices = ['oui' => '1', 'non' => '0'];
|
||||
$builder->add('isvisible',
|
||||
ChoiceType::class, [
|
||||
'label' => 'Visible',
|
||||
'choices' => $choices,
|
||||
]
|
||||
);
|
||||
if(($access!="all"&&$access!="manager")||$options["appUserviewisvisible"]) {
|
||||
$choices = ['oui' => '1', 'non' => '0'];
|
||||
$builder->add('isvisible',
|
||||
ChoiceType::class, [
|
||||
'label' => 'Visible',
|
||||
'choices' => $choices,
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
$builder->add('postaladress',
|
||||
TextareaType::class, [
|
||||
|
|
@ -285,6 +287,7 @@ class UserType extends AbstractType
|
|||
'appNiveau04use' => 'string',
|
||||
'appNiveau04label' => 'string',
|
||||
'appNiveauupdatable' => 'string',
|
||||
'appUserviewisvisible' => 'string',
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -44,6 +44,11 @@ class AppSession
|
|||
$session->set('colorbgbodydark-darkrgb', $this->hexToRgb($session->get('colorbgbodydark-darker')));
|
||||
$session->set('colorbgbodydark-lightrgb', $this->hexToRgb($session->get('colorbgbodydark-lighter')));
|
||||
|
||||
// Préférence par défaut
|
||||
$session->set('fgheader', true);
|
||||
$session->set('fgaudit', false);
|
||||
|
||||
|
||||
// Current user
|
||||
$token = $this->token->getToken();
|
||||
if (!$token) {
|
||||
|
|
@ -51,10 +56,6 @@ class AppSession
|
|||
}
|
||||
$curentuser = $token->getUser();
|
||||
|
||||
// Préférence par défaut
|
||||
$session->set('fgheader', true);
|
||||
$session->set('fgaudit', false);
|
||||
|
||||
// Préférence
|
||||
if ('anon.' != $curentuser) {
|
||||
$preference = $curentuser->getPreference();
|
||||
|
|
|
|||
|
|
@ -13,5 +13,13 @@
|
|||
{{ render(path("app_publish_sample",{id:2})) }}
|
||||
</div>
|
||||
</div>
|
||||
{% else %}
|
||||
<div style="text-align:center">
|
||||
<img src="{{ path('app_minio_image',{file:"logo/"~app.session.get("logolight")}) }}" style="height:120px;margin-top:10px;margin-bottom:20px;">
|
||||
<h1 style="border:none">{{app.session.get('appname')}}</h1>
|
||||
<div style="max-width:600px; text-align:justify; margin:auto ">{{app.session.get('appdescription')|raw}}</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
{% block body %}
|
||||
{{ form_start(form) }}
|
||||
<h1 class="page-header">
|
||||
{% if access=="admin" or access=="modo" %}
|
||||
{% if access=="admin" or access=="modo" or access=="manager" %}
|
||||
{% if mode=="update" %}
|
||||
Modification Utilisateur = {{ user.username}}
|
||||
{% else %}
|
||||
|
|
@ -191,7 +191,7 @@
|
|||
{{ form_row(form.firstname) }}
|
||||
{{ form_row(form.lastname) }}
|
||||
{{ form_row(form.email) }}
|
||||
{{ form_row(form.isvisible) }}
|
||||
{%if form.isvisible is defined %}{{ form_row(form.isvisible) }}{%endif%}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@
|
|||
<table class="table table-striped table-bordered table-hover wrap" id="dataTables" style="width:100%; font-size:11px;">
|
||||
<thead>
|
||||
<tr>
|
||||
{% if access=="admin" or access=="modo"%}
|
||||
{% if access=="admin" or access=="modo" or access=="manager"%}
|
||||
<th class="no-sort">Action</th>
|
||||
{% endif %}
|
||||
|
||||
|
|
@ -67,6 +67,9 @@
|
|||
{% elseif access=="modo" %}
|
||||
order: [[ 2, "asc" ]],
|
||||
ajax: "{{ path('app_modo_user_tablelist') }}",
|
||||
{% elseif access=="manager" %}
|
||||
order: [[ 2, "asc" ]],
|
||||
ajax: "{{ path('app_manager_user_tablelist') }}",
|
||||
{% else %}
|
||||
order: [[ 1, "asc" ]],
|
||||
ajax: "{{ path('app_all_user_tablelist') }}",
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@
|
|||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html"; charset="utf-8" />
|
||||
<title>{% block title %}{{app.session.get("appname")}}{% endblock %}</title>
|
||||
<meta name="description" content="{{app.session.get("appdescription")|striptags|raw}}">
|
||||
|
||||
<link rel="shortcut icon" href="{{ path('app_minio_image',{file:"logo/"~app.session.get("logodark")}) }}" />
|
||||
|
||||
|
||||
|
|
@ -33,7 +35,7 @@
|
|||
{{app.session.get("appname")}}
|
||||
</a>
|
||||
<br>
|
||||
<small>{{app.session.get("appsubname")}}</small>
|
||||
<small><a href="{{ path('app_home')}}">{{app.session.get("appsubname")}}</a></small>
|
||||
</h1>
|
||||
|
||||
<div class="pe-3">
|
||||
|
|
|
|||
Loading…
Reference in New Issue