fix(manager): manager access && flag isvisible
This commit is contained in:
@ -10,16 +10,36 @@ class HomeController extends AbstractController
|
||||
{
|
||||
public function home(Request $request): Response
|
||||
{
|
||||
if ($request->getSession()->get('fgforceconnect')) {
|
||||
return $this->redirectToRoute('app_user_home');
|
||||
if ($request->getSession()->get('fgforceconnect')&&!$this->getUser()) {
|
||||
return $this->redirectToRoute('app_login');
|
||||
}
|
||||
|
||||
return $this->render('Home/home.html.twig', [
|
||||
'useheader' => true,
|
||||
'usemenu' => true,
|
||||
'usesidebar' => false,
|
||||
'maxsize' => 1000,
|
||||
]);
|
||||
if(!$this->getUser()) {
|
||||
dump("here");
|
||||
|
||||
return $this->render('Home/home.html.twig', [
|
||||
'useheader' => true,
|
||||
'usemenu' => false,
|
||||
'usesidebar' => false,
|
||||
'maxsize' => 1000,
|
||||
]);
|
||||
}
|
||||
if ($this->getUser()->hasRole("ROLE_USER"))
|
||||
return $this->redirectToRoute('app_user_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_MANAGER"))
|
||||
return $this->redirectToRoute('app_manager_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_MASTER"))
|
||||
return $this->redirectToRoute('app_master_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_MODO"))
|
||||
return $this->redirectToRoute('app_modo_home');
|
||||
|
||||
if ($this->getUser()->hasRole("ROLE_ADMIN"))
|
||||
return $this->redirectToRoute('app_admin_home');
|
||||
|
||||
|
||||
}
|
||||
|
||||
public function homeuser($access): Response
|
||||
@ -32,9 +52,19 @@ class HomeController extends AbstractController
|
||||
]);
|
||||
}
|
||||
|
||||
public function homeadmin($access): Response
|
||||
public function homemaster($access): Response
|
||||
{
|
||||
return $this->redirectToRoute('app_admin_config');
|
||||
return $this->render('Home/home.html.twig', [
|
||||
'useheader' => true,
|
||||
'usemenu' => false,
|
||||
'usesidebar' => false,
|
||||
'maxsize' => 1000,
|
||||
]);
|
||||
}
|
||||
|
||||
public function homemanager($access): Response
|
||||
{
|
||||
return $this->redirectToRoute('app_manager_user');
|
||||
}
|
||||
|
||||
public function homemodo($access): Response
|
||||
@ -42,6 +72,12 @@ class HomeController extends AbstractController
|
||||
return $this->redirectToRoute('app_modo_niveau02');
|
||||
}
|
||||
|
||||
public function homeadmin($access): Response
|
||||
{
|
||||
return $this->redirectToRoute('app_admin_config');
|
||||
}
|
||||
|
||||
|
||||
public function docrest(): Response
|
||||
{
|
||||
return $this->render('Home/docrest.html.twig', [
|
||||
|
||||
@ -79,7 +79,8 @@ class UserController extends AbstractController
|
||||
break;
|
||||
|
||||
default:
|
||||
$isactive = true;
|
||||
$isactive = ($access=="manager"?$em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true):true);
|
||||
|
||||
$niveau01 = $this->getUser()->getNiveau01();
|
||||
$niveau02 = $this->getUser()->getNiveau02();
|
||||
$niveau03 = $this->getUser()->getNiveau03();
|
||||
@ -247,7 +248,7 @@ class UserController extends AbstractController
|
||||
}
|
||||
|
||||
if ($ordercolumn) {
|
||||
if ('admin' == $access || 'modo' == $access) {
|
||||
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
|
||||
$ordercolumn = $ordercolumn - 1;
|
||||
}
|
||||
|
||||
@ -298,6 +299,17 @@ class UserController extends AbstractController
|
||||
case 'modo':
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
break;
|
||||
case 'manager':
|
||||
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$data->getNiveau03()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
elseif(!$this->getUser()->getNiveau03()&&$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$data->getNiveau02()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
elseif(!$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$data->getNiveau01()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
// Groupes
|
||||
@ -313,7 +325,7 @@ class UserController extends AbstractController
|
||||
}
|
||||
|
||||
$tmp = [];
|
||||
if ('admin' == $access || 'modo' == $access) {
|
||||
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
|
||||
array_push($tmp, $action);
|
||||
}
|
||||
|
||||
@ -381,6 +393,14 @@ class UserController extends AbstractController
|
||||
$data->setIsactive(true);
|
||||
$data->setApikey(Uuid::uuid4());
|
||||
|
||||
// If manager set same niveau to usertosubmit
|
||||
if($access=="manager") {
|
||||
$data->setNiveau01($this->getUser()->getNiveau01());
|
||||
$data->setNiveau02($this->getUser()->getNiveau02());
|
||||
$data->setNiveau03($this->getUser()->getNiveau03());
|
||||
$data->setRoles(["ROLE_USER"]);
|
||||
}
|
||||
|
||||
// Création du formulaire
|
||||
$form = $this->createForm(Form::class, $data, [
|
||||
'mode' => 'submit',
|
||||
@ -395,6 +415,7 @@ class UserController extends AbstractController
|
||||
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
|
||||
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
|
||||
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
|
||||
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
|
||||
]);
|
||||
|
||||
// Récupération des data du formulaire
|
||||
@ -514,6 +535,7 @@ class UserController extends AbstractController
|
||||
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
|
||||
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
|
||||
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
|
||||
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
|
||||
]);
|
||||
|
||||
// Récupération des data du formulaire
|
||||
@ -678,6 +700,8 @@ class UserController extends AbstractController
|
||||
break;
|
||||
case 'modo': return true;
|
||||
break;
|
||||
case 'manager': return true;
|
||||
break;
|
||||
}
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
}
|
||||
@ -687,6 +711,7 @@ class UserController extends AbstractController
|
||||
switch ($access) {
|
||||
case 'admin': return true;
|
||||
break;
|
||||
|
||||
case 'modo':
|
||||
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
|
||||
if (!$usermodo) {
|
||||
@ -695,6 +720,21 @@ class UserController extends AbstractController
|
||||
|
||||
return true;
|
||||
break;
|
||||
|
||||
case 'manager':
|
||||
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$entity->getNiveau03()) {
|
||||
return true;
|
||||
}
|
||||
elseif($this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$entity->getNiveau02()) {
|
||||
return true;
|
||||
}
|
||||
elseif($this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$entity->getNiveau01()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
break;
|
||||
|
||||
case 'all':
|
||||
if ($this->getUser()->getId() != $entity->getId()) {
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
|
||||
@ -270,7 +270,7 @@ class AppFixtures extends Fixture
|
||||
|
||||
// User USER
|
||||
$this->writeln("User User");
|
||||
$userid=-299;
|
||||
$userid=-399;
|
||||
$usercpt=0;
|
||||
$niveau03s=$manager->getRepository('App\Entity\Niveau03')->findAll();
|
||||
foreach($niveau03s as $niveau03) {
|
||||
|
||||
@ -181,13 +181,15 @@ class UserType extends AbstractType
|
||||
);
|
||||
}
|
||||
|
||||
$choices = ['oui' => '1', 'non' => '0'];
|
||||
$builder->add('isvisible',
|
||||
ChoiceType::class, [
|
||||
'label' => 'Visible',
|
||||
'choices' => $choices,
|
||||
]
|
||||
);
|
||||
if(($access!="all"&&$access!="manager")||$options["appUserviewisvisible"]) {
|
||||
$choices = ['oui' => '1', 'non' => '0'];
|
||||
$builder->add('isvisible',
|
||||
ChoiceType::class, [
|
||||
'label' => 'Visible',
|
||||
'choices' => $choices,
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
$builder->add('postaladress',
|
||||
TextareaType::class, [
|
||||
@ -285,6 +287,7 @@ class UserType extends AbstractType
|
||||
'appNiveau04use' => 'string',
|
||||
'appNiveau04label' => 'string',
|
||||
'appNiveauupdatable' => 'string',
|
||||
'appUserviewisvisible' => 'string',
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
@ -44,6 +44,11 @@ class AppSession
|
||||
$session->set('colorbgbodydark-darkrgb', $this->hexToRgb($session->get('colorbgbodydark-darker')));
|
||||
$session->set('colorbgbodydark-lightrgb', $this->hexToRgb($session->get('colorbgbodydark-lighter')));
|
||||
|
||||
// Préférence par défaut
|
||||
$session->set('fgheader', true);
|
||||
$session->set('fgaudit', false);
|
||||
|
||||
|
||||
// Current user
|
||||
$token = $this->token->getToken();
|
||||
if (!$token) {
|
||||
@ -51,10 +56,6 @@ class AppSession
|
||||
}
|
||||
$curentuser = $token->getUser();
|
||||
|
||||
// Préférence par défaut
|
||||
$session->set('fgheader', true);
|
||||
$session->set('fgaudit', false);
|
||||
|
||||
// Préférence
|
||||
if ('anon.' != $curentuser) {
|
||||
$preference = $curentuser->getPreference();
|
||||
|
||||
Reference in New Issue
Block a user