fix(manager): manager access && flag isvisible
All checks were successful
Cadoles/nineskeletor/pipeline/head This commit looks good
Cadoles/nineskeletor/pipeline/pr-master This commit looks good

This commit is contained in:
2022-10-04 11:32:05 +02:00
parent 5fa52efe9f
commit 58518ec70d
13 changed files with 163 additions and 35 deletions

View File

@ -79,7 +79,8 @@ class UserController extends AbstractController
break;
default:
$isactive = true;
$isactive = ($access=="manager"?$em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true):true);
$niveau01 = $this->getUser()->getNiveau01();
$niveau02 = $this->getUser()->getNiveau02();
$niveau03 = $this->getUser()->getNiveau03();
@ -247,7 +248,7 @@ class UserController extends AbstractController
}
if ($ordercolumn) {
if ('admin' == $access || 'modo' == $access) {
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
$ordercolumn = $ordercolumn - 1;
}
@ -298,6 +299,17 @@ class UserController extends AbstractController
case 'modo':
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
break;
case 'manager':
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$data->getNiveau03()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
elseif(!$this->getUser()->getNiveau03()&&$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$data->getNiveau02()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
elseif(!$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$data->getNiveau01()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
break;
}
// Groupes
@ -313,7 +325,7 @@ class UserController extends AbstractController
}
$tmp = [];
if ('admin' == $access || 'modo' == $access) {
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
array_push($tmp, $action);
}
@ -381,6 +393,14 @@ class UserController extends AbstractController
$data->setIsactive(true);
$data->setApikey(Uuid::uuid4());
// If manager set same niveau to usertosubmit
if($access=="manager") {
$data->setNiveau01($this->getUser()->getNiveau01());
$data->setNiveau02($this->getUser()->getNiveau02());
$data->setNiveau03($this->getUser()->getNiveau03());
$data->setRoles(["ROLE_USER"]);
}
// Création du formulaire
$form = $this->createForm(Form::class, $data, [
'mode' => 'submit',
@ -395,6 +415,7 @@ class UserController extends AbstractController
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]);
// Récupération des data du formulaire
@ -514,6 +535,7 @@ class UserController extends AbstractController
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]);
// Récupération des data du formulaire
@ -678,6 +700,8 @@ class UserController extends AbstractController
break;
case 'modo': return true;
break;
case 'manager': return true;
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
@ -687,6 +711,7 @@ class UserController extends AbstractController
switch ($access) {
case 'admin': return true;
break;
case 'modo':
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
if (!$usermodo) {
@ -695,6 +720,21 @@ class UserController extends AbstractController
return true;
break;
case 'manager':
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$entity->getNiveau03()) {
return true;
}
elseif($this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$entity->getNiveau02()) {
return true;
}
elseif($this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$entity->getNiveau01()) {
return true;
}
throw $this->createAccessDeniedException('Permission denied');
break;
case 'all':
if ($this->getUser()->getId() != $entity->getId()) {
throw $this->createAccessDeniedException('Permission denied');