fix(manager): manager access && flag isvisible
This commit is contained in:
@ -79,7 +79,8 @@ class UserController extends AbstractController
|
||||
break;
|
||||
|
||||
default:
|
||||
$isactive = true;
|
||||
$isactive = ($access=="manager"?$em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true):true);
|
||||
|
||||
$niveau01 = $this->getUser()->getNiveau01();
|
||||
$niveau02 = $this->getUser()->getNiveau02();
|
||||
$niveau03 = $this->getUser()->getNiveau03();
|
||||
@ -247,7 +248,7 @@ class UserController extends AbstractController
|
||||
}
|
||||
|
||||
if ($ordercolumn) {
|
||||
if ('admin' == $access || 'modo' == $access) {
|
||||
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
|
||||
$ordercolumn = $ordercolumn - 1;
|
||||
}
|
||||
|
||||
@ -298,6 +299,17 @@ class UserController extends AbstractController
|
||||
case 'modo':
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
break;
|
||||
case 'manager':
|
||||
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$data->getNiveau03()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
elseif(!$this->getUser()->getNiveau03()&&$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$data->getNiveau02()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
elseif(!$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$data->getNiveau01()) {
|
||||
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
// Groupes
|
||||
@ -313,7 +325,7 @@ class UserController extends AbstractController
|
||||
}
|
||||
|
||||
$tmp = [];
|
||||
if ('admin' == $access || 'modo' == $access) {
|
||||
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
|
||||
array_push($tmp, $action);
|
||||
}
|
||||
|
||||
@ -381,6 +393,14 @@ class UserController extends AbstractController
|
||||
$data->setIsactive(true);
|
||||
$data->setApikey(Uuid::uuid4());
|
||||
|
||||
// If manager set same niveau to usertosubmit
|
||||
if($access=="manager") {
|
||||
$data->setNiveau01($this->getUser()->getNiveau01());
|
||||
$data->setNiveau02($this->getUser()->getNiveau02());
|
||||
$data->setNiveau03($this->getUser()->getNiveau03());
|
||||
$data->setRoles(["ROLE_USER"]);
|
||||
}
|
||||
|
||||
// Création du formulaire
|
||||
$form = $this->createForm(Form::class, $data, [
|
||||
'mode' => 'submit',
|
||||
@ -395,6 +415,7 @@ class UserController extends AbstractController
|
||||
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
|
||||
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
|
||||
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
|
||||
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
|
||||
]);
|
||||
|
||||
// Récupération des data du formulaire
|
||||
@ -514,6 +535,7 @@ class UserController extends AbstractController
|
||||
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
|
||||
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
|
||||
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
|
||||
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
|
||||
]);
|
||||
|
||||
// Récupération des data du formulaire
|
||||
@ -678,6 +700,8 @@ class UserController extends AbstractController
|
||||
break;
|
||||
case 'modo': return true;
|
||||
break;
|
||||
case 'manager': return true;
|
||||
break;
|
||||
}
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
}
|
||||
@ -687,6 +711,7 @@ class UserController extends AbstractController
|
||||
switch ($access) {
|
||||
case 'admin': return true;
|
||||
break;
|
||||
|
||||
case 'modo':
|
||||
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
|
||||
if (!$usermodo) {
|
||||
@ -695,6 +720,21 @@ class UserController extends AbstractController
|
||||
|
||||
return true;
|
||||
break;
|
||||
|
||||
case 'manager':
|
||||
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$entity->getNiveau03()) {
|
||||
return true;
|
||||
}
|
||||
elseif($this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$entity->getNiveau02()) {
|
||||
return true;
|
||||
}
|
||||
elseif($this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$entity->getNiveau01()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
break;
|
||||
|
||||
case 'all':
|
||||
if ($this->getUser()->getId() != $entity->getId()) {
|
||||
throw $this->createAccessDeniedException('Permission denied');
|
||||
|
Reference in New Issue
Block a user