fix(manager): manager access && flag isvisible
Cadoles/nineskeletor/pipeline/head This commit looks good Details
Cadoles/nineskeletor/pipeline/pr-master This commit looks good Details

This commit is contained in:
Arnaud Fornerot 2022-10-04 11:32:05 +02:00
parent 5fa52efe9f
commit 58518ec70d
13 changed files with 163 additions and 35 deletions

12
.env
View File

@ -50,11 +50,13 @@ APP_NIVEAU04MANDATORY='[""]'
APP_GROUPUSE=1 APP_GROUPUSE=1
APP_GROUPSUBMITER='["ALL"]' APP_GROUPSUBMITER='["ALL"]'
APP_ANNUSCOPEADMIN=ALL APP_ANNUSCOPEADMIN=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEMODO=ALL APP_ANNUSCOPEMODO=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEMASTER=ALL APP_ANNUSCOPEMASTER=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEMANAGER=ALL APP_ANNUSCOPEMANAGER=ALL # ALL or number of niveau view : 1||2||3||4
APP_ANNUSCOPEUSER=ALL APP_ANNUSCOPEUSER=ALL # ALL or number of niveau view : 1||2||3||4
APP_USERVIEWISVISIBLE=1 # Profil user with isvisible field
# Synchronisation # Synchronisation
APP_SYNCHRO= # Synchronisation null | LDAP2NINE | NINE2LDAP | NINE2NINE APP_SYNCHRO= # Synchronisation null | LDAP2NINE | NINE2LDAP | NINE2NINE

View File

@ -8,7 +8,7 @@ body {
color: var(--colorfttitledark); color: var(--colorfttitledark);
} }
.header a, #sidebar a, #sidebar hr{ .header h1, .header a, #sidebar a, #sidebar hr{
color: var(--colorfttitledark); color: var(--colorfttitledark);
} }

View File

@ -738,6 +738,37 @@ app_modo_user_delete:
controller: App\Controller\UserController::delete controller: App\Controller\UserController::delete
defaults: { access: modo } defaults: { access: modo }
#-- Access manager
app_manager_user:
path: /manager/user
controller: App\Controller\UserController::list
defaults: { access: manager }
app_manager_user_tablelist:
path: /manager/user/tablelist
controller: App\Controller\UserController::tablelist
defaults: { access: manager }
app_manager_user_selectlist:
path: /manager/user/selectlist
controller: App\Controller\UserController::selectlist
defaults: { access: manager }
app_manager_user_submit:
path: /manager/user/submit
controller: App\Controller\UserController::submit
defaults: { access: manager }
app_manager_user_update:
path: /manager/user/update/{id}
controller: App\Controller\UserController::update
defaults: { access: manager }
app_manager_user_delete:
path: /manager/user/delete/{id}
controller: App\Controller\UserController::delete
defaults: { access: manager }
#-- Access all #-- Access all
app_all_user: app_all_user:
path: /all/update path: /all/update

View File

@ -40,6 +40,8 @@ parameters:
appAnnuscopemanager: '%env(resolve:APP_ANNUSCOPEMANAGER)%' appAnnuscopemanager: '%env(resolve:APP_ANNUSCOPEMANAGER)%'
appAnnuscopeuser: '%env(resolve:APP_ANNUSCOPEUSER)%' appAnnuscopeuser: '%env(resolve:APP_ANNUSCOPEUSER)%'
appUserviewisvisible: '%env(resolve:APP_USERVIEWISVISIBLE)%'
appSynchro: '%env(resolve:APP_SYNCHRO)%' appSynchro: '%env(resolve:APP_SYNCHRO)%'
appSynchroPurgeNiveau01: '%env(resolve:APP_SYNDCHROPURGENIVEAU01)%' appSynchroPurgeNiveau01: '%env(resolve:APP_SYNDCHROPURGENIVEAU01)%'
appSynchroPurgeNiveau02: '%env(resolve:APP_SYNDCHROPURGENIVEAU02)%' appSynchroPurgeNiveau02: '%env(resolve:APP_SYNDCHROPURGENIVEAU02)%'

View File

@ -10,17 +10,37 @@ class HomeController extends AbstractController
{ {
public function home(Request $request): Response public function home(Request $request): Response
{ {
if ($request->getSession()->get('fgforceconnect')) { if ($request->getSession()->get('fgforceconnect')&&!$this->getUser()) {
return $this->redirectToRoute('app_user_home'); return $this->redirectToRoute('app_login');
} }
if(!$this->getUser()) {
dump("here");
return $this->render('Home/home.html.twig', [ return $this->render('Home/home.html.twig', [
'useheader' => true, 'useheader' => true,
'usemenu' => true, 'usemenu' => false,
'usesidebar' => false, 'usesidebar' => false,
'maxsize' => 1000, 'maxsize' => 1000,
]); ]);
} }
if ($this->getUser()->hasRole("ROLE_USER"))
return $this->redirectToRoute('app_user_home');
if ($this->getUser()->hasRole("ROLE_MANAGER"))
return $this->redirectToRoute('app_manager_home');
if ($this->getUser()->hasRole("ROLE_MASTER"))
return $this->redirectToRoute('app_master_home');
if ($this->getUser()->hasRole("ROLE_MODO"))
return $this->redirectToRoute('app_modo_home');
if ($this->getUser()->hasRole("ROLE_ADMIN"))
return $this->redirectToRoute('app_admin_home');
}
public function homeuser($access): Response public function homeuser($access): Response
{ {
@ -32,9 +52,19 @@ class HomeController extends AbstractController
]); ]);
} }
public function homeadmin($access): Response public function homemaster($access): Response
{ {
return $this->redirectToRoute('app_admin_config'); return $this->render('Home/home.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => false,
'maxsize' => 1000,
]);
}
public function homemanager($access): Response
{
return $this->redirectToRoute('app_manager_user');
} }
public function homemodo($access): Response public function homemodo($access): Response
@ -42,6 +72,12 @@ class HomeController extends AbstractController
return $this->redirectToRoute('app_modo_niveau02'); return $this->redirectToRoute('app_modo_niveau02');
} }
public function homeadmin($access): Response
{
return $this->redirectToRoute('app_admin_config');
}
public function docrest(): Response public function docrest(): Response
{ {
return $this->render('Home/docrest.html.twig', [ return $this->render('Home/docrest.html.twig', [

View File

@ -79,7 +79,8 @@ class UserController extends AbstractController
break; break;
default: default:
$isactive = true; $isactive = ($access=="manager"?$em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true):true);
$niveau01 = $this->getUser()->getNiveau01(); $niveau01 = $this->getUser()->getNiveau01();
$niveau02 = $this->getUser()->getNiveau02(); $niveau02 = $this->getUser()->getNiveau02();
$niveau03 = $this->getUser()->getNiveau03(); $niveau03 = $this->getUser()->getNiveau03();
@ -247,7 +248,7 @@ class UserController extends AbstractController
} }
if ($ordercolumn) { if ($ordercolumn) {
if ('admin' == $access || 'modo' == $access) { if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
$ordercolumn = $ordercolumn - 1; $ordercolumn = $ordercolumn - 1;
} }
@ -298,6 +299,17 @@ class UserController extends AbstractController
case 'modo': case 'modo':
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>"; $action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
break; break;
case 'manager':
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$data->getNiveau03()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
elseif(!$this->getUser()->getNiveau03()&&$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$data->getNiveau02()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
elseif(!$this->getUser()->getNiveau02()&&$this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$data->getNiveau01()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
break;
} }
// Groupes // Groupes
@ -313,7 +325,7 @@ class UserController extends AbstractController
} }
$tmp = []; $tmp = [];
if ('admin' == $access || 'modo' == $access) { if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
array_push($tmp, $action); array_push($tmp, $action);
} }
@ -381,6 +393,14 @@ class UserController extends AbstractController
$data->setIsactive(true); $data->setIsactive(true);
$data->setApikey(Uuid::uuid4()); $data->setApikey(Uuid::uuid4());
// If manager set same niveau to usertosubmit
if($access=="manager") {
$data->setNiveau01($this->getUser()->getNiveau01());
$data->setNiveau02($this->getUser()->getNiveau02());
$data->setNiveau03($this->getUser()->getNiveau03());
$data->setRoles(["ROLE_USER"]);
}
// Création du formulaire // Création du formulaire
$form = $this->createForm(Form::class, $data, [ $form = $this->createForm(Form::class, $data, [
'mode' => 'submit', 'mode' => 'submit',
@ -395,6 +415,7 @@ class UserController extends AbstractController
'appNiveau04use' => $this->GetParameter('appNiveau04use'), 'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'), 'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'), 'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]); ]);
// Récupération des data du formulaire // Récupération des data du formulaire
@ -514,6 +535,7 @@ class UserController extends AbstractController
'appNiveau04use' => $this->GetParameter('appNiveau04use'), 'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'), 'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'), 'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]); ]);
// Récupération des data du formulaire // Récupération des data du formulaire
@ -678,6 +700,8 @@ class UserController extends AbstractController
break; break;
case 'modo': return true; case 'modo': return true;
break; break;
case 'manager': return true;
break;
} }
throw $this->createAccessDeniedException('Permission denied'); throw $this->createAccessDeniedException('Permission denied');
} }
@ -687,6 +711,7 @@ class UserController extends AbstractController
switch ($access) { switch ($access) {
case 'admin': return true; case 'admin': return true;
break; break;
case 'modo': case 'modo':
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]); $usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
if (!$usermodo) { if (!$usermodo) {
@ -695,6 +720,21 @@ class UserController extends AbstractController
return true; return true;
break; break;
case 'manager':
if($this->getUser()->getNiveau03()&&$this->getUser()->getNiveau03()==$entity->getNiveau03()) {
return true;
}
elseif($this->getUser()->getNiveau02()&&$this->getUser()->getNiveau02()==$entity->getNiveau02()) {
return true;
}
elseif($this->getUser()->getNiveau01()&&$this->getUser()->getNiveau01()==$entity->getNiveau01()) {
return true;
}
throw $this->createAccessDeniedException('Permission denied');
break;
case 'all': case 'all':
if ($this->getUser()->getId() != $entity->getId()) { if ($this->getUser()->getId() != $entity->getId()) {
throw $this->createAccessDeniedException('Permission denied'); throw $this->createAccessDeniedException('Permission denied');

View File

@ -270,7 +270,7 @@ class AppFixtures extends Fixture
// User USER // User USER
$this->writeln("User User"); $this->writeln("User User");
$userid=-299; $userid=-399;
$usercpt=0; $usercpt=0;
$niveau03s=$manager->getRepository('App\Entity\Niveau03')->findAll(); $niveau03s=$manager->getRepository('App\Entity\Niveau03')->findAll();
foreach($niveau03s as $niveau03) { foreach($niveau03s as $niveau03) {

View File

@ -181,6 +181,7 @@ class UserType extends AbstractType
); );
} }
if(($access!="all"&&$access!="manager")||$options["appUserviewisvisible"]) {
$choices = ['oui' => '1', 'non' => '0']; $choices = ['oui' => '1', 'non' => '0'];
$builder->add('isvisible', $builder->add('isvisible',
ChoiceType::class, [ ChoiceType::class, [
@ -188,6 +189,7 @@ class UserType extends AbstractType
'choices' => $choices, 'choices' => $choices,
] ]
); );
}
$builder->add('postaladress', $builder->add('postaladress',
TextareaType::class, [ TextareaType::class, [
@ -285,6 +287,7 @@ class UserType extends AbstractType
'appNiveau04use' => 'string', 'appNiveau04use' => 'string',
'appNiveau04label' => 'string', 'appNiveau04label' => 'string',
'appNiveauupdatable' => 'string', 'appNiveauupdatable' => 'string',
'appUserviewisvisible' => 'string',
]); ]);
} }
} }

View File

@ -44,6 +44,11 @@ class AppSession
$session->set('colorbgbodydark-darkrgb', $this->hexToRgb($session->get('colorbgbodydark-darker'))); $session->set('colorbgbodydark-darkrgb', $this->hexToRgb($session->get('colorbgbodydark-darker')));
$session->set('colorbgbodydark-lightrgb', $this->hexToRgb($session->get('colorbgbodydark-lighter'))); $session->set('colorbgbodydark-lightrgb', $this->hexToRgb($session->get('colorbgbodydark-lighter')));
// Préférence par défaut
$session->set('fgheader', true);
$session->set('fgaudit', false);
// Current user // Current user
$token = $this->token->getToken(); $token = $this->token->getToken();
if (!$token) { if (!$token) {
@ -51,10 +56,6 @@ class AppSession
} }
$curentuser = $token->getUser(); $curentuser = $token->getUser();
// Préférence par défaut
$session->set('fgheader', true);
$session->set('fgaudit', false);
// Préférence // Préférence
if ('anon.' != $curentuser) { if ('anon.' != $curentuser) {
$preference = $curentuser->getPreference(); $preference = $curentuser->getPreference();

View File

@ -13,5 +13,13 @@
{{ render(path("app_publish_sample",{id:2})) }} {{ render(path("app_publish_sample",{id:2})) }}
</div> </div>
</div> </div>
{% else %}
<div style="text-align:center">
<img src="{{ path('app_minio_image',{file:"logo/"~app.session.get("logolight")}) }}" style="height:120px;margin-top:10px;margin-bottom:20px;">
<h1 style="border:none">{{app.session.get('appname')}}</h1>
<div style="max-width:600px; text-align:justify; margin:auto ">{{app.session.get('appdescription')|raw}}</div>
</div>
{% endif %} {% endif %}
{% endblock %} {% endblock %}

View File

@ -11,7 +11,7 @@
{% block body %} {% block body %}
{{ form_start(form) }} {{ form_start(form) }}
<h1 class="page-header"> <h1 class="page-header">
{% if access=="admin" or access=="modo" %} {% if access=="admin" or access=="modo" or access=="manager" %}
{% if mode=="update" %} {% if mode=="update" %}
Modification Utilisateur = {{ user.username}} Modification Utilisateur = {{ user.username}}
{% else %} {% else %}
@ -191,7 +191,7 @@
{{ form_row(form.firstname) }} {{ form_row(form.firstname) }}
{{ form_row(form.lastname) }} {{ form_row(form.lastname) }}
{{ form_row(form.email) }} {{ form_row(form.email) }}
{{ form_row(form.isvisible) }} {%if form.isvisible is defined %}{{ form_row(form.isvisible) }}{%endif%}
</div> </div>
</div> </div>

View File

@ -29,7 +29,7 @@
<table class="table table-striped table-bordered table-hover wrap" id="dataTables" style="width:100%; font-size:11px;"> <table class="table table-striped table-bordered table-hover wrap" id="dataTables" style="width:100%; font-size:11px;">
<thead> <thead>
<tr> <tr>
{% if access=="admin" or access=="modo"%} {% if access=="admin" or access=="modo" or access=="manager"%}
<th class="no-sort">Action</th> <th class="no-sort">Action</th>
{% endif %} {% endif %}
@ -67,6 +67,9 @@
{% elseif access=="modo" %} {% elseif access=="modo" %}
order: [[ 2, "asc" ]], order: [[ 2, "asc" ]],
ajax: "{{ path('app_modo_user_tablelist') }}", ajax: "{{ path('app_modo_user_tablelist') }}",
{% elseif access=="manager" %}
order: [[ 2, "asc" ]],
ajax: "{{ path('app_manager_user_tablelist') }}",
{% else %} {% else %}
order: [[ 1, "asc" ]], order: [[ 1, "asc" ]],
ajax: "{{ path('app_all_user_tablelist') }}", ajax: "{{ path('app_all_user_tablelist') }}",

View File

@ -3,6 +3,8 @@
<head> <head>
<meta http-equiv="Content-Type" content="text/html"; charset="utf-8" /> <meta http-equiv="Content-Type" content="text/html"; charset="utf-8" />
<title>{% block title %}{{app.session.get("appname")}}{% endblock %}</title> <title>{% block title %}{{app.session.get("appname")}}{% endblock %}</title>
<meta name="description" content="{{app.session.get("appdescription")|striptags|raw}}">
<link rel="shortcut icon" href="{{ path('app_minio_image',{file:"logo/"~app.session.get("logodark")}) }}" /> <link rel="shortcut icon" href="{{ path('app_minio_image',{file:"logo/"~app.session.get("logodark")}) }}" />
@ -33,7 +35,7 @@
{{app.session.get("appname")}} {{app.session.get("appname")}}
</a> </a>
<br> <br>
<small>{{app.session.get("appsubname")}}</small> <small><a href="{{ path('app_home')}}">{{app.session.get("appsubname")}}</a></small>
</h1> </h1>
<div class="pe-3"> <div class="pe-3">