render($this->twig.'list.html.twig',[
"useheader"=>true,
"usemenu"=>false,
"usesidebar"=>($access!="user"),
"access"=>$access,
]);
}
public function tablelist($access,Request $request,ManagerRegistry $em): Response
{
$query=$request->query->all();
$start=$query['start'];
$length=$query['length'];
$search=$query['search'];
$draw= $query['draw'];
$ordercolumn=$query['order'][0]['column'];
$orderdir=$query['order'][0]['dir'];
$user=$this->getUser();
// Nombre total d'enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb->select('COUNT(entity)')->from($this->entity,'entity')->getQuery()->getSingleScalarResult();
if($access=="user") {
$qb ->from("App:UserGroup","usergroup")
->andWhere(("entity.isworkgroup=:flag"))
->andWhere("entity.id=usergroup.group")
->andWhere("usergroup.user=:user")
->setParameter("flag", true)
->setParameter("user", $user);
}
$total = $qb->getQuery()->getSingleScalarResult();
// Nombre d'enregistrement filtré
if(!$search||$search["value"]=="")
$totalf = $total;
else {
$qb= $em->getManager()->createQueryBuilder();
$qb ->select('COUNT(entity)')
->from($this->entity,'entity')
->where('entity.label LIKE :value')
->leftJoin('App:User', 'user','WITH','entity.owner = user.id AND user.username LIKE :value')
->setParameter("value", "%".$search["value"]."%")
->getQuery()
->getSingleScalarResult();
if($access=="user") {
$qb ->from("App:UserGroup","usergroup")
->andWhere(("entity.isworkgroup=:flag"))
->andWhere("entity.id=usergroup.group")
->andWhere("usergroup.user=:user")
->setParameter("flag", true)
->setParameter("user", $user);
}
$totalf= $qb->getQuery()->getSingleScalarResult();
}
// Construction du tableau de retour
$output = array(
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => array(),
);
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb ->select('entity')
->from($this->entity,'entity');
if($access=="user") {
$qb ->from("App:UserGroup","usergroup")
->andWhere(("entity.isworkgroup=:flag"))
->andWhere("entity.id=usergroup.group")
->andWhere("usergroup.user=:user")
->setParameter("flag", true)
->setParameter("user", $user);
}
if($search&&$search["value"]!="") {
$qb ->andWhere('entity.label LIKE :value')
->setParameter("value", "%".$search["value"]."%");
}
if($ordercolumn) {
switch($ordercolumn) {
case 1 :
$qb->orderBy('entity.label',$orderdir);
break;
case 2 :
$qb->orderBy('entity.isworkgroup',$orderdir);
break;
case 3 :
$qb->orderBy('entity.isopen',$orderdir);
break;
case 4 :
$qb->orderBy('entity.owner',$orderdir);
break;
}
}
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
foreach($datas as $data) {
// Action
$action = "";
switch($access) {
case "admin":
if($this->canupdate($access,$data,$em,false))
$action.="$data->getId()])."'>";
if($this->canseemember($access,$data,$em,false))
$action.="$data->getId()])."'>";
break;
case "modo":
if($this->canupdate($access,$data,$em,false))
$action.="$data->getId()])."'>";
if($this->canseemember($access,$data,$em,false))
$action.="$data->getId()])."'>";
break;
case "user":
if($this->canupdate($access,$data,$em,false))
$action.="$data->getId()])."'>";
if($this->canseemember($access,$data,$em,false))
$action.="$data->getId()])."'>";
// On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso
if($data->getOwner()!=$this->getUser()&&($data->isIsOpen()||$this->canupdatemember($access,$data,$em,false)))
$action.="$data->getId()])."'>";
break;
}
$userinfo="";
if($data->getOwner()) {
$userinfo.="![](".$this->generateUrl()
"avatar/".$data->getOwner()->getAvatar()])."' class='avatar'>";
$userinfo.="
".$data->getOwner()->getUsername();
}
$visitecpt=0;
$visitelast=null;
foreach($data->getUsers() as $usergroup) {
$visitecpt+=intval($usergroup->getVisitecpt());
$visitelast=($usergroup->getVisitedate()>$visitelast?$usergroup->getVisitedate():$visitelast);
}
$tmp=array();
array_push($tmp,$action);
array_push($tmp,$data->getLabel());
array_push($tmp,($data->isIsworkgroup()?"oui":"non"));
array_push($tmp,($data->isIsopen()?"oui":"non"));
array_push($tmp,$userinfo);
array_push($tmp,($visitelast?$visitelast->format("d/m/Y H:i")."
":"")."nb = ".$visitecpt);
array_push($output["data"],$tmp);
}
// Retour
return new JsonResponse($output);
}
public function submit($access,Request $request,ManagerRegistry $em): Response
{
// Initialisation de l'enregistrement
$data = new Entity();
$data->setApikey(Uuid::uuid4());
if($access=="user") {
$data->setOwner($this->getUser());
$data->setIsworkgroup(true);
}
// Controler les permissions
$this->cansubmit($access,$em);
// Création du formulaire
$form = $this->createForm(Form::class,$data,array(
"mode"=>"submit",
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
"access"=>$access,
));
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// Les groupes opé ne sont pas ouvert
if(!$data->isIsworkgroup()) $data->setIsopen(false);
// Sauvegarde
$em->getManager()->persist($data);
$em->getManager()->flush();
// Retour à la liste
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
"useheader"=>true,
"usemenu"=>false,
"usesidebar"=>($access!="user"),
"mode"=>"submit",
"access"=>$access,
"form"=>$form->createView(),
$this->data=>$data,
"maxsize"=>($access=="user"?1200:null),
]);
}
public function update($id,$access,Request $request,ManagerRegistry $em): Response
{
// Initialisation de l'enregistrement
$data=$em->getRepository($this->entity)->find($id);
if (!$data or $id<0) throw $this->createNotFoundException('Unable to find entity.');
// Controler les permissions
$this->canupdate($access,$data,$em);
// Création du formulaire
$form = $this->createForm(Form::class,$data,array(
"mode"=>"update",
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
"access"=>$access,
));
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// Les groupes opé ne sont pas ouvert
if(!$data->isIsworkgroup()) $data->setIsopen(false);
$em->getManager()->flush();
// Retour à la liste
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
"useheader" => true,
"usemenu" => false,
"usesidebar" => ($access!="user"),
$this->data => $data,
"mode" => "update",
"access"=>$access,
"form" => $form->createView(),
"maxsize"=>($access=="user"?1200:null),
]);
}
public function delete($id,$access,Request $request,ManagerRegistry $em): Response
{
// Récupération de l'enregistrement courant
$data=$em->getRepository($this->entity)->find($id);
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
// Controler les permissions
$this->canupdate($access,$data,$em);
// Tentative de suppression
try{
$em->getManager()->remove($data);
$em->getManager()->flush();
}
catch (\Exception $e) {
$request->getSession()->getFlashBag()->add("error", $e->getMessage());
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route)."_update",["id"=>$id]);
}
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
}
public function users($id,$access,Request $request,ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$data=$em->getRepository($this->entity)->find($id);
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
// Controler les permissions
$this->canseemember($access,$data,$em);
// Affichage du formulaire
return $this->render($this->twig.'users.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ($access!="user"),
'access' => $access,
$this->data => $data,
]);
}
public function usersnotin($id,$access,Request $request,ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group=$em->getRepository($this->entity)->find($id);
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
// Controler les permissions
$this->canseemember($access,$group,$em);
$sub = $em->getManager()->createQueryBuilder();
$sub->select("usergroup");
$sub->from("App:UserGroup","usergroup");
$sub->andWhere('usergroup.user = user.id');
$sub->andWhere('usergroup.group = :groupid');
$query=$request->query->all();
$start=$query['start'];
$length=$query['length'];
$search=$query['search'];
$draw= $query['draw'];
$ordercolumn=$query['order'][0]['column'];
$orderdir=$query['order'][0]['dir'];
$usermodo=null;
$niveau01=null;
$niveau02=null;
// Nombre total d'enregistrement
$qb = $em->getManager()->createQueryBuilder();
switch($access) {
case "admin":
$qb->select('COUNT(user)')
->from('App:User','user')
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->setParameter("groupid",$id);
break;
case "modo":
$usermodo=$this->getUser()->getId();
$qb->select('COUNT(user)')
->from('App:User','user')
->from('App:UserModo','usermodo')
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo)
->setParameter("groupid",$id);
break;
case "user":
$niveau01=$this->getUser()->getNiveau01();
$niveau02=$this->getUser()->getNiveau02();
$qb->select('COUNT(user)')
->from('App:User','user')
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->setParameter("groupid",$id);
switch($request->getSession()->get("scopeannu")) {
case "SAME_NIVEAU01":
$qb->andWhere("user.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
break;
case "SAME_NIVEAU02":
$qb->andWhere("user.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
break;
}
break;
}
$total=$qb->getQuery()->getSingleScalarResult();
$totalf=null;
// Nombre d'enregistrement filtré
if($search["value"]=="")
$totalf = $total;
else {
switch($access) {
case "admin":
$totalf= $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User','user')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->setParameter("value", "%".$search["value"]."%")
->setParameter("groupid",$id)
->getQuery()
->getSingleScalarResult();
break;
case "modo":
$totalf = $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User','user')
->from('App:UserModo','usermodo')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo)
->setParameter("value", "%".$search["value"]."%")
->setParameter("groupid",$id)
->getQuery()
->getSingleScalarResult();
break;
case "user":
$qb = $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User','user')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->setParameter("value", "%".$search["value"]."%")
->setParameter("groupid",$id);
switch($request->getSession()->get("scopeannu")) {
case "SAME_NIVEAU01":
$qb->andWhere("user.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
break;
case "SAME_NIVEAU02":
$qb->andWhere("user.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
break;
}
$totalf=$qb->getQuery()->getSingleScalarResult();
break;
}
}
// Construction du tableau de retour
$output = array(
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => array(),
);
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb->select('user')->from("App:User",'user');
switch($access) {
case "admin":
$qb->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())));
break;
case "modo":
$qb->from('App:UserModo','usermodo')
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo);
break;
case "user":
$qb->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())));
switch($request->getSession()->get("scopeannu")) {
case "SAME_NIVEAU01":
$qb->andWhere("user.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
break;
case "SAME_NIVEAU02":
$qb->andWhere("user.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
break;
}
break;
}
if($search["value"]!="") {
$qb ->andWhere('user.username LIKE :value OR user.email LIKE :value')
->setParameter("value", "%".$search["value"]."%");
}
$qb->setParameter("groupid",$id);
switch($ordercolumn) {
case 2 :
$qb->orderBy('user.username',$orderdir);
break;
case 3 :
$qb->orderBy('user.email',$orderdir);
break;
}
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
$canupdatemember=$this->canupdatemember($access,$group,$em,false);
foreach($datas as $data) {
// Action
$action = "";
if($canupdatemember)
$action.="";
// Avatar
$avatar=""avatar/".$data->getAvatar()])."' class='avatar'>";
array_push($output["data"],array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),"",""));
}
// Retour
return new JsonResponse($output);
}
public function usersin($id,$access,Request $request,ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group=$em->getRepository($this->entity)->find($id);
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
// Controler les permissions
$this->canseemember($access,$group,$em);
$sub = $em->getManager()->createQueryBuilder();
$sub->select("usergroup");
$sub->from("App:UserGroup","usergroup");
$sub->andWhere('usergroup.user = user.id');
$sub->andWhere('usergroup.group = :groupid');
$query=$request->query->all();
$start=$query['start'];
$length=$query['length'];
$search=$query['search'];
$draw= $query['draw'];
$ordercolumn=$query['order'][0]['column'];
$orderdir=$query['order'][0]['dir'];
$usermodo=null;
// Nombre total d'enregistrement
$qb = $em->getManager()->createQueryBuilder();
if($access=="admin"||$access=="user")
$qb->select('COUNT(user)')
->from('App:User','user')
->where($qb->expr()->exists($sub->getDQL()))
->setParameter("groupid",$id);
else {
$usermodo=$this->getUser()->getId();
$qb->select('COUNT(user)')
->from('App:User','user')
->from('App:UserModo','usermodo')
->where($qb->expr()->exists($sub->getDQL()))
->andWhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo)
->setParameter("groupid",$id);
}
$total=$qb->getQuery()->getSingleScalarResult();
// Nombre d'enregistrement filtré
if($search["value"]=="")
$totalf = $total;
else {
if($access=="admin"||$access=="user")
$totalf= $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User','user')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->exists($sub->getDQL()))
->setParameter("value", "%".$search["value"]."%")
->setParameter("groupid",$id)
->getQuery()
->getSingleScalarResult();
else
$totalf= $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User','user')
->from('App:UserModo','usermodo')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->exists($sub->getDQL()))
->andWhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo)
->setParameter("value", "%".$search["value"]."%")
->setParameter("groupid",$id)
->getQuery()
->getSingleScalarResult();
}
// Construction du tableau de retour
$output = array(
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => array(),
);
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb->select('user')->from("App:User",'user');
if($access=="admin"||$access=="user")
$qb->where($qb->expr()->exists($sub->getDQL()));
else
$qb->from('App:UserModo','usermodo')
->where($qb->expr()->exists($sub->getDQL()))
->andWhere("usermodo.niveau01 = user.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("userid", $usermodo);
if($search["value"]!="") {
$qb ->andWhere('user.username LIKE :value OR user.email LIKE :value')
->setParameter("value", "%".$search["value"]."%");
}
$qb->setParameter("groupid",$id);
switch($ordercolumn) {
case 2 :
$qb->orderBy('user.username',$orderdir);
break;
case 3 :
$qb->orderBy('user.email',$orderdir);
break;
}
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
foreach($datas as $data) {
// Propriétaire
$usergroup=$em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$data->getId(),"group"=>$id]);
$fgproprio=($usergroup->getUser()==$group->getOwner());
$fgme=($usergroup->getUser()==$this->getUser()&&$access!="admin");
// Action
$action = "";
if($this->canupdatemember($access,$group,$em,false)&&!$fgproprio&&!$fgme)
$action.="";
// Avatar
$avatar=""avatar/".$data->getAvatar()])."' class='avatar'>";
// Flag manager
$rolegroup="";
if($fgproprio) $rolegroup="Propriétaire du groupe";
elseif($this->canupdatemember($access,$group,$em,false)&&!$fgme) {
$selectuser=($usergroup->getRolegroup()==0?"selected='selected'":"");
$selectwritter=($usergroup->getRolegroup()==50?"selected='selected'":"");
$selectmanager=($usergroup->getRolegroup()==90?"selected='selected'":"");
$rolegroup='';
}
else $rolegroup=($usergroup->getRolegroup()==0?"Utilisateur":($usergroup->getRolegroup()==50?"Collaborateur":"Gestionnaire"));
$tmp=array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),$rolegroup);
array_push($output["data"],$tmp);
}
// Retour
return new JsonResponse($output);
}
public function useradd($groupid,$userid,$access,Request $request,ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group=$em->getRepository($this->entity)->find($groupid);
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
$user=$em->getRepository("App\Entity\User")->find($userid);
if (!$user) throw $this->createNotFoundException('Unable to find entity.');
$output=array();
$this->canupdatemember($access,$group,$em,true);
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$user,"group"=>$group));
if($usergroup) return new JsonResponse($output);
$usergroup=new UserGroup();
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
// Retour
return new JsonResponse($output);
}
public function userdel($groupid,$userid,$access,Request $request,ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group=$em->getRepository($this->entity)->find($groupid);
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
$user=$em->getRepository("App\Entity\User")->find($userid);
if (!$user) throw $this->createNotFoundException('Unable to find entity.');
$output=array();
$this->canupdatemember($access,$group,$em,true);
if($user==$group->getOwner()) throw $this->createAccessDeniedException('Permission denied');
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$user,"group"=>$group));
if($usergroup) {
$em->getManager()->remove($usergroup);
$em->getManager()->flush();
}
// Retour
return new JsonResponse($output);
}
public function userchangerole($groupid,$userid,$roleid,$access,Request $request,ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group=$em->getRepository($this->entity)->find($groupid);
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
$user=$em->getRepository("App\Entity\User")->find($userid);
if (!$user) throw $this->createNotFoundException('Unable to find entity.');
$output=array();
$this->canupdatemember($access,$group,$em,true);
if($user==$group->getOwner()) throw $this->createAccessDeniedException('Permission denied');
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$user,"group"=>$group));
if($usergroup) {
$usergroup->setRolegroup($roleid);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
}
// Retour
return new JsonResponse($output);
}
public function userout($id,$access,Request $request,ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group=$em->getRepository($this->entity)->find($id);
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
// On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso
if($group->getOwner()!=$this->getUser()&&($group->isIsOpen()||$this->canupdatemember($access,$group,$em,false))) {
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$this->getUser(),"group"=>$group));
if($usergroup) {
$em->getManager()->remove($usergroup);
$em->getManager()->flush();
}
}
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
}
private function cansubmit($access,$em) {
switch($access) {
case "admin" : return true; break;
case "user" : return true; break;
}
throw $this->createAccessDeniedException('Permission denied');
}
private function canupdate($access,$entity,$em,$fgblock=true) {
$toreturn=false;
switch($access) {
case "admin" : $toreturn=($entity->getId()>0); break;
case "user":
if(!$entity->isIsworkgroup()||$entity->getOwner()!=$this->getUser()) $toreturn=false;
else $toreturn=true;
break;
}
if($fgblock&&!$toreturn) throw $this->createAccessDeniedException('Permission denied');
return $toreturn;
}
private function canseemember($access,$entity,$em,$fgblock=true) {
$toreturn=false;
switch($access) {
case "admin" : $toreturn=($entity->getId()>0); break;
case "modo" : $toreturn=($entity->getId()>0); break;
case "user":
$usergroup=$em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$this->getUser(),"group"=>$entity]);
if(!$usergroup||!$entity->isIsworkgroup()||$entity->getId()<0) $toreturn=false;
else $toreturn=true;
break;
}
if($fgblock&&!$toreturn) throw $this->createAccessDeniedException('Permission denied');
return $toreturn;
}
private function canupdatemember($access,$entity,$em,$fgblock=true) {
$toreturn=false;
switch($access) {
case "admin" : $toreturn=($entity->getId()>0&&!$entity->getLdapfilter()); break;
case "modo" : $toreturn=($entity->getId()>0); break;
case "user":
$usergroup=$em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$this->getUser(),"group"=>$entity]);
if(!$usergroup||!$entity->isIsworkgroup()||$entity->getId()<0) $toreturn=false;
elseif($usergroup->getRolegroup()<90) $toreturn=false;
else $toreturn=true;
break;
}
if($fgblock&&!$toreturn) throw $this->createAccessDeniedException('Permission denied');
return $toreturn;
}
}