render($this->twig.'list.html.twig', [ 'useheader' => true, 'usemenu' => false, 'usesidebar' => ('user' != $access), 'access' => $access, ]); } public function tablelist($access, Request $request, ManagerRegistry $em): Response { $query = $request->query->all(); $start = $query['start']; $length = $query['length']; $search = $query['search']; $draw = $query['draw']; $ordercolumn = $query['order'][0]['column']; $orderdir = $query['order'][0]['dir']; $user = $this->getUser(); // Nombre total d'enregistrement $qb = $em->getManager()->createQueryBuilder(); $qb->select('COUNT(entity)')->from($this->entity, 'entity')->getQuery()->getSingleScalarResult(); if ('user' == $access) { $qb->from('App:UserGroup', 'usergroup') ->andWhere('entity.isworkgroup=:flag') ->andWhere('entity.id=usergroup.group') ->andWhere('usergroup.user=:user') ->setParameter('flag', true) ->setParameter('user', $user); } $total = $qb->getQuery()->getSingleScalarResult(); // Nombre d'enregistrement filtré if (!$search || '' == $search['value']) { $totalf = $total; } else { $qb = $em->getManager()->createQueryBuilder(); $qb->select('COUNT(entity)') ->from($this->entity, 'entity') ->where('entity.label LIKE :value') ->leftJoin('App:User', 'user', 'WITH', 'entity.owner = user.id AND user.username LIKE :value') ->setParameter('value', '%'.$search['value'].'%') ->getQuery() ->getSingleScalarResult(); if ('user' == $access) { $qb->from('App:UserGroup', 'usergroup') ->andWhere('entity.isworkgroup=:flag') ->andWhere('entity.id=usergroup.group') ->andWhere('usergroup.user=:user') ->setParameter('flag', true) ->setParameter('user', $user); } $totalf = $qb->getQuery()->getSingleScalarResult(); } // Construction du tableau de retour $output = [ 'draw' => $draw, 'recordsFiltered' => $totalf, 'recordsTotal' => $total, 'data' => [], ]; // Parcours des Enregistrement $qb = $em->getManager()->createQueryBuilder(); $qb->select('entity') ->from($this->entity, 'entity'); if ('user' == $access) { $qb->from('App:UserGroup', 'usergroup') ->andWhere('entity.isworkgroup=:flag') ->andWhere('entity.id=usergroup.group') ->andWhere('usergroup.user=:user') ->setParameter('flag', true) ->setParameter('user', $user); } if ($search && '' != $search['value']) { $qb->andWhere('entity.label LIKE :value') ->setParameter('value', '%'.$search['value'].'%'); } if ($ordercolumn) { switch ($ordercolumn) { case 1: $qb->orderBy('entity.label', $orderdir); break; case 2: $qb->orderBy('entity.isworkgroup', $orderdir); break; case 3: $qb->orderBy('entity.isopen', $orderdir); break; case 4: $qb->orderBy('entity.owner', $orderdir); break; } } $datas = $qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult(); foreach ($datas as $data) { // Action $action = ''; switch ($access) { case 'admin': if ($this->canupdate($access, $data, $em, false)) { $action .= "route).'_update', ['id' => $data->getId()])."'>"; } if ($this->canseemember($access, $data, $em, false)) { $action .= "route).'_users', ['id' => $data->getId()])."'>"; } break; case 'modo': if ($this->canupdate($access, $data, $em, false)) { $action .= "route).'_update', ['id' => $data->getId()])."'>"; } if ($this->canseemember($access, $data, $em, false)) { $action .= "route).'_users', ['id' => $data->getId()])."'>"; } break; case 'user': if ($this->canupdate($access, $data, $em, false)) { $action .= "route).'_update', ['id' => $data->getId()])."'>"; } if ($this->canseemember($access, $data, $em, false)) { $action .= "route).'_users', ['id' => $data->getId()])."'>"; } // On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso if ($data->getOwner() != $this->getUser() && ($data->isIsOpen() || $this->canupdatemember($access, $data, $em, false))) { $action .= "route).'_userout', ['id' => $data->getId()])."'>"; } break; } $userinfo = ''; if ($data->getOwner()) { $userinfo .= " 'avatar/'.$data->getOwner()->getAvatar()])."' class='avatar'>"; $userinfo .= '
'.$data->getOwner()->getUsername(); } $visitecpt = 0; $visitelast = null; foreach ($data->getUsers() as $usergroup) { $visitecpt += intval($usergroup->getVisitecpt()); $visitelast = ($usergroup->getVisitedate() > $visitelast ? $usergroup->getVisitedate() : $visitelast); } $tmp = []; array_push($tmp, $action); array_push($tmp, $data->getLabel()); array_push($tmp, $data->isIsworkgroup() ? 'oui' : 'non'); array_push($tmp, $data->isIsopen() ? 'oui' : 'non'); array_push($tmp, $userinfo); array_push($tmp, ($visitelast ? $visitelast->format('d/m/Y H:i').'
' : '').'nb = '.$visitecpt); array_push($output['data'], $tmp); } // Retour return new JsonResponse($output); } public function submit($access, Request $request, ManagerRegistry $em): Response { // Initialisation de l'enregistrement $data = new Entity(); $data->setApikey(Uuid::uuid4()); if ('user' == $access) { $data->setOwner($this->getUser()); $data->setIsworkgroup(true); } // Controler les permissions if (!$this->cansubmit($access, $request)) { throw $this->createAccessDeniedException('Permission denied'); } // Création du formulaire $form = $this->createForm(Form::class, $data, [ 'mode' => 'submit', 'appMasteridentity' => $this->GetParameter('appMasteridentity'), 'access' => $access, ]); // Récupération des data du formulaire $form->handleRequest($request); // Sur validation if ($form->get('submit')->isClicked() && $form->isValid()) { $data = $form->getData(); // Les groupes opé ne sont pas ouvert if (!$data->isIsworkgroup()) { $data->setIsopen(false); } // Sauvegarde $em->getManager()->persist($data); $em->getManager()->flush(); // Retour à la liste return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route)); } // Affichage du formulaire return $this->render($this->twig.'edit.html.twig', [ 'useheader' => true, 'usemenu' => false, 'usesidebar' => ('user' != $access), 'mode' => 'submit', 'access' => $access, 'form' => $form->createView(), $this->data => $data, 'maxsize' => ('user' == $access ? 1200 : null), ]); } public function update($id, $access, Request $request, ManagerRegistry $em): Response { // Initialisation de l'enregistrement $data = $em->getRepository($this->entity)->find($id); if (!$data or $id < 0) { throw $this->createNotFoundException('Unable to find entity.'); } // Controler les permissions $this->canupdate($access, $data, $em); // Création du formulaire $form = $this->createForm(Form::class, $data, [ 'mode' => 'update', 'appMasteridentity' => $this->GetParameter('appMasteridentity'), 'access' => $access, ]); // Récupération des data du formulaire $form->handleRequest($request); // Sur validation if ($form->get('submit')->isClicked() && $form->isValid()) { $data = $form->getData(); // Les groupes opé ne sont pas ouvert if (!$data->isIsworkgroup()) { $data->setIsopen(false); } $em->getManager()->flush(); // Retour à la liste return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route)); } // Affichage du formulaire return $this->render($this->twig.'edit.html.twig', [ 'useheader' => true, 'usemenu' => false, 'usesidebar' => ('user' != $access), $this->data => $data, 'mode' => 'update', 'access' => $access, 'form' => $form->createView(), 'maxsize' => ('user' == $access ? 1200 : null), ]); } public function delete($id, $access, Request $request, ManagerRegistry $em): Response { // Récupération de l'enregistrement courant $data = $em->getRepository($this->entity)->find($id); if (!$data) { throw $this->createNotFoundException('Unable to find entity.'); } // Controler les permissions $this->canupdate($access, $data, $em); // Tentative de suppression try { $em->getManager()->remove($data); $em->getManager()->flush(); } catch (\Exception $e) { $request->getSession()->getFlashBag()->add('error', $e->getMessage()); return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route).'_update', ['id' => $id]); } return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route)); } public function users($id, $access, Request $request, ManagerRegistry $em) { // Récupération de l'enregistrement courant $data = $em->getRepository($this->entity)->find($id); if (!$data) { throw $this->createNotFoundException('Unable to find entity.'); } // Controler les permissions $this->canseemember($access, $data, $em); // Affichage du formulaire return $this->render($this->twig.'users.html.twig', [ 'useheader' => true, 'usemenu' => false, 'usesidebar' => ('user' != $access), 'access' => $access, $this->data => $data, ]); } public function usersnotin($id, $access, Request $request, ManagerRegistry $em) { // Récupération de l'enregistrement courant $group = $em->getRepository($this->entity)->find($id); if (!$group) { throw $this->createNotFoundException('Unable to find entity.'); } // Controler les permissions $this->canseemember($access, $group, $em); $sub = $em->getManager()->createQueryBuilder(); $sub->select('usergroup'); $sub->from('App:UserGroup', 'usergroup'); $sub->andWhere('usergroup.user = user.id'); $sub->andWhere('usergroup.group = :groupid'); $query = $request->query->all(); $start = $query['start']; $length = $query['length']; $search = $query['search']; $draw = $query['draw']; $ordercolumn = $query['order'][0]['column']; $orderdir = $query['order'][0]['dir']; $usermodo = null; $niveau01 = null; $niveau02 = null; $niveau03 = null; $niveau04 = null; // Nombre total d'enregistrement $qb = $em->getManager()->createQueryBuilder(); switch ($access) { case 'admin': $qb->select('COUNT(user)') ->from('App:User', 'user') ->where($qb->expr()->not($qb->expr()->exists($sub->getDQL()))) ->setParameter('groupid', $id); break; case 'modo': $usermodo = $this->getUser()->getId(); $qb->select('COUNT(user)') ->from('App:User', 'user') ->from('App:UserModo', 'usermodo') ->where($qb->expr()->not($qb->expr()->exists($sub->getDQL()))) ->andWhere('usermodo.niveau01 = user.niveau01') ->andWhere('usermodo.user = :userid') ->setParameter('userid', $usermodo) ->setParameter('groupid', $id); break; case 'user': $niveau01 = $this->getUser()->getNiveau01(); $niveau02 = $this->getUser()->getNiveau02(); $niveau03 = $this->getUser()->getNiveau03(); $niveau04 = $this->getUser()->getNiveau04(); $qb->select('COUNT(user)') ->from('App:User', 'user') ->where($qb->expr()->not($qb->expr()->exists($sub->getDQL()))) ->setParameter('groupid', $id); switch ($request->getSession()->get('scopeannu')) { case 1: $qb->andWhere('user.niveau01 = :niveau01')->setParameter('niveau01', $niveau01); break; case 2: $qb->andWhere('user.niveau02 = :niveau02')->setParameter('niveau02', $niveau02); break; case 3: $qb->andWhere('user.niveau03 = :niveau03')->setParameter('niveau02', $niveau03); break; case 4: $qb->andWhere('user.niveau04 = :niveau04')->setParameter('niveau04', $niveau04); break; } break; } $total = $qb->getQuery()->getSingleScalarResult(); $totalf = null; // Nombre d'enregistrement filtré if ('' == $search['value']) { $totalf = $total; } else { switch ($access) { case 'admin': $totalf = $em->getManager()->createQueryBuilder() ->select('COUNT(user)') ->from('App:User', 'user') ->where('user.username LIKE :value OR user.email LIKE :value') ->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL()))) ->setParameter('value', '%'.$search['value'].'%') ->setParameter('groupid', $id) ->getQuery() ->getSingleScalarResult(); break; case 'modo': $totalf = $em->getManager()->createQueryBuilder() ->select('COUNT(user)') ->from('App:User', 'user') ->from('App:UserModo', 'usermodo') ->where('user.username LIKE :value OR user.email LIKE :value') ->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL()))) ->andWhere('usermodo.niveau01 = user.niveau01') ->andWhere('usermodo.user = :userid') ->setParameter('userid', $usermodo) ->setParameter('value', '%'.$search['value'].'%') ->setParameter('groupid', $id) ->getQuery() ->getSingleScalarResult(); break; case 'user': $qb = $em->getManager()->createQueryBuilder() ->select('COUNT(user)') ->from('App:User', 'user') ->where('user.username LIKE :value OR user.email LIKE :value') ->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL()))) ->setParameter('value', '%'.$search['value'].'%') ->setParameter('groupid', $id); switch ($request->getSession()->get('scopeannu')) { case 1: $qb->andWhere('user.niveau01 = :niveau01')->setParameter('niveau01', $niveau01); break; case 2: $qb->andWhere('user.niveau02 = :niveau02')->setParameter('niveau02', $niveau02); break; case 3: $qb->andWhere('user.niveau03 = :niveau03')->setParameter('niveau02', $niveau03); break; case 4: $qb->andWhere('user.niveau04 = :niveau04')->setParameter('niveau04', $niveau04); break; } $totalf = $qb->getQuery()->getSingleScalarResult(); break; } } // Construction du tableau de retour $output = [ 'draw' => $draw, 'recordsFiltered' => $totalf, 'recordsTotal' => $total, 'data' => [], ]; // Parcours des Enregistrement $qb = $em->getManager()->createQueryBuilder(); $qb->select('user')->from('App:User', 'user'); switch ($access) { case 'admin': $qb->where($qb->expr()->not($qb->expr()->exists($sub->getDQL()))); break; case 'modo': $qb->from('App:UserModo', 'usermodo') ->where($qb->expr()->not($qb->expr()->exists($sub->getDQL()))) ->andWhere('usermodo.niveau01 = user.niveau01') ->andWhere('usermodo.user = :userid') ->setParameter('userid', $usermodo); break; case 'user': $qb->where($qb->expr()->not($qb->expr()->exists($sub->getDQL()))); switch ($request->getSession()->get('scopeannu')) { case 1: $qb->andWhere('user.niveau01 = :niveau01')->setParameter('niveau01', $niveau01); break; case 2: $qb->andWhere('user.niveau02 = :niveau02')->setParameter('niveau02', $niveau02); break; case 3: $qb->andWhere('user.niveau03 = :niveau03')->setParameter('niveau02', $niveau03); break; case 4: $qb->andWhere('user.niveau04 = :niveau04')->setParameter('niveau04', $niveau04); break; } break; } if ('' != $search['value']) { $qb->andWhere('user.username LIKE :value OR user.email LIKE :value') ->setParameter('value', '%'.$search['value'].'%'); } $qb->setParameter('groupid', $id); switch ($ordercolumn) { case 2: $qb->orderBy('user.username', $orderdir); break; case 3: $qb->orderBy('user.email', $orderdir); break; } $datas = $qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult(); $canupdatemember = $this->canupdatemember($access, $group, $em, false); foreach ($datas as $data) { // Action $action = ''; if ($canupdatemember) { $action .= ""; } // Avatar $avatar = " 'avatar/'.$data->getAvatar()])."' class='avatar'>"; array_push($output['data'], ['DT_RowId' => 'user'.$data->getId(), $action, $avatar, $data->getUsername(), $data->getEmail(), '', '']); } // Retour return new JsonResponse($output); } public function usersin($id, $access, Request $request, ManagerRegistry $em) { // Récupération de l'enregistrement courant $group = $em->getRepository($this->entity)->find($id); if (!$group) { throw $this->createNotFoundException('Unable to find entity.'); } // Controler les permissions $this->canseemember($access, $group, $em); $sub = $em->getManager()->createQueryBuilder(); $sub->select('usergroup'); $sub->from('App:UserGroup', 'usergroup'); $sub->andWhere('usergroup.user = user.id'); $sub->andWhere('usergroup.group = :groupid'); $query = $request->query->all(); $start = $query['start']; $length = $query['length']; $search = $query['search']; $draw = $query['draw']; $ordercolumn = $query['order'][0]['column']; $orderdir = $query['order'][0]['dir']; $usermodo = null; // Nombre total d'enregistrement $qb = $em->getManager()->createQueryBuilder(); if ('admin' == $access || 'user' == $access) { $qb->select('COUNT(user)') ->from('App:User', 'user') ->where($qb->expr()->exists($sub->getDQL())) ->setParameter('groupid', $id); } else { $usermodo = $this->getUser()->getId(); $qb->select('COUNT(user)') ->from('App:User', 'user') ->from('App:UserModo', 'usermodo') ->where($qb->expr()->exists($sub->getDQL())) ->andWhere('usermodo.niveau01 = user.niveau01') ->andWhere('usermodo.user = :userid') ->setParameter('userid', $usermodo) ->setParameter('groupid', $id); } $total = $qb->getQuery()->getSingleScalarResult(); // Nombre d'enregistrement filtré if ('' == $search['value']) { $totalf = $total; } else { if ('admin' == $access || 'user' == $access) { $totalf = $em->getManager()->createQueryBuilder() ->select('COUNT(user)') ->from('App:User', 'user') ->where('user.username LIKE :value OR user.email LIKE :value') ->andWhere($qb->expr()->exists($sub->getDQL())) ->setParameter('value', '%'.$search['value'].'%') ->setParameter('groupid', $id) ->getQuery() ->getSingleScalarResult(); } else { $totalf = $em->getManager()->createQueryBuilder() ->select('COUNT(user)') ->from('App:User', 'user') ->from('App:UserModo', 'usermodo') ->where('user.username LIKE :value OR user.email LIKE :value') ->andWhere($qb->expr()->exists($sub->getDQL())) ->andWhere('usermodo.niveau01 = user.niveau01') ->andWhere('usermodo.user = :userid') ->setParameter('userid', $usermodo) ->setParameter('value', '%'.$search['value'].'%') ->setParameter('groupid', $id) ->getQuery() ->getSingleScalarResult(); } } // Construction du tableau de retour $output = [ 'draw' => $draw, 'recordsFiltered' => $totalf, 'recordsTotal' => $total, 'data' => [], ]; // Parcours des Enregistrement $qb = $em->getManager()->createQueryBuilder(); $qb->select('user')->from('App:User', 'user'); if ('admin' == $access || 'user' == $access) { $qb->where($qb->expr()->exists($sub->getDQL())); } else { $qb->from('App:UserModo', 'usermodo') ->where($qb->expr()->exists($sub->getDQL())) ->andWhere('usermodo.niveau01 = user.niveau01') ->andWhere('usermodo.user = :userid') ->setParameter('userid', $usermodo); } if ('' != $search['value']) { $qb->andWhere('user.username LIKE :value OR user.email LIKE :value') ->setParameter('value', '%'.$search['value'].'%'); } $qb->setParameter('groupid', $id); switch ($ordercolumn) { case 2: $qb->orderBy('user.username', $orderdir); break; case 3: $qb->orderBy('user.email', $orderdir); break; } $datas = $qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult(); foreach ($datas as $data) { // Propriétaire $usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $data->getId(), 'group' => $id]); $fgproprio = ($usergroup->getUser() == $group->getOwner()); $fgme = ($usergroup->getUser() == $this->getUser() && 'admin' != $access); // Action $action = ''; if ($this->canupdatemember($access, $group, $em, false) && !$fgproprio && !$fgme) { $action .= ""; } // Avatar $avatar = " 'avatar/'.$data->getAvatar()])."' class='avatar'>"; // Flag manager $rolegroup = ''; if ($fgproprio) { $rolegroup = 'Propriétaire du groupe'; } elseif ($this->canupdatemember($access, $group, $em, false) && !$fgme) { $selectuser = (0 == $usergroup->getRolegroup() ? "selected='selected'" : ''); $selectwritter = (50 == $usergroup->getRolegroup() ? "selected='selected'" : ''); $selectmanager = (90 == $usergroup->getRolegroup() ? "selected='selected'" : ''); $rolegroup = ''; } else { $rolegroup = (0 == $usergroup->getRolegroup() ? 'Utilisateur' : (50 == $usergroup->getRolegroup() ? 'Collaborateur' : 'Gestionnaire')); } $tmp = ['DT_RowId' => 'user'.$data->getId(), $action, $avatar, $data->getUsername(), $data->getEmail(), $rolegroup]; array_push($output['data'], $tmp); } // Retour return new JsonResponse($output); } public function useradd($groupid, $userid, $access, Request $request, ManagerRegistry $em) { // Récupération de l'enregistrement courant $group = $em->getRepository($this->entity)->find($groupid); if (!$group) { throw $this->createNotFoundException('Unable to find entity.'); } $user = $em->getRepository("App\Entity\User")->find($userid); if (!$user) { throw $this->createNotFoundException('Unable to find entity.'); } $output = []; $this->canupdatemember($access, $group, $em, true); $usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]); if ($usergroup) { return new JsonResponse($output); } $usergroup = new UserGroup(); $usergroup->setUser($user); $usergroup->setGroup($group); $usergroup->setApikey(Uuid::uuid4()); $usergroup->setRolegroup(0); $em->getManager()->persist($usergroup); $em->getManager()->flush(); // Retour return new JsonResponse($output); } public function userdel($groupid, $userid, $access, Request $request, ManagerRegistry $em) { // Récupération de l'enregistrement courant $group = $em->getRepository($this->entity)->find($groupid); if (!$group) { throw $this->createNotFoundException('Unable to find entity.'); } $user = $em->getRepository("App\Entity\User")->find($userid); if (!$user) { throw $this->createNotFoundException('Unable to find entity.'); } $output = []; $this->canupdatemember($access, $group, $em, true); if ($user == $group->getOwner()) { throw $this->createAccessDeniedException('Permission denied'); } $usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]); if ($usergroup) { $em->getManager()->remove($usergroup); $em->getManager()->flush(); } // Retour return new JsonResponse($output); } public function userchangerole($groupid, $userid, $roleid, $access, Request $request, ManagerRegistry $em) { // Récupération de l'enregistrement courant $group = $em->getRepository($this->entity)->find($groupid); if (!$group) { throw $this->createNotFoundException('Unable to find entity.'); } $user = $em->getRepository("App\Entity\User")->find($userid); if (!$user) { throw $this->createNotFoundException('Unable to find entity.'); } $output = []; $this->canupdatemember($access, $group, $em, true); if ($user == $group->getOwner()) { throw $this->createAccessDeniedException('Permission denied'); } $usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]); if ($usergroup) { $usergroup->setRolegroup($roleid); $em->getManager()->persist($usergroup); $em->getManager()->flush(); } // Retour return new JsonResponse($output); } public function userout($id, $access, Request $request, ManagerRegistry $em) { // Récupération de l'enregistrement courant $group = $em->getRepository($this->entity)->find($id); if (!$group) { throw $this->createNotFoundException('Unable to find entity.'); } // On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso if ($group->getOwner() != $this->getUser() && ($group->isIsOpen() || $this->canupdatemember($access, $group, $em, false))) { $usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $this->getUser(), 'group' => $group]); if ($usergroup) { $em->getManager()->remove($usergroup); $em->getManager()->flush(); } } return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route)); } private function cansubmit($access, $request) { switch ($access) { case 'admin': return true; break; case 'modo': return false; break; case 'user': return $request->getSession()->get('submitgroup'); break; } throw $this->createAccessDeniedException('Permission denied'); } private function canupdate($access, $entity, $em, $fgblock = true) { $toreturn = false; switch ($access) { case 'admin': $toreturn = ($entity->getId() > 0); break; case 'user': if (!$entity->isIsworkgroup() || $entity->getOwner() != $this->getUser()) { $toreturn = false; } else { $toreturn = true; } break; } if ($fgblock && !$toreturn) { throw $this->createAccessDeniedException('Permission denied'); } return $toreturn; } private function canseemember($access, $entity, $em, $fgblock = true) { $toreturn = false; switch ($access) { case 'admin': $toreturn = ($entity->getId() > 0); break; case 'modo': $toreturn = ($entity->getId() > 0); break; case 'user': $usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $this->getUser(), 'group' => $entity]); if (!$usergroup || !$entity->isIsworkgroup() || $entity->getId() < 0) { $toreturn = false; } else { $toreturn = true; } break; } if ($fgblock && !$toreturn) { throw $this->createAccessDeniedException('Permission denied'); } return $toreturn; } private function canupdatemember($access, $entity, $em, $fgblock = true) { $toreturn = false; switch ($access) { case 'admin': $toreturn = ($entity->getId() > 0 && !$entity->getLdapfilter()); break; case 'modo': $toreturn = ($entity->getId() > 0); break; case 'user': $usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $this->getUser(), 'group' => $entity]); if (!$usergroup || !$entity->isIsworkgroup() || $entity->getId() < 0) { $toreturn = false; } elseif ($usergroup->getRolegroup() < 90) { $toreturn = false; } else { $toreturn = true; } break; } if ($fgblock && !$toreturn) { throw $this->createAccessDeniedException('Permission denied'); } return $toreturn; } }