823 lines
34 KiB
PHP
823 lines
34 KiB
PHP
<?php
|
|
namespace App\Controller;
|
|
|
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
|
use Doctrine\Persistence\ManagerRegistry;
|
|
|
|
use Ramsey\Uuid\Uuid;
|
|
|
|
use App\Entity\Group as Entity;
|
|
use App\Entity\UserGroup;
|
|
use App\Form\GroupType as Form;
|
|
|
|
class GroupController extends AbstractController
|
|
{
|
|
private $data="group";
|
|
private $entity="App\Entity\Group";
|
|
private $twig="Group/";
|
|
private $route="app_admin_group";
|
|
|
|
public function list($access): Response
|
|
{
|
|
return $this->render($this->twig.'list.html.twig',[
|
|
"useheader"=>true,
|
|
"usemenu"=>false,
|
|
"usesidebar"=>($access!="user"),
|
|
"access"=>$access,
|
|
]);
|
|
}
|
|
|
|
public function tablelist($access,Request $request,ManagerRegistry $em): Response
|
|
{
|
|
$query=$request->query->all();
|
|
$start=$query['start'];
|
|
$length=$query['length'];
|
|
$search=$query['search'];
|
|
$draw= $query['draw'];
|
|
$ordercolumn=$query['order'][0]['column'];
|
|
$orderdir=$query['order'][0]['dir'];
|
|
$user=$this->getUser();
|
|
|
|
// Nombre total d'enregistrement
|
|
$qb = $em->getManager()->createQueryBuilder();
|
|
$qb->select('COUNT(entity)')->from($this->entity,'entity')->getQuery()->getSingleScalarResult();
|
|
if($access=="user") {
|
|
$qb ->from("App:UserGroup","usergroup")
|
|
->andWhere(("entity.isworkgroup=:flag"))
|
|
->andWhere("entity.id=usergroup.group")
|
|
->andWhere("usergroup.user=:user")
|
|
->setParameter("flag", true)
|
|
->setParameter("user", $user);
|
|
|
|
}
|
|
$total = $qb->getQuery()->getSingleScalarResult();
|
|
|
|
// Nombre d'enregistrement filtré
|
|
if(!$search||$search["value"]=="")
|
|
$totalf = $total;
|
|
else {
|
|
$qb= $em->getManager()->createQueryBuilder();
|
|
|
|
$qb ->select('COUNT(entity)')
|
|
->from($this->entity,'entity')
|
|
->where('entity.label LIKE :value')
|
|
->leftJoin('App:User', 'user','WITH','entity.owner = user.id AND user.username LIKE :value')
|
|
->setParameter("value", "%".$search["value"]."%")
|
|
->getQuery()
|
|
->getSingleScalarResult();
|
|
if($access=="user") {
|
|
$qb ->from("App:UserGroup","usergroup")
|
|
->andWhere(("entity.isworkgroup=:flag"))
|
|
->andWhere("entity.id=usergroup.group")
|
|
->andWhere("usergroup.user=:user")
|
|
->setParameter("flag", true)
|
|
->setParameter("user", $user);
|
|
}
|
|
$totalf= $qb->getQuery()->getSingleScalarResult();
|
|
}
|
|
|
|
// Construction du tableau de retour
|
|
$output = array(
|
|
'draw' => $draw,
|
|
'recordsFiltered' => $totalf,
|
|
'recordsTotal' => $total,
|
|
'data' => array(),
|
|
);
|
|
|
|
// Parcours des Enregistrement
|
|
$qb = $em->getManager()->createQueryBuilder();
|
|
$qb ->select('entity')
|
|
->from($this->entity,'entity');
|
|
if($access=="user") {
|
|
$qb ->from("App:UserGroup","usergroup")
|
|
->andWhere(("entity.isworkgroup=:flag"))
|
|
->andWhere("entity.id=usergroup.group")
|
|
->andWhere("usergroup.user=:user")
|
|
->setParameter("flag", true)
|
|
->setParameter("user", $user);
|
|
}
|
|
|
|
if($search&&$search["value"]!="") {
|
|
$qb ->andWhere('entity.label LIKE :value')
|
|
->setParameter("value", "%".$search["value"]."%");
|
|
}
|
|
|
|
if($ordercolumn) {
|
|
switch($ordercolumn) {
|
|
case 1 :
|
|
$qb->orderBy('entity.label',$orderdir);
|
|
break;
|
|
case 2 :
|
|
$qb->orderBy('entity.isworkgroup',$orderdir);
|
|
break;
|
|
case 3 :
|
|
$qb->orderBy('entity.isopen',$orderdir);
|
|
break;
|
|
case 4 :
|
|
$qb->orderBy('entity.owner',$orderdir);
|
|
break;
|
|
}
|
|
}
|
|
|
|
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
|
|
|
|
foreach($datas as $data) {
|
|
// Action
|
|
$action = "";
|
|
switch($access) {
|
|
case "admin":
|
|
if($this->canupdate($access,$data,$em,false))
|
|
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_".$access."_",$this->route).'_update', ['id'=>$data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
|
|
|
if($this->canseemember($access,$data,$em,false))
|
|
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_".$access."_",$this->route).'_users', ['id'=>$data->getId()])."'><i class='fa fa-users fa-fw fa-2x'></i></a>";
|
|
break;
|
|
|
|
case "modo":
|
|
if($this->canupdate($access,$data,$em,false))
|
|
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_".$access."_",$this->route).'_update', ['id'=>$data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
|
|
|
if($this->canseemember($access,$data,$em,false))
|
|
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_".$access."_",$this->route).'_users', ['id'=>$data->getId()])."'><i class='fa fa-users fa-fw fa-2x'></i></a>";
|
|
break;
|
|
|
|
case "user":
|
|
if($this->canupdate($access,$data,$em,false))
|
|
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_".$access."_",$this->route).'_update', ['id'=>$data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
|
|
|
|
if($this->canseemember($access,$data,$em,false))
|
|
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_".$access."_",$this->route).'_users', ['id'=>$data->getId()])."'><i class='fa fa-users fa-fw fa-2x'></i></a>";
|
|
|
|
|
|
// On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso
|
|
if($data->getOwner()!=$this->getUser()&&($data->isIsOpen()||$this->canupdatemember($access,$data,$em,false)))
|
|
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_".$access."_",$this->route).'_userout', ['id'=>$data->getId()])."'><i class='fa fa-sign-out-alt fa-fw fa-2x'></i></a>";
|
|
break;
|
|
}
|
|
|
|
$userinfo="";
|
|
if($data->getOwner()) {
|
|
$userinfo.="<img src='".$this->generateUrl('app_minio_image',["file"=>"avatar/".$data->getOwner()->getAvatar()])."' class='avatar'>";
|
|
$userinfo.="<br>".$data->getOwner()->getUsername();
|
|
}
|
|
|
|
$visitecpt=0;
|
|
$visitelast=null;
|
|
foreach($data->getUsers() as $usergroup) {
|
|
$visitecpt+=intval($usergroup->getVisitecpt());
|
|
$visitelast=($usergroup->getVisitedate()>$visitelast?$usergroup->getVisitedate():$visitelast);
|
|
}
|
|
|
|
$tmp=array();
|
|
array_push($tmp,$action);
|
|
array_push($tmp,$data->getLabel());
|
|
array_push($tmp,($data->isIsworkgroup()?"oui":"non"));
|
|
array_push($tmp,($data->isIsopen()?"oui":"non"));
|
|
array_push($tmp,$userinfo);
|
|
array_push($tmp,($visitelast?$visitelast->format("d/m/Y H:i")."<br>":"")."nb = ".$visitecpt);
|
|
array_push($output["data"],$tmp);
|
|
}
|
|
|
|
// Retour
|
|
return new JsonResponse($output);
|
|
}
|
|
|
|
|
|
public function submit($access,Request $request,ManagerRegistry $em): Response
|
|
{
|
|
// Initialisation de l'enregistrement
|
|
$data = new Entity();
|
|
$data->setApikey(Uuid::uuid4());
|
|
if($access=="user") {
|
|
$data->setOwner($this->getUser());
|
|
$data->setIsworkgroup(true);
|
|
}
|
|
|
|
// Controler les permissions
|
|
$this->cansubmit($access,$em);
|
|
|
|
// Création du formulaire
|
|
$form = $this->createForm(Form::class,$data,array(
|
|
"mode"=>"submit",
|
|
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
|
|
"access"=>$access,
|
|
));
|
|
|
|
// Récupération des data du formulaire
|
|
$form->handleRequest($request);
|
|
|
|
// Sur validation
|
|
if ($form->get('submit')->isClicked() && $form->isValid()) {
|
|
$data = $form->getData();
|
|
|
|
// Les groupes opé ne sont pas ouvert
|
|
if(!$data->isIsworkgroup()) $data->setIsopen(false);
|
|
|
|
// Sauvegarde
|
|
$em->getManager()->persist($data);
|
|
$em->getManager()->flush();
|
|
|
|
// Retour à la liste
|
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
|
|
}
|
|
|
|
// Affichage du formulaire
|
|
return $this->render($this->twig.'edit.html.twig', [
|
|
"useheader"=>true,
|
|
"usemenu"=>false,
|
|
"usesidebar"=>($access!="user"),
|
|
"mode"=>"submit",
|
|
"access"=>$access,
|
|
"form"=>$form->createView(),
|
|
$this->data=>$data,
|
|
"maxsize"=>($access=="user"?1200:null),
|
|
]);
|
|
}
|
|
|
|
public function update($id,$access,Request $request,ManagerRegistry $em): Response
|
|
{
|
|
// Initialisation de l'enregistrement
|
|
$data=$em->getRepository($this->entity)->find($id);
|
|
if (!$data or $id<0) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
// Controler les permissions
|
|
$this->canupdate($access,$data,$em);
|
|
|
|
// Création du formulaire
|
|
$form = $this->createForm(Form::class,$data,array(
|
|
"mode"=>"update",
|
|
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
|
|
"access"=>$access,
|
|
));
|
|
|
|
// Récupération des data du formulaire
|
|
$form->handleRequest($request);
|
|
|
|
// Sur validation
|
|
if ($form->get('submit')->isClicked() && $form->isValid()) {
|
|
$data = $form->getData();
|
|
|
|
// Les groupes opé ne sont pas ouvert
|
|
if(!$data->isIsworkgroup()) $data->setIsopen(false);
|
|
|
|
$em->getManager()->flush();
|
|
|
|
// Retour à la liste
|
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
|
|
}
|
|
|
|
// Affichage du formulaire
|
|
return $this->render($this->twig.'edit.html.twig', [
|
|
"useheader" => true,
|
|
"usemenu" => false,
|
|
"usesidebar" => ($access!="user"),
|
|
$this->data => $data,
|
|
"mode" => "update",
|
|
"access"=>$access,
|
|
"form" => $form->createView(),
|
|
"maxsize"=>($access=="user"?1200:null),
|
|
]);
|
|
}
|
|
|
|
public function delete($id,$access,Request $request,ManagerRegistry $em): Response
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$data=$em->getRepository($this->entity)->find($id);
|
|
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
// Controler les permissions
|
|
$this->canupdate($access,$data,$em);
|
|
|
|
// Tentative de suppression
|
|
try{
|
|
$em->getManager()->remove($data);
|
|
$em->getManager()->flush();
|
|
}
|
|
catch (\Exception $e) {
|
|
$request->getSession()->getFlashBag()->add("error", $e->getMessage());
|
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route)."_update",["id"=>$id]);
|
|
}
|
|
|
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
|
|
}
|
|
|
|
|
|
public function users($id,$access,Request $request,ManagerRegistry $em)
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$data=$em->getRepository($this->entity)->find($id);
|
|
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
|
|
// Controler les permissions
|
|
$this->canseemember($access,$data,$em);
|
|
|
|
// Affichage du formulaire
|
|
return $this->render($this->twig.'users.html.twig', [
|
|
'useheader' => true,
|
|
'usemenu' => false,
|
|
'usesidebar' => ($access!="user"),
|
|
'access' => $access,
|
|
$this->data => $data,
|
|
]);
|
|
}
|
|
|
|
public function usersnotin($id,$access,Request $request,ManagerRegistry $em)
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$group=$em->getRepository($this->entity)->find($id);
|
|
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
// Controler les permissions
|
|
$this->canseemember($access,$group,$em);
|
|
|
|
$sub = $em->getManager()->createQueryBuilder();
|
|
$sub->select("usergroup");
|
|
$sub->from("App:UserGroup","usergroup");
|
|
$sub->andWhere('usergroup.user = user.id');
|
|
$sub->andWhere('usergroup.group = :groupid');
|
|
|
|
$query=$request->query->all();
|
|
$start=$query['start'];
|
|
$length=$query['length'];
|
|
$search=$query['search'];
|
|
$draw= $query['draw'];
|
|
$ordercolumn=$query['order'][0]['column'];
|
|
$orderdir=$query['order'][0]['dir'];
|
|
$usermodo=null;
|
|
$niveau01=null;
|
|
$niveau02=null;
|
|
|
|
// Nombre total d'enregistrement
|
|
$qb = $em->getManager()->createQueryBuilder();
|
|
switch($access) {
|
|
case "admin":
|
|
$qb->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
|
|
->setParameter("groupid",$id);
|
|
break;
|
|
|
|
case "modo":
|
|
$usermodo=$this->getUser()->getId();
|
|
$qb->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->from('App:UserModo','usermodo')
|
|
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
|
|
->andWhere("usermodo.niveau01 = user.niveau01")
|
|
->andWhere("usermodo.user = :userid")
|
|
->setParameter("userid", $usermodo)
|
|
->setParameter("groupid",$id);
|
|
break;
|
|
|
|
case "user":
|
|
$niveau01=$this->getUser()->getNiveau01();
|
|
$niveau02=$this->getUser()->getNiveau02();
|
|
|
|
$qb->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
|
|
->setParameter("groupid",$id);
|
|
|
|
switch($request->getSession()->get("scopeannu")) {
|
|
case "SAME_NIVEAU01":
|
|
$qb->andWhere("user.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
|
|
break;
|
|
|
|
case "SAME_NIVEAU02":
|
|
$qb->andWhere("user.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
|
|
break;
|
|
}
|
|
break;
|
|
}
|
|
$total=$qb->getQuery()->getSingleScalarResult();
|
|
$totalf=null;
|
|
|
|
// Nombre d'enregistrement filtré
|
|
if($search["value"]=="")
|
|
$totalf = $total;
|
|
else {
|
|
switch($access) {
|
|
case "admin":
|
|
$totalf= $em->getManager()->createQueryBuilder()
|
|
->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->where('user.username LIKE :value OR user.email LIKE :value')
|
|
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
|
|
->setParameter("value", "%".$search["value"]."%")
|
|
->setParameter("groupid",$id)
|
|
->getQuery()
|
|
->getSingleScalarResult();
|
|
break;
|
|
|
|
case "modo":
|
|
$totalf = $em->getManager()->createQueryBuilder()
|
|
->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->from('App:UserModo','usermodo')
|
|
->where('user.username LIKE :value OR user.email LIKE :value')
|
|
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
|
|
->andWhere("usermodo.niveau01 = user.niveau01")
|
|
->andWhere("usermodo.user = :userid")
|
|
->setParameter("userid", $usermodo)
|
|
->setParameter("value", "%".$search["value"]."%")
|
|
->setParameter("groupid",$id)
|
|
->getQuery()
|
|
->getSingleScalarResult();
|
|
break;
|
|
|
|
case "user":
|
|
$qb = $em->getManager()->createQueryBuilder()
|
|
->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->where('user.username LIKE :value OR user.email LIKE :value')
|
|
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
|
|
->setParameter("value", "%".$search["value"]."%")
|
|
->setParameter("groupid",$id);
|
|
|
|
switch($request->getSession()->get("scopeannu")) {
|
|
case "SAME_NIVEAU01":
|
|
$qb->andWhere("user.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
|
|
break;
|
|
|
|
case "SAME_NIVEAU02":
|
|
$qb->andWhere("user.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
|
|
break;
|
|
}
|
|
|
|
$totalf=$qb->getQuery()->getSingleScalarResult();
|
|
break;
|
|
}
|
|
}
|
|
|
|
// Construction du tableau de retour
|
|
$output = array(
|
|
'draw' => $draw,
|
|
'recordsFiltered' => $totalf,
|
|
'recordsTotal' => $total,
|
|
'data' => array(),
|
|
);
|
|
|
|
// Parcours des Enregistrement
|
|
$qb = $em->getManager()->createQueryBuilder();
|
|
$qb->select('user')->from("App:User",'user');
|
|
|
|
switch($access) {
|
|
case "admin":
|
|
$qb->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())));
|
|
break;
|
|
|
|
case "modo":
|
|
$qb->from('App:UserModo','usermodo')
|
|
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
|
|
->andWhere("usermodo.niveau01 = user.niveau01")
|
|
->andWhere("usermodo.user = :userid")
|
|
->setParameter("userid", $usermodo);
|
|
break;
|
|
|
|
case "user":
|
|
$qb->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())));
|
|
switch($request->getSession()->get("scopeannu")) {
|
|
case "SAME_NIVEAU01":
|
|
$qb->andWhere("user.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
|
|
break;
|
|
|
|
case "SAME_NIVEAU02":
|
|
$qb->andWhere("user.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
|
|
break;
|
|
}
|
|
break;
|
|
}
|
|
|
|
if($search["value"]!="") {
|
|
$qb ->andWhere('user.username LIKE :value OR user.email LIKE :value')
|
|
->setParameter("value", "%".$search["value"]."%");
|
|
}
|
|
$qb->setParameter("groupid",$id);
|
|
switch($ordercolumn) {
|
|
case 2 :
|
|
$qb->orderBy('user.username',$orderdir);
|
|
break;
|
|
|
|
case 3 :
|
|
$qb->orderBy('user.email',$orderdir);
|
|
break;
|
|
}
|
|
|
|
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
|
|
$canupdatemember=$this->canupdatemember($access,$group,$em,false);
|
|
|
|
foreach($datas as $data) {
|
|
// Action
|
|
$action = "";
|
|
if($canupdatemember)
|
|
$action.="<a style='cursor:pointer' onClick='addUsers(".$data->getId().")'><i class='fa fa-plus fa-fw'></i></a>";
|
|
|
|
// Avatar
|
|
$avatar="<img src='".$this->generateUrl('app_minio_image',["file"=>"avatar/".$data->getAvatar()])."' class='avatar'>";
|
|
|
|
array_push($output["data"],array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),"",""));
|
|
}
|
|
|
|
// Retour
|
|
return new JsonResponse($output);
|
|
}
|
|
|
|
|
|
public function usersin($id,$access,Request $request,ManagerRegistry $em)
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$group=$em->getRepository($this->entity)->find($id);
|
|
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
// Controler les permissions
|
|
$this->canseemember($access,$group,$em);
|
|
|
|
$sub = $em->getManager()->createQueryBuilder();
|
|
$sub->select("usergroup");
|
|
$sub->from("App:UserGroup","usergroup");
|
|
$sub->andWhere('usergroup.user = user.id');
|
|
$sub->andWhere('usergroup.group = :groupid');
|
|
|
|
$query=$request->query->all();
|
|
$start=$query['start'];
|
|
$length=$query['length'];
|
|
$search=$query['search'];
|
|
$draw= $query['draw'];
|
|
$ordercolumn=$query['order'][0]['column'];
|
|
$orderdir=$query['order'][0]['dir'];
|
|
$usermodo=null;
|
|
|
|
// Nombre total d'enregistrement
|
|
$qb = $em->getManager()->createQueryBuilder();
|
|
if($access=="admin"||$access=="user")
|
|
$qb->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->where($qb->expr()->exists($sub->getDQL()))
|
|
->setParameter("groupid",$id);
|
|
else {
|
|
$usermodo=$this->getUser()->getId();
|
|
$qb->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->from('App:UserModo','usermodo')
|
|
->where($qb->expr()->exists($sub->getDQL()))
|
|
->andWhere("usermodo.niveau01 = user.niveau01")
|
|
->andWhere("usermodo.user = :userid")
|
|
->setParameter("userid", $usermodo)
|
|
->setParameter("groupid",$id);
|
|
}
|
|
$total=$qb->getQuery()->getSingleScalarResult();
|
|
|
|
// Nombre d'enregistrement filtré
|
|
if($search["value"]=="")
|
|
$totalf = $total;
|
|
else {
|
|
if($access=="admin"||$access=="user")
|
|
$totalf= $em->getManager()->createQueryBuilder()
|
|
->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->where('user.username LIKE :value OR user.email LIKE :value')
|
|
->andWhere($qb->expr()->exists($sub->getDQL()))
|
|
->setParameter("value", "%".$search["value"]."%")
|
|
->setParameter("groupid",$id)
|
|
->getQuery()
|
|
->getSingleScalarResult();
|
|
else
|
|
$totalf= $em->getManager()->createQueryBuilder()
|
|
->select('COUNT(user)')
|
|
->from('App:User','user')
|
|
->from('App:UserModo','usermodo')
|
|
->where('user.username LIKE :value OR user.email LIKE :value')
|
|
->andWhere($qb->expr()->exists($sub->getDQL()))
|
|
->andWhere("usermodo.niveau01 = user.niveau01")
|
|
->andWhere("usermodo.user = :userid")
|
|
->setParameter("userid", $usermodo)
|
|
->setParameter("value", "%".$search["value"]."%")
|
|
->setParameter("groupid",$id)
|
|
->getQuery()
|
|
->getSingleScalarResult();
|
|
|
|
}
|
|
|
|
// Construction du tableau de retour
|
|
$output = array(
|
|
'draw' => $draw,
|
|
'recordsFiltered' => $totalf,
|
|
'recordsTotal' => $total,
|
|
'data' => array(),
|
|
);
|
|
|
|
// Parcours des Enregistrement
|
|
$qb = $em->getManager()->createQueryBuilder();
|
|
$qb->select('user')->from("App:User",'user');
|
|
|
|
if($access=="admin"||$access=="user")
|
|
$qb->where($qb->expr()->exists($sub->getDQL()));
|
|
else
|
|
$qb->from('App:UserModo','usermodo')
|
|
->where($qb->expr()->exists($sub->getDQL()))
|
|
->andWhere("usermodo.niveau01 = user.niveau01")
|
|
->andWhere("usermodo.user = :userid")
|
|
->setParameter("userid", $usermodo);
|
|
|
|
if($search["value"]!="") {
|
|
$qb ->andWhere('user.username LIKE :value OR user.email LIKE :value')
|
|
->setParameter("value", "%".$search["value"]."%");
|
|
}
|
|
$qb->setParameter("groupid",$id);
|
|
switch($ordercolumn) {
|
|
case 2 :
|
|
$qb->orderBy('user.username',$orderdir);
|
|
break;
|
|
|
|
case 3 :
|
|
$qb->orderBy('user.email',$orderdir);
|
|
break;
|
|
}
|
|
|
|
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
|
|
|
|
foreach($datas as $data) {
|
|
// Propriétaire
|
|
$usergroup=$em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$data->getId(),"group"=>$id]);
|
|
$fgproprio=($usergroup->getUser()==$group->getOwner());
|
|
$fgme=($usergroup->getUser()==$this->getUser()&&$access!="admin");
|
|
|
|
// Action
|
|
$action = "";
|
|
if($this->canupdatemember($access,$group,$em,false)&&!$fgproprio&&!$fgme)
|
|
$action.="<a style='cursor:pointer' onClick='delUsers(".$data->getId().")'><i class='fa fa-minus fa-fw'></i></a>";
|
|
|
|
// Avatar
|
|
$avatar="<img src='".$this->generateUrl('app_minio_image',["file"=>"avatar/".$data->getAvatar()])."' class='avatar'>";
|
|
|
|
// Flag manager
|
|
$rolegroup="";
|
|
if($fgproprio) $rolegroup="Propriétaire du groupe";
|
|
elseif($this->canupdatemember($access,$group,$em,false)&&!$fgme) {
|
|
$selectuser=($usergroup->getRolegroup()==0?"selected='selected'":"");
|
|
$selectwritter=($usergroup->getRolegroup()==50?"selected='selected'":"");
|
|
$selectmanager=($usergroup->getRolegroup()==90?"selected='selected'":"");
|
|
|
|
$rolegroup='<select id="roleuser-'.$data->getId().'" name="user[visible]" onChange="changeRole('.$data->getId().');"><option value="0" '.$selectuser.'>Utilisateur</option><option value="50" '.$selectwritter.'>Collaborateur</option><option value="90" '.$selectmanager.'>Gestionnaire</option></select>';
|
|
}
|
|
else $rolegroup=($usergroup->getRolegroup()==0?"Utilisateur":($usergroup->getRolegroup()==50?"Collaborateur":"Gestionnaire"));
|
|
|
|
$tmp=array("DT_RowId"=>"user".$data->getId(),$action,$avatar,$data->getUsername(),$data->getEmail(),$rolegroup);
|
|
array_push($output["data"],$tmp);
|
|
}
|
|
|
|
// Retour
|
|
return new JsonResponse($output);
|
|
}
|
|
|
|
public function useradd($groupid,$userid,$access,Request $request,ManagerRegistry $em)
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$group=$em->getRepository($this->entity)->find($groupid);
|
|
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
$user=$em->getRepository("App\Entity\User")->find($userid);
|
|
if (!$user) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
$output=array();
|
|
$this->canupdatemember($access,$group,$em,true);
|
|
|
|
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$user,"group"=>$group));
|
|
if($usergroup) return new JsonResponse($output);
|
|
|
|
$usergroup=new UserGroup();
|
|
$usergroup->setUser($user);
|
|
$usergroup->setGroup($group);
|
|
$usergroup->setApikey(Uuid::uuid4());
|
|
$usergroup->setRolegroup(0);
|
|
$em->getManager()->persist($usergroup);
|
|
$em->getManager()->flush();
|
|
|
|
// Retour
|
|
return new JsonResponse($output);
|
|
}
|
|
|
|
public function userdel($groupid,$userid,$access,Request $request,ManagerRegistry $em)
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$group=$em->getRepository($this->entity)->find($groupid);
|
|
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
$user=$em->getRepository("App\Entity\User")->find($userid);
|
|
if (!$user) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
$output=array();
|
|
$this->canupdatemember($access,$group,$em,true);
|
|
if($user==$group->getOwner()) throw $this->createAccessDeniedException('Permission denied');
|
|
|
|
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$user,"group"=>$group));
|
|
if($usergroup) {
|
|
$em->getManager()->remove($usergroup);
|
|
$em->getManager()->flush();
|
|
}
|
|
|
|
// Retour
|
|
return new JsonResponse($output);
|
|
}
|
|
|
|
public function userchangerole($groupid,$userid,$roleid,$access,Request $request,ManagerRegistry $em)
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$group=$em->getRepository($this->entity)->find($groupid);
|
|
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
$user=$em->getRepository("App\Entity\User")->find($userid);
|
|
if (!$user) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
$output=array();
|
|
$this->canupdatemember($access,$group,$em,true);
|
|
if($user==$group->getOwner()) throw $this->createAccessDeniedException('Permission denied');
|
|
|
|
|
|
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$user,"group"=>$group));
|
|
if($usergroup) {
|
|
$usergroup->setRolegroup($roleid);
|
|
$em->getManager()->persist($usergroup);
|
|
$em->getManager()->flush();
|
|
}
|
|
|
|
// Retour
|
|
return new JsonResponse($output);
|
|
}
|
|
|
|
public function userout($id,$access,Request $request,ManagerRegistry $em)
|
|
{
|
|
// Récupération de l'enregistrement courant
|
|
$group=$em->getRepository($this->entity)->find($id);
|
|
if (!$group) throw $this->createNotFoundException('Unable to find entity.');
|
|
|
|
// On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso
|
|
if($group->getOwner()!=$this->getUser()&&($group->isIsOpen()||$this->canupdatemember($access,$group,$em,false))) {
|
|
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(array("user"=>$this->getUser(),"group"=>$group));
|
|
if($usergroup) {
|
|
$em->getManager()->remove($usergroup);
|
|
$em->getManager()->flush();
|
|
}
|
|
}
|
|
|
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
|
|
}
|
|
|
|
private function cansubmit($access,$em) {
|
|
switch($access) {
|
|
case "admin" : return true; break;
|
|
case "user" : return true; break;
|
|
}
|
|
throw $this->createAccessDeniedException('Permission denied');
|
|
}
|
|
|
|
|
|
private function canupdate($access,$entity,$em,$fgblock=true) {
|
|
$toreturn=false;
|
|
switch($access) {
|
|
case "admin" : $toreturn=($entity->getId()>0); break;
|
|
case "user":
|
|
if(!$entity->isIsworkgroup()||$entity->getOwner()!=$this->getUser()) $toreturn=false;
|
|
else $toreturn=true;
|
|
break;
|
|
}
|
|
if($fgblock&&!$toreturn) throw $this->createAccessDeniedException('Permission denied');
|
|
return $toreturn;
|
|
}
|
|
|
|
private function canseemember($access,$entity,$em,$fgblock=true) {
|
|
$toreturn=false;
|
|
switch($access) {
|
|
case "admin" : $toreturn=($entity->getId()>0); break;
|
|
case "modo" : $toreturn=($entity->getId()>0); break;
|
|
case "user":
|
|
$usergroup=$em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$this->getUser(),"group"=>$entity]);
|
|
if(!$usergroup||!$entity->isIsworkgroup()||$entity->getId()<0) $toreturn=false;
|
|
else $toreturn=true;
|
|
break;
|
|
}
|
|
if($fgblock&&!$toreturn) throw $this->createAccessDeniedException('Permission denied');
|
|
return $toreturn;
|
|
}
|
|
|
|
|
|
private function canupdatemember($access,$entity,$em,$fgblock=true) {
|
|
$toreturn=false;
|
|
switch($access) {
|
|
case "admin" : $toreturn=($entity->getId()>0&&!$entity->getLdapfilter()); break;
|
|
case "modo" : $toreturn=($entity->getId()>0); break;
|
|
case "user":
|
|
$usergroup=$em->getRepository("App\Entity\UserGroup")->findOneBy(["user"=>$this->getUser(),"group"=>$entity]);
|
|
if(!$usergroup||!$entity->isIsworkgroup()||$entity->getId()<0) $toreturn=false;
|
|
elseif($usergroup->getRolegroup()<90) $toreturn=false;
|
|
else $toreturn=true;
|
|
break;
|
|
}
|
|
if($fgblock&&!$toreturn) throw $this->createAccessDeniedException('Permission denied');
|
|
return $toreturn;
|
|
}
|
|
} |