Cadoles
/
nineskeletor
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
nineskeletor/src/Controller/UserController.php

668 lines
26 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\JsonResponse;
use Doctrine\Persistence\ManagerRegistry;
use Ramsey\Uuid\Uuid;
use App\Entity\User as Entity;
use App\Entity\UserGroup;
use App\Entity\UserModo;
use App\Form\UserType as Form;
class UserController extends AbstractController
{
private $data="user";
private $entity="App\Entity\User";
private $twig="User/";
private $route="app_admin_user";
public function list($access,Request $request): Response
{
if($access=="user"&&!$request->getSession()->get("showannuaire"))
throw $this->createAccessDeniedException('Permission denied');
return $this->render($this->twig.'list.html.twig',[
"useheader"=>true,
"usemenu"=>false,
"usesidebar"=>($access!="user"),
"access"=>$access
]);
}
public function tablelist($access, Request $request,ManagerRegistry $em): Response
{
$query=$request->query->all();
$start=$query['start'];
$length=$query['length'];
$search=$query['search'];
$draw= $query['draw'];
$ordercolumn=$query['order'][0]['column'];
$orderdir=$query['order'][0]['dir'];
$niveau01=null;
$niveau02=null;
// Nombre total d'enregistrement
switch($access) {
case "admin":
$total = $em->getManager()->createQueryBuilder()->select('COUNT(entity)')->from($this->entity,'entity')->getQuery()->getSingleScalarResult();
break;
case "modo":
$total = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity,'entity')
->from("App\Entity\UserModo",'usermodo')
->where("usermodo.niveau01 = entity.niveau01")
->andWhere("usermodo.user = :user")
->setParameter("user", $this->getUser())
->getQuery()->getSingleScalarResult();
break;
default:
$niveau01=$this->getUser()->getNiveau01();
$niveau02=$this->getUser()->getNiveau02();
$qb=$em->getManager()->createQueryBuilder()->select('COUNT(entity)')->from($this->entity,'entity')->where('entity.isvisible=true');
switch($request->getSession()->get("scopeannu")) {
case "SAME_NIVEAU01":
$qb->andWhere("entity.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
break;
case "SAME_NIVEAU02":
$qb->andWhere("entity.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
break;
}
$total = $qb->getQuery()->getSingleScalarResult();
break;
}
// Nombre d'enregistrement filtré
if(!$search||$search["value"]=="")
$totalf = $total;
else {
switch($access) {
case "admin":
$totalf= $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity,'entity')
->from('App:Niveau01', 'niveau01')
->where('entity.niveau01=niveau01.id')
->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->setParameter("value", "%".$search["value"]."%")
->getQuery()
->getSingleScalarResult();
break;
case "modo":
$totalf= $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity,'entity')
->from('App:Niveau01', 'niveau01')
->from("App:UserModo",'usermodo')
->where('entity.niveau01=niveau01.id')
->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->andWhere("usermodo.niveau01 = entity.niveau01")
->andWhere("usermodo.user = :userid")
->setParameter("value", "%".$search["value"]."%")
->setParameter("userid", $this->getUser()->getId())
->getQuery()
->getSingleScalarResult();
break;
default:
$qb = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity,'entity')
->from('App:Niveau01', 'niveau01')
->where('entity.niveau01=niveau01.id')
->andWhere('entity.isvisible=true')
->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->setParameter("value", "%".$search["value"]."%");
switch($request->getSession()->get("scopeannu")) {
case "SAME_NIVEAU01":
$qb->andWhere("entity.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
break;
case "SAME_NIVEAU02":
$qb->andWhere("entity.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
break;
}
$totalf=$qb->getQuery()->getSingleScalarResult();
break;
}
}
// Construction du tableau de retour
$output = array(
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => array(),
);
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
switch($access) {
case "admin":
$qb->select('entity')->from($this->entity,'entity')->from('App:Niveau01','niveau01');
$qb->where('entity.niveau01=niveau01.id');
break;
case "modo":
$qb->select('entity')->from($this->entity,'entity')->from('App:Niveau01','niveau01')->from("App:UserModo",'usermodo');
$qb->where('entity.niveau01=niveau01.id');
$qb->andWhere("usermodo.niveau01 = entity.niveau01");
$qb->andWhere("usermodo.user = :userid");
$qb->setParameter("userid", $this->getUser()->getId());
break;
default:
$qb->select('entity')->from($this->entity,'entity')->from('App:Niveau01','niveau01');
$qb->where('entity.niveau01=niveau01.id');
$qb->andWhere('entity.isvisible=true');
switch($request->getSession()->get("scopeannu")) {
case "SAME_NIVEAU01":
$qb->andWhere("entity.niveau01 = :niveau01")->setParameter("niveau01",$niveau01);
break;
case "SAME_NIVEAU02":
$qb->andWhere("entity.niveau02 = :niveau02")->setParameter("niveau02",$niveau02);
break;
}
break;
}
if($search&&$search["value"]!="") {
$qb ->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->setParameter("value", "%".$search["value"]."%");
}
if($ordercolumn) {
if($access=="admin"||$access=="modo") {
$ordercolumn=$ordercolumn-1;
}
switch($ordercolumn) {
case 1 :
$qb->orderBy('entity.username',$orderdir);
break;
case 2 :
$qb->orderBy('entity.lastname',$orderdir);
break;
case 3 :
$qb->orderBy('entity.firstname',$orderdir);
break;
case 4 :
$qb->orderBy('entity.email',$orderdir);
break;
case 5 :
$qb->orderBy('entity.telephonenumber',$orderdir);
break;
case 6 :
$qb->orderBy('niveau01.label',$orderdir);
break;
case 8 :
$qb->orderBy('entity.visitedate',$orderdir);
break;
case 9 :
$qb->orderBy('entity.roles',$orderdir);
break;
}
}
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
foreach($datas as $data) {
// Action
$action = "";
switch($access) {
case "admin":
$action.="<a href='".$this->generateUrl($this->route.'_update', array('id'=>$data->getId()))."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
break;
case "modo":
$action.="<a href='".$this->generateUrl(str_replace("_admin_","_modo_",$this->route).'_update', array('id'=>$data->getId()))."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
break;
}
// Groupes
$groups="";
foreach($data->getGroups() as $usergroup) {
$groups.=$usergroup->getGroup()->getLabel()."<br>";
}
// Roles
$roles="";
foreach($data->getRoles() as $role) {
$roles.=$role."<br>";
}
$tmp=array();
if($access=="admin"||$access=="modo") array_push($tmp,$action);
array_push($tmp,"<img src='".$this->generateUrl('app_minio_image',["file"=>"avatar/".$data->getAvatar()])."' class='avatar'>");
array_push($tmp,$data->getUsername());
array_push($tmp,$data->getLastname());
array_push($tmp,$data->getFirstname());
array_push($tmp,"<a href='mailto:".$data->getEmail()."'>".$data->getEmail()."</a>");
array_push($tmp,$data->getTelephonenumber());
array_push($tmp,$data->getNiveau01()->getLabel());
array_push($tmp,($data->getNiveau02()?$data->getNiveau02()->getLabel():""));
array_push($tmp,($data->getVisitedate()?$data->getVisitedate()->format("d/m/Y H:i")."<br>nb = ".$data->getVisitecpt():""));
array_push($tmp,$roles);
array_push($tmp,$groups);
array_push($output["data"],$tmp);
}
// Retour
return new JsonResponse($output);
}
public function selectlist($access, Request $request,ManagerRegistry $em): Response
{
$output=array();
$page_limit=$request->query->get('page_limit');
$q=$request->query->get('q');
$qb = $em->getManager()->createQueryBuilder();
$qb->select('entity')->from($this->entity,'entity')
->where('entity.username LIKE :value')
->setParameter("value", "%".$q."%")
->orderBy('entity.username');
$datas=$qb->setFirstResult(0)->setMaxResults($page_limit)->getQuery()->getResult();
foreach($datas as $data) {
array_push($output,array("id"=>$data->getId(),"text"=>$data->getUsername()));
}
$ret_string["results"]=$output;
$response = new JsonResponse($ret_string);
return $response;
}
public function submit($access, Request $request,ManagerRegistry $em): Response
{
// Vérifier que l'on puisse créer
if($this->getParameter("appMasteridentity")!="SQL" && $this->getParameter("appSynchroPurgeUser"))
throw $this->createNotFoundException('Permission denied');
// Controler les permissions
$this->cansubmit($access,$em);
// Initialisation de l'enregistrement
$data = new Entity();
$data->setAvatar("noavatar.png");
$data->setIsvisible(true);
$data->setApikey(Uuid::uuid4());
// Création du formulaire
$form = $this->createForm(Form::class,$data,array(
"mode"=>"submit",
"access"=>$access,
"userid"=>$this->getUser()->getId(),
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
"appNiveau01label"=>$this->GetParameter("appNiveau01label"),
"appNiveau02label"=>$this->GetParameter("appNiveau02label"),
));
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// S'assurer que les modos ne donne pas des ROLE_ADMIN ou ROLE_USER au user qu'il submit
if($access=="modo") {
$roles=$data->getRoles();
$roles=array_diff($roles,["ROLE_ADMIN","ROLE_MODO"]);
$data->setRoles($roles);
}
// On récupère les groupes et on cacule ceux à ajouter ou à supprimer
$lstgroups=array_filter(explode(",",$form->get("linkgroups")->getData()));
$lstmodos=array_filter(explode(",",$form->get("linkmodos")->getData()));
// Sauvegarde
$em->getManager()->persist($data);
$em->getManager()->flush();
// Ajout des groupes
foreach($lstgroups as $idgroup) {
$group=$em->getRepository("App\Entity\Group")->find($idgroup);
$usergroup=$em->getRepository('App\Entity\UserGroup')->findBy(["user"=>$data,"group"=>$group]);
if(!$usergroup) {
$usergroup= new UserGroup();
$usergroup->setUser($data);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
}
}
// Ajout des modos
foreach($lstmodos as $idmodo) {
$niveau01=$em->getRepository("App\Entity\Niveau01")->find($idmodo);
$usermodo=$em->getRepository('App\Entity\UserModo')->findBy(["user"=>$data,"niveau01"=>$niveau01]);
if(!$usermodo) {
$usermodo= new UserModo();
$usermodo->setUser($data);
$usermodo->setNiveau01($niveau01);
$em->getManager()->persist($usermodo);
$em->getManager()->flush();
}
}
// Retour à la liste
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
"useheader"=>true,
"usemenu"=>false,
"usesidebar"=>true,
"access"=>$access,
"mode"=>"submit",
"form"=>$form->createView(),
$this->data=>$data,
"listgroups"=>$this->getListGroups("admin",$em),
"listmodos"=> $this->getListModos($em)
]);
}
public function profil($access,Request $request,ManagerRegistry $em): Response
{
$id=$this->getUser()->getId();
return $this->update($access,$id,$request,$em);
}
public function update($access,$id,Request $request,ManagerRegistry $em): Response
{
// Initialisation de l'enregistrement
$data=$em->getRepository($this->entity)->find($id);
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
// Controler les permissions
$this->canupdate($access,$data,$em);
// Récupération de l'ancien password
$oldpassword=$data->getPassword();
// Récuparation des groupes associés
$oldlstgroups=[];
foreach($data->getGroups() as $group){
$oldlstgroups[] = $group->getGroup()->getId();
}
// Récuparation des modos associés
$oldlstmodos=[];
foreach($data->getModos() as $modo){
$oldlstmodos[] = $modo->getNiveau01()->getId();
}
// Création du formulaire
$form = $this->createForm(Form::class,$data,array(
"mode"=>"update",
"access"=>$access,
"userid"=>$this->getUser()->getId(),
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
"appNiveau01label"=>$this->GetParameter("appNiveau01label"),
"appNiveau02label"=>$this->GetParameter("appNiveau02label"),
));
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// S'assurer que les modos ne donne pas des ROLE_ADMIN ou ROLE_USER au user qu'il update
if($access=="modo") {
$roles=$data->getRoles();
$roles=array_diff($roles,["ROLE_ADMIN","ROLE_MODO"]);
$data->setRoles($roles);
}
// Si pas de changement de password on replace l'ancien
if($data->getPassword()=="") {
$data->setPassword($oldpassword);
}
// Sinon on encode le nouveau
else {
$data->setPassword($data->getPassword());
}
// Sauvegarde
$em->getManager()->flush();
// On récupère les groupes et on cacule ceux à ajouter ou à supprimer
$lstgroups=array_filter(explode(",",$form->get("linkgroups")->getData()));
$removegroups=array_diff($oldlstgroups,$lstgroups);
$addgroups=array_diff($lstgroups,$oldlstgroups);
// Ajout des nouveaux groupes
foreach($addgroups as $idgroup) {
$group=$em->getRepository("App\Entity\Group")->find($idgroup);
$usergroup=$em->getRepository('App\Entity\UserGroup')->findOneBy(["user"=>$data,"group"=>$group]);
if(!$usergroup) {
$usergroup= new UserGroup();
$usergroup->setUser($data);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
}
}
// Suppression des groupes obsolètes
foreach($removegroups as $idgroup) {
$group=$em->getRepository("App\Entity\Group")->find($idgroup);
$usergroup=$em->getRepository('App\Entity\UserGroup')->findOneBy(["user"=>$data,"group"=>$group]);
if($usergroup) {
$em->getManager()->remove($usergroup);
$em->getManager()->flush();
}
}
// On récupère les modos et on cacule ceux à ajouter ou à supprimer
$linkmodos=array_filter(explode(",",$form->get("linkmodos")->getData()));
$removemodos=array_diff($oldlstmodos,$linkmodos);
$addmodos=array_diff($linkmodos,$oldlstmodos);
// Ajout des nouveaux modos
foreach($addmodos as $idmodo) {
$niveau01=$em->getRepository("App\Entity\Niveau01")->find($idmodo);
$usermodo=$em->getRepository('App\Entity\UserModo')->findOneBy(["user"=>$data,"niveau01"=>$niveau01]);
if(!$usermodo) {
$usermodo= new UserModo();
$usermodo->setUser($data);
$usermodo->setNiveau01($niveau01);
$em->getManager()->persist($usermodo);
$em->getManager()->flush();
}
}
// Suppression des modos obsolètes
foreach($removemodos as $idmodo) {
$niveau01=$em->getRepository("App\Entity\Niveau01")->find($idmodo);
$usermodo=$em->getRepository('App\Entity\UserModo')->findOneBy(["user"=>$data,"niveau01"=>$niveau01]);
if($usermodo) {
$em->getManager()->remove($usermodo);
$em->getManager()->flush();
}
}
// Retour à la liste
if($access=="user")
return $this->redirectToRoute("app_home");
else
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
"useheader"=>true,
"usemenu"=>false,
"usesidebar"=>($access=="admin"),
"access"=>$access,
"mode"=>"update",
"form"=>$form->createView(),
$this->data=>$data,
"listgroups"=>$this->getListGroups($access,$em),
"listmodos"=> $this->getListModos($em),
"maxsize"=>($access=="user"?1200:null),
]);
}
public function delete($access,$id,Request $request,ManagerRegistry $em): Response
{
// Récupération de l'enregistrement courant
$data=$em->getRepository($this->entity)->find($id);
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
// Controler les permissions
$this->candelete($access,$data,$em);
// Tentative de suppression
try{
$em->getManager()->remove($data);
$em->getManager()->flush();
}
catch (\Exception $e) {
$request->getSession()->getFlashBag()->add("error", $e->getMessage());
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route)."_update",["id"=>$id]);
}
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
}
protected function getListGroups($access,$em)
{
$qb=$em->getManager()->createQueryBuilder();
$qb->select('b')->from('App:Group','b');
if($access!="admin") $qb->where("b.isopen=true AND b.isworkgroup=true");
$qb->andWhere("b.ldapfilter IS NULL");
$qb->andWhere("b.attributes IS NULL");
$qb->andWhere("b.id>0");
$datas=$qb->getQuery()->getResult();
return $datas;
}
protected function getListModos($em)
{
$qb=$em->getManager()->createQueryBuilder();
$qb->select('b')->from('App:Niveau01','b');
$datas=$qb->getQuery()->getResult();
return $datas;
}
private function cansubmit($access,$em) {
switch($access) {
case "admin" : return true; break;
case "modo" : return true; break;
}
throw $this->createAccessDeniedException('Permission denied');
}
private function canupdate($access,$entity,$em) {
switch($access) {
case "admin" : return true; break;
case "modo" :
$usermodo=$em->getRepository("App\Entity\UserModo")->findOneBy(["user"=>$this->getUser(),"niveau01"=>$entity->getNiveau01()]);
if(!$usermodo) throw $this->createAccessDeniedException('Permission denied');
return true;
break;
case "user" :
if($this->getUser()->getId()!=$entity->getId()) throw $this->createAccessDeniedException('Permission denied');
return true;
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
private function candelete($access,$entity,$em) {
switch($access) {
case "admin" : return true; break;
case "modo" :
$usermodo=$em->getRepository("App\Entity\UserModo")->findOneBy(["user"=>$this->getUser(),"niveau01"=>$entity->getNiveau01()]);
if(!$usermodo) throw $this->createAccessDeniedException('Permission denied');
if($entity->hasRole("ROLE_ADMIN")||$entity->hasRole("ROLE_MODO")) throw $this->createAccessDeniedException('Permission denied');
return true;
break;
case "user" :
if($this->getUser()->getId()!=$entity->getId()) throw $this->createAccessDeniedException('Permission denied');
return true;
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
public function preference($access,Request $request,ManagerRegistry $em): Response
{
$key=$request->request->get('key');
$id=$request->request->get('id');
$value=$request->request->get('value');
// Récupérer les préférences de l'utilisateur
$preference=$this->getUser()->getPreference();
// Mise à jour de la préférence
$toupdate=false;
if(!is_array($preference)) {
$toupdate=true;
$preference=[];
}
if(!array_key_exists($key,$preference)) {
$toupdate=true;
$preference[$key]=[];
}
if((!array_key_exists($id,$preference[$key]))) {
$toupdate=true;
$preference[$key][$id]=$value;
}
if($preference[$key][$id]!=$value) {
$toupdate=true;
$preference[$key][$id]=$value;
}
// Mise à jour des préferences
if($toupdate) {
$this->getUser()->setPreference($preference);
$em->getManager()->flush();
}
return new Response();
}
}
Reference in New Issue View Git Blame Copy Permalink