Cadoles
/
nineskeletor
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
nineskeletor/src/Controller/GroupController.php

936 lines
37 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use App\Entity\Group as Entity;
use App\Entity\UserGroup;
use App\Form\GroupType as Form;
use Doctrine\Persistence\ManagerRegistry;
use Ramsey\Uuid\Uuid;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
class GroupController extends AbstractController
{
private $data = 'group';
private $entity = "App\Entity\Group";
private $twig = 'Group/';
private $route = 'app_admin_group';
public function list($access): Response
{
return $this->render($this->twig.'list.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ('all' != $access),
'access' => $access,
]);
}
public function tablelist($access, Request $request, ManagerRegistry $em): Response
{
$query = $request->query->all();
$start = $query['start'];
$length = $query['length'];
$search = $query['search'];
$draw = $query['draw'];
$ordercolumn = $query['order'][0]['column'];
$orderdir = $query['order'][0]['dir'];
$user = $this->getUser();
// Nombre total d'enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb->select('COUNT(entity)')->from($this->entity, 'entity')->getQuery()->getSingleScalarResult();
if ('all' == $access) {
$qb->from('App:UserGroup', 'usergroup')
->andWhere('entity.isworkgroup=:flag')
->andWhere('entity.id=usergroup.group')
->andWhere('usergroup.user=:user')
->setParameter('flag', true)
->setParameter('user', $user);
}
$total = $qb->getQuery()->getSingleScalarResult();
// Nombre d'enregistrement filtré
if (!$search || '' == $search['value']) {
$totalf = $total;
} else {
$qb = $em->getManager()->createQueryBuilder();
$qb->select('COUNT(entity)')
->from($this->entity, 'entity')
->where('entity.label LIKE :value')
->leftJoin('App:User', 'user', 'WITH', 'entity.owner = user.id AND user.username LIKE :value')
->setParameter('value', '%'.$search['value'].'%')
->getQuery()
->getSingleScalarResult();
if ('all' == $access) {
$qb->from('App:UserGroup', 'usergroup')
->andWhere('entity.isworkgroup=:flag')
->andWhere('entity.id=usergroup.group')
->andWhere('usergroup.user=:user')
->setParameter('flag', true)
->setParameter('user', $user);
}
$totalf = $qb->getQuery()->getSingleScalarResult();
}
// Construction du tableau de retour
$output = [
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => [],
];
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb->select('entity')
->from($this->entity, 'entity');
if ('all' == $access) {
$qb->from('App:UserGroup', 'usergroup')
->andWhere('entity.isworkgroup=:flag')
->andWhere('entity.id=usergroup.group')
->andWhere('usergroup.user=:user')
->setParameter('flag', true)
->setParameter('user', $user);
}
if ($search && '' != $search['value']) {
$qb->andWhere('entity.label LIKE :value')
->setParameter('value', '%'.$search['value'].'%');
}
if ($ordercolumn) {
switch ($ordercolumn) {
case 1:
$qb->orderBy('entity.label', $orderdir);
break;
case 2:
$qb->orderBy('entity.isworkgroup', $orderdir);
break;
case 3:
$qb->orderBy('entity.isopen', $orderdir);
break;
case 4:
$qb->orderBy('entity.owner', $orderdir);
break;
}
}
$datas = $qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
foreach ($datas as $data) {
// Action
$action = '';
switch ($access) {
case 'admin':
if ($this->canupdate($access, $data, $em, false)) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_'.$access.'_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
if ($this->canseemember($access, $data, $em, false)) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_'.$access.'_', $this->route).'_users', ['id' => $data->getId()])."'><i class='fa fa-users fa-fw fa-2x'></i></a>";
}
break;
case 'modo':
if ($this->canupdate($access, $data, $em, false)) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_'.$access.'_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
if ($this->canseemember($access, $data, $em, false)) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_'.$access.'_', $this->route).'_users', ['id' => $data->getId()])."'><i class='fa fa-users fa-fw fa-2x'></i></a>";
}
break;
case 'all':
if ($this->canupdate($access, $data, $em, false)) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_'.$access.'_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
if ($this->canseemember($access, $data, $em, false)) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_'.$access.'_', $this->route).'_users', ['id' => $data->getId()])."'><i class='fa fa-users fa-fw fa-2x'></i></a>";
}
// On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso
if ($data->getOwner() != $this->getUser() && ($data->isIsOpen() || $this->canupdatemember($access, $data, $em, false))) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_'.$access.'_', $this->route).'_userout', ['id' => $data->getId()])."'><i class='fa fa-sign-out-alt fa-fw fa-2x'></i></a>";
}
break;
}
$userinfo = '';
if ($data->getOwner()) {
$userinfo .= '<div class="d-flex align-items-center">';
$userinfo .= "<img src='".$this->generateUrl('app_minio_image', ['file' => 'avatar/'.$data->getOwner()->getAvatar()])."' class='avatar me-2'>";
$userinfo .= '<div>'.$data->getOwner()->getFullname().'</div>';
$userinfo .= '</div>';
}
$visitecpt = 0;
$visitelast = null;
foreach ($data->getUsers() as $usergroup) {
$visitecpt += intval($usergroup->getVisitecpt());
$visitelast = ($usergroup->getVisitedate() > $visitelast ? $usergroup->getVisitedate() : $visitelast);
}
$tmp = [];
array_push($tmp, $action);
array_push($tmp, $data->getLabel());
array_push($tmp, $data->isIsworkgroup() ? 'oui' : 'non');
array_push($tmp, $data->isIsopen() ? 'oui' : 'non');
array_push($tmp, $userinfo);
array_push($tmp, ($visitelast ? $visitelast->format('d/m/Y H:i').'<br>' : '').'nb = '.$visitecpt);
array_push($output['data'], $tmp);
}
// Retour
return new JsonResponse($output);
}
public function submit($access, Request $request, ManagerRegistry $em): Response
{
// Initialisation de l'enregistrement
$data = new Entity();
$data->setApikey(Uuid::uuid4());
if ('all' == $access) {
$data->setOwner($this->getUser());
$data->setIsworkgroup(true);
}
// Controler les permissions
if (!$this->cansubmit($access, $request)) {
throw $this->createAccessDeniedException('Permission denied');
}
// Création du formulaire
$form = $this->createForm(Form::class, $data, [
'mode' => 'submit',
'appMasteridentity' => $this->GetParameter('appMasteridentity'),
'access' => $access,
]);
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// Les groupes opé ne sont pas ouvert
if (!$data->isIsworkgroup()) {
$data->setIsopen(false);
}
// Sauvegarde
$em->getManager()->persist($data);
$em->getManager()->flush();
// Retour à la liste
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route));
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ('all' != $access),
'mode' => 'submit',
'access' => $access,
'form' => $form->createView(),
$this->data => $data,
'maxsize' => ('all' == $access ? 1200 : null),
]);
}
public function update($id, $access, Request $request, ManagerRegistry $em): Response
{
// Initialisation de l'enregistrement
$data = $em->getRepository($this->entity)->find($id);
if (!$data or $id < 0) {
throw $this->createNotFoundException('Unable to find entity.');
}
// Controler les permissions
$this->canupdate($access, $data, $em);
// Création du formulaire
$form = $this->createForm(Form::class, $data, [
'mode' => 'update',
'appMasteridentity' => $this->GetParameter('appMasteridentity'),
'access' => $access,
]);
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// Les groupes opé ne sont pas ouvert
if (!$data->isIsworkgroup()) {
$data->setIsopen(false);
}
$em->getManager()->flush();
// Retour à la liste
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route));
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ('all' != $access),
$this->data => $data,
'mode' => 'update',
'access' => $access,
'form' => $form->createView(),
'maxsize' => ('all' == $access ? 1200 : null),
]);
}
public function delete($id, $access, Request $request, ManagerRegistry $em): Response
{
// Récupération de l'enregistrement courant
$data = $em->getRepository($this->entity)->find($id);
if (!$data) {
throw $this->createNotFoundException('Unable to find entity.');
}
// Controler les permissions
$this->canupdate($access, $data, $em);
// Tentative de suppression
try {
$em->getManager()->remove($data);
$em->getManager()->flush();
} catch (\Exception $e) {
$request->getSession()->getFlashBag()->add('error', $e->getMessage());
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route).'_update', ['id' => $id]);
}
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route));
}
public function users($id, $access, Request $request, ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$data = $em->getRepository($this->entity)->find($id);
if (!$data) {
throw $this->createNotFoundException('Unable to find entity.');
}
// Controler les permissions
$this->canseemember($access, $data, $em);
// Affichage du formulaire
return $this->render($this->twig.'users.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ('all' != $access),
'access' => $access,
$this->data => $data,
]);
}
public function usersnotin($id, $access, Request $request, ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group = $em->getRepository($this->entity)->find($id);
if (!$group) {
throw $this->createNotFoundException('Unable to find entity.');
}
// Controler les permissions
$this->canseemember($access, $group, $em);
$sub = $em->getManager()->createQueryBuilder();
$sub->select('usergroup');
$sub->from('App:UserGroup', 'usergroup');
$sub->andWhere('usergroup.user = user.id');
$sub->andWhere('usergroup.group = :groupid');
$query = $request->query->all();
$start = $query['start'];
$length = $query['length'];
$search = $query['search'];
$draw = $query['draw'];
$ordercolumn = $query['order'][0]['column'];
$orderdir = $query['order'][0]['dir'];
$usermodo = null;
$niveau01 = null;
$niveau02 = null;
$niveau03 = null;
$niveau04 = null;
// Nombre total d'enregistrement
$qb = $em->getManager()->createQueryBuilder();
switch ($access) {
case 'admin':
$qb->select('COUNT(user)')
->from('App:User', 'user')
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere('user.isactive=:isactive')
->setParameter('groupid', $id)
->setParameter('isactive', true);
break;
case 'modo':
$usermodo = $this->getUser()->getId();
$qb->select('COUNT(user)')
->from('App:User', 'user')
->from('App:UserModo', 'usermodo')
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere('usermodo.niveau01 = user.niveau01')
->andWhere('usermodo.user = :userid')
->andWhere('user.isactive=:isactive')
->setParameter('userid', $usermodo)
->setParameter('groupid', $id)
->setParameter('isactive', true);
break;
case 'all':
$niveau01 = $this->getUser()->getNiveau01();
$niveau02 = $this->getUser()->getNiveau02();
$niveau03 = $this->getUser()->getNiveau03();
$niveau04 = $this->getUser()->getNiveau04();
$qb->select('COUNT(user)')
->from('App:User', 'user')
->where($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere('user.isactive=:isactive')
->setParameter('groupid', $id)
->setParameter('isactive', true);
switch ($request->getSession()->get('scopeannu')) {
case 1:
$qb->andWhere('user.niveau01 = :niveau01')->setParameter('niveau01', $niveau01);
break;
case 2:
$qb->andWhere('user.niveau02 = :niveau02')->setParameter('niveau02', $niveau02);
break;
case 3:
$qb->andWhere('user.niveau03 = :niveau03')->setParameter('niveau02', $niveau03);
break;
case 4:
$qb->andWhere('user.niveau04 = :niveau04')->setParameter('niveau04', $niveau04);
break;
}
break;
}
$total = $qb->getQuery()->getSingleScalarResult();
$totalf = null;
// Nombre d'enregistrement filtré
if ('' == $search['value']) {
$totalf = $total;
} else {
switch ($access) {
case 'admin':
$totalf = $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User', 'user')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere('user.isactive=:isactive')
->setParameter('value', '%'.$search['value'].'%')
->setParameter('groupid', $id)
->setParameter('isactive', true)
->getQuery()
->getSingleScalarResult();
break;
case 'modo':
$totalf = $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User', 'user')
->from('App:UserModo', 'usermodo')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere('usermodo.niveau01 = user.niveau01')
->andWhere('usermodo.user = :userid')
->andWhere('user.isactive=:isactive')
->setParameter('userid', $usermodo)
->setParameter('value', '%'.$search['value'].'%')
->setParameter('groupid', $id)
->setParameter('isactive', true)
->getQuery()
->getSingleScalarResult();
break;
case 'all':
$qb = $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User', 'user')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere('user.isactive=:isactive')
->setParameter('value', '%'.$search['value'].'%')
->setParameter('groupid', $id)
->setParameter('isactive', true);
switch ($request->getSession()->get('scopeannu')) {
case 1:
$qb->andWhere('user.niveau01 = :niveau01')->setParameter('niveau01', $niveau01);
break;
case 2:
$qb->andWhere('user.niveau02 = :niveau02')->setParameter('niveau02', $niveau02);
break;
case 3:
$qb->andWhere('user.niveau03 = :niveau03')->setParameter('niveau02', $niveau03);
break;
case 4:
$qb->andWhere('user.niveau04 = :niveau04')->setParameter('niveau04', $niveau04);
break;
}
$totalf = $qb->getQuery()->getSingleScalarResult();
break;
}
}
// Construction du tableau de retour
$output = [
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => [],
];
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb->select('user')->from('App:User', 'user')->Where('user.isactive=:isactive')->setParameter('isactive', true);
switch ($access) {
case 'admin':
$qb->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())));
break;
case 'modo':
$qb->from('App:UserModo', 'usermodo')
->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())))
->andWhere('usermodo.niveau01 = user.niveau01')
->andWhere('usermodo.user = :userid')
->setParameter('userid', $usermodo);
break;
case 'all':
$qb->andWhere($qb->expr()->not($qb->expr()->exists($sub->getDQL())));
switch ($request->getSession()->get('scopeannu')) {
case 1:
$qb->andWhere('user.niveau01 = :niveau01')->setParameter('niveau01', $niveau01);
break;
case 2:
$qb->andWhere('user.niveau02 = :niveau02')->setParameter('niveau02', $niveau02);
break;
case 3:
$qb->andWhere('user.niveau03 = :niveau03')->setParameter('niveau02', $niveau03);
break;
case 4:
$qb->andWhere('user.niveau04 = :niveau04')->setParameter('niveau04', $niveau04);
break;
}
break;
}
if ('' != $search['value']) {
$qb->andWhere('user.username LIKE :value OR user.email LIKE :value')
->setParameter('value', '%'.$search['value'].'%');
}
$qb->setParameter('groupid', $id);
switch ($ordercolumn) {
case 2:
$qb->orderBy('user.username', $orderdir);
break;
case 3:
$qb->orderBy('user.email', $orderdir);
break;
}
$datas = $qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
$canupdatemember = $this->canupdatemember($access, $group, $em, false);
foreach ($datas as $data) {
// Action
$action = '';
if ($canupdatemember) {
$action .= "<a style='cursor:pointer' onClick='addUsers(".$data->getId().")'><i class='fa fa-plus fa-fw'></i></a>";
}
// Avatar
$avatar = "<img src='".$this->generateUrl('app_minio_image', ['file' => 'avatar/'.$data->getAvatar()])."' class='avatar'>";
array_push($output['data'], ['DT_RowId' => 'user'.$data->getId(), $action, $avatar, $data->getUsername(), $data->getEmail(), '', '']);
}
// Retour
return new JsonResponse($output);
}
public function usersin($id, $access, Request $request, ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group = $em->getRepository($this->entity)->find($id);
if (!$group) {
throw $this->createNotFoundException('Unable to find entity.');
}
// Controler les permissions
$this->canseemember($access, $group, $em);
$sub = $em->getManager()->createQueryBuilder();
$sub->select('usergroup');
$sub->from('App:UserGroup', 'usergroup');
$sub->andWhere('usergroup.user = user.id');
$sub->andWhere('usergroup.group = :groupid');
$query = $request->query->all();
$start = $query['start'];
$length = $query['length'];
$search = $query['search'];
$draw = $query['draw'];
$ordercolumn = $query['order'][0]['column'];
$orderdir = $query['order'][0]['dir'];
$usermodo = null;
// Nombre total d'enregistrement
$qb = $em->getManager()->createQueryBuilder();
if ('admin' == $access || 'all' == $access) {
$qb->select('COUNT(user)')
->from('App:User', 'user')
->where($qb->expr()->exists($sub->getDQL()))
->setParameter('groupid', $id);
} else {
$usermodo = $this->getUser()->getId();
$qb->select('COUNT(user)')
->from('App:User', 'user')
->from('App:UserModo', 'usermodo')
->where($qb->expr()->exists($sub->getDQL()))
->andWhere('usermodo.niveau01 = user.niveau01')
->andWhere('usermodo.user = :userid')
->setParameter('userid', $usermodo)
->setParameter('groupid', $id);
}
$total = $qb->getQuery()->getSingleScalarResult();
// Nombre d'enregistrement filtré
if ('' == $search['value']) {
$totalf = $total;
} else {
if ('admin' == $access || 'all' == $access) {
$totalf = $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User', 'user')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->exists($sub->getDQL()))
->setParameter('value', '%'.$search['value'].'%')
->setParameter('groupid', $id)
->getQuery()
->getSingleScalarResult();
} else {
$totalf = $em->getManager()->createQueryBuilder()
->select('COUNT(user)')
->from('App:User', 'user')
->from('App:UserModo', 'usermodo')
->where('user.username LIKE :value OR user.email LIKE :value')
->andWhere($qb->expr()->exists($sub->getDQL()))
->andWhere('usermodo.niveau01 = user.niveau01')
->andWhere('usermodo.user = :userid')
->setParameter('userid', $usermodo)
->setParameter('value', '%'.$search['value'].'%')
->setParameter('groupid', $id)
->getQuery()
->getSingleScalarResult();
}
}
// Construction du tableau de retour
$output = [
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => [],
];
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
$qb->select('user')->from('App:User', 'user');
if ('admin' == $access || 'all' == $access) {
$qb->where($qb->expr()->exists($sub->getDQL()));
} else {
$qb->from('App:UserModo', 'usermodo')
->where($qb->expr()->exists($sub->getDQL()))
->andWhere('usermodo.niveau01 = user.niveau01')
->andWhere('usermodo.user = :userid')
->setParameter('userid', $usermodo);
}
if ('' != $search['value']) {
$qb->andWhere('user.username LIKE :value OR user.email LIKE :value')
->setParameter('value', '%'.$search['value'].'%');
}
$qb->setParameter('groupid', $id);
switch ($ordercolumn) {
case 2:
$qb->orderBy('user.username', $orderdir);
break;
case 3:
$qb->orderBy('user.email', $orderdir);
break;
}
$datas = $qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
foreach ($datas as $data) {
// Propriétaire
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $data->getId(), 'group' => $id]);
$fgproprio = ($usergroup->getUser() == $group->getOwner());
$fgme = ($usergroup->getUser() == $this->getUser() && 'admin' != $access);
// Action
$action = '';
if ($this->canupdatemember($access, $group, $em, false) && !$fgproprio && !$fgme) {
$action .= "<a style='cursor:pointer' onClick='delUsers(".$data->getId().")'><i class='fa fa-minus fa-fw'></i></a>";
}
// Avatar
$avatar = "<img src='".$this->generateUrl('app_minio_image', ['file' => 'avatar/'.$data->getAvatar()])."' class='avatar'>";
// Flag manager
$rolegroup = '';
if ($fgproprio) {
$rolegroup = 'Propriétaire du groupe';
} elseif ($this->canupdatemember($access, $group, $em, false) && !$fgme) {
$selectuser = (0 == $usergroup->getRolegroup() ? "selected='selected'" : '');
$selectwritter = (50 == $usergroup->getRolegroup() ? "selected='selected'" : '');
$selectmanager = (90 == $usergroup->getRolegroup() ? "selected='selected'" : '');
$rolegroup = '<select id="roleuser-'.$data->getId().'" name="user[visible]" onChange="changeRole('.$data->getId().');"><option value="0" '.$selectuser.'>Utilisateur</option><option value="50" '.$selectwritter.'>Collaborateur</option><option value="90" '.$selectmanager.'>Gestionnaire</option></select>';
} else {
$rolegroup = (0 == $usergroup->getRolegroup() ? 'Utilisateur' : (50 == $usergroup->getRolegroup() ? 'Collaborateur' : 'Gestionnaire'));
}
$tmp = ['DT_RowId' => 'user'.$data->getId(), $action, $avatar, $data->getUsername().(!$data->isIsactive() ? '<br><small><i>Inactif</i></small>' : ''), $data->getEmail(), $rolegroup];
array_push($output['data'], $tmp);
}
// Retour
return new JsonResponse($output);
}
public function useradd($groupid, $userid, $access, Request $request, ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group = $em->getRepository($this->entity)->find($groupid);
if (!$group) {
throw $this->createNotFoundException('Unable to find entity.');
}
$user = $em->getRepository("App\Entity\User")->find($userid);
if (!$user) {
throw $this->createNotFoundException('Unable to find entity.');
}
$output = [];
$this->canupdatemember($access, $group, $em, true);
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]);
if ($usergroup) {
return new JsonResponse($output);
}
$usergroup = new UserGroup();
$usergroup->setUser($user);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
// Retour
return new JsonResponse($output);
}
public function userdel($groupid, $userid, $access, Request $request, ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group = $em->getRepository($this->entity)->find($groupid);
if (!$group) {
throw $this->createNotFoundException('Unable to find entity.');
}
$user = $em->getRepository("App\Entity\User")->find($userid);
if (!$user) {
throw $this->createNotFoundException('Unable to find entity.');
}
$output = [];
$this->canupdatemember($access, $group, $em, true);
if ($user == $group->getOwner()) {
throw $this->createAccessDeniedException('Permission denied');
}
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]);
if ($usergroup) {
$em->getManager()->remove($usergroup);
$em->getManager()->flush();
}
// Retour
return new JsonResponse($output);
}
public function userchangerole($groupid, $userid, $roleid, $access, Request $request, ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group = $em->getRepository($this->entity)->find($groupid);
if (!$group) {
throw $this->createNotFoundException('Unable to find entity.');
}
$user = $em->getRepository("App\Entity\User")->find($userid);
if (!$user) {
throw $this->createNotFoundException('Unable to find entity.');
}
$output = [];
$this->canupdatemember($access, $group, $em, true);
if ($user == $group->getOwner()) {
throw $this->createAccessDeniedException('Permission denied');
}
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $user, 'group' => $group]);
if ($usergroup) {
$usergroup->setRolegroup($roleid);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
}
// Retour
return new JsonResponse($output);
}
public function userout($id, $access, Request $request, ManagerRegistry $em)
{
// Récupération de l'enregistrement courant
$group = $em->getRepository($this->entity)->find($id);
if (!$group) {
throw $this->createNotFoundException('Unable to find entity.');
}
// On ne peut se désinscrire que si le groupe est ouvert et qu'il n'est pas lié à un groupe ldap ou sso
if ($group->getOwner() != $this->getUser() && ($group->isIsOpen() || $this->canupdatemember($access, $group, $em, false))) {
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $this->getUser(), 'group' => $group]);
if ($usergroup) {
$em->getManager()->remove($usergroup);
$em->getManager()->flush();
}
}
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route));
}
private function cansubmit($access, $request)
{
switch ($access) {
case 'admin': return true;
break;
case 'modo': return false;
break;
case 'all': return $request->getSession()->get('submitgroup');
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
private function canupdate($access, $entity, $em, $fgblock = true)
{
$toreturn = false;
switch ($access) {
case 'admin': $toreturn = ($entity->getId() > 0);
break;
case 'all':
if (!$entity->isIsworkgroup() || $entity->getOwner() != $this->getUser()) {
$toreturn = false;
} else {
$toreturn = true;
}
break;
}
if ($fgblock && !$toreturn) {
throw $this->createAccessDeniedException('Permission denied');
}
return $toreturn;
}
private function canseemember($access, $entity, $em, $fgblock = true)
{
$toreturn = false;
switch ($access) {
case 'admin': $toreturn = ($entity->getId() > 0);
break;
case 'modo': $toreturn = ($entity->getId() > 0);
break;
case 'all':
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $this->getUser(), 'group' => $entity]);
if (!$usergroup || !$entity->isIsworkgroup() || $entity->getId() < 0) {
$toreturn = false;
} else {
$toreturn = true;
}
break;
}
if ($fgblock && !$toreturn) {
throw $this->createAccessDeniedException('Permission denied');
}
return $toreturn;
}
private function canupdatemember($access, $entity, $em, $fgblock = true)
{
$toreturn = false;
switch ($access) {
case 'admin': $toreturn = ($entity->getId() > 0 && !$entity->getLdapfilter());
break;
case 'modo': $toreturn = ($entity->getId() > 0);
break;
case 'all':
$usergroup = $em->getRepository("App\Entity\UserGroup")->findOneBy(['user' => $this->getUser(), 'group' => $entity]);
if (!$usergroup || !$entity->isIsworkgroup() || $entity->getId() < 0) {
$toreturn = false;
} elseif ($usergroup->getRolegroup() < 90) {
$toreturn = false;
} else {
$toreturn = true;
}
break;
}
if ($fgblock && !$toreturn) {
throw $this->createAccessDeniedException('Permission denied');
}
return $toreturn;
}
}
Reference in New Issue View Git Blame Copy Permalink