Cadoles
/
nineskeletor
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
nineskeletor/src/Controller/UserController.php

824 lines
34 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use App\Entity\User as Entity;
use App\Entity\UserGroup;
use App\Entity\UserModo;
use App\Form\UserType as Form;
use Doctrine\Persistence\ManagerRegistry;
use Ramsey\Uuid\Uuid;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
class UserController extends AbstractController
{
private $data = 'user';
private $entity = "App\Entity\User";
private $twig = 'User/';
private $route = 'app_admin_user';
public function list($access, Request $request, ManagerRegistry $em): Response
{
if ('all' == $access && !$request->getSession()->get('showannuaire')) {
throw $this->createAccessDeniedException('Permission denied');
}
dump($em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true));
return $this->render($this->twig.'list.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ('all' != $access),
'access' => $access,
'isactive' => ('true' == $em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true)),
]);
}
public function tablelist($access, Request $request, ManagerRegistry $em): Response
{
$query = $request->query->all();
$start = $query['start'];
$length = $query['length'];
$search = $query['search'];
$draw = $query['draw'];
$ordercolumn = $query['order'][0]['column'];
$orderdir = $query['order'][0]['dir'];
$niveau01 = null;
$niveau02 = null;
$niveau03 = null;
$niveau04 = null;
$isactive = true;
// Nombre total d'enregistrement
switch ($access) {
case 'admin':
$isactive = $em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true);
$total = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity, 'entity')
->where('entity.isactive = :isactive')
->setParameter('isactive', $isactive)
->getQuery()->getSingleScalarResult();
break;
case 'modo':
$isactive = $em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true);
$total = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity, 'entity')
->from("App\Entity\UserModo", 'usermodo')
->where('usermodo.niveau01 = entity.niveau01')
->andWhere('usermodo.user = :user')
->andwhere('entity.isactive = :isactive')
->setParameter('isactive', $isactive)
->setParameter('user', $this->getUser())
->getQuery()->getSingleScalarResult();
break;
default:
$isactive = ('manager' == $access ? $em->getRepository($this->entity)->getPreference($this->getUser(), 'userisactive', true) : true);
$niveau01 = $this->getUser()->getNiveau01();
$niveau02 = $this->getUser()->getNiveau02();
$niveau03 = $this->getUser()->getNiveau03();
$niveau04 = $this->getUser()->getNiveau04();
$qb = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity, 'entity')
->where('entity.isvisible=true')
->andwhere('entity.isactive = :isactive')
->setParameter('isactive', $isactive);
switch ($request->getSession()->get('scopeannu')) {
case 1:
$qb->andWhere('entity.niveau01 = :niveau01')->setParameter('niveau01', $niveau01);
break;
case 2:
$qb->andWhere('entity.niveau02 = :niveau02')->setParameter('niveau02', $niveau02);
break;
case 3:
$qb->andWhere('entity.niveau03 = :niveau03')->setParameter('niveau03', $niveau03);
break;
case 4:
$qb->andWhere('entity.niveau04 = :niveau04')->setParameter('niveau04', $niveau04);
break;
}
$total = $qb->getQuery()->getSingleScalarResult();
break;
}
// Nombre d'enregistrement filtré
if (!$search || '' == $search['value']) {
$totalf = $total;
} else {
switch ($access) {
case 'admin':
$totalf = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity, 'entity')
->from('App:Niveau01', 'niveau01')
->where('entity.niveau01=niveau01.id')
->andwhere('entity.isactive = :isactive')
->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->setParameter('isactive', $isactive)
->setParameter('value', '%'.$search['value'].'%')
->getQuery()
->getSingleScalarResult();
break;
case 'modo':
$totalf = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity, 'entity')
->from('App:Niveau01', 'niveau01')
->from('App:UserModo', 'usermodo')
->where('entity.niveau01=niveau01.id')
->andwhere('entity.isactive = :isactive')
->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->andWhere('usermodo.niveau01 = entity.niveau01')
->andWhere('usermodo.user = :userid')
->setParameter('value', '%'.$search['value'].'%')
->setParameter('isactive', $isactive)
->setParameter('userid', $this->getUser()->getId())
->getQuery()
->getSingleScalarResult();
break;
default:
$qb = $em->getManager()->createQueryBuilder()
->select('COUNT(entity)')
->from($this->entity, 'entity')
->from('App:Niveau01', 'niveau01')
->where('entity.niveau01=niveau01.id')
->andwhere('entity.isactive = :isactive')
->andWhere('entity.isvisible=true')
->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->setParameter('value', '%'.$search['value'].'%')
->setParameter('isactive', $isactive);
switch ($request->getSession()->get('scopeannu')) {
case 1:
$qb->andWhere('entity.niveau01 = :niveau01')->setParameter('niveau01', $niveau01);
break;
case 2:
$qb->andWhere('entity.niveau02 = :niveau02')->setParameter('niveau02', $niveau02);
break;
case 3:
$qb->andWhere('entity.niveau03 = :niveau03')->setParameter('niveau03', $niveau03);
break;
case 4:
$qb->andWhere('entity.niveau04 = :niveau04')->setParameter('niveau04', $niveau04);
break;
}
$totalf = $qb->getQuery()->getSingleScalarResult();
break;
}
}
// Construction du tableau de retour
$output = [
'draw' => $draw,
'recordsFiltered' => $totalf,
'recordsTotal' => $total,
'data' => [],
];
// Parcours des Enregistrement
$qb = $em->getManager()->createQueryBuilder();
switch ($access) {
case 'admin':
$qb->select('entity')->from($this->entity, 'entity')->from('App:Niveau01', 'niveau01');
$qb->where('entity.niveau01=niveau01.id');
$qb->andwhere('entity.isactive = :isactive');
$qb->setParameter('isactive', $isactive);
break;
case 'modo':
$qb->select('entity')->from($this->entity, 'entity')->from('App:Niveau01', 'niveau01')->from('App:UserModo', 'usermodo');
$qb->where('entity.niveau01=niveau01.id');
$qb->andWhere('usermodo.niveau01 = entity.niveau01');
$qb->andWhere('usermodo.user = :userid');
$qb->andwhere('entity.isactive = :isactive');
$qb->setParameter('isactive', $isactive);
$qb->setParameter('userid', $this->getUser()->getId());
break;
default:
$qb->select('entity')->from($this->entity, 'entity')->from('App:Niveau01', 'niveau01');
$qb->where('entity.niveau01=niveau01.id');
$qb->andWhere('entity.isvisible=true');
$qb->andwhere('entity.isactive = :isactive');
$qb->setParameter('isactive', $isactive);
switch ($request->getSession()->get('scopeannu')) {
case 1:
$qb->andWhere('entity.niveau01 = :niveau01')->setParameter('niveau01', $niveau01);
break;
case 2:
$qb->andWhere('entity.niveau02 = :niveau02')->setParameter('niveau02', $niveau02);
break;
case 3:
$qb->andWhere('entity.niveau03 = :niveau03')->setParameter('niveau03', $niveau03);
break;
case 4:
$qb->andWhere('entity.niveau04 = :niveau04')->setParameter('niveau04', $niveau04);
break;
}
break;
}
if ($search && '' != $search['value']) {
$qb->andWhere('entity.username LIKE :value OR entity.firstname LIKE :value OR entity.lastname LIKE :value OR entity.email LIKE :value OR entity.roles LIKE :value OR niveau01.label LIKE :value')
->setParameter('value', '%'.$search['value'].'%');
}
if ($ordercolumn) {
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
$ordercolumn = $ordercolumn - 1;
}
switch ($ordercolumn) {
case 1:
$qb->orderBy('entity.username', $orderdir);
break;
case 2:
$qb->orderBy('entity.lastname', $orderdir);
break;
case 3:
$qb->orderBy('entity.firstname', $orderdir);
break;
case 4:
$qb->orderBy('entity.email', $orderdir);
break;
case 5:
$qb->orderBy('entity.telephonenumber', $orderdir);
break;
case 6:
$qb->orderBy('niveau01.label', $orderdir);
break;
case 8:
$qb->orderBy('entity.visitedate', $orderdir);
break;
case 9:
$qb->orderBy('entity.roles', $orderdir);
break;
}
}
$datas = $qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
foreach ($datas as $data) {
// Action
$action = '';
switch ($access) {
case 'admin':
$action .= "<a href='".$this->generateUrl($this->route.'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
break;
case 'modo':
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_modo_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
break;
case 'manager':
if ($this->getUser()->getNiveau03() && $this->getUser()->getNiveau03() == $data->getNiveau03()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
} elseif (!$this->getUser()->getNiveau03() && $this->getUser()->getNiveau02() && $this->getUser()->getNiveau02() == $data->getNiveau02()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
} elseif (!$this->getUser()->getNiveau02() && $this->getUser()->getNiveau01() && $this->getUser()->getNiveau01() == $data->getNiveau01()) {
$action .= "<a href='".$this->generateUrl(str_replace('_admin_', '_manager_', $this->route).'_update', ['id' => $data->getId()])."'><i class='fa fa-file fa-fw fa-2x'></i></a>";
}
break;
}
// Groupes
$groups = '';
foreach ($data->getGroups() as $usergroup) {
$groups .= $usergroup->getGroup()->getLabel().'<br>';
}
// Roles
$roles = '';
foreach ($data->getRoles() as $role) {
$roles .= $role.'<br>';
}
$tmp = [];
if ('admin' == $access || 'modo' == $access || 'manager' == $access) {
array_push($tmp, $action);
}
array_push($tmp, "<img src='".$this->generateUrl('app_minio_image', ['file' => 'avatar/'.$data->getAvatar()])."' class='avatar'>");
array_push($tmp, $data->getUsername());
array_push($tmp, $data->getLastname());
array_push($tmp, $data->getFirstname());
array_push($tmp, "<a href='mailto:".$data->getEmail()."'>".$data->getEmail().'</a>');
array_push($tmp, $data->getTelephonenumber());
array_push($tmp, $data->getNiveau01()->getLabel());
array_push($tmp, $data->getNiveau02() ? $data->getNiveau02()->getLabel() : '');
array_push($tmp, $data->getNiveau03() ? $data->getNiveau03()->getLabel() : '');
array_push($tmp, $data->getNiveau04() ? $data->getNiveau04()->getLabel() : '');
array_push($tmp, $data->getVisitedate() ? $data->getVisitedate()->format('d/m/Y H:i').'<br>nb = '.$data->getVisitecpt() : '');
array_push($tmp, $roles);
array_push($tmp, $groups);
array_push($output['data'], $tmp);
}
// Retour
return new JsonResponse($output);
}
public function selectlist($access, Request $request, ManagerRegistry $em): Response
{
$output = [];
$page_limit = $request->query->get('page_limit');
$q = $request->query->get('q');
$qb = $em->getManager()->createQueryBuilder();
$qb->select('entity')->from($this->entity, 'entity')
->where('entity.username LIKE :value')
->orWhere('entity.lastname LIKE :value')
->orWhere('entity.firstname LIKE :value')
->setParameter('value', '%'.$q.'%')
->orderBy('entity.username');
$datas = $qb->setFirstResult(0)->setMaxResults($page_limit)->getQuery()->getResult();
foreach ($datas as $data) {
array_push($output, ['id' => $data->getId(), 'text' => $data->getFullname()]);
}
$ret_string['results'] = $output;
$response = new JsonResponse($ret_string);
return $response;
}
public function submit($access, Request $request, ManagerRegistry $em): Response
{
// Vérifier que l'on puisse créer
if ('SQL' != $this->getParameter('appMasteridentity') && $this->getParameter('appSynchroPurgeUser')) {
throw $this->createNotFoundException('Permission denied');
}
// Controler les permissions
$this->cansubmit($access, $em);
// Initialisation de l'enregistrement
$data = new Entity();
$data->setAvatar('noavatar.png');
$data->setIsvisible(true);
$data->setIsactive(true);
$data->setApikey(Uuid::uuid4());
// If manager set same niveau to usertosubmit
if ('manager' == $access) {
$data->setNiveau01($this->getUser()->getNiveau01());
$data->setNiveau02($this->getUser()->getNiveau02());
$data->setNiveau03($this->getUser()->getNiveau03());
$data->setRoles(['ROLE_USER']);
}
// Création du formulaire
$form = $this->createForm(Form::class, $data, [
'mode' => 'submit',
'access' => $access,
'userid' => $this->getUser()->getId(),
'appMasteridentity' => $this->GetParameter('appMasteridentity'),
'appNiveau01label' => $this->GetParameter('appNiveau01label'),
'appNiveau02use' => $this->GetParameter('appNiveau02use'),
'appNiveau02label' => $this->GetParameter('appNiveau02label'),
'appNiveau03use' => $this->GetParameter('appNiveau03use'),
'appNiveau03label' => $this->GetParameter('appNiveau03label'),
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]);
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// S'assurer que les modos ne donne pas des ROLE_ADMIN ou ROLE_USER au user qu'il submit
if ('modo' == $access) {
$roles = $data->getRoles();
$roles = array_diff($roles, ['ROLE_ADMIN', 'ROLE_MODO']);
$data->setRoles($roles);
}
// On récupère les groupes et on cacule ceux à ajouter ou à supprimer
$lstgroups = array_filter(explode(',', $form->get('linkgroups')->getData()));
$lstmodos = array_filter(explode(',', $form->get('linkmodos')->getData()));
// Sauvegarde
$em->getManager()->persist($data);
$em->getManager()->flush();
// Ajout des groupes
foreach ($lstgroups as $idgroup) {
$group = $em->getRepository("App\Entity\Group")->find($idgroup);
$usergroup = $em->getRepository('App\Entity\UserGroup')->findBy(['user' => $data, 'group' => $group]);
if (!$usergroup) {
$usergroup = new UserGroup();
$usergroup->setUser($data);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
}
}
// Ajout des modos
foreach ($lstmodos as $idmodo) {
$niveau01 = $em->getRepository("App\Entity\Niveau01")->find($idmodo);
$usermodo = $em->getRepository('App\Entity\UserModo')->findBy(['user' => $data, 'niveau01' => $niveau01]);
if (!$usermodo) {
$usermodo = new UserModo();
$usermodo->setUser($data);
$usermodo->setNiveau01($niveau01);
$em->getManager()->persist($usermodo);
$em->getManager()->flush();
}
}
// Retour à la liste
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route));
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => true,
'access' => $access,
'mode' => 'submit',
'form' => $form->createView(),
$this->data => $data,
'listgroups' => $this->getListGroups('admin', $em),
'listmodos' => $this->getListModos($em),
]);
}
public function profil($access, Request $request, ManagerRegistry $em): Response
{
$id = $this->getUser()->getId();
return $this->update($access, $id, $request, $em);
}
public function update($access, $id, Request $request, ManagerRegistry $em): Response
{
// Initialisation de l'enregistrement
$data = $em->getRepository($this->entity)->find($id);
if (!$data) {
throw $this->createNotFoundException('Unable to find entity.');
}
// Controler les permissions
$this->canupdate($access, $data, $em);
// Récupération de l'ancien password
$oldpassword = $data->getPassword();
// Récuparation des groupes associés
$oldlstgroups = [];
foreach ($data->getGroups() as $group) {
$oldlstgroups[] = $group->getGroup()->getId();
}
// Récuparation des modos associés
$oldlstmodos = [];
foreach ($data->getModos() as $modo) {
$oldlstmodos[] = $modo->getNiveau01()->getId();
}
// Création du formulaire
$form = $this->createForm(Form::class, $data, [
'mode' => 'update',
'access' => $access,
'userid' => $this->getUser()->getId(),
'appMasteridentity' => $this->GetParameter('appMasteridentity'),
'appNiveau01label' => $this->GetParameter('appNiveau01label'),
'appNiveau02use' => $this->GetParameter('appNiveau02use'),
'appNiveau02label' => $this->GetParameter('appNiveau02label'),
'appNiveau03use' => $this->GetParameter('appNiveau03use'),
'appNiveau03label' => $this->GetParameter('appNiveau03label'),
'appNiveau04use' => $this->GetParameter('appNiveau04use'),
'appNiveau04label' => $this->GetParameter('appNiveau04label'),
'appNiveauupdatable' => $this->GetParameter('appNiveauupdatable'),
'appUserviewisvisible' => $this->GetParameter('appUserviewisvisible'),
]);
// Récupération des data du formulaire
$form->handleRequest($request);
// Sur validation
if ($form->get('submit')->isClicked() && $form->isValid()) {
$data = $form->getData();
// S'assurer que les modos ne donne pas des ROLE_ADMIN ou ROLE_USER au user qu'il update
if ('modo' == $access) {
$roles = $data->getRoles();
$roles = array_diff($roles, ['ROLE_ADMIN', 'ROLE_MODO']);
$data->setRoles($roles);
}
// Si pas de changement de password on replace l'ancien
if ('' == $data->getPassword()) {
$data->setPassword($oldpassword);
}
// Sinon on encode le nouveau
else {
$data->setPassword($data->getPassword());
}
// Sauvegarde
$em->getManager()->flush();
// On récupère les groupes et on cacule ceux à ajouter ou à supprimer
$lstgroups = array_filter(explode(',', $form->get('linkgroups')->getData()));
$removegroups = array_diff($oldlstgroups, $lstgroups);
$addgroups = array_diff($lstgroups, $oldlstgroups);
// Ajout des nouveaux groupes
foreach ($addgroups as $idgroup) {
$group = $em->getRepository("App\Entity\Group")->find($idgroup);
$usergroup = $em->getRepository('App\Entity\UserGroup')->findOneBy(['user' => $data, 'group' => $group]);
if (!$usergroup) {
$usergroup = new UserGroup();
$usergroup->setUser($data);
$usergroup->setGroup($group);
$usergroup->setApikey(Uuid::uuid4());
$usergroup->setRolegroup(0);
$em->getManager()->persist($usergroup);
$em->getManager()->flush();
}
}
// Suppression des groupes obsolètes
foreach ($removegroups as $idgroup) {
$group = $em->getRepository("App\Entity\Group")->find($idgroup);
$usergroup = $em->getRepository('App\Entity\UserGroup')->findOneBy(['user' => $data, 'group' => $group]);
if ($usergroup) {
$em->getManager()->remove($usergroup);
$em->getManager()->flush();
}
}
// On récupère les modos et on cacule ceux à ajouter ou à supprimer
$linkmodos = array_filter(explode(',', $form->get('linkmodos')->getData()));
$removemodos = array_diff($oldlstmodos, $linkmodos);
$addmodos = array_diff($linkmodos, $oldlstmodos);
// Ajout des nouveaux modos
foreach ($addmodos as $idmodo) {
$niveau01 = $em->getRepository("App\Entity\Niveau01")->find($idmodo);
$usermodo = $em->getRepository('App\Entity\UserModo')->findOneBy(['user' => $data, 'niveau01' => $niveau01]);
if (!$usermodo) {
$usermodo = new UserModo();
$usermodo->setUser($data);
$usermodo->setNiveau01($niveau01);
$em->getManager()->persist($usermodo);
$em->getManager()->flush();
}
}
// Suppression des modos obsolètes
foreach ($removemodos as $idmodo) {
$niveau01 = $em->getRepository("App\Entity\Niveau01")->find($idmodo);
$usermodo = $em->getRepository('App\Entity\UserModo')->findOneBy(['user' => $data, 'niveau01' => $niveau01]);
if ($usermodo) {
$em->getManager()->remove($usermodo);
$em->getManager()->flush();
}
}
// Retour à la liste
if ('all' == $access) {
return $this->redirectToRoute('app_home');
} else {
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route));
}
}
// Affichage du formulaire
return $this->render($this->twig.'edit.html.twig', [
'useheader' => true,
'usemenu' => false,
'usesidebar' => ('admin' == $access),
'access' => $access,
'mode' => 'update',
'form' => $form->createView(),
$this->data => $data,
'listgroups' => $this->getListGroups($access, $em),
'listmodos' => $this->getListModos($em),
'maxsize' => ('all' == $access ? 1200 : null),
]);
}
public function delete($access, $id, Request $request, ManagerRegistry $em): Response
{
// Récupération de l'enregistrement courant
$data = $em->getRepository($this->entity)->find($id);
if (!$data) {
throw $this->createNotFoundException('Unable to find entity.');
}
// Controler les permissions
$this->candelete($access, $data, $em);
// Tentative de suppression
try {
$em->getManager()->remove($data);
$em->getManager()->flush();
} catch (\Exception $e) {
$request->getSession()->getFlashBag()->add('error', $e->getMessage());
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route).'_update', ['id' => $id]);
}
return $this->redirectToRoute(str_replace('_admin_', '_'.$access.'_', $this->route));
}
protected function getListGroups($access, $em)
{
$qb = $em->getManager()->createQueryBuilder();
$qb->select('b')->from('App:Group', 'b');
if ('admin' != $access) {
$qb->where('b.isopen=true AND b.isworkgroup=true');
}
$qb->andWhere('b.ldapfilter IS NULL');
$qb->andWhere('b.attributes IS NULL');
$qb->andWhere('b.id>0');
$datas = $qb->getQuery()->getResult();
return $datas;
}
protected function getListModos($em)
{
$qb = $em->getManager()->createQueryBuilder();
$qb->select('b')->from('App:Niveau01', 'b');
$datas = $qb->getQuery()->getResult();
return $datas;
}
private function cansubmit($access, $em)
{
switch ($access) {
case 'admin': return true;
break;
case 'modo': return true;
break;
case 'manager': return true;
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
private function canupdate($access, $entity, $em)
{
switch ($access) {
case 'admin': return true;
break;
case 'modo':
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
if (!$usermodo) {
throw $this->createAccessDeniedException('Permission denied');
}
return true;
break;
case 'manager':
if ($this->getUser()->getNiveau03() && $this->getUser()->getNiveau03() == $entity->getNiveau03()) {
return true;
} elseif (!$this->getUser()->getNiveau03() && $this->getUser()->getNiveau02() && $this->getUser()->getNiveau02() == $entity->getNiveau02()) {
return true;
} elseif (!$this->getUser()->getNiveau02() && $this->getUser()->getNiveau01() && $this->getUser()->getNiveau01() == $entity->getNiveau01()) {
return true;
}
throw $this->createAccessDeniedException('Permission denied');
break;
case 'all':
if ($this->getUser()->getId() != $entity->getId()) {
throw $this->createAccessDeniedException('Permission denied');
}
return true;
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
private function candelete($access, $entity, $em)
{
switch ($access) {
case 'admin': return true;
break;
case 'modo':
$usermodo = $em->getRepository("App\Entity\UserModo")->findOneBy(['user' => $this->getUser(), 'niveau01' => $entity->getNiveau01()]);
if (!$usermodo) {
throw $this->createAccessDeniedException('Permission denied');
}
if ($entity->hasRole('ROLE_ADMIN') || $entity->hasRole('ROLE_MODO')) {
throw $this->createAccessDeniedException('Permission denied');
}
return true;
break;
case 'manager':
if ($this->getUser()->getNiveau03() && $this->getUser()->getNiveau03() == $entity->getNiveau03()) {
return true;
} elseif (!$this->getUser()->getNiveau03() && $this->getUser()->getNiveau02() && $this->getUser()->getNiveau02() == $entity->getNiveau02()) {
return true;
} elseif (!$this->getUser()->getNiveau02() && $this->getUser()->getNiveau01() && $this->getUser()->getNiveau01() == $entity->getNiveau01()) {
return true;
}
throw $this->createAccessDeniedException('Permission denied');
break;
case 'all':
if ($this->getUser()->getId() != $entity->getId()) {
throw $this->createAccessDeniedException('Permission denied');
}
return true;
break;
}
throw $this->createAccessDeniedException('Permission denied');
}
public function preference($access, Request $request, ManagerRegistry $em): Response
{
$key = $request->request->get('key');
$id = $request->request->get('id');
$value = $request->request->get('value');
// Récupérer les préférences de l'utilisateur
$preference = $this->getUser()->getPreference();
// Mise à jour de la préférence
$toupdate = false;
if (!is_array($preference)) {
$toupdate = true;
$preference = [];
}
if (!array_key_exists($key, $preference)) {
$toupdate = true;
$preference[$key] = [];
}
if (!array_key_exists($id, $preference[$key])) {
$toupdate = true;
$preference[$key][$id] = $value;
}
if ($preference[$key][$id] != $value) {
$toupdate = true;
$preference[$key][$id] = $value;
}
// Mise à jour des préferences
if ($toupdate) {
$this->getUser()->setPreference($preference);
$em->getManager()->flush();
}
return new Response();
}
}
Reference in New Issue View Git Blame Copy Permalink