diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index b971be46322c1c9e23b6bff98faf6a5408cb40a7..071f4d7c15cc4b6177b4836b959657a8da1bdd46 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -286,7 +286,12 @@ class UserController
$set['mode'] = $body['mode'];
}
- if ($body['mode'] == 'rest' && !empty($body['authorizedApi']) && is_array($body['authorizedApi'])) {
+ if ($body['mode'] == 'rest' && isset($body['authorizedApi']) && is_array($body['authorizedApi'])) {
+ foreach ($body['authorizedApi'] as $value) {
+ if (strpos($value, 'GET') !== 0 && strpos($value, 'POST') !== 0 && strpos($value, 'PUT') !== 0 && strpos($value, 'DELETE') !== 0) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body authorizedApi is not well formatted']);
+ }
+ }
$set['authorized_api'] = json_encode($body['authorizedApi']);
}
@@ -1606,15 +1611,15 @@ class UserController
'data' => ['DEL']
]);
} else {
- $managePersonaldata = false;
- if (PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
- $managePersonaldata = true;
+ $viewPersonaldata = false;
+ if (PrivilegeController::hasPrivilege(['privilegeId' => 'view_personal_data', 'userId' => $GLOBALS['id']])) {
+ $viewPersonaldata = true;
}
$entities = EntityModel::getAllEntitiesByUserId(['userId' => $GLOBALS['id']]);
$users = [];
$select = ['DISTINCT users.id', 'users.user_id', 'firstname', 'lastname', 'mail'];
- if ($managePersonaldata) {
+ if ($viewPersonaldata) {
$select[] = 'phone';
}
if (!empty($entities)) {
@@ -1625,7 +1630,7 @@ class UserController
]);
}
$select = ['DISTINCT users.id', 'users.user_id', 'firstname', 'lastname', 'mail'];
- if ($managePersonaldata) {
+ if ($viewPersonaldata) {
$select[] = 'phone';
}
$usersNoEntities = UserEntityModel::getUsersWithoutEntities(['select' => $select]);
@@ -1743,8 +1748,10 @@ class UserController
'mail' => $user['mail'],
'preferences' => json_encode(['documentEdition' => 'java'])
];
- if (PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
+ if (!empty($user['phone']) && PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
$userToCreate['phone'] = $user['phone'];
+ } elseif (!empty($user['phone']) && !PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
+ $warnings[] = ['warning' => "Phone is not allowed to be modified", 'index' => $key, 'lang' => ''];
}
$id = UserModel::create(['user' => $userToCreate]);
}
@@ -1762,12 +1769,17 @@ class UserController
$set = [];
if (!empty($user['firstname'])) {
$set['firstname'] = $user['firstname'];
- } elseif (!empty($user['lastname'])) {
+ }
+ if (!empty($user['lastname'])) {
$set['lastname'] = $user['lastname'];
- } elseif (!empty($user['mail'])) {
+ }
+ if (!empty($user['mail'])) {
$set['mail'] = $user['mail'];
- } elseif (!empty($user['phone']) && PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
+ }
+ if (!empty($user['phone']) && PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
$set['phone'] = $user['phone'];
+ } elseif (!empty($user['phone']) && !PrivilegeController::hasPrivilege(['privilegeId' => 'manage_personal_data', 'userId' => $GLOBALS['id']])) {
+ $warnings[] = ['warning' => "Phone is not allowed to be modified", 'index' => $key, 'lang' => ''];
}
if (!empty($set)) {
diff --git a/src/frontend/app/administration/user/user-administration.component.html b/src/frontend/app/administration/user/user-administration.component.html
index 524aacc67396bd37153eab12aa09d4eab30ccc12..6ff12d1f91274db0b6dbbde62af6fb17021e26c7 100755
--- a/src/frontend/app/administration/user/user-administration.component.html
+++ b/src/frontend/app/administration/user/user-administration.component.html
@@ -230,6 +230,12 @@
</mat-select>
</mat-form-field>
</div>
+ <div *ngIf="user.mode === 'rest'">
+ <mat-form-field>
+ <mat-label>{{'this.lang.authorizedRoutes' | translate}}</mat-label>
+ <textarea matInput [(ngModel)]="user.authorizedApi" placeholder="POST/attachments\nPUT/attachments/{id}"></textarea>
+ </mat-form-field>
+ </div>
</mat-expansion-panel>
</mat-accordion>
<div class="form-group" style="margin-top: 10px;">
@@ -577,4 +583,4 @@
</mat-list>
</mat-sidenav>
-</mat-sidenav-container>
\ No newline at end of file
+</mat-sidenav-container>
diff --git a/src/frontend/app/administration/user/user-administration.component.ts b/src/frontend/app/administration/user/user-administration.component.ts
index fe6745b6c6957a416a92d662d41feff4aacf562b..f9e62fd03aee7672cf6fad4134b07085cceedd45 100755
--- a/src/frontend/app/administration/user/user-administration.component.ts
+++ b/src/frontend/app/administration/user/user-administration.component.ts
@@ -35,7 +35,8 @@ export class UserAdministrationComponent implements OnInit {
userId: string;
mode: string = '';
user: any = {
- mode : 'standard'
+ mode : 'standard',
+ authorizedApi : ''
};
_search: string = '';
creationMode: boolean;
@@ -173,6 +174,11 @@ export class UserAdministrationComponent implements OnInit {
.subscribe((data: any) => {
this.user = data;
+ if (this.user.mode == 'rest') {
+ this.user.authorizedApi = this.user.authorizedApi.join('\n');
+ console.log(this.user.authorizedApi);
+ }
+
if (this.headerService.user.id === this.user.id) {
this.canViewPersonalDatas = true;
this.canManagePersonalDatas = true;
@@ -903,6 +909,10 @@ export class UserAdministrationComponent implements OnInit {
this.notify.error(err.error.errors);
});
} else {
+ if (this.user.mode == 'rest') {
+ this.user.authorizedApi = this.user.authorizedApi.split('\n');
+ console.log(this.user.authorizedApi);
+ }
this.http.put('../rest/users/' + this.serialId, this.user)
.subscribe((data: any) => {
if (this.headerService.user.id == this.serialId) {
diff --git a/src/lang/lang-en.json b/src/lang/lang-en.json
index bc4b6fca9ef88d764aae419827e10357a73ae148..7031c69ae8648a720862193450a294d14199c02a 100644
--- a/src/lang/lang-en.json
+++ b/src/lang/lang-en.json
@@ -1888,5 +1888,6 @@
"mustAtLeastMinValues": "The data must have at least <b>6</b> values",
"enableField": "Enable field",
"disableField": "Disable field",
- "emailSubject": "E-mail's subject"
+ "emailSubject": "E-mail's subject",
+ "authorizedRoutes": "Authorized routes"
}
diff --git a/src/lang/lang-fr.json b/src/lang/lang-fr.json
index bfb4211408afa9b28b221ac5abbad0fd9f28c658..668a9b21d97b4f9fff406ec2151083584d9145fa 100644
--- a/src/lang/lang-fr.json
+++ b/src/lang/lang-fr.json
@@ -1883,5 +1883,6 @@
"mustAtLeastMinValues": "Les données doivent avoir au mimimum <b>6</b> valeurs",
"enableField": "Activer le champ",
"disableField": "Désactiver le champ",
- "emailSubject": "Objet du courriel"
+ "emailSubject": "Objet du courriel",
+ "authorizedRoutes": "Routes autorisées"
}