diff --git a/composer.json b/composer.json
index 03fe4db02f21d970fb69d79fac655583ad10d886..fe825baf622c47d99d0fc4c4966db376ebe962d9 100755
--- a/composer.json
+++ b/composer.json
@@ -19,6 +19,7 @@
"Resource\\" : "src/app/resource/",
"Status\\" : "src/app/status/",
"Template\\" : "src/app/template/",
+ "User\\" : "src/app/user/",
"Core\\" : "core/",
"Attachments\\" : "modules/attachments/",
diff --git a/core/Models/SecurityModelAbstract.php b/core/Models/SecurityModelAbstract.php
index 450ab885157786471297b56d58b65f5677b44d41..a5271b6e6d13e636db0720848a494328221efbe1 100755
--- a/core/Models/SecurityModelAbstract.php
+++ b/core/Models/SecurityModelAbstract.php
@@ -64,7 +64,7 @@ class SecurityModelAbstract
ValidatorModel::stringType($args, ['userId', 'cookieKey']);
$aReturn = DatabaseModel::select([
- 'select' => ['password'],
+ 'select' => [1],
'table' => ['users'],
'where' => ['user_id = ?', 'cookie_key = ?', 'cookie_date > CURRENT_TIMESTAMP'],
'data' => [$args['userId'], $args['cookieKey']]
diff --git a/core/Models/UserModelAbstract.php b/core/Models/UserModelAbstract.php
index 68278b9364221e7f905117c6ed5bf0f981b92785..6e304aa88ff98a96729c0ec68d14742980372e4a 100755
--- a/core/Models/UserModelAbstract.php
+++ b/core/Models/UserModelAbstract.php
@@ -487,7 +487,7 @@ class UserModelAbstract
ValidatorModel::stringType($aArgs, ['userId']);
$aGroups = DatabaseModel::select([
- 'select' => ['usergroup_content.group_id', 'usergroups.group_desc', 'usergroup_content.primary_group', 'usergroup_content.role', 'security.maarch_comment', 'security.where_clause'],
+ 'select' => ['usergroups.id', 'usergroup_content.group_id', 'usergroups.group_desc', 'usergroup_content.primary_group', 'usergroup_content.role', 'security.maarch_comment', 'security.where_clause'],
'table' => ['usergroup_content, usergroups, security'],
'where' => ['usergroup_content.group_id = usergroups.group_id', 'usergroup_content.user_id = ?','usergroups.group_id = security.group_id'],
'data' => [$aArgs['userId']]
diff --git a/modules/visa/Controllers/VisaController.php b/modules/visa/Controllers/VisaController.php
index c612c041ade7d91c280329d0ded07906c53a3bc2..10486edfbbfc01608a2938f6ace0637fe52a95d6 100755
--- a/modules/visa/Controllers/VisaController.php
+++ b/modules/visa/Controllers/VisaController.php
@@ -17,12 +17,12 @@ use Attachments\Models\AttachmentsModel;
use Basket\models\BasketModel;
use Action\models\ActionModel;
use Core\Models\ContactModel;
-use SrcCore\models\LinkModel;
use Core\Models\UserModel;
use Core\Models\LangModel;
use Docserver\models\DocserverModel;
use Core\Models\ServiceModel;
use Entity\models\ListInstanceModel;
+use Link\models\LinkModel;
use Notes\Models\NoteModel;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;
diff --git a/rest/index.php b/rest/index.php
index 8e619d92d3ba4e85838ea5f79e0c1211d412d65d..9610937375061d85119a3e17626637248153c712 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -82,6 +82,7 @@ if (strpos(getcwd(), '/rest')) {
chdir('..');
}
+$userId = null;
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
if (\Core\Models\SecurityModel::authentication(['userId' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW']])) {
$userId = $_SERVER['PHP_AUTH_USER'];
@@ -111,9 +112,8 @@ $app->post('/initialize', \SrcCore\controllers\CoreController::class . ':initial
//Administration
$app->get('/administration', \SrcCore\controllers\CoreController::class . ':getAdministration');
-$app->get('/administration/users', \Core\Controllers\UserController::class . ':getUsersForAdministration');
-$app->get('/administration/users/new', \Core\Controllers\UserController::class . ':getNewUserForAdministration');
-$app->get('/administration/users/{id}', \Core\Controllers\UserController::class . ':getUserForAdministration');
+$app->get('/administration/users', \User\controllers\UserController::class . ':getUsersForAdministration');
+$app->get('/administration/users/{id}', \User\controllers\UserController::class . ':getUserForAdministration');
//Baskets
$app->get('/baskets', \Basket\controllers\BasketController::class . ':get');
@@ -177,34 +177,35 @@ $app->get('/res/{resId}/lock', \Resource\controllers\ResController::class . ':is
$app->get('/res/{resId}/notes/count', \Resource\controllers\ResController::class . ':getNotesCountForCurrentUserById');
//Users
-$app->get('/users/autocompleter', \Core\Controllers\UserController::class . ':getUsersForAutocompletion');
-$app->post('/users', \Core\Controllers\UserController::class . ':create');
-$app->get('/users/{id}/details', \Core\Controllers\UserController::class . ':getDetailledById');
-$app->put('/users/{id}', \Core\Controllers\UserController::class . ':update');
-$app->put('/users/{id}/password', \Core\Controllers\UserController::class . ':resetPassword');
-$app->put('/users/{id}/status', \Core\Controllers\UserController::class . ':updateStatus');
-$app->delete('/users/{id}', \Core\Controllers\UserController::class . ':delete');
-$app->post('/users/{id}/groups', \Core\Controllers\UserController::class . ':addGroup');
-$app->put('/users/{id}/groups/{groupId}', \Core\Controllers\UserController::class . ':updateGroup');
-$app->delete('/users/{id}/groups/{groupId}', \Core\Controllers\UserController::class . ':deleteGroup');
-$app->post('/users/{id}/entities', \Core\Controllers\UserController::class . ':addEntity');
-$app->put('/users/{id}/entities/{entityId}', \Core\Controllers\UserController::class . ':updateEntity');
-$app->put('/users/{id}/entities/{entityId}/primaryEntity', \Core\Controllers\UserController::class . ':updatePrimaryEntity');
-$app->delete('/users/{id}/entities/{entityId}', \Core\Controllers\UserController::class . ':deleteEntity');
-$app->post('/users/{id}/signatures', \Core\Controllers\UserController::class . ':addSignature');
-$app->put('/users/{id}/signatures/{signatureId}', \Core\Controllers\UserController::class . ':updateSignature');
-$app->delete('/users/{id}/signatures/{signatureId}', \Core\Controllers\UserController::class . ':deleteSignature');
-$app->post('/users/{id}/redirectedBaskets', \Core\Controllers\UserController::class . ':setRedirectedBaskets');
-$app->delete('/users/{id}/redirectedBaskets/{basketId}', \Core\Controllers\UserController::class . ':deleteRedirectedBaskets');
+$app->get('/users/autocompleter', \User\controllers\UserController::class . ':getUsersForAutocompletion');
+$app->post('/users', \User\controllers\UserController::class . ':create');
+$app->get('/users/{id}/details', \User\controllers\UserController::class . ':getDetailledById');
+$app->put('/users/{id}', \User\controllers\UserController::class . ':update');
+$app->put('/users/{id}/password', \User\controllers\UserController::class . ':resetPassword');
+$app->put('/users/{id}/status', \User\controllers\UserController::class . ':updateStatus');
+$app->delete('/users/{id}', \User\controllers\UserController::class . ':delete');
+$app->post('/users/{id}/groups', \User\controllers\UserController::class . ':addGroup');
+$app->put('/users/{id}/groups/{groupId}', \User\controllers\UserController::class . ':updateGroup');
+$app->delete('/users/{id}/groups/{groupId}', \User\controllers\UserController::class . ':deleteGroup');
+$app->post('/users/{id}/entities', \User\controllers\UserController::class . ':addEntity');
+$app->put('/users/{id}/entities/{entityId}', \User\controllers\UserController::class . ':updateEntity');
+$app->put('/users/{id}/entities/{entityId}/primaryEntity', \User\controllers\UserController::class . ':updatePrimaryEntity');
+$app->delete('/users/{id}/entities/{entityId}', \User\controllers\UserController::class . ':deleteEntity');
+$app->post('/users/{id}/signatures', \User\controllers\UserController::class . ':addSignature');
+$app->put('/users/{id}/signatures/{signatureId}', \User\controllers\UserController::class . ':updateSignature');
+$app->delete('/users/{id}/signatures/{signatureId}', \User\controllers\UserController::class . ':deleteSignature');
+$app->post('/users/{id}/redirectedBaskets', \User\controllers\UserController::class . ':setRedirectedBaskets');
+$app->delete('/users/{id}/redirectedBaskets/{basketId}', \User\controllers\UserController::class . ':deleteRedirectedBaskets');
+$app->put('/users/{id}/baskets', \User\controllers\UserController::class . ':updateBasketsDisplay');
//CurrentUser
-$app->get('/currentUser/profile', \Core\Controllers\UserController::class . ':getProfile');
-$app->put('/currentUser/profile', \Core\Controllers\UserController::class . ':updateProfile');
-$app->put('/currentUser/password', \Core\Controllers\UserController::class . ':updateCurrentUserPassword');
-$app->post('/currentUser/emailSignature', \Core\Controllers\UserController::class . ':createCurrentUserEmailSignature');
-$app->put('/currentUser/emailSignature/{id}', \Core\Controllers\UserController::class . ':updateCurrentUserEmailSignature');
-$app->delete('/currentUser/emailSignature/{id}', \Core\Controllers\UserController::class . ':deleteCurrentUserEmailSignature');
-$app->put('/currentUser/groups/{groupId}/baskets/{basketId}', \Core\Controllers\UserController::class . ':updateBasketPreference');
+$app->get('/currentUser/profile', \User\controllers\UserController::class . ':getProfile');
+$app->put('/currentUser/profile', \User\controllers\UserController::class . ':updateProfile');
+$app->put('/currentUser/password', \User\controllers\UserController::class . ':updateCurrentUserPassword');
+$app->post('/currentUser/emailSignature', \User\controllers\UserController::class . ':createCurrentUserEmailSignature');
+$app->put('/currentUser/emailSignature/{id}', \User\controllers\UserController::class . ':updateCurrentUserEmailSignature');
+$app->delete('/currentUser/emailSignature/{id}', \User\controllers\UserController::class . ':deleteCurrentUserEmailSignature');
+$app->put('/currentUser/groups/{groupId}/baskets/{basketId}', \User\controllers\UserController::class . ':updateBasketPreference');
//Entities
$app->get('/entities', \Entity\controllers\EntityController::class . ':get');
diff --git a/sql/17_xx.sql b/sql/17_xx.sql
index e435c75475d48a2148c3640022f0cda7bec07d59..c1716aabbe5e06739ffcba754008660e8483669d 100755
--- a/sql/17_xx.sql
+++ b/sql/17_xx.sql
@@ -609,3 +609,17 @@ UPDATE doctypes_second_level SET css_style = '#FF0000' WHERE css_style = 'red_st
UPDATE doctypes_second_level SET css_style = '#008000' WHERE css_style = 'green_style';
UPDATE doctypes_second_level SET css_style = '#800080' WHERE css_style = 'violet_style';
UPDATE doctypes_second_level SET css_style = '#000000' WHERE css_style = 'default_style';
+
+DROP TABLE IF EXISTS users_baskets_preferences;
+CREATE TABLE users_baskets_preferences
+(
+ id serial NOT NULL,
+ user_serial_id integer NOT NULL,
+ group_serial_id integer NOT NULL,
+ basket_id character varying(32) NOT NULL,
+ display boolean NOT NULL,
+ color character varying(16),
+ CONSTRAINT users_baskets_preferences_pkey PRIMARY KEY (id),
+ CONSTRAINT users_baskets_preferences_key UNIQUE (user_serial_id, group_serial_id, basket_id)
+)
+WITH (OIDS=FALSE);
diff --git a/sql/structure.sql b/sql/structure.sql
index 7b2f5df002b0aa423590ecc21382f6d92a939016..a41d5f698efcf7c2082de9fea173098c0ea9c052 100755
--- a/sql/structure.sql
+++ b/sql/structure.sql
@@ -2769,6 +2769,20 @@ CREATE TABLE users_baskets
)
WITH (OIDS=FALSE);
+DROP TABLE IF EXISTS users_baskets_preferences;
+CREATE TABLE users_baskets_preferences
+(
+ id serial NOT NULL,
+ user_serial_id integer NOT NULL,
+ group_serial_id integer NOT NULL,
+ basket_id character varying(32) NOT NULL,
+ display boolean NOT NULL,
+ color character varying(16),
+ CONSTRAINT users_baskets_preferences_pkey PRIMARY KEY (id),
+ CONSTRAINT users_baskets_preferences_key UNIQUE (user_serial_id, group_serial_id, basket_id)
+)
+WITH (OIDS=FALSE);
+
-- convert working table
DROP TABLE IF EXISTS convert_stack;
diff --git a/src/app/group/models/GroupModelAbstract.php b/src/app/group/models/GroupModelAbstract.php
index 7d18f4e51eb8c0dedf1066027221b92665655ed4..80ff6611e7e90a2e9b249b45856fccf7b21cb53f 100644
--- a/src/app/group/models/GroupModelAbstract.php
+++ b/src/app/group/models/GroupModelAbstract.php
@@ -38,7 +38,7 @@ class GroupModelAbstract
public static function getById(array $aArgs)
{
ValidatorModel::notEmpty($aArgs, ['id']);
- ValidatorModel::stringType($aArgs, ['id']);
+ ValidatorModel::intVal($aArgs, ['id']);
$aGroups = DatabaseModel::select([
'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
diff --git a/core/Controllers/UserController.php b/src/app/user/controllers/UserController.php
old mode 100755
new mode 100644
similarity index 85%
rename from core/Controllers/UserController.php
rename to src/app/user/controllers/UserController.php
index ef67171d1113ec54c1f1269258fad4657b84a10a..2d75a75131bb0c2c750d3627e3d44898d534b418
--- a/core/Controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -10,10 +10,9 @@
/**
* @brief User Controller
* @author dev@maarch.org
-* @ingroup core
*/
-namespace Core\Controllers;
+namespace User\controllers;
use Basket\models\BasketModel;
use Core\Models\SecurityModel;
@@ -24,13 +23,12 @@ use Entity\models\EntityModel;
use Group\models\GroupModel;
use History\controllers\HistoryController;
use History\models\HistoryModel;
-use Psr\Http\Message\RequestInterface;
-use Psr\Http\Message\ResponseInterface;
use Respect\Validation\Validator;
use Slim\Http\Request;
use Slim\Http\Response;
use SrcCore\models\CoreConfigModel;
use SrcCore\controllers\StoreController;
+use User\models\UserBasketPreferenceModel;
class UserController
{
@@ -102,7 +100,7 @@ class UserController
UserModel::delete(['id' => $aArgs['id']]);
//get New User List
- if ($_SESSION['user']['UserId'] == 'superadmin') {
+ if ($GLOBALS['userId'] == 'superadmin') {
$users = UserModel::get(
[
'select' => ['id', 'user_id', 'firstname', 'lastname', 'status', 'enabled', 'mail'],
@@ -111,7 +109,7 @@ class UserController
]
);
} else {
- $entities = EntityModel::getAllEntitiesByUserId(['userId' => $_SESSION['user']['UserId']]);
+ $entities = EntityModel::getAllEntitiesByUserId(['userId' => $GLOBALS['userId']]);
$users = UserModel::getByEntities(
[
'select' => ['DISTINCT users.id', 'users.user_id', 'firstname', 'lastname', 'status', 'enabled', 'mail'],
@@ -175,7 +173,7 @@ class UserController
public function updateProfile(Request $request, Response $response)
{
- $user = UserModel::getByUserId(['userId' => $_SESSION['user']['UserId'], 'select' => ['id', 'enabled']]);
+ $user = UserModel::getByUserId(['userId' => $GLOBALS['userId'], 'select' => ['id', 'enabled']]);
$data = $request->getParams();
@@ -193,7 +191,7 @@ class UserController
return $response->withJson(['success' => _UPDATED_PROFILE]);
}
- public function resetPassword(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function resetPassword(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id']]);
if (!empty($error['error'])) {
@@ -205,7 +203,7 @@ class UserController
return $response->withJson(['success' => _RESET_PASSWORD]);
}
- public function updateCurrentUserPassword(RequestInterface $request, ResponseInterface $response)
+ public function updateCurrentUserPassword(Request $request, Response $response)
{
$data = $request->getParams();
@@ -215,11 +213,11 @@ class UserController
if ($data['newPassword'] != $data['reNewPassword']) {
return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
- } elseif (!SecurityModel::authentication(['userId' => $_SESSION['user']['UserId'], 'password' => $data['currentPassword']])) {
+ } elseif (!SecurityModel::authentication(['userId' => $GLOBALS['userId'], 'password' => $data['currentPassword']])) {
return $response->withStatus(401)->withJson(['errors' => _WRONG_PSW]);
}
- $user = UserModel::getByUserId(['userId' => $_SESSION['user']['UserId'], 'select' => ['id']]);
+ $user = UserModel::getByUserId(['userId' => $GLOBALS['userId'], 'select' => ['id']]);
UserModel::updatePassword(['id' => $user['id'], 'password' => $data['newPassword']]);
return $response->withJson(['success' => _UPDATED_PASSWORD]);
@@ -312,12 +310,10 @@ class UserController
'info' => "{$user['firstname']} {$user['lastname']} " ._BACK_FROM_VACATION
]);
- return $response->withJson([
- 'user' => UserModel::getById(['id' => $aArgs['id'], 'select' => ['status']])
- ]);
+ return $response->withJson(['user' => UserModel::getById(['id' => $aArgs['id'], 'select' => ['status']])]);
}
- public function addSignature(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function addSignature(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id'], 'himself' => true]);
if (!empty($error['error'])) {
@@ -395,7 +391,7 @@ class UserController
]);
}
- public function updateSignature(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function updateSignature(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id'], 'himself' => true]);
if (!empty($error['error'])) {
@@ -420,7 +416,7 @@ class UserController
]);
}
- public function deleteSignature(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function deleteSignature(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id'], 'himself' => true]);
if (!empty($error['error'])) {
@@ -435,7 +431,7 @@ class UserController
]);
}
- public function createCurrentUserEmailSignature(RequestInterface $request, ResponseInterface $response)
+ public function createCurrentUserEmailSignature(Request $request, Response $response)
{
$data = $request->getParams();
@@ -444,7 +440,7 @@ class UserController
}
$r = UserModel::createEmailSignature([
- 'userId' => $_SESSION['user']['UserId'],
+ 'userId' => $GLOBALS['userId'],
'title' => $data['title'],
'htmlBody' => $data['htmlBody']
]);
@@ -455,11 +451,11 @@ class UserController
return $response->withJson([
'success' => _NEW_EMAIL_SIGNATURE,
- 'emailSignatures' => UserModel::getEmailSignaturesById(['userId' => $_SESSION['user']['UserId']])
+ 'emailSignatures' => UserModel::getEmailSignaturesById(['userId' => $GLOBALS['userId']])
]);
}
- public function updateCurrentUserEmailSignature(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function updateCurrentUserEmailSignature(Request $request, Response $response, array $aArgs)
{
$data = $request->getParams();
@@ -469,7 +465,7 @@ class UserController
$r = UserModel::updateEmailSignature([
'id' => $aArgs['id'],
- 'userId' => $_SESSION['user']['UserId'],
+ 'userId' => $GLOBALS['userId'],
'title' => $data['title'],
'htmlBody' => $data['htmlBody']
]);
@@ -480,15 +476,15 @@ class UserController
return $response->withJson([
'success' => _UPDATED_EMAIL_SIGNATURE,
- 'emailSignature' => UserModel::getEmailSignatureWithSignatureIdById(['userId' => $_SESSION['user']['UserId'], 'signatureId' => $aArgs['id']])
+ 'emailSignature' => UserModel::getEmailSignatureWithSignatureIdById(['userId' => $GLOBALS['userId'], 'signatureId' => $aArgs['id']])
]);
}
- public function deleteCurrentUserEmailSignature(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function deleteCurrentUserEmailSignature(Request $request, Response $response, array $aArgs)
{
$r = UserModel::deleteEmailSignature([
'id' => $aArgs['id'],
- 'userId' => $_SESSION['user']['UserId']
+ 'userId' => $GLOBALS['userId']
]);
if (!$r) {
@@ -497,11 +493,11 @@ class UserController
return $response->withJson([
'success' => _DELETED_EMAIL_SIGNATURE,
- 'emailSignatures' => UserModel::getEmailSignaturesById(['userId' => $_SESSION['user']['UserId']])
+ 'emailSignatures' => UserModel::getEmailSignaturesById(['userId' => $GLOBALS['userId']])
]);
}
- public function getUsersForAutocompletion(RequestInterface $request, ResponseInterface $response)
+ public function getUsersForAutocompletion(Request $request, Response $response)
{
$excludedUsers = ['superadmin'];
@@ -518,20 +514,20 @@ class UserController
return $response->withJson($users);
}
- public function getUsersForAdministration(RequestInterface $request, ResponseInterface $response)
+ public function getUsersForAdministration(Request $request, Response $response)
{
- if (!ServiceModel::hasService(['id' => 'admin_users', 'userId' => $_SESSION['user']['UserId'], 'location' => 'apps', 'type' => 'admin'])) {
+ if (!ServiceModel::hasService(['id' => 'admin_users', 'userId' => $GLOBALS['userId'], 'location' => 'apps', 'type' => 'admin'])) {
return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
}
- if ($_SESSION['user']['UserId'] == 'superadmin') {
+ if ($GLOBALS['userId'] == 'superadmin') {
$users = UserModel::get([
'select' => ['id', 'user_id', 'firstname', 'lastname', 'status', 'enabled', 'mail'],
'where' => ['user_id != ?', 'status != ?'],
'data' => ['superadmin', 'DEL']
]);
} else {
- $entities = EntityModel::getAllEntitiesByUserId(['userId' => $_SESSION['user']['UserId']]);
+ $entities = EntityModel::getAllEntitiesByUserId(['userId' => $GLOBALS['userId']]);
$users = UserModel::getByEntities([
'select' => ['DISTINCT users.id', 'users.user_id', 'firstname', 'lastname', 'status', 'enabled', 'mail'],
'entities' => $entities
@@ -558,12 +554,10 @@ class UserController
}
}
- $return['users'] = $users;
-
- return $response->withJson($return);
+ return $response->withJson(['users' => $users]);
}
- public function getDetailledById(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function getDetailledById(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id']]);
if (!empty($error['error'])) {
@@ -576,7 +570,7 @@ class UserController
$user['groups'] = UserModel::getGroupsByUserId(['userId' => $user['user_id']]);
$user['allGroups'] = GroupModel::getAvailableGroupsByUserId(['userId' => $user['user_id']]);
$user['entities'] = UserModel::getEntitiesById(['userId' => $user['user_id']]);
- $user['allEntities'] = EntityModel::getAvailableEntitiesForAdministratorByUserId(['userId' => $user['user_id'], 'administratorUserId' => $_SESSION['user']['UserId']]);
+ $user['allEntities'] = EntityModel::getAvailableEntitiesForAdministratorByUserId(['userId' => $user['user_id'], 'administratorUserId' => $GLOBALS['userId']]);
$user['baskets'] = BasketModel::getBasketsByUserId(['userId' => $user['user_id']]);
$user['history'] = HistoryModel::getByUserId(['userId' => $user['user_id']]);
@@ -652,7 +646,7 @@ class UserController
return $response->withJson(['success' => 'success']);
}
- public function deleteGroup(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function deleteGroup(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id']]);
if (!empty($error['error'])) {
@@ -680,7 +674,7 @@ class UserController
]);
}
- public function addEntity(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function addEntity(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id']]);
if (!empty($error['error'])) {
@@ -711,11 +705,11 @@ class UserController
return $response->withJson([
'success' => _ADDED_ENTITY,
'entities' => UserModel::getEntitiesById(['userId' => $user['user_id']]),
- 'allEntities' => EntityModel::getAvailableEntitiesForAdministratorByUserId(['userId' => $user['user_id'], 'administratorUserId' => $_SESSION['user']['UserId']])
+ 'allEntities' => EntityModel::getAvailableEntitiesForAdministratorByUserId(['userId' => $user['user_id'], 'administratorUserId' => $GLOBALS['userId']])
]);
}
- public function updateEntity(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function updateEntity(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id']]);
if (!empty($error['error'])) {
@@ -735,7 +729,7 @@ class UserController
return $response->withJson(['success' => _UPDATED_ENTITY]);
}
- public function updatePrimaryEntity(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function updatePrimaryEntity(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id']]);
if (!empty($error['error'])) {
@@ -751,7 +745,7 @@ class UserController
return $response->withJson(['success' => _UPDATED_ENTITY, 'entities' => UserModel::getEntitiesById(['userId' => $user['user_id']])]);
}
- public function deleteEntity(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function deleteEntity(Request $request, Response $response, array $aArgs)
{
$error = $this->hasUsersRights(['id' => $aArgs['id']]);
if (!empty($error['error'])) {
@@ -772,15 +766,81 @@ class UserController
return $response->withJson([
'success' => _DELETED_ENTITY,
'entities' => UserModel::getEntitiesById(['userId' => $user['user_id']]),
- 'allEntities' => EntityModel::getAvailableEntitiesForAdministratorByUserId(['userId' => $user['user_id'], 'administratorUserId' => $_SESSION['user']['UserId']])
+ 'allEntities' => EntityModel::getAvailableEntitiesForAdministratorByUserId(['userId' => $user['user_id'], 'administratorUserId' => $GLOBALS['userId']])
+ ]);
+ }
+
+ public function updateBasketsDisplay(Request $request, Response $response, array $aArgs)
+ {
+ $error = $this->hasUsersRights(['id' => $aArgs['id']]);
+ if (!empty($error['error'])) {
+ return $response->withStatus($error['status'])->withJson(['errors' => $error['error']]);
+ }
+
+ $data = $request->getParams();
+ $check = Validator::stringType()->notEmpty()->validate($data['basketId']);
+ $check = $check && Validator::intVal()->notEmpty()->validate($data['groupSerialId']);
+ $check = $check && Validator::boolType()->validate($data['allowed']);
+ if (!$check) {
+ return $response->withStatus(400)->withJson(['errors' => 'Bad Request']);
+ }
+
+ $group = GroupModel::getById(['id' => $data['groupSerialId'], 'select' => ['group_id']]);
+ $basket = BasketModel::getById(['id' => $data['basketId'], 'select' => [1]]);
+ if (empty($group) || empty($basket)) {
+ return $response->withStatus(400)->withJson(['errors' => 'Group or basket does not exist']);
+ }
+
+ $user = UserModel::getById(['id' => $aArgs['id'], 'select' => ['user_id']]);
+ $groups = UserModel::getGroupsByUserId(['userId' => $user['user_id']]);
+ $groupFound = false;
+ foreach ($groups as $value) {
+ if ($value['id'] == $data['groupSerialId']) {
+ $groupFound = true;
+ }
+ }
+ if (!$groupFound) {
+ return $response->withStatus(400)->withJson(['errors' => 'Group is not linked to this user']);
+ }
+ $groups = BasketModel::getGroups(['id' => $data['basketId']]);
+ $groupFound = false;
+ foreach ($groups as $value) {
+ if ($value['group_id'] == $group['group_id']) {
+ $groupFound = true;
+ }
+ }
+ if (!$groupFound) {
+ return $response->withStatus(400)->withJson(['errors' => 'Group is not linked to this basket']);
+ }
+
+ $preference = UserBasketPreferenceModel::get([
+ 'select' => [1],
+ 'where' => ['user_serial_id = ?', 'group_serial_id = ?', 'basket_id = ?'],
+ 'data' => [$aArgs['id'], $data['groupSerialId'], $data['basketId']]
]);
+ if (!empty($preference)) {
+ return $response->withStatus(400)->withJson(['errors' => 'Preference already exists']);
+ }
+
+ if ($data['allowed']) {
+ $data['userSerialId'] = $aArgs['id'];
+ $data['display'] = 'true';
+ UserBasketPreferenceModel::create($data);
+ } else {
+ UserBasketPreferenceModel::delete([
+ 'where' => ['user_serial_id = ?', 'group_serial_id = ?', 'basket_id = ?'],
+ 'data' => [$aArgs['id'], $data['groupSerialId'], $data['basketId']]
+ ]);
+ }
+
+ return $response->withJson(['success' => 'success']);
}
- public function updateBasketPreference(RequestInterface $request, ResponseInterface $response, $aArgs)
+ public function updateBasketPreference(Request $request, Response $response, array $aArgs)
{
$data = $request->getParams();
- $user = UserModel::getByUserId(['userId' => $_SESSION['user']['UserId'], 'select' => ['id']]);
+ $user = UserModel::getByUserId(['userId' => $GLOBALS['userId'], 'select' => ['id']]);
if(isset($data['color']) && $data['color'] == ''){
UserModel::eraseBasketColor(['id' => $user['id'], 'groupId' => $aArgs['groupId'], 'basketId' => $aArgs['basketId']]);
@@ -789,9 +849,8 @@ class UserController
}
return $response->withJson([
- 'userBaskets' => BasketModel::getRegroupedBasketsByUserId(['userId' => $_SESSION['user']['UserId']])
+ 'userBaskets' => BasketModel::getRegroupedBasketsByUserId(['userId' => $GLOBALS['userId']])
]);
-
}
private function hasUsersRights(array $aArgs)
@@ -811,7 +870,7 @@ class UserController
$error['status'] = 403;
$error['error'] = 'Service forbidden';
}
- if ($_SESSION['user']['UserId'] != 'superadmin') {
+ if ($GLOBALS['userId'] != 'superadmin') {
$entities = EntityModel::getAllEntitiesByUserId(['userId' => $GLOBALS['userId']]);
$users = UserModel::getByEntities([
'select' => ['users.id'],
diff --git a/src/app/user/models/UserBasketPreferenceModel.php b/src/app/user/models/UserBasketPreferenceModel.php
new file mode 100644
index 0000000000000000000000000000000000000000..232c186ebc5bc1fa4b70601bf805676ba6f0e3e7
--- /dev/null
+++ b/src/app/user/models/UserBasketPreferenceModel.php
@@ -0,0 +1,19 @@
+<?php
+
+/**
+ * Copyright Maarch since 2008 under licence GPLv3.
+ * See LICENCE.txt file at the root folder for more details.
+ * This file is part of Maarch software.
+ *
+ */
+
+/**
+ * @brief User Basket Preference Model
+ * @author dev@maarch.org
+ */
+
+namespace User\models;
+
+class UserBasketPreferenceModel extends UserBasketPreferenceModelAbstract
+{
+}
diff --git a/src/app/user/models/UserBasketPreferenceModelAbstract.php b/src/app/user/models/UserBasketPreferenceModelAbstract.php
new file mode 100644
index 0000000000000000000000000000000000000000..82081817e5e0a2cc4d46b4ed98b910a68c0ceb43
--- /dev/null
+++ b/src/app/user/models/UserBasketPreferenceModelAbstract.php
@@ -0,0 +1,69 @@
+<?php
+
+/**
+ * Copyright Maarch since 2008 under licence GPLv3.
+ * See LICENCE.txt file at the root folder for more details.
+ * This file is part of Maarch software.
+ *
+ */
+
+/**
+ * @brief User Basket Preference Model Abstract
+ * @author dev@maarch.org
+ */
+
+namespace User\models;
+
+use SrcCore\models\ValidatorModel;
+use SrcCore\models\DatabaseModel;
+
+class UserBasketPreferenceModelAbstract
+{
+ public static function get(array $aArgs = [])
+ {
+ ValidatorModel::arrayType($aArgs, ['select', 'where', 'data']);
+
+ $aBasketPreferences = DatabaseModel::select([
+ 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
+ 'table' => ['users_baskets_preferences'],
+ 'where' => $aArgs['where'],
+ 'data' => $aArgs['data']
+ ]);
+
+ return $aBasketPreferences;
+ }
+
+ public static function create(array $aArgs)
+ {
+ ValidatorModel::notEmpty($aArgs, ['userSerialId', 'groupSerialId', 'basketId', 'display']);
+ ValidatorModel::stringType($aArgs, ['basketId', 'display', 'color']);
+ ValidatorModel::intVal($aArgs, ['userSerialId', 'groupSerialId']);
+
+ DatabaseModel::insert([
+ 'table' => 'users_baskets_preferences',
+ 'columnsValues' => [
+ 'user_serial_id' => $aArgs['userSerialId'],
+ 'group_serial_id' => $aArgs['groupSerialId'],
+ 'basket_id' => $aArgs['basketId'],
+ 'display' => $aArgs['display'],
+ 'color' => $aArgs['color']
+ ]
+ ]);
+
+ return true;
+ }
+
+ public static function delete(array $aArgs)
+ {
+ ValidatorModel::notEmpty($aArgs, ['where', 'data']);
+ ValidatorModel::arrayType($aArgs, ['where', 'data']);
+
+ DatabaseModel::delete([
+ 'table' => 'users_baskets_preferences',
+ 'where' => $aArgs['where'],
+ 'data' => $aArgs['data']
+ ]);
+
+ return true;
+ }
+}