From 67a4f58436922337e727fd76d1e518a0162746b5 Mon Sep 17 00:00:00 2001
From: Quentin RIBAC <quentin.ribac@xelians.fr>
Date: Thu, 2 Dec 2021 11:53:15 +0100
Subject: [PATCH] FEAT #17436 TIME 0:25 GET/rest/manageablegroups
---
rest/index.php | 1 +
src/app/user/controllers/UserController.php | 37 ++++++++++++++++++++-
2 files changed, 37 insertions(+), 1 deletion(-)
diff --git a/rest/index.php b/rest/index.php
index afbf9d6677..82d9b45571 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -145,6 +145,7 @@ $app->get('/users/{id}/history', \History\controllers\HistoryController::class .
$app->post('/password', \User\controllers\UserController::class . ':forgotPassword');
$app->put('/password', \User\controllers\UserController::class . ':updateForgottenPassword');
$app->put('/users/{id}/accountActivationNotification', \User\controllers\UserController::class . ':sendAccountActivationNotification');
+$app->get('/manageablegroups', \User\controllers\UserController::class . ':getManageableGroupsREST');
//Search
$app->post('/search/documents', \Search\controllers\SearchController::class . ':getDocuments');
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index b24c49658f..cd84d7776d 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -21,6 +21,7 @@ use Email\controllers\EmailController;
use Firebase\JWT\JWT;
use Group\controllers\PrivilegeController;
use Group\models\GroupModel;
+use Group\models\GroupPrivilegeModel;
use History\controllers\HistoryController;
use Respect\Validation\Validator;
use Slim\Http\Request;
@@ -28,7 +29,6 @@ use Slim\Http\Response;
use SrcCore\controllers\AuthenticationController;
use SrcCore\controllers\LanguageController;
use SrcCore\controllers\PasswordController;
-use SrcCore\controllers\UrlController;
use SrcCore\models\AuthenticationModel;
use SrcCore\models\CoreConfigModel;
use SrcCore\models\PasswordModel;
@@ -760,6 +760,17 @@ class UserController
return $response->withStatus(204);
}
+ public function getManageableGroupsREST(Request $request, Response $response)
+ {
+ if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_users'])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
+ }
+
+ $manageableGroups = UserController::getManageableGroups(['userId' => $GLOBALS['id']]);
+
+ return $response->withStatus(200)->withJson(['groups' => $manageableGroups]);
+ }
+
public static function getUserInformationsById(array $args)
{
ValidatorModel::notEmpty($args, ['id']);
@@ -802,4 +813,28 @@ class UserController
return $user;
}
+
+ public static function getManageableGroups(array $args)
+ {
+ ValidatorModel::notEmpty($args, ['userId']);
+ ValidatorModel::intVal($args, ['userId']);
+
+ if (PrivilegeController::hasPrivilege(['userId' => $args['userId'], 'privilege' => 'manage_groups'])) {
+ $groups = GroupModel::get(['select' => ['id']]);
+ $groups = array_column($groups, 'id');
+ return $groups;
+ }
+
+ $groups = UserGroupModel::get(['select' => ['group_id'], 'where' => ['user_id = ?'], 'data' => [$args['userId']]]);
+
+ $manageableGroups = [];
+ foreach ($groups as $group) {
+ $privilege = GroupPrivilegeModel::getPrivileges(['select' => ['parameters'], 'where' => ['group_id = ?', 'privilege = ?'], 'data' => [$group['group_id'], 'manage_users']]);
+ $parameters = empty($privilege[0]['parameters']) ? [] : json_decode($privilege[0]['parameters'], true);
+ $currentGroups = $parameters['authorized'] ?? [];
+ $manageableGroups = array_merge($manageableGroups, $currentGroups);
+ }
+
+ return array_unique($manageableGroups);
+ }
}
--
GitLab