From 83c03f8bb7ce9bb442edf74cba8239430ad4356a Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Fri, 21 Jun 2019 10:40:06 +0100
Subject: [PATCH] FEAT #10733 TIME 1:45 wip get, getbyid, create, delete groups
---
lang/en.json | 6 +-
lang/fr.json | 4 +-
rest/index.php | 6 +
src/app/group/controllers/GroupController.php | 110 ++++++++++++++++++
.../group/controllers/PrivilegeController.php | 10 +-
src/app/group/models/GroupModel.php | 50 ++++++++
src/app/group/models/GroupPrivilegeModel.php | 52 +++++++++
src/app/user/models/UserGroupModel.php | 36 +++---
8 files changed, 250 insertions(+), 24 deletions(-)
create mode 100644 src/app/group/controllers/GroupController.php
create mode 100644 src/app/group/models/GroupPrivilegeModel.php
diff --git a/lang/en.json b/lang/en.json
index 986076ffc8..e9deb82057 100755
--- a/lang/en.json
+++ b/lang/en.json
@@ -152,7 +152,7 @@
"noteUser": "Note user",
"mainDocument": "main document",
"search": "Search",
- "substitute": "Substitue user",
+ "substitute": "Substitute user",
"substitution": "Substitution",
"signSubstituted": "Signatures to substitute",
"chooseSubstitute": "Choose a substitute",
@@ -186,6 +186,8 @@
"sessionExpired": "Session expired, please login again",
"warnPrivateKeyTitle": "The private key is not updated !",
"warnPrivateKey": "This cause security issues",
- "ok": "Ok"
+ "ok": "Ok",
+ "groupAdded" : "Group added",
+ "groupdeleted" : "Group deleted"
}
}
diff --git a/lang/fr.json b/lang/fr.json
index 287348fa43..576517331e 100755
--- a/lang/fr.json
+++ b/lang/fr.json
@@ -188,7 +188,9 @@
"sessionExpired": "La session a expirée, veuillez vous reconnecter",
"warnPrivateKeyTitle": "La clé privé de cryptage n'a pas été modifié !",
"warnPrivateKey": "Cela compromet la sécurité de l'application.",
- "ok": "J'ai compris"
+ "ok": "J'ai compris",
+ "groupAdded" : "Groupe ajouté",
+ "groupdeleted" : "Groupe supprimé"
}
}
diff --git a/rest/index.php b/rest/index.php
index 7d1733f808..d0dab6fd5e 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -80,6 +80,12 @@ $app->get('/passwordRules', \SrcCore\controllers\PasswordController::class . ':g
//Privileges
$app->get('/administrativePrivileges', \Group\controllers\PrivilegeController::class . ':getAdministrativePrivilegesByUser');
+//Groups
+$app->post('/groups', \Group\controllers\GroupController::class . ':create');
+$app->get('/groups', \Group\controllers\GroupController::class . ':get');
+$app->get('/groups/{id}', \Group\controllers\GroupController::class . ':getById');
+$app->delete('/groups/{id}', \Group\controllers\GroupController::class . ':delete');
+
//Users
$app->post('/users', \User\controllers\UserController::class . ':create');
$app->get('/users', \User\controllers\UserController::class . ':get');
diff --git a/src/app/group/controllers/GroupController.php b/src/app/group/controllers/GroupController.php
new file mode 100644
index 0000000000..e775794912
--- /dev/null
+++ b/src/app/group/controllers/GroupController.php
@@ -0,0 +1,110 @@
+<?php
+
+/**
+* Copyright Maarch since 2008 under licence GPLv3.
+* See LICENCE.txt file at the root folder for more details.
+* This file is part of Maarch software.
+*
+*/
+
+/**
+* @brief Privilege Controller
+* @author dev@maarch.org
+*/
+
+namespace Group\controllers;
+
+use Group\controllers\PrivilegeController;
+use Group\models\GroupModel;
+use History\controllers\HistoryController;
+use Respect\Validation\Validator;
+use Slim\Http\Request;
+use Slim\Http\Response;
+use User\models\UserGroupModel;
+use Group\models\GroupPrivilegeModel;
+
+class GroupController
+{
+ public function get(Request $request, Response $response)
+ {
+ if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
+ }
+
+ $groups = GroupModel::get([]);
+
+ return $response->withJson(['groups' => $groups]);
+ }
+
+ public function create(Request $request, Response $response)
+ {
+ if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
+ }
+
+ $body = $request->getParsedBody();
+
+ if (empty($body)) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body is not set or empty']);
+ } elseif (!Validator::stringType()->notEmpty()->length(1, 128)->validate($body['label'])) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body label is empty or not a string or longer than 128 caracteres']);
+ }
+
+ $id = GroupModel::create(['label' => $body['label']]);
+
+ HistoryController::add([
+ 'code' => 'OK',
+ 'objectType' => 'groups',
+ 'objectId' => $id,
+ 'type' => 'CREATION',
+ 'message' => "{groupAdded} : {$body['label']}"
+ ]);
+
+ return $response->withJson(['id' => $id]);
+ }
+
+ public function delete(Request $request, Response $response, $aArgs)
+ {
+ if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
+ }
+
+ $group = GroupModel::getById(['id' => $aArgs['id']]);
+ if (empty($group)) {
+ return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
+ }
+
+ UserGroupModel::delete(['where' => ['group_id = ?'], 'data' => [$aArgs['id']]]);
+ GroupPrivilegeModel::delete(['where' => ['group_id = ?'], 'data' => [$aArgs['id']]]);
+ GroupModel::delete(['where' => ['id = ?'], 'data' => [$aArgs['id']]]);
+
+ HistoryController::add([
+ 'code' => 'OK',
+ 'objectType' => 'groups',
+ 'objectId' => $aArgs['id'],
+ 'type' => 'DELETE',
+ 'message' => "{groupdeleted} : {$group['label']}"
+ ]);
+
+ return $response->withStatus(204);
+ }
+
+ public function getById(Request $request, Response $response, array $aArgs)
+ {
+ if (!PrivilegeController::hasPrivilege(['userId' => $GLOBALS['id'], 'privilege' => 'manage_groups'])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+ }
+
+ $group = GroupModel::getById(['id' => $aArgs['id']]);
+ if (empty($group)) {
+ return $response->withStatus(400)->withJson(['errors' => 'Group not found']);
+ }
+
+ $group['users'] = UserGroupModel::getByGroupId([
+ 'id' => $group['id'],
+ 'select' => ['users.id', 'users.firstname', 'users.lastname']
+ ]);
+
+ return $response->withJson(['group' => $group]);
+ }
+}
diff --git a/src/app/group/controllers/PrivilegeController.php b/src/app/group/controllers/PrivilegeController.php
index 8a35b9939f..696aa96889 100755
--- a/src/app/group/controllers/PrivilegeController.php
+++ b/src/app/group/controllers/PrivilegeController.php
@@ -18,12 +18,14 @@ use Slim\Http\Request;
use Slim\Http\Response;
use SrcCore\models\ValidatorModel;
use User\models\UserGroupModel;
+use Group\models\GroupPrivilegeModel;
class PrivilegeController
{
const PRIVILEGES = [
['id' => 'manage_users', 'type' => 'admin', 'icon' => 'fa fa-user', 'route' => '/administration/users'],
- ['id' => 'manage_ldap_configurations', 'type' => 'admin', 'icon' => 'fas fa-database', 'route' => '/administration/ldaps'],
+ ['id' => 'manage_groups', 'type' => 'admin', 'icon' => 'fa fa-users', 'route' => '/administration/groups'],
+ ['id' => 'manage_ldap_configurations', 'type' => 'admin', 'icon' => 'fas fa-database', 'route' => '/administration/ldaps'],
['id' => 'manage_email_configuration', 'type' => 'admin', 'icon' => 'fa fa-paper-plane', 'route' => '/administration/configuration'],
['id' => 'manage_documents', 'type' => 'simple']
];
@@ -36,7 +38,7 @@ class PrivilegeController
$administrativePrivileges = [];
if (!empty($allGroups)) {
- $privileges = UserGroupModel::getPrivileges(['select' => ['privilege'], 'where' => ['group_id in (?)'], 'data' => [$allGroups]]);
+ $privileges = GroupPrivilegeModel::getPrivileges(['select' => ['privilege'], 'where' => ['group_id in (?)'], 'data' => [$allGroups]]);
$privileges = array_column($privileges, 'privilege');
if (!empty($privileges)) {
@@ -60,7 +62,7 @@ class PrivilegeController
$groups = UserGroupModel::get(['select' => ['group_id'], 'where' => ['user_id = ?'], 'data' => [$args['userId']]]);
foreach ($groups as $group) {
- $privilege = UserGroupModel::getPrivileges(['select' => [1], 'where' => ['group_id = ?', 'privilege = ?'], 'data' => [$group['group_id'], $args['privilege']]]);
+ $privilege = GroupPrivilegeModel::getPrivileges(['select' => [1], 'where' => ['group_id = ?', 'privilege = ?'], 'data' => [$group['group_id'], $args['privilege']]]);
if (!empty($privilege)) {
return true;
}
@@ -79,7 +81,7 @@ class PrivilegeController
$allGroups = array_column($groups, 'group_id');
if (!empty($allGroups)) {
- $privileges = UserGroupModel::getPrivileges(['select' => ['privilege'], 'where' => ['group_id in (?)'], 'data' => [$allGroups]]);
+ $privileges = GroupPrivilegeModel::getPrivileges(['select' => ['privilege'], 'where' => ['group_id in (?)'], 'data' => [$allGroups]]);
$privileges = array_column($privileges, 'privilege');
if (!empty($privileges)) {
diff --git a/src/app/group/models/GroupModel.php b/src/app/group/models/GroupModel.php
index 6edb897722..e979b2d1a7 100755
--- a/src/app/group/models/GroupModel.php
+++ b/src/app/group/models/GroupModel.php
@@ -35,4 +35,54 @@ class GroupModel
return $groups;
}
+
+ public static function getById(array $aArgs)
+ {
+ ValidatorModel::notEmpty($aArgs, ['id']);
+ ValidatorModel::intVal($aArgs, ['id']);
+ ValidatorModel::arrayType($aArgs, ['select']);
+
+ $group = GroupModel::get([
+ 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
+ 'where' => ['id = ?'],
+ 'data' => [$aArgs['id']]
+ ]);
+
+ if (!empty($group)) {
+ return $group[0];
+ }
+
+ return [];
+ }
+
+ public static function create(array $aArgs)
+ {
+ ValidatorModel::notEmpty($aArgs, ['label']);
+ ValidatorModel::stringType($aArgs, ['label']);
+
+ $nextSequenceId = DatabaseModel::getNextSequenceValue(['sequenceId' => 'groups_id_seq']);
+ DatabaseModel::insert([
+ 'table' => 'groups',
+ 'columnsValues' => [
+ 'id' => $nextSequenceId,
+ 'label' => $aArgs['label']
+ ]
+ ]);
+
+ return $nextSequenceId;
+ }
+
+ public static function delete(array $args)
+ {
+ ValidatorModel::notEmpty($args, ['where', 'data']);
+ ValidatorModel::arrayType($args, ['where', 'data']);
+
+ DatabaseModel::delete([
+ 'table' => 'groups',
+ 'where' => $args['where'],
+ 'data' => $args['data']
+ ]);
+
+ return true;
+ }
}
diff --git a/src/app/group/models/GroupPrivilegeModel.php b/src/app/group/models/GroupPrivilegeModel.php
new file mode 100644
index 0000000000..f00d67e469
--- /dev/null
+++ b/src/app/group/models/GroupPrivilegeModel.php
@@ -0,0 +1,52 @@
+<?php
+
+/**
+* Copyright Maarch since 2008 under licence GPLv3.
+* See LICENCE.txt file at the root folder for more details.
+* This file is part of Maarch software.
+*
+*/
+
+/**
+* @brief Group Model
+* @author dev@maarch.org
+*/
+
+namespace Group\models;
+
+use SrcCore\models\DatabaseModel;
+use SrcCore\models\ValidatorModel;
+
+class GroupPrivilegeModel
+{
+ public static function delete(array $args)
+ {
+ ValidatorModel::notEmpty($args, ['where', 'data']);
+ ValidatorModel::arrayType($args, ['where', 'data']);
+
+ DatabaseModel::delete([
+ 'table' => 'groups_privileges',
+ 'where' => $args['where'],
+ 'data' => $args['data']
+ ]);
+
+ return true;
+ }
+
+ public static function getPrivileges(array $aArgs)
+ {
+ ValidatorModel::arrayType($aArgs, ['select', 'where', 'data', 'orderBy']);
+ ValidatorModel::intType($aArgs, ['limit']);
+
+ $groupsPrivileges = DatabaseModel::select([
+ 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
+ 'table' => ['groups_privileges'],
+ 'where' => empty($aArgs['where']) ? [] : $aArgs['where'],
+ 'data' => empty($aArgs['data']) ? [] : $aArgs['data'],
+ 'orderBy' => empty($aArgs['orderBy']) ? [] : $aArgs['orderBy'],
+ 'limit' => empty($aArgs['limit']) ? 0 : $aArgs['limit']
+ ]);
+
+ return $groupsPrivileges;
+ }
+}
diff --git a/src/app/user/models/UserGroupModel.php b/src/app/user/models/UserGroupModel.php
index 4557170777..08ade7bf6b 100755
--- a/src/app/user/models/UserGroupModel.php
+++ b/src/app/user/models/UserGroupModel.php
@@ -36,6 +36,25 @@ class UserGroupModel
return $usersGroups;
}
+ public static function getByGroupId(array $aArgs)
+ {
+ ValidatorModel::notEmpty($aArgs, ['id']);
+ ValidatorModel::arrayType($aArgs, ['select', 'orderBy']);
+ ValidatorModel::intType($aArgs, ['id']);
+
+ $usersGroups = DatabaseModel::select([
+ 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
+ 'table' => ['users_groups', 'users'],
+ 'where' => ['group_id = ?'],
+ 'data' => [$aArgs['id']],
+ 'left_join' => ['users.id = users_groups.user_id'],
+ 'orderBy' => empty($aArgs['orderBy']) ? [] : $aArgs['orderBy'],
+ 'limit' => empty($aArgs['limit']) ? 0 : $aArgs['limit']
+ ]);
+
+ return $usersGroups;
+ }
+
public static function delete(array $args)
{
ValidatorModel::notEmpty($args, ['where', 'data']);
@@ -49,21 +68,4 @@ class UserGroupModel
return true;
}
-
- public static function getPrivileges(array $aArgs)
- {
- ValidatorModel::arrayType($aArgs, ['select', 'where', 'data', 'orderBy']);
- ValidatorModel::intType($aArgs, ['limit']);
-
- $groupsPrivileges = DatabaseModel::select([
- 'select' => empty($aArgs['select']) ? ['*'] : $aArgs['select'],
- 'table' => ['groups_privileges'],
- 'where' => empty($aArgs['where']) ? [] : $aArgs['where'],
- 'data' => empty($aArgs['data']) ? [] : $aArgs['data'],
- 'orderBy' => empty($aArgs['orderBy']) ? [] : $aArgs['orderBy'],
- 'limit' => empty($aArgs['limit']) ? 0 : $aArgs['limit']
- ]);
-
- return $groupsPrivileges;
- }
}
--
GitLab