From eb420fd459e8f0df40b709f5719b3ad47ace4a64 Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Thu, 27 Jun 2019 11:03:18 +0200
Subject: [PATCH] FEAT Administrative privileges in token
---
.../group/controllers/PrivilegeController.php | 42 ++++++++++---------
src/app/user/controllers/UserController.php | 7 ++--
2 files changed, 26 insertions(+), 23 deletions(-)
diff --git a/src/app/group/controllers/PrivilegeController.php b/src/app/group/controllers/PrivilegeController.php
index 1ad6664e28..1c34b1af97 100755
--- a/src/app/group/controllers/PrivilegeController.php
+++ b/src/app/group/controllers/PrivilegeController.php
@@ -30,6 +30,7 @@ class PrivilegeController
['id' => 'manage_documents', 'type' => 'simple']
];
+ //TODO remove after token
public function getAdministrativePrivilegesByUser(Request $request, Response $response)
{
$groups = UserGroupModel::get(['select' => ['group_id'], 'where' => ['user_id = ?'], 'data' => [$GLOBALS['id']]]);
@@ -53,25 +54,7 @@ class PrivilegeController
return $response->withJson(['privileges' => $administrativePrivileges]);
}
- public static function hasPrivilege(array $args)
- {
- ValidatorModel::notEmpty($args, ['userId', 'privilege']);
- ValidatorModel::intVal($args, ['userId']);
- ValidatorModel::stringType($args, ['privilege']);
-
- $groups = UserGroupModel::get(['select' => ['group_id'], 'where' => ['user_id = ?'], 'data' => [$args['userId']]]);
-
- foreach ($groups as $group) {
- $privilege = GroupPrivilegeModel::getPrivileges(['select' => [1], 'where' => ['group_id = ?', 'privilege = ?'], 'data' => [$group['group_id'], $args['privilege']]]);
- if (!empty($privilege)) {
- return true;
- }
- }
-
- return false;
- }
-
- public static function hasAdmin(array $args)
+ public static function getAdministrativePrivilegesByUserId(array $args)
{
ValidatorModel::notEmpty($args, ['userId']);
ValidatorModel::intVal($args, ['userId']);
@@ -80,6 +63,7 @@ class PrivilegeController
$allGroups = array_column($groups, 'group_id');
+ $administrativePrivileges = [];
if (!empty($allGroups)) {
$privileges = GroupPrivilegeModel::getPrivileges(['select' => ['privilege'], 'where' => ['group_id in (?)'], 'data' => [$allGroups]]);
$privileges = array_column($privileges, 'privilege');
@@ -87,12 +71,30 @@ class PrivilegeController
if (!empty($privileges)) {
foreach (PrivilegeController::PRIVILEGES as $value) {
if ($value['type'] == 'admin' && in_array($value['id'], $privileges)) {
- return true;
+ $administrativePrivileges[] = $value;
}
}
}
}
+ return $administrativePrivileges;
+ }
+
+ public static function hasPrivilege(array $args)
+ {
+ ValidatorModel::notEmpty($args, ['userId', 'privilege']);
+ ValidatorModel::intVal($args, ['userId']);
+ ValidatorModel::stringType($args, ['privilege']);
+
+ $groups = UserGroupModel::get(['select' => ['group_id'], 'where' => ['user_id = ?'], 'data' => [$args['userId']]]);
+
+ foreach ($groups as $group) {
+ $privilege = GroupPrivilegeModel::getPrivileges(['select' => [1], 'where' => ['group_id = ?', 'privilege = ?'], 'data' => [$group['group_id'], $args['privilege']]]);
+ if (!empty($privilege)) {
+ return true;
+ }
+ }
+
return false;
}
}
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index 869bd3f145..90c9b834ad 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -531,9 +531,10 @@ class UserController
}
if ($GLOBALS['id'] == $args['id']) {
- $user['preferences'] = json_decode($user['preferences'], true);
- $user['availableLanguages'] = LanguageController::getAvailableLanguages();
- $user['hasAdmin'] = PrivilegeController::hasAdmin(['userId' => $args['id']]);
+ $user['preferences'] = json_decode($user['preferences'], true);
+ $user['availableLanguages'] = LanguageController::getAvailableLanguages();
+ $user['administrativePrivileges'] = PrivilegeController::getAdministrativePrivilegesByUserId(['userId' => $args['id']]);
+ $user['hasAdmin'] = !empty($user['administrativePrivileges']);
}
return $user;
--
GitLab