Commit 92acc9fe1235ab07235a9147638a5ec3e62ed4b7
1 parent
da7f42f6
Exists in
master
and in
1 other branch
Harmonisation (v3.7.9.26)
- shortcuts dans AppController (donc disponible pour TOUS les controleurs) : - $this->u = user courant - $this->e = entité courante - $this->e_id = id de l'entité courante - $this->a = action en cours - $this->c = controleur en cours (?) - $this->getEntity($id=null) // id=null si matos courant - harmonisation des noms de méthodes pour MaterielsController : - $this->isCreated($id=null) // id=null si matos courant - $this->belongsToUser($username, $id=null) // id=null si matos courant et $this->belongsToCurrentUser($id=null) // id=null si matos courant - $this->isSameGroupAsUser($userlogin, $id=null) // id=null si matos courant et $this->isSameGroupAsCurrentUser($id=null) // // id=null si matos courant - harmonisation des méthodes dans entité Materiel (Entity) : - is_created, is_validated, is_tobearchived, is_archived - belongsToUser($username) // owned or declared by user - isSameGroupAsUser($usergroup1, $usergroup2) // is same group as user groups - ... - poursuite généralisation utilisation de la fonction isAuthorizedAction() partout où on a besoin de connaitre les droits d'un user (view, index, ...)
Showing
9 changed files
with
293 additions
and
137 deletions
Show diff stats
README.md
... | ... | @@ -53,16 +53,31 @@ Logiciel testé et validé sur les configurations suivantes : |
53 | 53 | |
54 | 54 | VERSION ACTUELLE |
55 | 55 | |
56 | -Date: 05/05/2020 | |
57 | -Version: 3.7.9.25 | |
56 | +Date: 07/05/2020 | |
57 | +Version: 3.7.9.26 | |
58 | 58 | Author: EP |
59 | 59 | Commentaire: |
60 | 60 | Diverses améliorations, simplifications, refactorisations, optimisations : |
61 | - - LOG : ajout de messages log sur actions importantes (add, edit, delete, ...) | |
62 | - - SIMPLIFICATION : Suppression des valeurs "N/A" (inutile et pose des problèmes) dans 4 tables : groupes_thematiques, groupes_metiers, sites, et type_documents | |
63 | - => remplacement des liens vers ces champs par NULL dans tables materiels, suivis, emprunts, et documents !!! | |
64 | - - Utilisation __toString() pour afficher une entité rapidement avec echo $entity | |
65 | - - bugfix ACLs isAuthorizedAction() de Materiels => début de généralisation de l'utilisation de cette fonction partout où on a besoin de connaitre les droits d'un user (view, index, ...) | |
61 | + Harmonisation : | |
62 | + - shortcuts dans AppController (donc disponible pour TOUS les controleurs) : | |
63 | + - $this->u = user courant | |
64 | + - $this->e = entité courante | |
65 | + - $this->e_id = id de l'entité courante | |
66 | + - $this->a = action en cours | |
67 | + - $this->c = controleur en cours (?) | |
68 | + - $this->getEntity($id=null) // id=null si matos courant | |
69 | + - harmonisation des noms de méthodes pour MaterielsController : | |
70 | + - $this->isCreated($id=null) // id=null si matos courant | |
71 | + - $this->belongsToUser($username, $id=null) // id=null si matos courant | |
72 | + et $this->belongsToCurrentUser($id=null) // id=null si matos courant | |
73 | + - $this->isSameGroupAsUser($userlogin, $id=null) // id=null si matos courant | |
74 | + et $this->isSameGroupAsCurrentUser($id=null) // // id=null si matos courant | |
75 | + - harmonisation des méthodes dans entité Materiel (Entity) : | |
76 | + - is_created, is_validated, is_tobearchived, is_archived | |
77 | + - belongsToUser($username) // owned or declared by user | |
78 | + - isSameGroupAsUser($usergroup1, $usergroup2) // is same group as user groups | |
79 | + - ... | |
80 | + - poursuite généralisation utilisation de la fonction isAuthorizedAction() partout où on a besoin de connaitre les droits d'un user (view, index, ...) | |
66 | 81 | |
67 | 82 | IMPORTANT : |
68 | 83 | - Pour connaitre la version actuelle, taper "./VERSION" | ... | ... |
src/Controller/AppController.php
... | ... | @@ -66,15 +66,46 @@ class AppController extends Controller |
66 | 66 | protected $SUPERADMIN_CAN_DO_EVERYTHING = false; // (prod) Par défaut (false), il se comporte un peu comme ADMIN |
67 | 67 | //protected $SUPERADMIN_CAN_DO_EVERYTHING = true; // (dev only) no limit, peut TOUT faire (attention, pas en prod svp !!!) |
68 | 68 | |
69 | - protected $confLabinvent; | |
70 | - protected $action; | |
71 | - protected $entity; | |
72 | - protected $entity_id; | |
69 | + protected $confLabinvent = null; | |
70 | + | |
71 | + // Le Controleur courant | |
72 | + protected $c = null; | |
73 | + | |
74 | + // L'Action courante | |
75 | + //protected $action = null; | |
76 | + protected $a = null; | |
77 | + | |
78 | + /* La table courante (objet Table) | |
79 | + * | |
80 | + * $t = TableRegistry::getTableLocator()->get('Materiels'); (ou autre entité telle que 'Suivis' par exemple...) | |
81 | + * | |
82 | + */ | |
83 | + protected $t = null; | |
84 | + | |
85 | + /* L'entité courante (objet Entity) | |
86 | + * | |
87 | + * $e = $t->newEntity(); | |
88 | + * ou encore | |
89 | + * $e = $t->get(12); | |
90 | + * ou encore | |
91 | + * $e = $t->find(...)->first(); | |
92 | + * ou encore | |
93 | + * $e = $t->find(...)->last(); | |
94 | + * ... | |
95 | + */ | |
96 | + //protected $entity =null; | |
97 | + protected $e = null; // remplace $entity | |
98 | + | |
99 | + // id de l'entité courante (shortcut pour $this->e->id) | |
100 | + //protected $entity_id = null; | |
101 | + protected $e_id = null; // remplace $entity_id | |
102 | + | |
103 | + // L'utilisateur courant (objet User Entity) | |
73 | 104 | // Current (priviledged) USER (if so, otherwise = NULL) from DB (Entity class) |
74 | 105 | //private $CURRENT_PRIVILEDGED_USER = null; |
75 | - protected $current_user_entity = null; | |
106 | + //protected $current_user_entity = null; | |
107 | + protected $u = null; // remplace $current_user_entity | |
76 | 108 | protected $userName = null; |
77 | - | |
78 | 109 | // Current ROLE (by default = "Utilisateur") |
79 | 110 | private $CURRENT_ROLE = null; |
80 | 111 | |
... | ... | @@ -386,7 +417,8 @@ class AppController extends Controller |
386 | 417 | /* (EP 20200428) |
387 | 418 | * |
388 | 419 | * Méthode pour optimiser les accès à la BD. |
389 | - * Retourne l'entité concernée par l'action. | |
420 | + * Retourne l'entité dont l'id est $id (en la mettant en cache pour éviter de la rechercher 2 fois) | |
421 | + * Si $id = null => retourne l'entité courante ($this->e) (entité concernée par l'action en cours) | |
390 | 422 | * |
391 | 423 | * Cette méthode ne doit être appelée que lorsque c'est approprié |
392 | 424 | * (actions 'edit', 'view', ..., mais pas 'add', 'find', 'index', ...) |
... | ... | @@ -395,37 +427,61 @@ class AppController extends Controller |
395 | 427 | * Optimisation : l'entité n'est récupérée dans la BD qu'une seule fois pour toutes |
396 | 428 | * |
397 | 429 | */ |
430 | + // PHP7 only | |
431 | + //protected function getEntity($id=null) : Entity { | |
432 | + // PHP>=5 | |
398 | 433 | protected function getEntity($id=null) { |
399 | 434 | // Si pas d'id => exception (stop) |
400 | - //assert($this->entity_id>0); | |
401 | - if (!$this->entity_id && !$id) throw new \Exception(__("cette methode doit etre appelée avec un id déjà positionné !!!")); | |
402 | - | |
403 | - // Si l'entité actuellement en mémoire n'est pas la bonne, la mettre à null pour obliger à la recharger | |
404 | - if ($id && $this->entity && $this->entity->id != $id) $this->entity = null; | |
405 | - | |
406 | - // Les 3 sont possibles | |
407 | - //$model = $this->request->getParam('controller'); // ex: Materiels | |
408 | - //$model = $this->name; // ex: Materiels | |
409 | - $model = $this->modelClass; // ex: Materiels | |
410 | - | |
411 | - /* | |
412 | - debug("model2"); | |
413 | - $model = $this->$model; | |
414 | - debug($model); | |
415 | - */ | |
416 | - | |
417 | - //ex: if (! $this->entity) $this->entity = $this->Materiels->get($this->entity_id); | |
418 | - if (!$this->entity) $this->entity = $this->$model->get($this->entity_id); | |
435 | + //assert($this->e_id>0); | |
436 | + if (!$this->e_id && !$id) throw new \Exception(__("cette methode doit etre appelée avec un id déjà positionné !!!")); | |
437 | + | |
438 | + // Par défaut id = id de l'entité courante | |
439 | + if (is_null($id)) $id = $this->e_id; | |
440 | + | |
441 | + // Si l'entité courante n'est pas la bonne, la mettre à null pour obliger à la recharger | |
442 | + //if ($id && $this->e && $this->e->id!=$id) $this->e = null; | |
443 | + //if ($id && $this->e && $this->e_id!=$id) $this->e = null; | |
444 | + if ($this->e && $this->e_id!=$id) $this->e = null; | |
445 | + | |
446 | + if (!$this->e) { | |
447 | + // Les 3 sont possibles | |
448 | + //$model = $this->request->getParam('controller'); // ex: Materiels | |
449 | + //$model = $this->name; // ex: Materiels | |
450 | + $model = $this->modelClass; // ex: Materiels | |
451 | + /* | |
452 | + debug("model2"); | |
453 | + $model = $this->$model; | |
454 | + debug($model); | |
455 | + */ | |
456 | + //ex: if (! $this->e) $this->e = $this->Materiels->get($this->e_id); | |
457 | + //$this->e = $this->$model->get($this->e_id); | |
458 | + $this->e = $this->$model->get($id); | |
459 | + $this->e_id = $this->e->id; | |
460 | + } | |
419 | 461 | /* |
420 | 462 | * Avec les entités associées : |
421 | - if (! $this->entity) $this->entity = $this->$model->get($this->entity_id, [ | |
463 | + if (! $this->e) $this->e = $this->$model->get($this->e_id, [ | |
422 | 464 | 'contain' => ['Comments'] |
423 | 465 | ]); |
424 | 466 | */ |
425 | - //debug($this->entity); | |
426 | - return $this->entity; | |
467 | + //debug($this->e); | |
468 | + return $this->e; | |
427 | 469 | } |
428 | 470 | |
471 | + | |
472 | + public function getUsersTable() { return TableRegistry::getTableLocator()->get('Users'); } | |
473 | + // Retourne l'entity User qui a le login $userlogin ("epallier") | |
474 | + public function getUserByLogin($userlogin) { | |
475 | + if ($this->u && $this->u->username == $userlogin) return $this->u; | |
476 | + //return $users->find()->where(['username' => $userlogin])->first(); | |
477 | + return $this->getUsersTable()->findByUsername($userlogin); | |
478 | + } | |
479 | + // Retourne l'entity User qui a le nom complet $fullname ("Pallier Etienne") | |
480 | + public function getUserByFullname($fullname) { | |
481 | + if ($this->u && $this->u->nom == $fullname) return $this->u; | |
482 | + //return $users->find()->where(['username' => $userlogin])->first(); | |
483 | + return $this->getUsersTable()->findByNom($fullname); | |
484 | + } | |
429 | 485 | |
430 | 486 | /** |
431 | 487 | * (EP) |
... | ... | @@ -512,14 +568,14 @@ class AppController extends Controller |
512 | 568 | |
513 | 569 | // error_log($action); |
514 | 570 | //$this->myDebug("- action is $action"); |
515 | - $this->myDebug("- action is $this->action"); | |
571 | + $this->myDebug("- action is $this->a"); | |
516 | 572 | |
517 | 573 | // On autorise ou pas l’action demandée : |
518 | 574 | // - Super-Admin peut accéder à toutes les actions |
519 | 575 | //if ($role == 'Super Administrateur') return true; |
520 | 576 | if ($this->USER_IS_SUPERADMIN) return true; |
521 | 577 | // - Actions générales accessibles à TOUS les roles (profils), pour TOUT controleur |
522 | - if (in_array($this->action, [ | |
578 | + if (in_array($this->a, [ | |
523 | 579 | 'index', |
524 | 580 | 'view', |
525 | 581 | 'add', |
... | ... | @@ -564,7 +620,7 @@ class AppController extends Controller |
564 | 620 | } |
565 | 621 | public function getUserEntity($user = null) { |
566 | 622 | //if (! $this->CURRENT_PRIVILEDGED_USER) { |
567 | - if (! $this->current_user_entity) { | |
623 | + if (! $this->u) { | |
568 | 624 | $configuration = $this->confLabinvent; |
569 | 625 | $ldapAuthType = $configuration->ldap_authenticationType; |
570 | 626 | $username = $user ? $user[$ldapAuthType] : $this->LdapAuth->user($ldapAuthType); |
... | ... | @@ -575,9 +631,9 @@ class AppController extends Controller |
575 | 631 | ->first(); |
576 | 632 | // ->where(['username' => $this->LdapAuth->user('cn')[0]]) |
577 | 633 | // if (! $priviledgedUser) $priviledgedUser = "Unpriviledged User (not in table utilisateurs)"; |
578 | - $this->current_user_entity = $priviledgedUser; | |
634 | + $this->u = $priviledgedUser; | |
579 | 635 | } |
580 | - return $this->current_user_entity; | |
636 | + return $this->u; | |
581 | 637 | } |
582 | 638 | |
583 | 639 | public function getUserRole($user = null) |
... | ... | @@ -804,22 +860,25 @@ class AppController extends Controller |
804 | 860 | // Affichages pour debug |
805 | 861 | //pr($event); |
806 | 862 | $this->myDebug("step 1B (general): AppController.beforeFilter()"); |
863 | + | |
807 | 864 | $controllerName = $this->request->getParam('controller'); |
808 | 865 | $this->myDebug("- controller passed : $controllerName"); |
866 | + | |
809 | 867 | $passedArgs = $this->request->getParam('pass'); |
810 | 868 | $this->myDebug("- args passed : ", $passedArgs); |
869 | + | |
811 | 870 | $query = $this->request->getQueryParams(); |
812 | 871 | $this->myDebug("- query passed : ", $query); |
813 | 872 | |
814 | 873 | // Initialisations pour la suite |
815 | 874 | // - L'entité concernée par l'action |
816 | 875 | // Par défaut null car certaines actions n'ont pas d'entité (ex : 'add', 'find', 'index', ...) |
817 | - $this->entity = null; | |
876 | + $this->e = null; | |
818 | 877 | // - L'action demandée et son id le cas échéant (nul par défaut, égal 0) |
819 | - $this->action = $this->getActionPassed(); | |
820 | - $this->myDebug("- action passed : ".$this->action); | |
821 | - $this->entity_id = $this->getIdPassed(); | |
822 | - $this->myDebug("- id passed : ".$this->action); | |
878 | + $this->a = $this->getActionPassed(); | |
879 | + $this->myDebug("- action passed : ".$this->a); | |
880 | + $this->e_id = $this->getIdPassed(); | |
881 | + $this->myDebug("- id passed : ".$this->a); | |
823 | 882 | |
824 | 883 | parent::beforeFilter($event); |
825 | 884 | |
... | ... | @@ -867,11 +926,11 @@ class AppController extends Controller |
867 | 926 | // ATTENTION, $priviledgedUser = NULL si l'utilisateur courant n'est pas un utilisateur privilégié |
868 | 927 | // (c'est à dire s'il n'est pas dans la table "utilisateurs") |
869 | 928 | //$this->priviledgedUser = $this->getTablePriviledgedUserFromCurrentSessionUserIfExists(); |
870 | - $this->current_user_entity = $this->getTablePriviledgedUserFromCurrentSessionUserIfExists(); | |
929 | + $this->u = $this->getTablePriviledgedUserFromCurrentSessionUserIfExists(); | |
871 | 930 | //$role = $this->getUserRole(); |
872 | 931 | $this->userRole = $this->getUserRole(); |
873 | 932 | $profile = self::PROFILES["$this->userRole"]; |
874 | - $this->myDebug("- priviledgedUser is {$this->current_user_entity}"); | |
933 | + $this->myDebug("- priviledgedUser is {$this->u}"); | |
875 | 934 | $this->myDebug("- userRole is {$this->getUserRole()}", "- profile is: $profile"); |
876 | 935 | // L'utilisateur connecté (return null si pas connecté) |
877 | 936 | // $this->Auth->user('id'); |
... | ... | @@ -891,7 +950,7 @@ class AppController extends Controller |
891 | 950 | $this->set('role', $this->userRole); |
892 | 951 | $this->set('profile', $profile); |
893 | 952 | $this->set('username', $this->getCurrentUserName()); |
894 | - $this->set('priviledgedUser', $this->current_user_entity); | |
953 | + $this->set('priviledgedUser', $this->u); | |
895 | 954 | |
896 | 955 | $this->set('USER_IS_UTILISATEUR', $this->USER_IS_UTILISATEUR); |
897 | 956 | $this->set('USER_IS_ADMIN', $this->USER_IS_ADMIN); |
... | ... | @@ -1197,24 +1256,24 @@ class AppController extends Controller |
1197 | 1256 | * @todo EP 08/2017 Nouvelle organisation des ACL avec $easyACL |
1198 | 1257 | */ |
1199 | 1258 | //$action = $this->getActionPassed(); |
1200 | - if (in_array($this->action, array( | |
1259 | + if (in_array($this->a, array( | |
1201 | 1260 | 'add', |
1202 | 1261 | 'edit', |
1203 | 1262 | 'view', |
1204 | 1263 | 'index' |
1205 | 1264 | ))) { |
1206 | - $hiddenFields = $this->getHiddenFieldsForAction($this->action); | |
1265 | + $hiddenFields = $this->getHiddenFieldsForAction($this->a); | |
1207 | 1266 | $this->set('hiddenFields', $hiddenFields); |
1208 | 1267 | $this->myDebug(compact("hiddenFields")); |
1209 | - if (in_array($this->action, array( | |
1268 | + if (in_array($this->a, array( | |
1210 | 1269 | 'add', |
1211 | 1270 | 'edit' |
1212 | 1271 | ))) { |
1213 | - $mandatoryFields = $this->getMandatoryFieldsForAction($this->action); | |
1272 | + $mandatoryFields = $this->getMandatoryFieldsForAction($this->a); | |
1214 | 1273 | $this->set('mandatoryFields', $mandatoryFields); |
1215 | - $readOnlyFields = $this->getReadOnlyFieldsForAction($this->action); | |
1274 | + $readOnlyFields = $this->getReadOnlyFieldsForAction($this->a); | |
1216 | 1275 | $this->set('readOnlyFields', $readOnlyFields); |
1217 | - $haveDefaultValueFields = $this->getDefaultValueFieldsForAction($this->action); | |
1276 | + $haveDefaultValueFields = $this->getDefaultValueFieldsForAction($this->a); | |
1218 | 1277 | |
1219 | 1278 | // only for DEBUG : |
1220 | 1279 | //$this->myDebug("mandat, ro, default fields=", $mandatoryFields, $readOnlyFields, $haveDefaultValueFields); | ... | ... |
src/Controller/DocumentsController.php
... | ... | @@ -269,8 +269,9 @@ class DocumentsController extends AppController |
269 | 269 | * @param $IS_ADD: True = add ; False = edit |
270 | 270 | * @return \Cake\Network\Response|void Redirects on successful add/edit, renders view otherwise. |
271 | 271 | */ |
272 | - private function add_or_edit($IS_ADD, $id=null, $valeurs=null, $erreurs=null) { | |
273 | - | |
272 | + protected function add_or_edit($IS_ADD, $id=null, $valeurs=null, $erreurs=null, | |
273 | + // uniquement à cause de parent::add_or_edit() : | |
274 | + $entity_name=null, array $associated_entities=[], $with_parent=false) { | |
274 | 275 | $this->myDebug("step 3: DocumentsController.add_or_edit()"); |
275 | 276 | |
276 | 277 | $document = $IS_ADD ? $this->Documents->newEntity() : $this->Documents->get($id, ['contain' => []]); | ... | ... |
src/Controller/MaterielsController.php
... | ... | @@ -6,6 +6,7 @@ use Cake\ORM\TableRegistry; |
6 | 6 | use Cake\Mailer\Email; |
7 | 7 | #use Cake\ORM\Locator\TableLocator; |
8 | 8 | use Cake\Auth\FallbackPasswordHasher; |
9 | +use App\Model\Entity\Materiel; | |
9 | 10 | |
10 | 11 | /** |
11 | 12 | * Materiels Controller |
... | ... | @@ -260,28 +261,28 @@ class MaterielsController extends AppController { |
260 | 261 | $this->myDebug("step 2A (specific): MaterielsController.isAuthorized(user)"); |
261 | 262 | $this->myDebug("- user is:", $user); |
262 | 263 | |
263 | - //$this->current_user_entity = $this->getUserEntity(); | |
264 | - assert($this->current_user_entity != null); | |
265 | - if ($this->current_user_entity == null) throw new \Exception("pas d'utilisateur défini !!!"); | |
264 | + //$this->u = $this->getUserEntity(); | |
265 | + assert($this->u != null); | |
266 | + if ($this->u == null) throw new \Exception("pas d'utilisateur défini !!!"); | |
266 | 267 | |
267 | 268 | if ($this->isLabinventDebugMode()) { |
268 | 269 | |
269 | - debug($this->current_user_entity); | |
270 | + debug($this->u); | |
270 | 271 | |
271 | 272 | debug("user is xxx :"); |
272 | - debug($this->current_user_entity->is_user); | |
273 | - debug($this->current_user_entity->is_resp); | |
274 | - debug($this->current_user_entity->is_admin); | |
275 | - debug($this->current_user_entity->is_adminplus); | |
276 | - debug($this->current_user_entity->is_super); | |
273 | + debug($this->u->is_user); | |
274 | + debug($this->u->is_resp); | |
275 | + debug($this->u->is_admin); | |
276 | + debug($this->u->is_adminplus); | |
277 | + debug($this->u->is_super); | |
277 | 278 | |
278 | 279 | debug("user is xxx or more :"); |
279 | - debug($this->current_user_entity->is_resp_or_more); | |
280 | - debug($this->current_user_entity->is_admin_or_more); | |
280 | + debug($this->u->is_resp_or_more); | |
281 | + debug($this->u->is_admin_or_more); | |
281 | 282 | |
282 | 283 | debug("user is xxx or less :"); |
283 | - debug($this->current_user_entity->is_resp_or_less); | |
284 | - debug($this->current_user_entity->is_admin_or_less); | |
284 | + debug($this->u->is_resp_or_less); | |
285 | + debug($this->u->is_admin_or_less); | |
285 | 286 | |
286 | 287 | } |
287 | 288 | |
... | ... | @@ -318,7 +319,7 @@ class MaterielsController extends AppController { |
318 | 319 | |
319 | 320 | // $id = (int) $this->request->getParam('pass.0'); |
320 | 321 | //$id = $this->getIdPassed(); |
321 | - ///$this->entity_id = $this->getIdPassed(); | |
322 | + ///$this->e_id = $this->getIdPassed(); | |
322 | 323 | //debug($id); |
323 | 324 | |
324 | 325 | // ACTIONS QUI SONT TOUJOURS AUTORISÉES QUELQUE SOIT LE PROFIL |
... | ... | @@ -340,7 +341,7 @@ class MaterielsController extends AppController { |
340 | 341 | return $article->user_id === $user['id']; |
341 | 342 | */ |
342 | 343 | |
343 | - $id = $this->entity_id; | |
344 | + $id = $this->e_id; | |
344 | 345 | |
345 | 346 | /* (EP 20200430 déplacé dans isAuthorizedAction()) |
346 | 347 | // On autorise ou pas l’action demandée : |
... | ... | @@ -348,9 +349,9 @@ class MaterielsController extends AppController { |
348 | 349 | // (sauf certaines actions afin de lui donner un comportement proche de ADMIN) |
349 | 350 | if ($this->USER_IS_SUPERADMIN) { |
350 | 351 | // edit ou add by copy => ssi CREATED |
351 | - if ( $this->action =='edit' || ($this->action=='add' && $id>0) ) return $this->isCreated($id); | |
352 | + if ( $this->a =='edit' || ($this->a=='add' && $id>0) ) return $this->isCreated($id); | |
352 | 353 | // archivage => admin only |
353 | - //if ($this->action == 'statusArchived') return false; | |
354 | + //if ($this->a == 'statusArchived') return false; | |
354 | 355 | // tout le reste => ok |
355 | 356 | return true; |
356 | 357 | } |
... | ... | @@ -360,12 +361,12 @@ class MaterielsController extends AppController { |
360 | 361 | * //return $this->isAuthorizedAction($this, $user, $role, $action, $id); |
361 | 362 | * Tout le reste en dessous de cette ligne devient inutile !!! |
362 | 363 | */ |
363 | - $this->myDebug("isAuthorizedAction ? " . $this->isAuthorizedAction2($this, $this->userRole, $this->action, $id, $user)); | |
364 | + $this->myDebug("isAuthorizedAction ? " . $this->isAuthorizedAction2($this, $this->userRole, $this->a, $id, $user)); | |
364 | 365 | return $this->isAuthorizedAction(); |
365 | 366 | /* |
366 | 367 | return $this->isAuthorizedAction( |
367 | 368 | $this->userRole, |
368 | - $this->action, $id, | |
369 | + $this->a, $id, | |
369 | 370 | $user, |
370 | 371 | $this->userCname |
371 | 372 | ); |
... | ... | @@ -389,13 +390,13 @@ class MaterielsController extends AppController { |
389 | 390 | * |
390 | 391 | */ |
391 | 392 | private function isAuthorizedAction($action = null) { |
392 | - if (!$action) $action = $this->action; | |
393 | + if (!$action) $action = $this->a; | |
393 | 394 | //$id = $this->getIdPassed(); |
394 | - //debug("action $action, id $this->entity_id"); | |
395 | + //debug("action $action, id $this->e_id"); | |
395 | 396 | //return $this->isAuthorizedActionFor($action, $this->getIdPassed(), $this->userRole, $this->userFromSession, $this->userCname); |
396 | 397 | return $this->isAuthorizedActionFor( |
397 | - $action ? $action : $this->action, | |
398 | - $this->entity_id, | |
398 | + $action ? $action : $this->a, | |
399 | + $this->e_id, | |
399 | 400 | $this->userRole, |
400 | 401 | $this->userFromSession, $this->userCname |
401 | 402 | ); |
... | ... | @@ -419,7 +420,7 @@ class MaterielsController extends AppController { |
419 | 420 | |
420 | 421 | //$this->myDebug("- user is ", $user); |
421 | 422 | |
422 | - //debug($this->entity->tititoto()); | |
423 | + //debug($this->e->tititoto()); | |
423 | 424 | // Raccourci pour SUPERADMIN : par défaut il a (presque) TOUS les droits, donc c'est vite vu ! |
424 | 425 | // (sauf certaines actions afin de lui donner un comportement proche de ADMIN) |
425 | 426 | if ($this->USER_IS_SUPERADMIN) { |
... | ... | @@ -443,14 +444,14 @@ class MaterielsController extends AppController { |
443 | 444 | if ( ($action=='add' && $id>0) || in_array($action,['edit', 'delete', 'statusValidated']) ) { |
444 | 445 | return $this->isCreated($id); |
445 | 446 | } |
446 | - //if ($this->action==’statusValidated’) return $this->isCreated($id); | |
447 | + //if ($this->a==’statusValidated’) return $this->isCreated($id); | |
447 | 448 | if ($action=='statusToBeArchived') return $this->isValidated($id); |
448 | 449 | if ($action=='statusArchived') return $this->isToBeArchived($id); |
449 | 450 | if ($action=='statusCreated') return ! $this->isCreated($id); |
450 | 451 | if ($action=='printLabelRuban') return $this->confLabinvent->hasPrinter && $this->isValidated($id); |
451 | 452 | } |
452 | 453 | // archivage => admin only |
453 | - //if ($this->action == 'statusArchived') return false; | |
454 | + //if ($this->a == 'statusArchived') return false; | |
454 | 455 | // tout le reste => ok |
455 | 456 | return true; |
456 | 457 | } |
... | ... | @@ -498,7 +499,10 @@ class MaterielsController extends AppController { |
498 | 499 | //$isHis = $this->isHis($id, $user); |
499 | 500 | //$isHis = $this->isHis($id); |
500 | 501 | $isHis = $this->belongsToCurrentUser($id); |
501 | - return $role=='Utilisateur' ? $isHis : $isHis||$this->isRespGroup($id, $userCname); | |
502 | + //return $role=='Utilisateur' ? $isHis : $isHis||$this->isRespGroup($id, $userCname); | |
503 | + //return $role=='Utilisateur' ? $isHis : $isHis||$this->isSameGroupAsUser($id, $userCname); | |
504 | + ///////return $role=='Utilisateur' ? $isHis : $isHis||$this->isSameGroupAsUser($userCname, $id); | |
505 | + return $role=='Utilisateur' ? $isHis : $isHis||$this->isSameGroupAsCurrentUser($id); | |
502 | 506 | /* |
503 | 507 | if ($role=='Utilisateur') return $isHis; |
504 | 508 | // Responsable |
... | ... | @@ -634,9 +638,9 @@ class MaterielsController extends AppController { |
634 | 638 | // if ($action == 'edit') { |
635 | 639 | case 'edit': |
636 | 640 | /S |
637 | - debug("entity is"); debug($this->entity); | |
641 | + debug("entity is"); debug($this->e); | |
638 | 642 | $this->getEntity(); |
639 | - debug("entity is"); debug($this->entity); | |
643 | + debug("entity is"); debug($this->e); | |
640 | 644 | S/ |
641 | 645 | // BETTER: |
642 | 646 | // $id = (int) $this->request->getAttribute('params')['pass'][0]; |
... | ... | @@ -752,7 +756,9 @@ class MaterielsController extends AppController { |
752 | 756 | case 'statusCreated': |
753 | 757 | if ($this->isCreated($id)) return FALSE; |
754 | 758 | if ($this->USER_IS_USER()) return FALSE; |
755 | - if ($this->USER_IS_RESP()) return $this->isRespGroup($id, $userCname); | |
759 | + //if ($this->USER_IS_RESP()) return $this->isSameGroupAsUser($id, $userCname); | |
760 | + /////if ($this->USER_IS_RESP()) return $this->isSameGroupAsUser($userCname, $id); | |
761 | + if ($this->USER_IS_RESP()) return $this->isSameGroupAsCurrentUser($id); | |
756 | 762 | return true; |
757 | 763 | |
758 | 764 | // VALIDATION d'un materiel (passe à VALIDATED) |
... | ... | @@ -760,7 +766,8 @@ class MaterielsController extends AppController { |
760 | 766 | //$id = (int) $this->request->getAttribute('params')['pass'][0]; |
761 | 767 | if (! $this->isCreated($id)) return FALSE; |
762 | 768 | if ($this->USER_IS_USER()) return FALSE; |
763 | - if ($this->USER_IS_RESP()) return $this->isRespGroup($id, $userCname); | |
769 | + //if ($this->USER_IS_RESP()) return $this->isSameGroupAsUser($userCname, $id); | |
770 | + if ($this->USER_IS_RESP()) return $this->isSameGroupAsCurrentUser($id); | |
764 | 771 | return true; |
765 | 772 | |
766 | 773 | /* |
... | ... | @@ -792,7 +799,8 @@ class MaterielsController extends AppController { |
792 | 799 | case 'statusToBeArchived': |
793 | 800 | if (! $this->isValidated($id)) return FALSE; |
794 | 801 | if ($this->USER_IS_USER()) return FALSE; |
795 | - if ($this->USER_IS_RESP()) return $this->isRespGroup($id, $userCname); | |
802 | + //if ($this->USER_IS_RESP()) return $this->isSameGroupAsUser($userCname, $id); | |
803 | + if ($this->USER_IS_RESP()) return $this->isSameGroupAsCurrentUser($id); | |
796 | 804 | return TRUE; |
797 | 805 | /* |
798 | 806 | if ($this->isValidated($id)) |
... | ... | @@ -870,11 +878,13 @@ class MaterielsController extends AppController { |
870 | 878 | * cf https://book.cakephp.org/3.0/fr/tutorials-and-examples/blog-auth-example/auth.html |
871 | 879 | */ |
872 | 880 | // True if materiel with id $id is owned by $nomCreateur |
873 | - public function isOwnedBy($id, $user_name) | |
874 | - { | |
881 | + //public function isOwnedBy($id, $username) | |
882 | + public function belongsToUser($username, $id=null) { | |
883 | + if (is_null($id)) $id = $this->e_id; | |
875 | 884 | //$entity = $this->getEntity($id); |
876 | 885 | //return in_array($user_name, [$entity->nom_createur, $entity->nom_responsable]); |
877 | - return $this->getEntity($id)->isOwnedOrDeclaredByUser($user_name); | |
886 | + //return $this->getEntity($id)->isOwnedOrDeclaredByUser($username); | |
887 | + return $this->getEntity($id)->belongsToUser($username); | |
878 | 888 | /* |
879 | 889 | return ($this->Materiels->exists([ |
880 | 890 | 'id' => $id, |
... | ... | @@ -887,22 +897,42 @@ class MaterielsController extends AppController { |
887 | 897 | } |
888 | 898 | |
889 | 899 | // True if materiel with id $id is owned by current user |
900 | + // Par défaut, si $id = null => id du materiel courant | |
890 | 901 | //public function isHis($id, $userFromSession) { |
891 | 902 | //public function isHis($matos_id) { |
892 | - public function belongsToCurrentUser($id) { | |
903 | + public function belongsToCurrentUser($id=null) { | |
904 | + if (is_null($id)) $id = $this->e_id; | |
893 | 905 | //return ($this->isOwnedBy($id, $userFromSession['sn'][0] . ' ' . $userFromSession['givenname'][0])); |
894 | - return $this->isOwnedBy($id, $this->current_user_entity->nom); | |
906 | + //return $this->isOwnedBy($id, $this->u->nom); | |
907 | + return $this->belongsToUser($this->u->nom, $id); | |
895 | 908 | } |
896 | 909 | |
897 | - | |
898 | - public function isRespGroup($id, $loginResponsable) | |
899 | - { | |
910 | + // Par défaut, si $id = null => id du materiel courant | |
911 | + public function isSameGroupAsCurrentUser($id=null) { | |
912 | + if (is_null($id)) $id = $this->e_id; | |
913 | + $u = $this->u; | |
914 | + return $this->isSameGroupAsUser($u->username, $id); | |
915 | + } | |
916 | + | |
917 | + // Par défaut, si $id = null => id du materiel courant | |
918 | + //public function isRespGroup($id, $loginResponsable) | |
919 | + //public function isSameGroupAsUser($id, $loginResponsable) | |
920 | + public function isSameGroupAsUser($userlogin, $id=null) { | |
921 | + if (is_null($id)) $id = $this->e_id; | |
900 | 922 | // Get user |
923 | + if ($this->u && $this->u->username == $userlogin) | |
924 | + $u = $this->u; | |
925 | + else | |
926 | + $u = $this->getUserByLogin($userlogin); | |
927 | + /* | |
901 | 928 | $u = TableRegistry::getTableLocator()->get('Users') |
902 | 929 | ->find() |
903 | - ->where(['username' => $loginResponsable]) | |
930 | + ->where(['username' => $userlogin]) | |
904 | 931 | ->first(); |
932 | + */ | |
933 | + return $this->getEntity($id)->isSameGroupAsUser($u->groupes_metier_id, $u->groupes_thematique_id); | |
905 | 934 | |
935 | + /* OLD WAY | |
906 | 936 | // Responsable groupe métier ? |
907 | 937 | $group = 'groupes_metier'; |
908 | 938 | $group_fk = $group.'_id'; |
... | ... | @@ -914,15 +944,15 @@ class MaterielsController extends AppController { |
914 | 944 | ->where(['nom =' => 'N/A']) |
915 | 945 | ->first()['id'] |
916 | 946 | ) return $this->getEntity($id)->$group_fk == $u[$group_fk]; |
917 | - /* | |
947 | + /S | |
918 | 948 | return $this->Materiels->exists([ |
919 | 949 | 'id' => $id, |
920 | 950 | 'groupes_metier_id' => $u['groupes_metier_id'] |
921 | 951 | ]); |
922 | - */ | |
952 | + S/ | |
923 | 953 | |
924 | 954 | // Responsable groupe thématique ? |
925 | - $group = 'groupe_thematique'; | |
955 | + $group = 'groupes_thematique'; | |
926 | 956 | $group_fk = $group.'_id'; |
927 | 957 | if ( |
928 | 958 | $u[$group_fk] !== null |
... | ... | @@ -932,20 +962,23 @@ class MaterielsController extends AppController { |
932 | 962 | ->where(['nom =' => 'N/A']) |
933 | 963 | ->first()['id'] |
934 | 964 | ) return $this->getEntity($id)->$group_fk == $u[$group_fk]; |
935 | - /* | |
965 | + /S | |
936 | 966 | return $this->Materiels->exists([ |
937 | 967 | 'id' => $id, |
938 | 968 | 'groupes_thematique_id' => $u['groupe_thematique_id'] |
939 | 969 | ]); |
940 | - */ | |
970 | + S/ | |
941 | 971 | |
942 | 972 | // sinon, pas responsable de groupe |
943 | 973 | return false; |
974 | + */ | |
944 | 975 | |
945 | - } // isRespGroup | |
976 | + } // isSameGroupAsUser (ex isRespGroup) | |
946 | 977 | |
947 | 978 | |
948 | - public function hasStatus($id, $status) { | |
979 | + // $id = id du materiel => si null alors id du materiel courant | |
980 | + public function hasStatus($id=null, $status) { | |
981 | + if (is_null($id)) $id = $this->e_id; | |
949 | 982 | return $this->getEntity($id)->status == $status; |
950 | 983 | /* |
951 | 984 | return $this->Materiels->exists([ |
... | ... | @@ -954,10 +987,10 @@ class MaterielsController extends AppController { |
954 | 987 | ]); |
955 | 988 | */ |
956 | 989 | } |
957 | - public function isCreated($id) { return $this->hasStatus($id, 'CREATED'); } | |
958 | - public function isValidated($id) { return $this->hasStatus($id, 'VALIDATED'); } | |
959 | - public function isToBeArchived($id) { return $this->hasStatus($id, 'TOBEARCHIVED'); } | |
960 | - public function isArchived($id) { return $this->hasStatus($id, 'ARCHIVED'); } | |
990 | + public function isCreated($id=null) { return $this->hasStatus($id, 'CREATED'); } | |
991 | + public function isValidated($id=null) { return $this->hasStatus($id, 'VALIDATED'); } | |
992 | + public function isToBeArchived($id=null) { return $this->hasStatus($id, 'TOBEARCHIVED'); } | |
993 | + public function isArchived($id=null) { return $this->hasStatus($id, 'ARCHIVED'); } | |
961 | 994 | |
962 | 995 | |
963 | 996 | /** |
... | ... | @@ -1097,6 +1130,7 @@ class MaterielsController extends AppController { |
1097 | 1130 | ]); |
1098 | 1131 | } // index() |
1099 | 1132 | |
1133 | + | |
1100 | 1134 | /** |
1101 | 1135 | * View method |
1102 | 1136 | * |
... | ... | @@ -1134,6 +1168,7 @@ class MaterielsController extends AppController { |
1134 | 1168 | 'Fournisseurs' |
1135 | 1169 | ] |
1136 | 1170 | ]); |
1171 | + $e = $materiel; | |
1137 | 1172 | |
1138 | 1173 | /* |
1139 | 1174 | * (EP) TODO: |
... | ... | @@ -1151,44 +1186,75 @@ class MaterielsController extends AppController { |
1151 | 1186 | * |
1152 | 1187 | */ |
1153 | 1188 | |
1189 | + /* | |
1154 | 1190 | $IS_CREATED = ($materiel->status == 'CREATED'); |
1155 | 1191 | $IS_VALIDATED = ($materiel->status == 'VALIDATED'); |
1156 | 1192 | $IS_TOBEARCHIVED = ($materiel->status == 'TOBEARCHIVED'); |
1157 | 1193 | $IS_ARCHIVED = ($materiel->status == 'ARCHIVED'); |
1158 | - | |
1194 | + */ | |
1195 | + $IS_CREATED = $e->is_created; | |
1196 | + $IS_VALIDATED = $e->is_validated; | |
1197 | + $IS_TOBEARCHIVED = $e->is_tobearchived; | |
1198 | + $IS_ARCHIVED = $e->is_archived; | |
1199 | + $this->set(compact('IS_CREATED', 'IS_VALIDATED', 'IS_TOBEARCHIVED', 'IS_ARCHIVED')); | |
1159 | 1200 | |
1160 | 1201 | // Current user is creator or owner of current materiel |
1202 | + /* | |
1161 | 1203 | $USER_IS_CREATOR_OR_OWNER = in_array($this->userName, [ |
1162 | 1204 | $materiel->nom_createur, |
1163 | 1205 | $materiel->nom_responsable |
1164 | 1206 | ]); |
1207 | + */ | |
1208 | + //$USER_IS_CREATOR_OR_OWNER = $e->isOwnedOrDeclaredByUser($this->userName); | |
1209 | + $USER_IS_CREATOR_OR_OWNER = $e->belongsToUser($this->userName); | |
1165 | 1210 | $this->set(compact('USER_IS_CREATOR_OR_OWNER')); |
1166 | 1211 | |
1167 | 1212 | // Current user is same group as current materiel |
1168 | - $USER_IS_SAME_GROUP_AS_MATERIEL = ( | |
1213 | + /* | |
1214 | + //$USER_IS_SAME_GROUP_AS_MATERIEL = $e->isSameGroupAsUser($user_group_metier_id, $user_group_thematique_id); | |
1215 | + $USER_IS_SAME_GROUP_AS_MATERIEL = | |
1216 | + ( | |
1169 | 1217 | //( isset($this->priviledgedUser->groupes_metier_id) && $this->priviledgedUser->groupes_metier_id != $this->idGmNa && $materiel->groupes_metier_id == $this->priviledgedUser->groupes_metier_id ) |
1170 | - ( isset($this->current_user_entity->groupes_metier_id) && $this->current_user_entity->groupes_metier_id != $this->idGmNa && $materiel->groupes_metier_id == $this->current_user_entity->groupes_metier_id ) | |
1218 | + ( isset($this->u->groupes_metier_id) && $this->u->groupes_metier_id != $this->idGmNa && $materiel->groupes_metier_id == $this->u->groupes_metier_id ) | |
1171 | 1219 | || |
1172 | - ( isset($this->current_user_entity->groupe_thematique_id) && $this->current_user_entity->groupe_thematique_id != $this->idGtNa && $materiel->groupes_thematique_id == $this->current_user_entity->groupe_thematique_id ) | |
1220 | + ( isset($this->u->groupe_thematique_id) && $this->u->groupe_thematique_id != $this->idGtNa && $materiel->groupes_thematique_id == $this->u->groupe_thematique_id ) | |
1173 | 1221 | ); |
1222 | + */ | |
1223 | + //$USER_IS_SAME_GROUP_AS_MATERIEL = $this->currentMaterielIsSameGroupAsCurrentUser(); | |
1224 | + $USER_IS_SAME_GROUP_AS_MATERIEL = $this->isSameGroupAsCurrentUser(); | |
1174 | 1225 | $this->set(compact('USER_IS_SAME_GROUP_AS_MATERIEL')); |
1175 | 1226 | |
1176 | 1227 | $USER_IS_RESPONSABLE_AND_SAME_GROUP_AS_MATERIEL = $this->USER_IS_RESPONSABLE && $USER_IS_SAME_GROUP_AS_MATERIEL; |
1177 | 1228 | $this->set(compact('USER_IS_RESPONSABLE_AND_SAME_GROUP_AS_MATERIEL')); |
1178 | 1229 | |
1179 | 1230 | $CONTEXT1 = $this->USER_IS_ADMIN_OR_MORE || $USER_IS_CREATOR_OR_OWNER || $USER_IS_RESPONSABLE_AND_SAME_GROUP_AS_MATERIEL; |
1231 | + | |
1232 | + /* | |
1180 | 1233 | $CAN_VALIDATE_OR_INVALIDATE = $this->USER_IS_ADMIN_OR_MORE || ( $materiel->materiel_administratif==0 && $USER_IS_RESPONSABLE_AND_SAME_GROUP_AS_MATERIEL ); |
1181 | 1234 | $CAN_VALIDATE = $IS_CREATED && $CAN_VALIDATE_OR_INVALIDATE; |
1182 | - | |
1183 | - $CAN_INVALIDATE = !$IS_CREATED && $CAN_VALIDATE_OR_INVALIDATE; | |
1184 | - $CAN_TBA = $IS_VALIDATED && $CONTEXT1; | |
1185 | - $CAN_ARCHIVE = $IS_TOBEARCHIVED && $this->USER_IS_ADMIN_OR_MORE; | |
1235 | + */ | |
1236 | + $CAN_VALIDATE = $this->isAuthorizedAction('statusValidated'); | |
1237 | + //$CAN_INVALIDATE = !$IS_CREATED && $CAN_VALIDATE_OR_INVALIDATE; | |
1238 | + $CAN_INVALIDATE = $this->isAuthorizedAction('statusCreated'); | |
1239 | + //$CAN_TBA = $IS_VALIDATED && $CONTEXT1; | |
1240 | + $CAN_TBA = $this->isAuthorizedAction('statusTobearchived'); | |
1241 | + //$CAN_ARCHIVE = $IS_TOBEARCHIVED && $this->USER_IS_ADMIN_OR_MORE; | |
1242 | + $CAN_ARCHIVE = $this->isAuthorizedAction('statusArchived'); | |
1186 | 1243 | $this->set(compact('CAN_VALIDATE', 'CAN_INVALIDATE', 'CAN_TBA', 'CAN_ARCHIVE')); |
1187 | - | |
1244 | + | |
1245 | + // TODO: | |
1246 | + //$CAN_ATTACH_A_DOC = DocumentsController::isAuthorizedAction('add'); | |
1247 | + // et idem pour tous les autres | |
1188 | 1248 | $CAN_ATTACH_A_DOC = $CONTEXT1; |
1249 | + | |
1189 | 1250 | $CAN_MANAGE_SUIVIS = $CONTEXT1; |
1251 | + $CAN_EDIT_OR_DELETE_SUIVIS = $CAN_MANAGE_SUIVIS; | |
1252 | + | |
1190 | 1253 | $CAN_MANAGE_EMPRUNTS = $CONTEXT1; |
1191 | - $CAN_MANAGE_FILES = $CONTEXT1; | |
1254 | + $CAN_EDIT_OR_DELETE_EMPRUNTS = $CAN_MANAGE_EMPRUNTS; | |
1255 | + | |
1256 | + $CAN_MANAGE_FILES = $CONTEXT1; // edit, delete, ou envoi devis par mail | |
1257 | + | |
1192 | 1258 | $this->set(compact('CAN_ATTACH_A_DOC', 'CAN_MANAGE_SUIVIS', 'CAN_MANAGE_EMPRUNTS', 'CAN_MANAGE_FILES')); |
1193 | 1259 | |
1194 | 1260 | // NEW |
... | ... | @@ -1197,8 +1263,9 @@ class MaterielsController extends AppController { |
1197 | 1263 | $CAN_EDIT = $this->isAuthorizedAction('edit'); |
1198 | 1264 | // OLD |
1199 | 1265 | //$CAN_EDIT = $IS_CREATED && $CAN_ATTACH_A_DOC; |
1200 | - $CAN_COPY = $CAN_EDIT; | |
1201 | - | |
1266 | + //$CAN_COPY = $CAN_EDIT; | |
1267 | + $CAN_COPY = $this->isAuthorizedAction('add', $id); | |
1268 | + | |
1202 | 1269 | $CAN_DELETE = $this->isAuthorizedAction('delete'); |
1203 | 1270 | //debug($CAN_DELETE); |
1204 | 1271 | |
... | ... | @@ -1210,7 +1277,7 @@ class MaterielsController extends AppController { |
1210 | 1277 | |
1211 | 1278 | // $status = $this->allStatus[$materiel->status]; |
1212 | 1279 | $status = self::allStatus[$materiel->status]; |
1213 | - $this->set(compact('status', 'IS_CREATED', 'IS_VALIDATED', 'IS_TOBEARCHIVED', 'IS_ARCHIVED')); | |
1280 | + $this->set(compact('status')); | |
1214 | 1281 | |
1215 | 1282 | $sites = TableRegistry::getTableLocator()->get('Sites'); |
1216 | 1283 | //$sites = TableLocator::get('Sites'); |
... | ... | @@ -1226,16 +1293,17 @@ class MaterielsController extends AppController { |
1226 | 1293 | //$fournisseurs = TableLocator::get('Fournisseurs'); |
1227 | 1294 | |
1228 | 1295 | if ($materiel->photo_id != null) { |
1229 | - $imgMateriel = $materiel->photo_id . '.' . TableRegistry::get('Documents')->get($materiel->photo_id)->get('type_doc'); | |
1296 | + $imgMateriel = $materiel->photo_id . '.' . TableRegistry::getTableLocator()->get('Documents')->get($materiel->photo_id)->get('type_doc'); | |
1230 | 1297 | $this->set('imgMateriel', $imgMateriel); |
1231 | 1298 | } |
1232 | 1299 | |
1233 | 1300 | $this->set('PDF_ENGINE', $this->confLabinvent->pdf_engine); |
1234 | 1301 | |
1235 | 1302 | $entity = $materiel; |
1236 | - $this->set(compact('sites', 'typeDocuments', 'fournisseurs', | |
1237 | - 'entity' | |
1303 | + $this->set(compact('entity')); | |
1304 | + $this->set(compact( | |
1238 | 1305 | //'materiel', // @deprecated |
1306 | + 'sites', 'typeDocuments', 'fournisseurs' | |
1239 | 1307 | )); |
1240 | 1308 | /* (EP) inutile |
1241 | 1309 | $this->set('_serialize', [ | ... | ... |
src/Controller/QrCodesController.php
... | ... | @@ -8,7 +8,8 @@ class QrCodesController extends AppController |
8 | 8 | { |
9 | 9 | |
10 | 10 | public function isAuthorized($user) { |
11 | - return ($this->action == 'creer'); | |
11 | + //return ($this->action == 'creer'); | |
12 | + return ($this->a == 'creer'); | |
12 | 13 | // Si aucune règle ci-dessus n'a return true (ou false) |
13 | 14 | // => DEFAULT PARENT RULE |
14 | 15 | // (on appelle la méthode isAuthorized() de AppController) | ... | ... |
src/Model/Entity/Materiel.php
... | ... | @@ -57,8 +57,7 @@ use Cake\ORM\Entity; |
57 | 57 | * @property \App\Model\Entity\Fournisseur $fournisseur |
58 | 58 | * @property bool $metrologie |
59 | 59 | */ |
60 | -class Materiel extends Entity | |
61 | -{ | |
60 | +class Materiel extends Entity { | |
62 | 61 | |
63 | 62 | /** |
64 | 63 | * Fields that can be mass assigned using newEntity() or patchEntity(). |
... | ... | @@ -90,10 +89,16 @@ class Materiel extends Entity |
90 | 89 | protected function _getIsTobearchived() { return $this->status == 'TOBEARCHIVED'; } |
91 | 90 | protected function _getIsArchived() { return $this->status == 'ARCHIVED'; } |
92 | 91 | |
92 | + // Ce matériel est utilisé ou déclaré par l'utilisateur $userfullname | |
93 | + // is Owned Or Declared By User | |
94 | + // fullname = "Pallier Etienne" | |
93 | 95 | //public function isUsedOrCreatedByUser($user) { |
94 | - public function isOwnedOrDeclaredByUser($username) { | |
95 | - return in_array($username, [$this->nom_createur, $this->nom_responsable]); | |
96 | + //public function isOwnedOrDeclaredByUser($username) { | |
97 | + public function belongsToUser($userfullname) { | |
98 | + return in_array($userfullname, [$this->nom_createur, $this->nom_responsable]); | |
96 | 99 | } |
100 | + | |
101 | + // Ce matériel a le même groupe que l'un de ceux de l'utilisateur courant | |
97 | 102 | public function isSameGroupAsUser($user_group_metier_id, $user_group_thematique_id) { |
98 | 103 | // Responsable groupe métier ? |
99 | 104 | //if ($this->groupes_metier_id==null && $this->groupes_thematique_id==null) return false; | ... | ... |
src/Model/Table/MaterielsTable.php
... | ... | @@ -467,7 +467,7 @@ class MaterielsTable extends AppTable |
467 | 467 | * |
468 | 468 | * On récupère le NOM du fournisseur saisi dans le champ appelé fournisseur.name (en php) |
469 | 469 | * En Html ça correspond à fournisseur['name'] |
470 | - * Si saisie vide => mettre à nul | |
470 | + * Si saisie vide => mettre à null | |
471 | 471 | * Sinon, chercher le fournisseur_id correspondant à ce nom |
472 | 472 | * Si id trouvé => fournisseur_id = cet id |
473 | 473 | * Sinon, créer un nouveau fournisseur avec ce nom | ... | ... |
src/Template/Materiels/view.ctp
... | ... | @@ -672,7 +672,8 @@ if ($role == 'Super Administrateur') { |
672 | 672 | || ($USER_IS_RESPONSABLE && $USER_IS_SAME_GROUP_AS_MATERIEL)) { |
673 | 673 | */ |
674 | 674 | if ($CAN_MANAGE_SUIVIS) { |
675 | - // Edit Suivis | |
675 | + | |
676 | + // - Edit Suivis | |
676 | 677 | $echoActionButton($this->Html, 'icon-pencil', $bStyle, '', 'Suivis', 'edit', $suivi->id); |
677 | 678 | /* |
678 | 679 | echo $this->Html->link(__('<i class="icon-pencil"></i>'), [ |
... | ... | @@ -684,7 +685,8 @@ if ($role == 'Super Administrateur') { |
684 | 685 | 'style' => 'margin:0' |
685 | 686 | ]); |
686 | 687 | */ |
687 | - // Delete Suivis | |
688 | + | |
689 | + // - Delete Suivis | |
688 | 690 | //$echoActionButton($this->Html, 'icon-trash', $bStyle, '', 'Suivis', 'delete', $suivi->id, [], "", ""); |
689 | 691 | echo ' '.$this->Form->postLink(__('<i class="icon-trash"></i>'), [ |
690 | 692 | 'controller' => 'Suivis', |
... | ... | @@ -695,6 +697,7 @@ if ($role == 'Super Administrateur') { |
695 | 697 | 'style' => 'margin:0', |
696 | 698 | 'confirm' => __('Êtes-vous sur de vouloir annuler ce suivi #{0} ?', $suivi->id) |
697 | 699 | ]); |
700 | + | |
698 | 701 | } |
699 | 702 | ?> |
700 | 703 | </td> |
... | ... | @@ -800,7 +803,8 @@ if ($role == 'Super Administrateur') { |
800 | 803 | $bEdit = $bDelete = ''; |
801 | 804 | //if ($USER_IS_ADMIN_OR_MORE || $USER_IS_UTILISATEUR_AND_CREATOR_OR_OWNER || $USER_IS_RESPONSABLE_AND_SAME_GROUP || $USER_IS_RESPONSABLE_AND_CREATOR_OR_OWNER ) { |
802 | 805 | if ($CAN_MANAGE_EMPRUNTS) { |
803 | - // Edit Emprunt | |
806 | + | |
807 | + // - Edit Emprunt | |
804 | 808 | $bEdit = $this->MyButton->getActionButton('icon-pencil', $bStyle, '', 'Emprunts', 'edit', $emprunt->id); |
805 | 809 | //$bEdit = $getActionButton($this->Html, 'icon-pencil', $bStyle, '', 'Emprunts', 'edit', $emprunt->id); |
806 | 810 | //echo $bEdit; |
... | ... | @@ -814,7 +818,8 @@ if ($role == 'Super Administrateur') { |
814 | 818 | 'style' => 'margin:0' |
815 | 819 | ]); |
816 | 820 | */ |
817 | - // Delete Emprunt | |
821 | + | |
822 | + // - Delete Emprunt | |
818 | 823 | $bDelete = $this->Form->postLink(__('<i class="icon-trash"></i>'), [ |
819 | 824 | 'controller' => 'Emprunts', |
820 | 825 | 'action' => 'delete', |
... | ... | @@ -826,6 +831,7 @@ if ($role == 'Super Administrateur') { |
826 | 831 | 'confirm' => __('Êtes-vous sur de vouloir annuler cet emprunt #{0}?', $emprunt->id) |
827 | 832 | ] |
828 | 833 | ); |
834 | + | |
829 | 835 | } |
830 | 836 | // champ virtuel (calculé) statut |
831 | 837 | $style_red = 'style="color: red"'; |
... | ... | @@ -930,9 +936,10 @@ if ($role == 'Super Administrateur') { |
930 | 936 | ]); |
931 | 937 | } |
932 | 938 | |
933 | - // 2 - icone EDIT | |
934 | 939 | //if ($USER_IS_ADMIN_OR_MORE || $USER_IS_UTILISATEUR_AND_CREATOR_OR_OWNER || $USER_IS_RESPONSABLE_AND_SAME_GROUP || $USER_IS_RESPONSABLE_AND_CREATOR_OR_OWNER) { |
935 | 940 | if ($CAN_MANAGE_FILES) { |
941 | + | |
942 | + // 2 - icone EDIT | |
936 | 943 | $echoActionButton($this->Html, 'icon-pencil', $bStyle, '', 'Documents', 'edit', $document->id); |
937 | 944 | /* |
938 | 945 | echo $this->Html->link(__('<i class="icon-pencil"></i>'), [ | ... | ... |
src/Template/Suivis/view.ctp