loadComponent('Security');`
*
* @return void
*/
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
$this->loadComponent('LdapAuth', [
'authorize' => ['Controller'],
'loginRedirect' => [
'controller' => 'Pages',
'action' => 'home'
],
'logoutRedirect' => [
'controller' => 'Pages',
'action' => 'home',
]
]);
}
/**
* @param $user
*
* Give authorization in general
*
* @return boolean
*/
public function isAuthorized($user)
{
$configuration = TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first();
$role = TableRegistry::get('Users')->find()->where(['username' => $user[$configuration->authentificationType_ldap][0]])->first()['role'];
$action = $this->request->params['action'];
//error_log($action);
// Super-Admin peut accéder à chaque action
if($role == 'Super Administrateur') return true;
//Pour tout le monde
if (in_array($action, ['index', 'find', 'view', 'creer', 'add', 'getNextDate'])) return true;
// Par défaut refuser
return false;
}
function userHasRole($roleDefine) {
$configuration = TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first();
$role = TableRegistry::get('Users')->find()->where(['username' => $this->LdapAuth->user($configuration->authentificationType_ldap)[0]])->first()['role'];
$isAuthorized = false;
switch($roleDefine) {
case 'Super Administrateur':
if(in_array($role, ['Super Administrateur'])) $isAuthorized = true;
break;
case 'Administration Plus':
if(in_array($role, ['Administration Plus', 'Super Administrateur'])) $isAuthorized = true;
break;
case 'Administration':
if(in_array($role, ['Administration', 'Administration Plus', 'Super Administrateur'])) $isAuthorized = true;
break;
case 'Responsable':
if(in_array($role, ['Responsable', 'Administration', 'Administration Plus', 'Super Administrateur'])) $isAuthorized = true;
break;
case 'Utilisateur':
if(in_array($role, ['Utilisateur', 'Responsable', 'Administration', 'Administration Plus', 'Super Administrateur'])) $isAuthorized = true;
break;
}
return $isAuthorized;
}
/**
* {@inheritDoc}
* @see \Cake\Controller\Controller::beforeFilter()
*/
public function beforeFilter(Event $event)
{
//!!! Ne jamais autoriser l'action 'login', sinon cela va créer des problèmes sur le fonctionnement normal de AuthComponent (cf doc) !!!
$configuration = TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first();
if($configuration->mode_install) {
$this->LdapAuth->allow(['display', 'add', 'edit', 'installOff']);
}
else {
$this->LdapAuth->allow(['display']);
}
$this->LdapAuth->config('authError', "Désolé, vous n'êtes pas autorisés à accéder à cette zone.");
}
public function afterFilter(Event $event)
{
if(in_array($this->request->params['action'], ['edit', 'add'])) {
$this->request->session()->write("retourForm1", true);
}
else if($this->request->params['action'] != 'creer') {
$this->request->session()->write("retourForm1", false);
}
}
/**
* Before render callback.
*
* @param \Cake\Event\Event $event The beforeRender event.
* @return void
*/
public function beforeRender(Event $event)
{
if (!array_key_exists('_serialize', $this->viewVars) &&
in_array($this->response->type(), ['application/json', 'application/xml'])
) {
$this->set('_serialize', true);
}
$this->set('username', $this->LdapAuth->user('givenname')[0].' '.$this->LdapAuth->user('sn')[0]);
$configuration = TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first();
$this->set('configuration', $configuration);
$this->request->session()->write("authType", $configuration->authentificationType_ldap);
$user = TableRegistry::get('Users')->find()->where(['username' => $this->LdapAuth->user($configuration->authentificationType_ldap)[0]])->first();
$role = $user['role'];
if($role == null) $role = 'Utilisateur';
$this->set('role', $role);
$this->set('userConnected', $user);
$displayElement = function ($nom, $valeur) {
if ($valeur != "")
echo '
'.$nom.' | '.$valeur.' |
';
};
$this->set('displayElement', $displayElement);
}
// "le materiel", "le suivi"...
protected function getArticle() {
return "Le ";
}
/**
* Envoi d'un email à la gestion (et aux devs) pour prévenir qu'un matériel a été créé ou modifié
* (cf howto dans http://book.cakephp.org/2.0/fr/core-utility-libraries/email.html)
* @param string $subject
* @param string $message
*/
public function sendEmailToManagementWith($subject, $message) {
$configuration = TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first();
for($i = 1; $i < 11; $i++) {
$t = 'emailGuest'.$i;
$to = $configuration->$t;
if ($to != null && !$configuration->test) {
if (filter_var($to, FILTER_VALIDATE_EMAIL)) {
$email = new Email();
$etiquetteFrom = explode("@", $configuration->sender_mail);
if($configuration->envoi_mail_management_dev) {
$email->transport('dev')
->from([$configuration->sender_mail => $etiquetteFrom[0]])
->to($to)
->subject("[LabInvent] ".$subject)
->send($message);
} else {
$email->transport('default')
->from([$configuration->sender_mail => $etiquetteFrom[0]])
->to($to)
->subject("[LabInvent] ".$subject)
->send($message);
}
}
}
}
}
public function sendEmailToManagement($idObj = null) {
$configuration = TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first();
$userAuth = $this->LdapAuth->user($configuration->authentificationType_ldap)[0];
$controller = substr($this->request->params['controller'], 0, -1); // materiel
$action = $this->request->params['action']; // add or edit or delete or ...
$userName = $this->LdapAuth->user('givenname')[0].' '.$this->LdapAuth->user('sn')[0];
$userEmail = $this->LdapAuth->user('mail')[0];
$role = TableRegistry::get('Users')->find()->where(['username' => $this->LdapAuth->user($configuration->authentificationType_ldap)[0]])->first()['role'];
if($role == null) $role = 'Utilisateur';
$modelName = $this->modelClass; // 'Materiels'
$id = $idObj;
switch ($action) {
case 'add':
$actionFrench = ['Création', 'créé'];
break;
case 'edit':
$actionFrench = ['Modification', 'modifié'];
break;
case 'delete':
$actionFrench = ['Suppression', 'supprimé'];
break;
case 'statusValidated':
$actionFrench = ['Validation', 'validé'];
break;
case 'statusToBeArchived':
$actionFrench = ['Demande Archivage', 'demandé pour archivage'];
break;
case 'statusArchived':
$actionFrench = ['Archivage', 'archivé'];
break;
default:
$actionFrench = [$action, $action];
break;
}
$doneBy = $userName." (".$userEmail.", login=".$userAuth.", profil=".$role.").";
$subject = $actionFrench[0]." d'un " .$controller;
if($id != null) {
$entityName = TableRegistry::get($modelName)->find('all')->where(['id =' => $id])->first();
if($modelName == 'Materiels') {
$entityName = $entityName['designation'];
}
else if ($modelName == 'Suivis' || $modelName == 'Emprunts') {
$entityName = $entityName['id'];
}
else {
$entityName = $entityName['nom'];
}
}
else {
$entityName = NULL;
}
$message = $this->getArticle().$controller." ".$entityName." (id=".$id.") a été ".$actionFrench[1]." par ".$doneBy;
$this->sendEmailToManagementWith($subject, $message);
}
/**
* Envoi d'un email au propriétaire pour prévenir qu'un matériel a été créé
* @param string $subject
* @param string $message
*/
public function sendEmailToCreate($idObj = null) {
$id = $idObj;
$configuration = TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first();
$materiel = TableRegistry::get('Materiels')->find()->where(['id =' => $id])->first();
$createurName = $this->LdapAuth->user('givenname')[0].' '.$this->LdapAuth->user('sn')[0];
$createurEmail = $this->LdapAuth->user('mail')[0];
$toEmail = $materiel->email_responsable;
$role = TableRegistry::get('Users')->find()->where(['username' => $this->LdapAuth->user($configuration->authentificationType_ldap)[0]])->first()['role'];
if($role == null) $role = 'Utilisateur';
$subject = 'Ajout d\'un matériel';
$message = $createurName.' (email = '.$createurEmail.', role = '.$role.') a ajouté le matériel "'.$materiel->designation.'" et vous a nommé propriétaire de ce matériel.';
if ($toEmail != null && !$configuration->test) {
if (filter_var($toEmail, FILTER_VALIDATE_EMAIL)) {
$email = new Email();
if($configuration->envoi_mail_management_dev) {
$email->transport('dev')
->from(["labinvent2@".$configuration->from_mail => "Labinvent2"])
->to($toEmail)
->subject("[LabInvent] ".$subject)
->send($message);
} else {
$email->transport('default')
->from(["labinvent2@".$configuration->from_mail => "Labinvent2"])
->to($toEmail)
->subject("[LabInvent] ".$subject)
->send($message);
}
}
}
}
static function isLabinventDebugMode() {
return TableRegistry::get('Configurations')->find()->where(['id =' => 1])->first()->mode_debug;
}
function myDebug($arg, $stop=false) {
if ($this->isLabinventDebugMode()) {
Configure::write('debug', true);
debug($arg);
if ($stop) exit;
}
}
}