~xibo-maintainers/xibo/tempel

public function __construct($log, $sanitizerService, $state, $user, $help, $date, $config, $userGroupFactory, $pageFactory, $permissionFactory, $userFactory)

{

$this->setCommonDependencies($log, $sanitizerService, $state, $user, $help, $date, $config);

$this->userGroupFactory = $userGroupFactory;

$this->pageFactory = $pageFactory;

$this->permissionFactory = $permissionFactory;

$this->userFactory = $userFactory;

}

/**

* Display page logic

function displayPage()

{

// Default options

if ($this->getSession()->get(get_class(), 'Filter') == 1) {

$filter_pinned = 1;

$filter_name = $this->getSession()->get(get_class(), 'filter_name');

} else {

$filter_pinned = 0;

$filter_name = NULL;

}

$data = [

'defaults' => [

'filterPinned' => $filter_pinned,

'name' => $filter_name

]

];

$this->getState()->template = 'usergroup-page';

$this->getState()->setData($data);

}

/**

* Group Grid

* @SWG\Get(

* path="/usergroup",

* operationId="userGroupSearch",

* tags={"usergroup"},

100

* summary="UserGroup Search",

101

* description="Search User Groups",

102

* @SWG\Parameter(

103

* name="userGroupId",

104

* in="formData",

105

* description="Filter by UserGroup Id",

106

* type="integer",

107

* required=false

108

* ),

109

* @SWG\Parameter(

110

* name="userGroup",

111

* in="formData",

112

* description="Filter by UserGroup Name",

113

* type="string",

114

* required=false

115

* ),

116

* @SWG\Response(

117

* response=200,

118

* description="successful operation",

119

* @SWG\Schema(

120

* type="array",

121

* @SWG\Items(ref="#/definitions/UserGroup")

122

* )

123

* )

124

* )

125

126

function grid()

127

{

$user = $this->getUser();

$this->getSession()->set(get_class(), 'Filter', Sanitize::getCheckbox('XiboFilterPinned', 0));

128

$filterBy = [

129

'groupId' => $this->getSanitizer()->getInt('userGroupId'),

130

'group' => $this->getSanitizer()->getString('userGroup')

'group' => $this->getSession()->set(get_class(), 'filter_name', Sanitize::getString('filter_name'))

131

];

132

133

$groups = $this->userGroupFactory->query($this->gridRenderSort(), $this->gridRenderFilter($filterBy));

$groups = UserGroupFactory::query($this->gridRenderSort(), $this->gridRenderFilter($filterBy));

134

135

foreach ($groups as $group) {

136

/* @var \Xibo\Entity\UserGroup $group */

137

138

$group->libraryQuotaFormatted = ByteFormatter::format($group->libraryQuota * 1024);

139

140

if ($this->isApi())

141

break;

142

143

// we only want to show certain buttons, depending on the user logged in

144

if ($this->isEditable($group)) {

if ($user->getUserTypeId() == 1) {

145

// Edit

146

$group->buttons[] = array(

147

'id' => 'usergroup_button_edit',

149

'text' => __('Edit')

150

);

151

152

if ($this->getUser()->isSuperAdmin()) {

153

// Delete

154

$group->buttons[] = array(

155

'id' => 'usergroup_button_delete',

156

'url' => $this->urlFor('group.delete.form', ['id' => $group->groupId]),

157

'text' => __('Delete')

158

);

159

160

$group->buttons[] = ['divider' => true];

161

162

// Copy

163

$group->buttons[] = array(

164

'id' => 'usergroup_button_copy',

165

'url' => $this->urlFor('group.copy.form', ['id' => $group->groupId]),

166

'text' => __('Copy')

167

);

168

169

$group->buttons[] = ['divider' => true];

170

}

// Delete

$group->buttons[] = array(

'id' => 'usergroup_button_delete',

'url' => $this->urlFor('group.delete.form', ['id' => $group->groupId]),

'text' => __('Delete')

);

100

101

$group->buttons[] = ['divider' => true];

102

103

// Copy

104

$group->buttons[] = array(

105

'id' => 'usergroup_button_copy',

106

'url' => $this->urlFor('group.copy.form', ['id' => $group->groupId]),

107

'text' => __('Copy')

108

);

109

110

$group->buttons[] = ['divider' => true];

171

111

172

112

// Members

173

113

$group->buttons[] = array(

176

116

'text' => __('Members')

177

117

);

178

118

179

if ($this->getUser()->isSuperAdmin()) {

180

// Page Security

181

$group->buttons[] = array(

182

'id' => 'usergroup_button_page_security',

183

'url' => $this->urlFor('group.acl.form', ['id' => $group->groupId]),

184

'text' => __('Page Security')

185

);

186

}

119

// Page Security

120

$group->buttons[] = array(

121

'id' => 'usergroup_button_page_security',

122

'url' => $this->urlFor('group.acl.form', ['id' => $group->groupId]),

123

'text' => __('Page Security')

124

);

187

125

}

188

126

}

189

127

190

128

$this->getState()->template = 'grid';

191

$this->getState()->recordsTotal = $this->userGroupFactory->countLast();

129

$this->getState()->recordsTotal = UserGroupFactory::countLast();

192

130

$this->getState()->setData($groups);

193

131

}

194

132

200

138

$this->getState()->template = 'usergroup-form-add';

201

139

$this->getState()->setData([

202

140

'help' => [

203

'add' => $this->getHelp()->link('UserGroup', 'Add')

141

'add' => Help::Link('UserGroup', 'Add')

204

142

]

205

143

]);

206

144

}

211

149

212

150

function editForm($groupId)

213

151

{

214

$group = $this->userGroupFactory->getById($groupId);

152

$group = UserGroupFactory::getById($groupId);

215

153

216

if (!$this->isEditable($group))

154

if (!$this->getUser()->checkEditable($group))

217

155

throw new AccessDeniedException();

218

156

219

157

$this->getState()->template = 'usergroup-form-edit';

220

158

$this->getState()->setData([

221

159

'group' => $group,

222

160

'help' => [

223

'add' => $this->getHelp()->link('UserGroup', 'Edit')

161

'add' => Help::Link('UserGroup', 'Edit')

224

162

]

225

163

]);

226

164

}

232

170

233

171

function deleteForm($groupId)

234

172

{

235

$group = $this->userGroupFactory->getById($groupId);

173

$group = UserGroupFactory::getById($groupId);

236

174

237

if (!$this->isEditable($group))

175

if (!$this->getUser()->checkDeleteable($group))

238

176

throw new AccessDeniedException();

239

177

240

178

$this->getState()->template = 'usergroup-form-delete';

241

179

$this->getState()->setData([

242

180

'group' => $group,

243

181

'help' => [

244

'delete' => $this->getHelp()->link('UserGroup', 'Delete')

182

'delete' => Help::Link('UserGroup', 'Delete')

245

183

]

246

184

]);

247

185

}

251

189

252

190

function add()

253

191

{

254

// Check permissions

255

if (!$this->getUser()->isSuperAdmin())

256

throw new AccessDeniedException();

257

258

192

// Build a user entity and save it

259

$group = $this->userGroupFactory->createEmpty();

260

$group->group = $this->getSanitizer()->getString('group');

261

$group->libraryQuota = $this->getSanitizer()->getInt('libraryQuota');

262

263

if ($this->getUser()->userTypeId == 1) {

264

$group->isSystemNotification = $this->getSanitizer()->getCheckbox('isSystemNotification');

265

$group->isDisplayNotification = $this->getSanitizer()->getCheckbox('isDisplayNotification');

266

}

193

$group = new \Xibo\Entity\UserGroup();

194

$group->group = Sanitize::getString('group');

195

$group->libraryQuota = Sanitize::getInt('libraryQuota');

267

196

268

197

// Save

269

198

$group->save();

282

211

283

212

function edit($groupId)

284

213

{

285

// Check permissions

286

if (!$this->getUser()->isSuperAdmin() && !$this->getUser()->isGroupAdmin())

287

throw new AccessDeniedException();

288

289

$group = $this->userGroupFactory->getById($groupId);

290

291

if (!$this->isEditable($group))

292

throw new AccessDeniedException();

293

294

$group->load();

295

296

$group->group = $this->getSanitizer()->getString('group');

297

$group->libraryQuota = $this->getSanitizer()->getInt('libraryQuota');

298

299

if ($this->getUser()->userTypeId == 1) {

300

$group->isSystemNotification = $this->getSanitizer()->getCheckbox('isSystemNotification');

301

$group->isDisplayNotification = $this->getSanitizer()->getCheckbox('isDisplayNotification');

302

}

214

$group = UserGroupFactory::getById($groupId);

215

216

if (!$this->getUser()->checkEditable($group))

217

throw new AccessDeniedException();

218

219

$group->group = Sanitize::getString('group');

220

$group->libraryQuota = Sanitize::getInt('libraryQuota');

303

221

304

222

// Save

305

223

$group->save();

319

237

320

238

function delete($groupId)

321

239

{

322

// Check permissions

323

if (!$this->getUser()->isSuperAdmin())

324

throw new AccessDeniedException();

325

326

$group = $this->userGroupFactory->getById($groupId);

327

328

if (!$this->isEditable($group))

240

$group = UserGroupFactory::getById($groupId);

241

242

if (!$this->getUser()->checkDeleteable($group))

329

243

throw new AccessDeniedException();

330

244

331

245

$group->delete();

344

258

public function aclForm($groupId)

345

259

{

346

260

// Check permissions to this function

347

if (!$this->getUser()->isSuperAdmin())

261

if ($this->getUser()->userTypeId != 1)

348

262

throw new AccessDeniedException();

349

263

350

264

// Use the factory to get all the entities

351

$entities = $this->pageFactory->query();

265

$entities = PageFactory::query();

352

266

353

267

// Load the Group we are working on

354

268

// Get the object

355

269

if ($groupId == 0)

356

270

throw new \InvalidArgumentException(__('ACL form requested without a User Group'));

357

271

358

$group = $this->userGroupFactory->getById($groupId);

272

$group = UserGroupFactory::getById($groupId);

359

273

360

274

// Get all permissions for this user and this object

361

$permissions = $this->permissionFactory->getByGroupId('Page', $groupId);

275

$permissions = PermissionFactory::getByGroupId('Page', $groupId);

362

276

363

277

$checkboxes = array();

364

278

392

306

'groupId' => $groupId,

393

307

'group' => $group->group,

394

308

'permissions' => $checkboxes,

395

'help' => $this->getHelp()->link('User', 'Acl')

309

'help' => Help::Link('User', 'Acl')

396

310

];

397

311

398

312

$this->getState()->template = 'usergroup-form-acl';

406

320

public function acl($groupId)

407

321

{

408

322

// Check permissions to this function

409

if (!$this->getUser()->isSuperAdmin())

323

if ($this->getUser()->userTypeId != 1)

410

324

throw new AccessDeniedException();

411

325

412

326

// Load the Group we are working on

414

328

if ($groupId == 0)

415

329

throw new \InvalidArgumentException(__('ACL form requested without a User Group'));

416

330

417

$group = $this->userGroupFactory->getById($groupId);

331

$group = UserGroupFactory::getById($groupId);

418

332

419

333

// Use the factory to get all the entities

420

$entities = $this->pageFactory->query();

334

$entities = PageFactory::query();

421

335

422

336

// Get all permissions for this user and this object

423

$permissions = $this->permissionFactory->getByGroupId('Page', $groupId);

424

$objectIds = $this->getSanitizer()->getParam('objectId', null);

337

$permissions = PermissionFactory::getByGroupId('Page', $groupId);

338

$objectIds = $this->getApp()->request()->params('objectId');

425

339

426

340

if (!is_array($objectIds))

427

$objectIds = [];

341

throw new \InvalidArgumentException(__('Missing New ACL'));

428

342

429

343

$newAcl = array();

430

344

array_map(function ($string) use (&$newAcl) {

432

346

return $newAcl[$array[0]][$array[1]] = 1;

433

347

}, $objectIds);

434

348

435

$this->getLog()->debug(var_export($newAcl, true));

349

Log::debug(var_export($newAcl, true));

436

350

437

351

foreach ($entities as $page) {

438

352

/* @var Page $page */

453

367

if ($permission == null) {

454

368

if ($view) {

455

369

// Not currently assigned and needs to be

456

$permission = $this->permissionFactory->create($groupId, get_class($page), $objectId, 1, 0, 0);

370

$permission = PermissionFactory::create($groupId, get_class($page), $objectId, 1, 0, 0);

457

371

$permission->save();

458

372

}

459

373

}

460

374

else {

461

$this->getLog()->debug('Permission Exists for %s, and has been set to %d.', $page->getName(), $view);

375

Log::debug('Permission Exists for %s, and has been set to %d.', $page->getName(), $view);

462

376

// Currently assigned

463

377

if ($view) {

464

378

$permission->view = 1;

483

397

484

398

public function membersForm($groupId)

485

399

{

486

$group = $this->userGroupFactory->getById($groupId);

400

$group = UserGroupFactory::getById($groupId);

487

401

488

if (!$this->isEditable($group))

402

if (!$this->getUser()->checkEditable($group))

489

403

throw new AccessDeniedException();

490

404

491

405

// Users in group

492

$usersAssigned = $this->userFactory->query(null, array('groupIds' => array($groupId)));

406

$usersAssigned = UserFactory::query(null, array('groupIds' => array($groupId)));

493

407

494

408

// Users not in group

495

$allUsers = $this->userFactory->query();

409

$allUsers = UserFactory::query();

496

410

497

411

// The available users are all users except users already in assigned users

498

412

$checkboxes = array();

523

437

$this->getState()->setData([

524

438

'group' => $group,

525

439

'checkboxes' => $checkboxes,

526

'help' => $this->getHelp()->link('UserGroup', 'Members')

440

'help' => Help::Link('UserGroup', 'Members')

527

441

]);

528

442

}

529

443

533

447

534

448

public function assignUser($groupId)

535

449

{

536

$this->getLog()->debug('Assign User for groupId %d', $groupId);

537

538

$group = $this->userGroupFactory->getById($groupId);

539

540

if (!$this->isEditable($group))

450

Log::debug('Assign User for groupId %d', $groupId);

451

452

$group = UserGroupFactory::getById($groupId);

453

454

if (!$this->getUser()->checkEditable($group))

541

455

throw new AccessDeniedException();

542

456

543

$users = $this->getSanitizer()->getIntArray('userId');

457

$users = Sanitize::getIntArray('userId');

544

458

545

459

foreach ($users as $userId) {

546

460

547

$this->getLog()->debug('Assign User %d for groupId %d', $userId, $groupId);

461

Log::debug('Assign User %d for groupId %d', $userId, $groupId);

548

462

549

$user = $this->userFactory->getById($userId);

463

$user = UserFactory::getById($userId);

550

464

551

465

if (!$this->getUser()->checkViewable($user))

552

466

throw new AccessDeniedException(__('Access Denied to User'));

555

469

}

556

470

557

471

// Check to see if unassign has been provided.

558

$users = $this->getSanitizer()->getIntArray('unassignUserId');

472

$users = Sanitize::getIntArray('unassignUserId');

559

473

560

474

foreach ($users as $userId) {

561

475

562

$this->getLog()->debug('Unassign User %d for groupId %d', $userId, $groupId);

476

Log::debug('Unassign User %d for groupId %d', $userId, $groupId);

563

477

564

$user = $this->userFactory->getById($userId);

478

$user = UserFactory::getById($userId);

565

479

566

480

if (!$this->getUser()->checkViewable($user))

567

481

throw new AccessDeniedException(__('Access Denied to User'));

569

483

$group->unassignUser($user);

570

484

}

571

485

572

$group->save(['validate' => false]);

486

$group->save(false);

573

487

574

488

// Return

575

489

$this->getState()->hydrate([

584

498

585

499

public function unassignUser($groupId)

586

500

{

587

$group = $this->userGroupFactory->getById($groupId);

501

$group = UserGroupFactory::getById($groupId);

588

502

589

if (!$this->isEditable($group))

503

if (!$this->getUser()->checkEditable($group))

590

504

throw new AccessDeniedException();

591

505

592

$users = $this->getSanitizer()->getIntArray('userId');

506

$users = Sanitize::getIntArray('userId');

593

507

594

508

foreach ($users as $userId) {

595

$group->unassignUser($this->userFactory->getById($userId));

509

$group->unassignUser(UserFactory::getById($userId));

596

510

}

597

511

598

$group->save(['validate' => false]);

512

$group->save(false);

599

513

600

514

// Return

601

515

$this->getState()->hydrate([

610

524

611

525

function copyForm($groupId)

612

526

{

613

$group = $this->userGroupFactory->getById($groupId);

527

$group = UserGroupFactory::getById($groupId);

614

528

615

if (!$this->isEditable($group))

529

if (!$this->getUser()->checkViewable($group))

616

530

throw new AccessDeniedException();

617

531

618

532

$this->getState()->template = 'usergroup-form-copy';

665

579

666

580

public function copy($userGroupId)

667

581

{

668

$group = $this->userGroupFactory->getById($userGroupId);

582

$group = UserGroupFactory::getById($userGroupId);

669

583

670

584

// Check we have permission to view this group

671

if (!$this->isEditable($group))

585

if (!$this->getUser()->checkViewable($group))

672

586

throw new AccessDeniedException();

673

587

674

588

// Clone the group

675

589

$group->load([

676

'loadUsers' => ($this->getSanitizer()->getCheckbox('copyMembers') == 1)

590

'loadUsers' => (Sanitize::getCheckbox('copyMembers') == 1)

677

591

]);

678

592

$newGroup = clone $group;

679

$newGroup->group = $this->getSanitizer()->getString('group');

593

$newGroup->group = Sanitize::getString('group');

680

594

$newGroup->save();

681

595

682

596

// Copy permissions

683

foreach ($this->permissionFactory->getByGroupId('Page', $group->groupId) as $permission) {

597

foreach (PermissionFactory::getByGroupId('Page', $group->groupId) as $permission) {

684

598

/* @var Permission $permission */

685

599

$permission = clone $permission;

686

600

$permission->groupId = $newGroup->groupId;

694

608

'data' => $newGroup

695

609

]);

696

610

}

697

698

/**

699

* @param \Xibo\Entity\UserGroup $group

700

* @return bool

701

702

private function isEditable($group)

703

{

704

return $this->getUser()->isSuperAdmin()

705

|| ($this->getUser()->isGroupAdmin() && count(array_intersect($this->getUser()->groups, [$group])));

706

}

707

611

}

Older »