mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-06-07 18:44:08 +00:00
551 lines
19 KiB
PHP
551 lines
19 KiB
PHP
<?php
|
|
|
|
namespace Chill\MainBundle\Controller;
|
|
|
|
use Chill\MainBundle\Security\RoleProvider;
|
|
use Chill\MainBundle\Templating\TranslatableStringHelper;
|
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
|
|
use Chill\MainBundle\Entity\RoleScope;
|
|
use Chill\MainBundle\Entity\PermissionsGroup;
|
|
use Chill\MainBundle\Form\PermissionsGroupType;
|
|
use Symfony\Component\Security\Core\Role\Role;
|
|
use Symfony\Component\Security\Core\Role\RoleHierarchy;
|
|
use Chill\MainBundle\Entity\Scope;
|
|
use Chill\MainBundle\Form\Type\ComposedRoleScopeType;
|
|
use Symfony\Contracts\Translation\TranslatorInterface;
|
|
|
|
/**
|
|
* Class PermissionsGroupController
|
|
*
|
|
* @package Chill\MainBundle\Controller
|
|
*/
|
|
class PermissionsGroupController extends AbstractController
|
|
{
|
|
/**
|
|
* @var TranslatableStringHelper
|
|
*/
|
|
private $translatableStringHelper;
|
|
|
|
/**
|
|
* @var RoleProvider $roleProvider
|
|
*/
|
|
private $roleProvider;
|
|
|
|
/**
|
|
* @var RoleHierarchy $roleHierarchy
|
|
*/
|
|
private $roleHierarchy;
|
|
|
|
/**
|
|
* @var TranslatorInterface
|
|
*/
|
|
private $translator;
|
|
|
|
/**
|
|
* PermissionsGroupController constructor.
|
|
*
|
|
* @param TranslatableStringHelper $translatableStringHelper
|
|
* @param RoleProvider $roleProvider
|
|
* @param RoleHierarchy $roleHierarchy
|
|
* @param TranslatorInterface $translator
|
|
*/
|
|
public function __construct(
|
|
TranslatableStringHelper $translatableStringHelper,
|
|
RoleProvider $roleProvider,
|
|
RoleHierarchy $roleHierarchy,
|
|
TranslatorInterface $translator
|
|
)
|
|
{
|
|
$this->translatableStringHelper = $translatableStringHelper;
|
|
$this->roleProvider = $roleProvider;
|
|
$this->roleHierarchy = $roleHierarchy;
|
|
$this->translator = $translator;
|
|
}
|
|
|
|
/**
|
|
* Lists all PermissionsGroup entities.
|
|
*
|
|
*/
|
|
public function indexAction()
|
|
{
|
|
$em = $this->getDoctrine()->getManager();
|
|
|
|
$entities = $em->getRepository('ChillMainBundle:PermissionsGroup')->findAll();
|
|
|
|
return $this->render('@ChillMain/PermissionsGroup/index.html.twig', array(
|
|
'entities' => $entities,
|
|
));
|
|
}
|
|
|
|
/**
|
|
* Creates a new PermissionsGroup entity.
|
|
*
|
|
*/
|
|
public function createAction(Request $request)
|
|
{
|
|
$permissionsGroup = new PermissionsGroup();
|
|
$form = $this->createCreateForm($permissionsGroup);
|
|
$form->handleRequest($request);
|
|
|
|
if ($form->isValid()) {
|
|
$em = $this->getDoctrine()->getManager();
|
|
$em->persist($permissionsGroup);
|
|
$em->flush();
|
|
|
|
return $this->redirect($this->generateUrl('admin_permissionsgroup_edit',
|
|
array('id' => $permissionsGroup->getId())));
|
|
}
|
|
|
|
return $this->render('@ChillMain/PermissionsGroup/new.html.twig', array(
|
|
'entity' => $permissionsGroup,
|
|
'form' => $form->createView(),
|
|
));
|
|
}
|
|
|
|
/**
|
|
* Creates a form to create a PermissionsGroup entity.
|
|
*
|
|
* @param PermissionsGroup $permissionsGroup The entity
|
|
*
|
|
* @return \Symfony\Component\Form\Form The form
|
|
*/
|
|
private function createCreateForm(PermissionsGroup $permissionsGroup)
|
|
{
|
|
$form = $this->createForm(PermissionsGroupType::class, $permissionsGroup, array(
|
|
'action' => $this->generateUrl('admin_permissionsgroup_create'),
|
|
'method' => 'POST',
|
|
));
|
|
|
|
$form->add('submit', SubmitType::class, array('label' => 'Create'));
|
|
|
|
return $form;
|
|
}
|
|
|
|
/**
|
|
* Displays a form to create a new PermissionsGroup entity.
|
|
*
|
|
*/
|
|
public function newAction()
|
|
{
|
|
$permissionsGroup = new PermissionsGroup();
|
|
$form = $this->createCreateForm($permissionsGroup);
|
|
|
|
return $this->render('@ChillMain/PermissionsGroup/new.html.twig', array(
|
|
'entity' => $permissionsGroup,
|
|
'form' => $form->createView(),
|
|
));
|
|
}
|
|
|
|
/**
|
|
* Finds and displays a PermissionsGroup entity.
|
|
*
|
|
*/
|
|
public function showAction($id)
|
|
{
|
|
$em = $this->getDoctrine()->getManager();
|
|
|
|
$permissionsGroup = $em->getRepository('ChillMainBundle:PermissionsGroup')->find($id);
|
|
|
|
if (!$permissionsGroup) {
|
|
throw $this->createNotFoundException('Unable to find PermissionsGroup entity.');
|
|
}
|
|
|
|
$translatableStringHelper = $this->translatableStringHelper;
|
|
$roleScopes = $permissionsGroup->getRoleScopes()->toArray();
|
|
|
|
// sort $roleScopes by name
|
|
usort($roleScopes,
|
|
function(RoleScope $a, RoleScope $b) use ($translatableStringHelper) {
|
|
if ($a->getScope() === NULL) {
|
|
return 1;
|
|
}
|
|
if ($b->getScope() === NULL) {
|
|
return +1;
|
|
}
|
|
|
|
return strcmp(
|
|
$translatableStringHelper->localize($a->getScope()->getName()),
|
|
$translatableStringHelper->localize($b->getScope()->getName())
|
|
);
|
|
});
|
|
|
|
// sort role scope by title
|
|
$roleProvider = $this->roleProvider;
|
|
$roleScopesSorted = array();
|
|
foreach($roleScopes as $roleScope) {
|
|
|
|
/* @var $roleScope RoleScope */
|
|
$title = $roleProvider->getRoleTitle($roleScope->getRole());
|
|
$roleScopesSorted[$title][] = $roleScope;
|
|
}
|
|
ksort($roleScopesSorted);
|
|
|
|
return $this->render('@ChillMain/PermissionsGroup/show.html.twig', array(
|
|
'entity' => $permissionsGroup,
|
|
'role_scopes_sorted' => $roleScopesSorted,
|
|
'expanded_roles' => $this->getExpandedRoles($roleScopes)
|
|
));
|
|
}
|
|
|
|
/**
|
|
* expand roleScopes to be easily shown in template
|
|
*
|
|
* @param array $roleScopes
|
|
* @return array
|
|
*/
|
|
private function getExpandedRoles(array $roleScopes)
|
|
{
|
|
$expandedRoles = array();
|
|
foreach ($roleScopes as $roleScope) {
|
|
if (!array_key_exists($roleScope->getRole(), $expandedRoles)) {
|
|
$expandedRoles[$roleScope->getRole()] =
|
|
array_map(
|
|
function(Role $role) {
|
|
return $role->getRole();
|
|
},
|
|
$this->roleHierarchy
|
|
->getReachableRoles(
|
|
array(new Role($roleScope->getRole()))
|
|
)
|
|
);
|
|
}
|
|
}
|
|
return $expandedRoles;
|
|
}
|
|
|
|
/**
|
|
* Displays a form to edit an existing PermissionsGroup entity.
|
|
*
|
|
*/
|
|
public function editAction($id)
|
|
{
|
|
$em = $this->getDoctrine()->getManager();
|
|
|
|
$permissionsGroup = $em->getRepository('ChillMainBundle:PermissionsGroup')->find($id);
|
|
|
|
if (!$permissionsGroup) {
|
|
throw $this->createNotFoundException('Unable to find PermissionsGroup entity.');
|
|
}
|
|
|
|
// create all the forms
|
|
$editForm = $this->createEditForm($permissionsGroup);
|
|
|
|
$deleteRoleScopesForm = array();
|
|
foreach ($permissionsGroup->getRoleScopes() as $roleScope) {
|
|
$deleteRoleScopesForm[$roleScope->getId()] = $this->createDeleteRoleScopeForm(
|
|
$permissionsGroup, $roleScope);
|
|
}
|
|
|
|
$addRoleScopesForm = $this->createAddRoleScopeForm($permissionsGroup);
|
|
|
|
// sort role scope by title
|
|
$roleProvider = $this->roleProvider;
|
|
$roleScopesSorted = array();
|
|
foreach($permissionsGroup->getRoleScopes()->toArray() as $roleScope) {
|
|
/* @var $roleScope RoleScope */
|
|
$title = $roleProvider->getRoleTitle($roleScope->getRole());
|
|
$roleScopesSorted[$title][] = $roleScope;
|
|
}
|
|
ksort($roleScopesSorted);
|
|
|
|
return $this->render('@ChillMain/PermissionsGroup/edit.html.twig', array(
|
|
'entity' => $permissionsGroup,
|
|
'role_scopes_sorted' => $roleScopesSorted,
|
|
'edit_form' => $editForm->createView(),
|
|
'expanded_roles' => $this->getExpandedRoles($permissionsGroup->getRoleScopes()->toArray()),
|
|
'delete_role_scopes_form' => array_map( function($form) {
|
|
|
|
return $form->createView();
|
|
}, $deleteRoleScopesForm),
|
|
'add_role_scopes_form' => $addRoleScopesForm->createView()
|
|
));
|
|
}
|
|
|
|
/**
|
|
* Creates a form to edit a PermissionsGroup entity.
|
|
*
|
|
* @param PermissionsGroup $permissionsGroup The entity
|
|
*
|
|
* @return \Symfony\Component\Form\Form The form
|
|
*/
|
|
private function createEditForm(PermissionsGroup $permissionsGroup)
|
|
{
|
|
$form = $this->createForm(PermissionsGroupType::class, $permissionsGroup, array(
|
|
'action' => $this->generateUrl('admin_permissionsgroup_update', array('id' => $permissionsGroup->getId())),
|
|
'method' => 'PUT',
|
|
));
|
|
|
|
$form->add('submit', SubmitType::class, array('label' => 'Update'));
|
|
|
|
return $form;
|
|
}
|
|
|
|
/**
|
|
* Edits an existing PermissionsGroup entity.
|
|
*
|
|
*/
|
|
public function updateAction(Request $request, $id)
|
|
{
|
|
$em = $this->getDoctrine()->getManager();
|
|
|
|
$permissionsGroup = $em
|
|
->getRepository('ChillMainBundle:PermissionsGroup')
|
|
->find($id);
|
|
|
|
if (!$permissionsGroup) {
|
|
throw $this->createNotFoundException('Unable to find Permissions'
|
|
. 'Group entity.');
|
|
}
|
|
|
|
$editForm = $this->createEditForm($permissionsGroup);
|
|
$editForm->handleRequest($request);
|
|
|
|
if ($editForm->isValid()) {
|
|
|
|
$em->flush();
|
|
|
|
return $this->redirect($this->generateUrl('admin_permissionsgroup_edit', array('id' => $id)));
|
|
}
|
|
|
|
$deleteRoleScopesForm = array();
|
|
foreach ($permissionsGroup->getRoleScopes() as $roleScope) {
|
|
$deleteRoleScopesForm[$roleScope->getId()] = $this->createDeleteRoleScopeForm(
|
|
$permissionsGroup, $roleScope);
|
|
}
|
|
|
|
$addRoleScopesForm = $this->createAddRoleScopeForm($permissionsGroup);
|
|
|
|
// sort role scope by title
|
|
$roleProvider = $this->roleProvider;
|
|
$roleScopesSorted = array();
|
|
foreach($permissionsGroup->getRoleScopes()->toArray() as $roleScope) {
|
|
/* @var $roleScope RoleScope */
|
|
$title = $roleProvider->getRoleTitle($roleScope->getRole());
|
|
$roleScopesSorted[$title][] = $roleScope;
|
|
}
|
|
ksort($roleScopesSorted);
|
|
|
|
return $this->render('@ChillMain/PermissionsGroup/edit.html.twig', array(
|
|
'entity' => $permissionsGroup,
|
|
'role_scopes_sorted' => $roleScopesSorted,
|
|
'edit_form' => $editForm->createView(),
|
|
'expanded_roles' => $this->getExpandedRoles($permissionsGroup->getRoleScopes()->toArray()),
|
|
'delete_role_scopes_form' => array_map( function($form) {
|
|
|
|
return $form->createView();
|
|
}, $deleteRoleScopesForm),
|
|
'add_role_scopes_form' => $addRoleScopesForm->createView()
|
|
));
|
|
}
|
|
|
|
/**
|
|
* get a role scope by his parameters. The role scope is persisted if it
|
|
* doesn't exists in database.
|
|
*
|
|
* @param Scope $scope
|
|
* @param string $role
|
|
* @return RoleScope
|
|
*/
|
|
protected function getPersistentRoleScopeBy($role, Scope $scope = null)
|
|
{
|
|
$em = $this->getDoctrine()->getManager();
|
|
|
|
$roleScope = $em->getRepository('ChillMainBundle:RoleScope')
|
|
->findOneBy(array('role' => $role, 'scope' => $scope));
|
|
|
|
if ($roleScope === NULL) {
|
|
$roleScope = (new RoleScope())
|
|
->setRole($role)
|
|
->setScope($scope)
|
|
;
|
|
|
|
$em->persist($roleScope);
|
|
}
|
|
|
|
return $roleScope;
|
|
}
|
|
|
|
/**
|
|
* remove an association between permissionsGroup and roleScope
|
|
*
|
|
* @param int $pgid permissionsGroup id
|
|
* @param int $rsid roleScope id
|
|
* @return redirection to edit form
|
|
*/
|
|
public function deleteLinkRoleScopeAction($pgid, $rsid)
|
|
{
|
|
$em = $this->getDoctrine()->getManager();
|
|
|
|
$permissionsGroup = $em->getRepository('ChillMainBundle:PermissionsGroup')->find($pgid);
|
|
$roleScope = $em->getRepository('ChillMainBundle:RoleScope')->find($rsid);
|
|
|
|
if (!$permissionsGroup) {
|
|
throw $this->createNotFoundException('Unable to find PermissionsGroup entity.');
|
|
}
|
|
|
|
if (!$roleScope) {
|
|
throw $this->createNotFoundException('Unable to find RoleScope entity');
|
|
}
|
|
|
|
try {
|
|
$permissionsGroup->removeRoleScope($roleScope);
|
|
} catch (\RuntimeException $ex) {
|
|
$this->addFlash('notice',
|
|
$this->translator->trans("The role '%role%' and circle "
|
|
. "'%scope%' is not associated with this permission group", array(
|
|
'%role%' => $this->translator->trans($roleScope->getRole()),
|
|
'%scope%' => $this->translatableStringHelper
|
|
->localize($roleScope->getScope()->getName())
|
|
)));
|
|
|
|
return $this->redirect($this->generateUrl('admin_permissionsgroup_edit',
|
|
array('id' => $pgid)));
|
|
}
|
|
|
|
$em->flush();
|
|
|
|
if ($roleScope->getScope() !== NULL ) {
|
|
$this->addFlash('notice',
|
|
$this->translator->trans("The role '%role%' on circle "
|
|
. "'%scope%' has been removed", array(
|
|
'%role%' => $this->translator->trans($roleScope->getRole()),
|
|
'%scope%' => $this->translatableStringHelper
|
|
->localize($roleScope->getScope()->getName())
|
|
)));
|
|
} else {
|
|
$this->addFlash('notice',
|
|
$this->translator->trans("The role '%role%' has been removed", array(
|
|
'%role%' => $this->translator->trans($roleScope->getRole())
|
|
)));
|
|
}
|
|
|
|
return $this->redirect($this->generateUrl('admin_permissionsgroup_edit',
|
|
array('id' => $pgid)));
|
|
}
|
|
|
|
/**
|
|
*
|
|
* @param Request $request
|
|
* @param int $id
|
|
* @return Respon
|
|
* @throws type
|
|
*/
|
|
public function addLinkRoleScopeAction(Request $request, $id)
|
|
{
|
|
$em = $this->getDoctrine()->getManager();
|
|
|
|
$permissionsGroup = $em->getRepository('ChillMainBundle:PermissionsGroup')->find($id);
|
|
|
|
if (!$permissionsGroup) {
|
|
throw $this->createNotFoundException('Unable to find PermissionsGroup entity.');
|
|
}
|
|
|
|
$form = $this->createAddRoleScopeForm($permissionsGroup);
|
|
$form->handleRequest($request);
|
|
|
|
if ($form->isValid()) {
|
|
$roleScope = $this->getPersistentRoleScopeBy(
|
|
$form['composed_role_scope']->getData()->getRole(),
|
|
$form['composed_role_scope']->getData()->getScope()
|
|
);
|
|
|
|
$permissionsGroup->addRoleScope($roleScope);
|
|
$violations = $this->get('validator')->validate($permissionsGroup);
|
|
|
|
if ($violations->count() === 0) {
|
|
$em->flush();
|
|
|
|
$this->addFlash('notice',
|
|
$this->translator->trans("The permissions have been added"));
|
|
|
|
return $this->redirect($this->generateUrl('admin_permissionsgroup_edit',
|
|
array('id' => $id)));
|
|
} else {
|
|
foreach($violations as $error) {
|
|
$this->addFlash('error', $error->getMessage());
|
|
}
|
|
}
|
|
|
|
} else {
|
|
foreach ($form->getErrors() as $error) {
|
|
$this->addFlash('error', $error->getMessage());
|
|
}
|
|
}
|
|
|
|
$editForm = $this->createEditForm($permissionsGroup);
|
|
|
|
$deleteRoleScopesForm = array();
|
|
foreach ($permissionsGroup->getRoleScopes() as $roleScope) {
|
|
$deleteRoleScopesForm[$roleScope->getId()] = $this->createDeleteRoleScopeForm(
|
|
$permissionsGroup, $roleScope);
|
|
}
|
|
|
|
$addRoleScopesForm = $this->createAddRoleScopeForm($permissionsGroup);
|
|
|
|
// sort role scope by title
|
|
|
|
$roleProvider = $this->roleProvider;
|
|
$roleScopesSorted = array();
|
|
foreach($permissionsGroup->getRoleScopes()->toArray() as $roleScope) {
|
|
/* @var $roleScope RoleScope */
|
|
$title = $roleProvider->getRoleTitle($roleScope->getRole());
|
|
$roleScopesSorted[$title][] = $roleScope;
|
|
}
|
|
ksort($roleScopesSorted);
|
|
|
|
return $this->render('@ChillMain/PermissionsGroup/edit.html.twig', array(
|
|
'entity' => $permissionsGroup,
|
|
'edit_form' => $editForm->createView(),
|
|
'role_scopes_sorted' => $roleScopesSorted,
|
|
'expanded_roles' => $this->getExpandedRoles($permissionsGroup->getRoleScopes()->toArray()),
|
|
'delete_role_scopes_form' => array_map( function($form) {
|
|
|
|
return $form->createView();
|
|
}, $deleteRoleScopesForm),
|
|
'add_role_scopes_form' => $addRoleScopesForm->createView()
|
|
));
|
|
|
|
}
|
|
|
|
/**
|
|
* Creates a form to delete a link to roleScope.
|
|
*
|
|
* @param mixed $permissionsGroup The entity id
|
|
*
|
|
* @return \Symfony\Component\Form\Form The form
|
|
*/
|
|
private function createDeleteRoleScopeForm(PermissionsGroup $permissionsGroup,
|
|
RoleScope $roleScope)
|
|
{
|
|
return $this->createFormBuilder()
|
|
->setAction($this->generateUrl('admin_permissionsgroup_delete_role_scope',
|
|
array('pgid' => $permissionsGroup->getId(), 'rsid' => $roleScope->getId())))
|
|
->setMethod('DELETE')
|
|
->add('submit', SubmitType::class, array('label' => 'Delete'))
|
|
->getForm()
|
|
;
|
|
}
|
|
|
|
/**
|
|
* creates a form to add a role scope to permissionsgroup
|
|
*
|
|
* @param PermissionsGroup $permissionsGroup
|
|
* @return \Symfony\Component\Form\Form The form
|
|
*/
|
|
private function createAddRoleScopeForm(PermissionsGroup $permissionsGroup)
|
|
{
|
|
return $this->createFormBuilder()
|
|
->setAction($this->generateUrl('admin_permissionsgroup_add_role_scope',
|
|
array('id' => $permissionsGroup->getId())))
|
|
->setMethod('PUT')
|
|
->add('composed_role_scope', ComposedRoleScopeType::class)
|
|
->add('submit', SubmitType::class, array('label' => 'Add permission'))
|
|
->getForm()
|
|
;
|
|
}
|
|
|
|
|
|
}
|