diff --git a/Admin/Routes/Web/Api.php b/Admin/Routes/Web/Api.php index e9117bb..df42460 100755 --- a/Admin/Routes/Web/Api.php +++ b/Admin/Routes/Web/Api.php @@ -117,7 +117,7 @@ return [ ], ], - '^.*/admin/group$' => [ + '^.*/admin/group(\?.*|$)$' => [ [ 'dest' => '\Modules\Admin\Controller\ApiController:apiGroupCreate', 'verb' => RouteVerb::PUT, @@ -164,7 +164,7 @@ return [ ], ], - '^.*/admin/find/account(\?.*|$)' => [ + '^.*/admin/account/find(\?.*|$)' => [ [ 'dest' => '\Modules\Admin\Controller\ApiController:apiAccountFind', 'verb' => RouteVerb::GET, @@ -177,7 +177,7 @@ return [ ], ], ], - '^.*/admin/find/group(\?.*$|$)' => [ + '^.*/admin/group/find(\?.*$|$)' => [ [ 'dest' => '\Modules\Admin\Controller\ApiController:apiGroupFind', 'verb' => RouteVerb::GET, @@ -450,7 +450,7 @@ return [ ], ], ], - '^.*/account/address$' => [ + '^.*/account/address(\?.*|$)$' => [ [ 'dest' => '\Modules\Admin\Controller\ApiController:apiAddressCreate', 'verb' => RouteVerb::PUT, @@ -485,7 +485,7 @@ return [ ], ], ], - '^.*/account/contact$' => [ + '^.*/account/contact(\?.*|$)$' => [ [ 'dest' => '\Modules\Admin\Controller\ApiController:apiContactCreate', 'verb' => RouteVerb::PUT, diff --git a/Controller/ApiController.php b/Controller/ApiController.php index 43ecff5..0f4169e 100755 --- a/Controller/ApiController.php +++ b/Controller/ApiController.php @@ -72,7 +72,6 @@ use phpOMS\Message\NotificationLevel; use phpOMS\Message\RequestAbstract; use phpOMS\Message\ResponseAbstract; use phpOMS\Model\Message\FormValidation; -use phpOMS\Model\Message\Reload; use phpOMS\Module\ModuleInfo; use phpOMS\Module\ModuleStatus; use phpOMS\Security\EncryptionHelper; @@ -88,8 +87,6 @@ use phpOMS\Utils\Parser\Php\ArrayParser; use phpOMS\Utils\RnG\StringUtils as StringRng; use phpOMS\Utils\StringUtils; use phpOMS\Validation\Network\Email as EmailValidator; -use phpOMS\Version\Version; -use Modules\Media\Models\UploadStatus; /** * Admin controller class. @@ -106,6 +103,12 @@ use Modules\Media\Models\UploadStatus; * * @todo Split up the ApiController, it is doing way to much in one file. * Consider to create one for: accounts+groups+permissions and one for general stuff like address+settings etc. + * + * @todo Create api key/token permissions for api interactions through tokens + * Maybe we need to assign tokens to users but sometimes users want to give tokens limited permissions + * https://github.com/Karaka-Management/oms-Admin/issues/24 + * https://github.com/Karaka-Management/oms-Admin/issues/25 + * https://github.com/Karaka-Management/oms-Admin/issues/26 */ final class ApiController extends Controller { @@ -133,7 +136,7 @@ final class ApiController extends Controller if ($login > LoginReturnType::OK) { $this->app->sessionManager->set('UID', $login, true); - $response->set($request->uri->__toString(), new Reload()); + $response->set($request->uri->__toString(), new \phpOMS\Model\Message\Redirect()); } elseif ($login === LoginReturnType::NOT_ACTIVATED) { $response->header->status = RequestStatusCode::R_401; $this->fillJsonResponse( @@ -372,7 +375,7 @@ final class ApiController extends Controller ]); } - $token = (string) \random_bytes(64); + $token = (string) \bin2hex(\random_bytes(32)); $handler = $this->setUpServerMailHandler(); $resetLink = UriFactory::build('{/base}/reset?user=' . $account->id . '&token=' . $token); @@ -1143,7 +1146,7 @@ final class ApiController extends Controller $upload->outputDir = __DIR__ . '/../../../Web/Backend/img'; $status = $upload->upload($request->files, ['logo.png'], true); - if ($status[0]['status'] !== UploadStatus::OK) { + if ($status[0]['status'] !== \Modules\Media\Models\UploadStatus::OK) { $response->header->status = RequestStatusCode::R_400; $this->createInvalidUpdateResponse($request, $response, []); @@ -1521,6 +1524,7 @@ final class ApiController extends Controller /** @var \Modules\Admin\Models\Group[] $groups */ $groups = GroupMapper::getAll() ->where('name', '%' . ($request->getDataString('search') ?? '') . '%', 'LIKE') + ->limit($request->getDataInt('limit') ?? 50) ->executeGetArray(); $response->header->set('Content-Type', MimeType::M_JSON, true); @@ -1648,7 +1652,8 @@ final class ApiController extends Controller private function validateAccountCreate(RequestAbstract $request) : array { $val = []; - if (($val['name1'] = !$request->hasData('name1')) + if (($val['user'] = !$request->hasData('user')) + || ($val['name1'] = !$request->hasData('name1')) || ($val['type'] = !AccountType::isValidValue((int) $request->getData('type'))) || ($val['status'] = !AccountStatus::isValidValue((int) $request->getData('status'))) || ($val['email'] = $request->hasData('email') && !EmailValidator::isValid((string) $request->getData('email'))) @@ -1749,7 +1754,7 @@ final class ApiController extends Controller '', \str_replace( '{url}', - UriFactory::build('{/base}/admin/account/settings?{?}&id=' . $account->id), + UriFactory::build('{/base}/admin/account/view?{?}&id=' . $account->id), $this->app->l11nManager->getText($response->header->l11n->language, '0', '0', 'SuccessfulCreate' )), $account @@ -3126,6 +3131,9 @@ final class ApiController extends Controller * * @api * + * @todo Create update logic for application, resources, modules + * https://github.com/Karaka-Management/oms-Admin/issues/17 + * * @since 1.0.0 */ public function apiCheckForUpdates(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void @@ -3157,10 +3165,10 @@ final class ApiController extends Controller $currentVersion = ''; $remoteVersion = \substr($file[1], 0, -5); - if (Version::compare($currentVersion, $remoteVersion) < 0) { + if (\phpOMS\Version\Version::compare($currentVersion, $remoteVersion) < 0) { $toUpdate[$name[0]][$remoteVersion] = $file; - \uksort($toUpdate[$name[0]], [Version::class, 'compare']); + \uksort($toUpdate[$name[0]], [\phpOMS\Version\Version::class, 'compare']); } } @@ -3961,6 +3969,9 @@ final class ApiController extends Controller * * @api * + * @todo Find a way to hide some contact/address information for some modules + * https://github.com/Karaka-Management/oms-Profile/issues/3 + * * @since 1.0.0 */ public function apiAddressCreate(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void diff --git a/Controller/BackendController.php b/Controller/BackendController.php index 52146d8..9d26b98 100755 --- a/Controller/BackendController.php +++ b/Controller/BackendController.php @@ -24,6 +24,7 @@ use Modules\Admin\Models\ModuleMapper; use Modules\Admin\Models\SettingsEnum; use Modules\Auditor\Models\AuditMapper; use Modules\Organization\Models\UnitMapper; +use Modules\Profile\Models\ProfileMapper; use phpOMS\Autoloader; use phpOMS\Contract\RenderableInterface; use phpOMS\DataStorage\Database\Query\OrderType; @@ -45,6 +46,9 @@ use Web\Backend\Views\TableView; * @link https://jingga.app * @since 1.0.0 * @codeCoverageIgnore + * + * @todo Create a view where it's possible to create/activate, change and delete/deactivate hooks for events. + * https://github.com/Karaka-Management/oms-Admin/issues/12 */ final class BackendController extends Controller { @@ -199,6 +203,10 @@ final class BackendController extends Controller $view->data['account'] = $account; + $view->data['profile'] = ProfileMapper::get() + ->where('account', $account->id) + ->execute(); + /** @var \Modules\Admin\Models\AccountPermission[] $permissions */ $permissions = AccountPermissionMapper::getAll() ->where('account', (int) $request->getData('id')) @@ -605,6 +613,10 @@ final class BackendController extends Controller * * @return RenderableInterface Response can be rendered * + * @todo Disable routing for front end. This way only the functionality is available (api) + * This can be easily achieved by setting the route `active => false` + * https://github.com/Karaka-Management/oms-Admin/issues/18 + * * @since 1.0.0 */ public function viewModuleRouteList(RequestAbstract $request, ResponseAbstract $response, array $data = []) : RenderableInterface diff --git a/Theme/Backend/accounts-create.tpl.php b/Theme/Backend/accounts-create.tpl.php index 4ec3132..7d158fc 100755 --- a/Theme/Backend/accounts-create.tpl.php +++ b/Theme/Backend/accounts-create.tpl.php @@ -22,7 +22,10 @@ echo $this->data['nav']->render(); ?>
-
+
getHtml('Account'); ?>
@@ -47,7 +50,7 @@ echo $this->data['nav']->render(); ?> - +
diff --git a/Theme/Backend/accounts-view.tpl.php b/Theme/Backend/accounts-view.tpl.php index caf6358..774ca23 100644 --- a/Theme/Backend/accounts-view.tpl.php +++ b/Theme/Backend/accounts-view.tpl.php @@ -12,6 +12,7 @@ */ declare(strict_types=1); +use Modules\Admin\Models\NullAccount; use phpOMS\Account\AccountStatus; use phpOMS\Account\AccountType; use phpOMS\Account\PermissionOwner; @@ -21,7 +22,9 @@ use phpOMS\Uri\UriFactory; /** * @var \phpOMS\Views\View $this */ -$account = $this->data['account']; +$account = $this->data['account'] ?? new NullAccount(); +$isNew = $account->id === 0; + $permissions = $this->data['permissions']; $l11n = $account->l11n; @@ -29,7 +32,7 @@ $audits = $this->data['audits'] ?? []; $tableView = $this->data['tableView']; $tableView->id = 'auditList'; -$tableView->baseUri = '{/base}/admin/account/settings?id=' . $account->id; +$tableView->baseUri = '{/base}/admin/account/view?id=' . $account->id; $tableView->exportUri = '{/api}auditor/list/export?csrf={$CSRF}'; $tableView->setObjects($audits); @@ -89,7 +92,7 @@ echo $this->data['nav']->render(); ?> - +
@@ -135,16 +138,19 @@ echo $this->data['nav']->render(); ?>
+ id !== 0 && $this->data['profile']->id === 0) : ?> +
@@ -162,7 +168,20 @@ echo $this->data['nav']->render(); ?>
- getData('grpSelector')->render('iGroup', true); ?> +
+
+ +
+
+
@@ -187,7 +206,7 @@ echo $this->data['nav']->render(); ?> $c = 0; $groups = $account->getGroups(); foreach ($groups as $key => $value) : ++$c; - $url = UriFactory::build('{/base}/admin/group/settings?{?}&id=' . $value->id); + $url = UriFactory::build('{/base}/admin/group/view?{?}&id=' . $value->id); ?> close @@ -459,7 +478,7 @@ echo $this->data['nav']->render(); ?> printHtml((string) $audit->type); ?> printHtml($audit->trigger); ?> - printHtml( + printHtml( $this->renderUserName('%3$s %2$s %1$s', [$audit->createdBy->name1, $audit->createdBy->name2, $audit->createdBy->name3, $audit->createdBy->login]) ); ?> printHtml((string) $audit->ref); ?> diff --git a/Theme/Backend/groups-view.tpl.php b/Theme/Backend/groups-view.tpl.php index cd9afbc..384b546 100644 --- a/Theme/Backend/groups-view.tpl.php +++ b/Theme/Backend/groups-view.tpl.php @@ -27,11 +27,11 @@ $accounts = $group->getAccounts(); $audits = $this->data['auditlogs'] ?? []; $previous = empty($audits) - ? HttpHeader::getAllHeaders()['Referer'] ?? 'admin/group/settings?id={?id}#{\#}' - : 'admin/group/settings?{?}&audit=' . \reset($audits)->id . '&ptype=p#{\#}'; + ? HttpHeader::getAllHeaders()['Referer'] ?? 'admin/group/view?id={?id}#{\#}' + : 'admin/group/view?{?}&audit=' . \reset($audits)->id . '&ptype=p#{\#}'; $next = empty($audits) - ? HttpHeader::getAllHeaders()['Referer'] ?? 'admin/group/settings?id={?id}#{\#}' - : 'admin/group/settings?{?}&audit=' . \end($audits)->id . '&ptype=n#{\#}'; + ? HttpHeader::getAllHeaders()['Referer'] ?? 'admin/group/view?id={?id}#{\#}' + : 'admin/group/view?{?}&audit=' . \end($audits)->id . '&ptype=n#{\#}'; echo $this->data['nav']->render(); ?> @@ -149,7 +149,7 @@ echo $this->data['nav']->render(); ?> $value) : ++$c; - $url = UriFactory::build('{/base}/admin/account/settings?{?}&id=' . $value->id); ?> + $url = UriFactory::build('{/base}/admin/account/view?{?}&id=' . $value->id); ?> diff --git a/Theme/Backend/page-list.tpl.php b/Theme/Backend/page-list.tpl.php index 99ca1f3..f49015c 100755 --- a/Theme/Backend/page-list.tpl.php +++ b/Theme/Backend/page-list.tpl.php @@ -90,7 +90,7 @@ echo $this->data['nav']->render(); ?> $value) : ++$c; - $url = UriFactory::build('{/base}/admin/account/settings?{?}&id=' . $value->id); + $url = UriFactory::build('{/base}/admin/account/view?{?}&id=' . $value->id); $color = 'darkred'; if ($value->status === AccountStatus::ACTIVE) { $color = 'green'; } elseif ($value->status === AccountStatus::INACTIVE) { $color = 'darkblue'; }