mirror of
https://github.com/Karaka-Management/oms-Admin.git
synced 2026-02-13 11:08:42 +00:00
parent
29bf98d463
commit
ca7df21c0c
|
|
@ -1,16 +1,29 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
use phpOMS\Router\RouteVerb;
|
use phpOMS\Router\RouteVerb;
|
||||||
|
use phpOMS\Account\PermissionType;
|
||||||
|
use Modules\Admin\Models\PermissionState;
|
||||||
|
use Modules\Admin\Controller;
|
||||||
|
|
||||||
return [
|
return [
|
||||||
'^.*/api/admin/settings.*$' => [
|
'^.*/api/admin/settings.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiSettingsSet',
|
'dest' => '\Modules\Admin\Controller:apiSettingsSet',
|
||||||
'verb' => RouteVerb::SET,
|
'verb' => RouteVerb::SET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::MODIFY,
|
||||||
|
'state' => PermissionState::SETTINGS,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiSettingsGet',
|
'dest' => '\Modules\Admin\Controller:apiSettingsGet',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::SETTINGS,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
|
|
||||||
|
|
@ -18,18 +31,38 @@ return [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiGroupCreate',
|
'dest' => '\Modules\Admin\Controller:apiGroupCreate',
|
||||||
'verb' => RouteVerb::PUT,
|
'verb' => RouteVerb::PUT,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::CREATE,
|
||||||
|
'state' => PermissionState::GROUP,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiGroupUpdate',
|
'dest' => '\Modules\Admin\Controller:apiGroupUpdate',
|
||||||
'verb' => RouteVerb::SET,
|
'verb' => RouteVerb::SET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::MODIFY,
|
||||||
|
'state' => PermissionState::GROUP,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiGroupDelete',
|
'dest' => '\Modules\Admin\Controller:apiGroupDelete',
|
||||||
'verb' => RouteVerb::DELETE,
|
'verb' => RouteVerb::DELETE,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::DELETE,
|
||||||
|
'state' => PermissionState::GROUP,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiGroupGet',
|
'dest' => '\Modules\Admin\Controller:apiGroupGet',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::GROUP,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
|
|
||||||
|
|
@ -38,6 +71,11 @@ return [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiAccountFind',
|
'dest' => '\Modules\Admin\Controller:apiAccountFind',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
|
|
||||||
|
|
@ -45,18 +83,38 @@ return [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiAccountCreate',
|
'dest' => '\Modules\Admin\Controller:apiAccountCreate',
|
||||||
'verb' => RouteVerb::PUT,
|
'verb' => RouteVerb::PUT,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::CREATE,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiAccountUpdate',
|
'dest' => '\Modules\Admin\Controller:apiAccountUpdate',
|
||||||
'verb' => RouteVerb::SET,
|
'verb' => RouteVerb::SET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::MODIFY,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiAccountDelete',
|
'dest' => '\Modules\Admin\Controller:apiAccountDelete',
|
||||||
'verb' => RouteVerb::DELETE,
|
'verb' => RouteVerb::DELETE,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::DELETE,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiAccountGet',
|
'dest' => '\Modules\Admin\Controller:apiAccountGet',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
|
|
||||||
|
|
@ -64,6 +122,11 @@ return [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:apiModuleStatusUpdate',
|
'dest' => '\Modules\Admin\Controller:apiModuleStatusUpdate',
|
||||||
'verb' => RouteVerb::SET,
|
'verb' => RouteVerb::SET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::MODIFY,
|
||||||
|
'state' => PermissionState::MODULE,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
|
||||||
|
|
@ -1,60 +1,108 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
use phpOMS\Router\RouteVerb;
|
use phpOMS\Router\RouteVerb;
|
||||||
|
use phpOMS\Account\PermissionType;
|
||||||
|
use Modules\Admin\Models\PermissionState;
|
||||||
|
use Modules\Admin\Controller;
|
||||||
|
|
||||||
return [
|
return [
|
||||||
'^.*/backend/admin/settings/general.*$' => [
|
'^.*/backend/admin/settings/general.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewSettingsGeneral',
|
'dest' => '\Modules\Admin\Controller:viewSettingsGeneral',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::SETTINGS,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/account/list.*$' => [
|
'^.*/backend/admin/account/list.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewAccountList',
|
'dest' => '\Modules\Admin\Controller:viewAccountList',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/account/settings.*$' => [
|
'^.*/backend/admin/account/settings.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewAccountSettings',
|
'dest' => '\Modules\Admin\Controller:viewAccountSettings',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/account/create.*$' => [
|
'^.*/backend/admin/account/create.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewAccountCreate',
|
'dest' => '\Modules\Admin\Controller:viewAccountCreate',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::CREATE,
|
||||||
|
'state' => PermissionState::ACCOUNT,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/group/list.*$' => [
|
'^.*/backend/admin/group/list.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewGroupList',
|
'dest' => '\Modules\Admin\Controller:viewGroupList',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::GROUP,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/group/settings.*$' => [
|
'^.*/backend/admin/group/settings.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewGroupSettings',
|
'dest' => '\Modules\Admin\Controller:viewGroupSettings',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::MODIFY,
|
||||||
|
'state' => PermissionState::GROUP,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/group/create.*$' => [
|
'^.*/backend/admin/group/create.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewGroupCreate',
|
'dest' => '\Modules\Admin\Controller:viewGroupCreate',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::CREATE,
|
||||||
|
'state' => PermissionState::GROUP,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/module/list.*$' => [
|
'^.*/backend/admin/module/list.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewModuleList',
|
'dest' => '\Modules\Admin\Controller:viewModuleList',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::MODULE,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'^.*/backend/admin/module/settings.*$' => [
|
'^.*/backend/admin/module/settings.*$' => [
|
||||||
[
|
[
|
||||||
'dest' => '\Modules\Admin\Controller:viewModuleProfile',
|
'dest' => '\Modules\Admin\Controller:viewModuleProfile',
|
||||||
'verb' => RouteVerb::GET,
|
'verb' => RouteVerb::GET,
|
||||||
|
'permission' => [
|
||||||
|
'module' => Controller::MODULE_NAME,
|
||||||
|
'type' => PermissionType::READ,
|
||||||
|
'state' => PermissionState::MODULE,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
|
||||||
185
Controller.php
185
Controller.php
|
|
@ -119,16 +119,7 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function viewSettingsGeneral(RequestAbstract $request, ResponseAbstract $response, $data = null) : \Serializable
|
public function viewSettingsGeneral(RequestAbstract $request, ResponseAbstract $response, $data = null) : \Serializable
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::SETTINGS)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$settings = $this->app->appSettings->get([1000000009, 1000000019, 1000000020, 1000000021, 1000000022, 1000000023, 1000000027, 1000000028,]);
|
$settings = $this->app->appSettings->get([1000000009, 1000000019, 1000000020, 1000000021, 1000000022, 1000000023, 1000000027, 1000000028,]);
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/settings-general');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/settings-general');
|
||||||
|
|
@ -165,14 +156,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
/*if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::SETTINGS)
|
|
||||||
) {
|
|
||||||
//$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
//$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}*/
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Console/empty-command');
|
$view->setTemplate('/Modules/Admin/Theme/Console/empty-command');
|
||||||
|
|
||||||
return $view;
|
return $view;
|
||||||
|
|
@ -194,14 +177,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/accounts-list');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/accounts-list');
|
||||||
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000104001, $request, $response));
|
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000104001, $request, $response));
|
||||||
$view->setData('list:elements', AccountMapper::getNewest(50, null, RelationType::NONE));
|
$view->setData('list:elements', AccountMapper::getNewest(50, null, RelationType::NONE));
|
||||||
|
|
@ -226,14 +201,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/accounts-single');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/accounts-single');
|
||||||
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000104001, $request, $response));
|
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000104001, $request, $response));
|
||||||
$view->addData('account', AccountMapper::get((int) $request->getData('id'), RelationType::ALL, null, 2));
|
$view->addData('account', AccountMapper::get((int) $request->getData('id'), RelationType::ALL, null, 2));
|
||||||
|
|
@ -267,14 +234,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/accounts-create');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/accounts-create');
|
||||||
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000104001, $request, $response));
|
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000104001, $request, $response));
|
||||||
|
|
||||||
|
|
@ -297,14 +256,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/groups-list');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/groups-list');
|
||||||
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000103001, $request, $response));
|
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000103001, $request, $response));
|
||||||
$view->setData('list:elements', GroupMapper::getAll(RelationType::NONE));
|
$view->setData('list:elements', GroupMapper::getAll(RelationType::NONE));
|
||||||
|
|
@ -328,14 +279,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/groups-single');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/groups-single');
|
||||||
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000103001, $request, $response));
|
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000103001, $request, $response));
|
||||||
$view->addData('group', GroupMapper::get((int) $request->getData('id'), RelationType::ALL, null, 2));
|
$view->addData('group', GroupMapper::get((int) $request->getData('id'), RelationType::ALL, null, 2));
|
||||||
|
|
@ -369,14 +312,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/groups-create');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/groups-create');
|
||||||
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000103001, $request, $response));
|
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1000103001, $request, $response));
|
||||||
|
|
||||||
|
|
@ -399,14 +334,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::MODULE)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/modules-list');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/modules-list');
|
||||||
|
|
||||||
return $view;
|
return $view;
|
||||||
|
|
@ -428,14 +355,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
{
|
{
|
||||||
$view = new View($this->app, $request, $response);
|
$view = new View($this->app, $request, $response);
|
||||||
|
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::MODULE)
|
|
||||||
) {
|
|
||||||
$view->setTemplate('/Web/Backend/Error/403_inline');
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return $view;
|
|
||||||
}
|
|
||||||
|
|
||||||
$view->setTemplate('/Modules/Admin/Theme/Backend/modules-single');
|
$view->setTemplate('/Modules/Admin/Theme/Backend/modules-single');
|
||||||
|
|
||||||
return $view;
|
return $view;
|
||||||
|
|
@ -456,15 +375,12 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiSettingsGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiSettingsGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
$response->set(
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::SETTINGS)
|
$request->getUri()->__toString(),
|
||||||
) {
|
[
|
||||||
$response->set('settings_read', null);
|
'response' => $this->app->appSettings->get((int) $request->getData('id'))
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
]
|
||||||
return;
|
);
|
||||||
}
|
|
||||||
|
|
||||||
$response->set($request->getUri()->__toString(), ['response' => $this->app->appSettings->get((int) $request->getData('id'))]);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -482,14 +398,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiSettingsSet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiSettingsSet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::SETTINGS)
|
|
||||||
) {
|
|
||||||
$response->set('settings_update', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->app->appSettings->set(
|
$this->app->appSettings->set(
|
||||||
\json_decode((string) $request->getData('settings'), true),
|
\json_decode((string) $request->getData('settings'), true),
|
||||||
true
|
true
|
||||||
|
|
@ -513,14 +421,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiGroupGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiGroupGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
|
|
||||||
) {
|
|
||||||
$response->set('group_read', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$group = GroupMapper::get((int) $request->getData('id'));
|
$group = GroupMapper::get((int) $request->getData('id'));
|
||||||
$response->set($request->getUri()->__toString(), [
|
$response->set($request->getUri()->__toString(), [
|
||||||
'status' => NotificationLevel::OK,
|
'status' => NotificationLevel::OK,
|
||||||
|
|
@ -545,14 +445,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiGroupUpdate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiGroupUpdate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
|
|
||||||
) {
|
|
||||||
$response->set('group_update', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$group = $this->updateGroupFromRequest($request);
|
$group = $this->updateGroupFromRequest($request);
|
||||||
|
|
||||||
GroupMapper::update($group);
|
GroupMapper::update($group);
|
||||||
|
|
@ -624,14 +516,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiGroupCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiGroupCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
|
|
||||||
) {
|
|
||||||
$response->set('group_create', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!empty($val = $this->validateGroupCreate($request))) {
|
if (!empty($val = $this->validateGroupCreate($request))) {
|
||||||
$response->set('group_create', new FormValidation($val));
|
$response->set('group_create', new FormValidation($val));
|
||||||
|
|
||||||
|
|
@ -689,14 +573,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiGroupDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiGroupDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
|
|
||||||
) {
|
|
||||||
$response->set('group_delete', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$group = GroupMapper::get((int) $request->getData('id'));
|
$group = GroupMapper::get((int) $request->getData('id'));
|
||||||
|
|
||||||
$this->app->eventManager->trigger('PRE:Module:Admin-groupdelete', '', $group);
|
$this->app->eventManager->trigger('PRE:Module:Admin-groupdelete', '', $group);
|
||||||
|
|
@ -727,14 +603,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiAccountGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiAccountGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$response->set('account_read', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$account = AccountMapper::get((int) $request->getData('id'));
|
$account = AccountMapper::get((int) $request->getData('id'));
|
||||||
|
|
||||||
$response->getHeader()->set('Content-Type', MimeType::M_JSON, true);
|
$response->getHeader()->set('Content-Type', MimeType::M_JSON, true);
|
||||||
|
|
@ -761,16 +629,13 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiAccountFind(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiAccountFind(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$response->set('account_find', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getHeader()->set('Content-Type', MimeType::M_JSON . '; charset=utf-8', true);
|
$response->getHeader()->set('Content-Type', MimeType::M_JSON . '; charset=utf-8', true);
|
||||||
$response->set($request->getUri()->__toString(), array_values(AccountMapper::find((string) ($request->getData('search') ?? ''))));
|
$response->set(
|
||||||
|
$request->getUri()->__toString(),
|
||||||
|
\array_values(
|
||||||
|
AccountMapper::find((string) ($request->getData('search') ?? ''))
|
||||||
|
)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -812,14 +677,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiAccountCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiAccountCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$response->set('account_create', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!empty($val = $this->validateAccountCreate($request))) {
|
if (!empty($val = $this->validateAccountCreate($request))) {
|
||||||
$response->set('account_create', new FormValidation($val));
|
$response->set('account_create', new FormValidation($val));
|
||||||
|
|
||||||
|
|
@ -882,14 +739,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiAccountDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiAccountDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$response->set('account_delete', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$account = AccountMapper::get((int) ($request->getData('id')));
|
$account = AccountMapper::get((int) ($request->getData('id')));
|
||||||
|
|
||||||
$this->app->eventManager->trigger('PRE:Module:Admin-accountdelete', '', $account);
|
$this->app->eventManager->trigger('PRE:Module:Admin-accountdelete', '', $account);
|
||||||
|
|
@ -920,14 +769,6 @@ final class Controller extends ModuleAbstract implements WebInterface
|
||||||
*/
|
*/
|
||||||
public function apiAccountUpdate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
public function apiAccountUpdate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
|
||||||
{
|
{
|
||||||
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
|
|
||||||
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
|
|
||||||
) {
|
|
||||||
$response->set('account_update', null);
|
|
||||||
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$account = $this->updateAccountFromRequest($request, true);
|
$account = $this->updateAccountFromRequest($request, true);
|
||||||
$status = AccountMapper::update($account);
|
$status = AccountMapper::update($account);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user