Jingga/oms-Organization
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Organization.git synced 2026-02-09 12:58:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix #96 fix #97

Browse Source
This commit is contained in:
Dennis Eichhorn 2018-08-17 20:02:29 +02:00
parent a6a6c47dba
commit 872f983559
3 changed files with 126 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
Admin/Routes/Web/Api.php
View File

@ -1,60 +1,123 @@
<?php
use phpOMS\Router\RouteVerb;
use phpOMS\Account\PermissionType;
use Modules\Organization\Models\PermissionState;
use Modules\Organization\Controller;
return [
'^.*/api/organization/position.*$' => [
[
'dest' => '\Modules\Organization\Controller:apiPositionCreate',
'verb' => RouteVerb::PUT,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::CREATE,
'state' => PermissionState::POSITION,
],
],
[
'dest' => '\Modules\Organization\Controller:apiPositionGet',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::POSITION,
],
],
[
'dest' => '\Modules\Organization\Controller:apiPositionSet',
'verb' => RouteVerb::SET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::MODIFY,
'state' => PermissionState::POSITION,
],
],
[
'dest' => '\Modules\Organization\Controller:apiPositionDelete',
'verb' => RouteVerb::DELETE,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::DELETE,
'state' => PermissionState::POSITION,
],
],
],
'^.*/api/organization/department.*$' => [
[
'dest' => '\Modules\Organization\Controller:apiDepartmentCreate',
'verb' => RouteVerb::PUT,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::CREATE,
'state' => PermissionState::DEPARTMENT,
],
],
[
'dest' => '\Modules\Organization\Controller:apiDepartmentGet',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::DEPARTMENT,
],
],
[
'dest' => '\Modules\Organization\Controller:apiDepartmentSet',
'verb' => RouteVerb::SET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::MODIFY,
'state' => PermissionState::DEPARTMENT,
],
],
[
'dest' => '\Modules\Organization\Controller:apiDepartmentDelete',
'verb' => RouteVerb::DELETE,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::DELETE,
'state' => PermissionState::DEPARTMENT,
],
],
],
'^.*/api/organization/unit.*$' => [
[
'dest' => '\Modules\Organization\Controller:apiUnitCreate',
'verb' => RouteVerb::PUT,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::CREATE,
'state' => PermissionState::UNIT,
],
],
[
'dest' => '\Modules\Organization\Controller:apiUnitGet',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::UNIT,
],
],
[
'dest' => '\Modules\Organization\Controller:apiUnitSet',
'verb' => RouteVerb::SET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::MODIFY,
'state' => PermissionState::UNIT,
],
],
[
'dest' => '\Modules\Organization\Controller:apiUnitDelete',
'verb' => RouteVerb::DELETE,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::CREATE,
'state' => PermissionState::UNIT,
],
],
],
@ -62,18 +125,33 @@ return [
[
'dest' => '\Modules\Organization\Controller:apiUnitFind',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::UNIT,
],
],
],
'^.*/api/organization/find/department.*$' => [
[
'dest' => '\Modules\Organization\Controller:apiDepartmentFind',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::DEPARTMENT,
],
],
],
'^.*/api/organization/find/position.*$' => [
[
'dest' => '\Modules\Organization\Controller:apiPositionFind',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::POSITION,
],
],
],
];

48
Admin/Routes/Web/Backend.php
View File

@ -1,60 +1,108 @@
<?php
use phpOMS\Router\RouteVerb;
use phpOMS\Account\PermissionType;
use Modules\Organization\Models\PermissionState;
use Modules\Organization\Controller;
return [
'^.*/backend/organization/unit/list.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewUnitList',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::UNIT,
],
],
],
'^.*/backend/organization/unit/profile.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewUnitProfile',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::UNIT,
],
],
],
'^.*/backend/organization/unit/create.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewUnitCreate',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::CREATE,
'state' => PermissionState::UNIT,
],
],
],
'^.*/backend/organization/department/list.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewDepartmentList',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::DEPARTMENT,
],
],
],
'^.*/backend/organization/department/profile.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewDepartmentProfile',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::DEPARTMENT,
],
],
],
'^.*/backend/organization/department/create.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewDepartmentCreate',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::CREATE,
'state' => PermissionState::DEPARTMENT,
],
],
],
'^.*/backend/organization/position/list.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewPositionList',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::POSITION,
],
],
],
'^.*/backend/organization/position/profile.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewPositionProfile',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::READ,
'state' => PermissionState::POSITION,
],
],
],
'^.*/backend/organization/position/create.*$' => [
[
'dest' => '\Modules\Organization\Controller:viewPositionCreate',
'verb' => RouteVerb::GET,
'permission' => [
'module' => Controller::MODULE_NAME,
'type' => PermissionType::CREATE,
'state' => PermissionState::POSITION,
],
],
],
];

192
Controller.php
View File

@ -111,14 +111,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/unit-list');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004702001, $request, $response));
@ -141,14 +133,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/unit-profile');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004702001, $request, $response));
@ -177,14 +161,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/unit-create');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004702001, $request, $response));
@ -211,14 +187,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/department-list');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004703001, $request, $response));
@ -241,14 +209,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/department-profile');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004703001, $request, $response));
@ -280,14 +240,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/department-create');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004703001, $request, $response));
@ -317,14 +269,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/position-list');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004704001, $request, $response));
@ -347,14 +291,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/position-profile');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004704001, $request, $response));
@ -386,14 +322,6 @@ final class Controller extends ModuleAbstract implements WebInterface
{
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return $view;
}
$view->setTemplate('/Modules/Organization/Theme/Backend/position-create');
$view->addData('nav', $this->app->moduleManager->get('Navigation')->createNavigationMid(1004704001, $request, $response));
@ -452,14 +380,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiUnitGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$response->set('unit_read', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$unit = UnitMapper::get((int) $request->getData('id'));
$response->getHeader()->set('Content-Type', MimeType::M_JSON, true);
@ -486,14 +406,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiUnitSet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$response->set('unit_update', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$unit = $this->updateUnitFromRequest($request);
UnitMapper::update($unit);
@ -545,14 +457,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiUnitDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$response->set('unit_delete', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$unit = UnitMapper::get((int) $request->getData('id'));
$status = UnitMapper::delete($unit);
@ -580,14 +484,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiUnitCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$response->set('unit_create', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
if (!empty($val = $this->validateUnitCreate($request))) {
$response->set('unit_create', new FormValidation($val));
@ -673,14 +569,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiPositionGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$response->set('position_read', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$position = PositionMapper::get((int) $request->getData('id'));
$response->getHeader()->set('Content-Type', MimeType::M_JSON, true);
@ -707,14 +595,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiPositionDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$response->set('position_delete', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$position = PositionMapper::get((int) $request->getData('id'));
$status = PositionMapper::delete($position);
@ -742,14 +622,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiPositionSet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$response->set('position_update', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$position = $this->updatePositionFromRequest($request);
PositionMapper::update($position);
@ -804,14 +676,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiPositionCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$response->set('position_create', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
if (!empty($val = $this->validatePositionCreate($request))) {
$response->set('position_create', new FormValidation($val));
@ -899,14 +763,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiDepartmentGet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$response->set('department_read', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$department = DepartmentMapper::get((int) $request->getData('id'));
$response->getHeader()->set('Content-Type', MimeType::M_JSON, true);
@ -933,14 +789,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiDepartmentSet(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$response->set('department_update', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$department = $this->updateDepartmentFromRequest($request);
DepartmentMapper::update($department);
@ -995,14 +843,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiDepartmentDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$response->set('department_delete', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$department = DepartmentMapper::get((int) $request->getData('id'));
$status = DepartmentMapper::delete($department);
@ -1030,14 +870,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiDepartmentCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$response->set('department_create', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
if (!empty($val = $this->validateDepartmentCreate($request))) {
$response->set('department_create', new FormValidation($val));
@ -1096,14 +928,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiUnitFind(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::UNIT)
) {
$response->set('unit_find', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$response->getHeader()->set('Content-Type', MimeType::M_JSON . '; charset=utf-8', true);
$response->set($request->getUri()->__toString(), array_values(UnitMapper::find((string) ($request->getData('search') ?? ''))));
}
@ -1123,14 +947,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiDepartmentFind(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::DEPARTMENT)
) {
$response->set('department_find', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$response->getHeader()->set('Content-Type', MimeType::M_JSON . '; charset=utf-8', true);
$response->set($request->getUri()->__toString(), array_values(DepartmentMapper::find((string) ($request->getData('search') ?? ''))));
}
@ -1150,14 +966,6 @@ final class Controller extends ModuleAbstract implements WebInterface
*/
public function apiPositionFind(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::POSITION)
) {
$response->set('position_find', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$response->getHeader()->set('Content-Type', MimeType::M_JSON . '; charset=utf-8', true);
$response->set($request->getUri()->__toString(), array_values(PositionMapper::find((string) ($request->getData('search') ?? ''))));
}