From 70b500443f7b1de839459ffb10b94bfb3e0f8196 Mon Sep 17 00:00:00 2001 From: Fred Tempez Date: Wed, 29 Mar 2023 19:28:03 +0200 Subject: [PATCH] Gestion des permissions --- core/class/layout.class.php | 4 +- core/include/update.inc.php | 4 + core/module/install/ressource/defaultdata.php | 173 ++++++++++----- core/module/user/user.php | 116 ++++++---- .../user/view/permission/permission.php | 2 +- .../view/permissionEdit/permissionEdit.php | 208 +++++++++--------- 6 files changed, 303 insertions(+), 204 deletions(-) diff --git a/core/class/layout.class.php b/core/class/layout.class.php index bb007d6e..9e12727a 100644 --- a/core/class/layout.class.php +++ b/core/class/layout.class.php @@ -343,7 +343,7 @@ class layout extends common $items .= $this->getData(['theme', 'footer', 'displaymemberAccount']) === false ? ' class="displayNone">' : '>'; $items .= ' | '; if ( - $this->getPermission('folder', 'share') === true + $this->getUser('group') >= self::GROUP_MEMBER && $this->getPermission('folder', 'share') === true ) { $items .= '' . template::ico('folder', [ 'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']), @@ -497,7 +497,7 @@ class layout extends common && $this->getData(['theme', 'menu', 'memberBar']) === true ) { if ( - $this->getPermission('folder', 'share') === true + $this->getUser('group') >= self::GROUP_MEMBER && $this->getPermission('folder', 'share') === true ) { $itemsRight .= '
  • ' . template::ico('folder', [ 'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']), diff --git a/core/include/update.inc.php b/core/include/update.inc.php index f99dc072..255bd59b 100644 --- a/core/include/update.inc.php +++ b/core/include/update.inc.php @@ -964,6 +964,10 @@ if ($this->getData(['core', 'dataVersion']) < 12400) { if (file_exists('core/module/install/ressource/i18n/gr_GR.json')) unlink('core/module/install/ressource/i18n/gr_GR.json'); + // Création du dossier partga pour les nouveaux droits + if (!is_dir(self::FILE_DIR . 'source/partage')) { + mkdir(self::FILE_DIR . 'source/partage'); + } // Mise à jour $this->setData(['core', 'dataVersion', 12400]); diff --git a/core/module/install/ressource/defaultdata.php b/core/module/install/ressource/defaultdata.php index 0f139bae..c72e5b62 100644 --- a/core/module/install/ressource/defaultdata.php +++ b/core/module/install/ressource/defaultdata.php @@ -335,81 +335,134 @@ class init extends common 'blacklist' => [], 'language'=> [], 'permission' => [ - "banned" => [ + '-1' => [ 'name' => 'Banni', 'readonly' => true, 'comment' => 'Accès désactivé', - 'group' => -1, ], - "visitor" => [ + '0' => [ 'name' => 'Visiteur', 'readonly' => true, 'comment' => 'Accède au site', - 'group' => 0, ], - 'member' => [ - 'name' => 'Membre', - 'readonly' => false, - 'comment' => 'Accède aux pages réservées et à un dossier partagé', - 'group' => 0, - 'file' => [ - 'download' => false, - 'edit' => false, - 'create' => false, - 'rename' => false, - 'upload' => false, - 'delete' => false, - 'preview' => false, - 'duplicate' => false, - 'extract' => false, - 'copycut' => false, - 'permission' => false + '1' => [ + '0' => [ + 'name' => 'Membre simple', + 'readonly' => false, + 'comment' => 'Accède aux pages réservées', + 'file' => [ + 'download' => false, + 'edit' => false, + 'create' => false, + 'rename' => false, + 'upload' => false, + 'delete' => false, + 'preview' => false, + 'duplicate' => false, + 'extract' => false, + 'copycut' => false, + 'permission' => false + ], + 'folder' => [ + 'create' => false, + 'delete' => false, + 'rename' => false, + 'copycut' => false, + 'permission' => false, + 'share' => false, + 'path' => './site/file/source/partage/', + ] ], - 'folder' => [ - 'create' => false, - 'delete' => false, - 'rename' => false, - 'copycut' => false, - 'permission' => false, - 'share' => false, - 'path' => './site/file/source/partage/', - ] - ], - "moderator" => [ - 'name' => 'Moderateur', - 'readonly' => false, - 'comment' => 'Edition des pages', - 'group' => 2, - 'file' => [ - 'download' => true, - 'edit' => true, - 'create' => true, - 'rename' => true, - 'upload' => true, - 'delete' => false, - 'preview' => true, - 'duplicate' => false, - 'extract' => false, - 'copycut' => false, - 'permission' => false + '1' => [ + 'name' => 'Membre', + 'readonly' => false, + 'comment' => 'Accède aux pages réservées et à un dossier partagé', + 'file' => [ + 'download' => false, + 'edit' => false, + 'create' => false, + 'rename' => false, + 'upload' => false, + 'delete' => false, + 'preview' => false, + 'duplicate' => false, + 'extract' => false, + 'copycut' => false, + 'permission' => false + ], + 'folder' => [ + 'create' => false, + 'delete' => false, + 'rename' => false, + 'copycut' => false, + 'permission' => false, + 'share' => true, + 'path' => './site/file/source/partage/', + ] + ], + ], + '2' => [ + '0' => [ + 'name' => 'Modérateur', + 'readonly' => false, + 'comment' => 'Edition des pages', + 'file' => [ + 'download' => true, + 'edit' => true, + 'create' => true, + 'rename' => true, + 'upload' => true, + 'delete' => false, + 'preview' => true, + 'duplicate' => false, + 'extract' => false, + 'copycut' => false, + 'permission' => false + ], + 'folder' => [ + 'create' => true, + 'delete' => true, + 'rename' => true, + 'copycut' => false, + 'permission' => false, + 'share' => true, + 'path' => './site/file/source/partage/', + ] + ], + '1' => [ + 'name' => 'Editeur avec gestion des fichiers', + 'readonly' => false, + 'comment' => 'Edition des pages', + 'file' => [ + 'download' => true, + 'edit' => true, + 'create' => true, + 'rename' => true, + 'upload' => true, + 'delete' => false, + 'preview' => true, + 'duplicate' => false, + 'extract' => false, + 'copycut' => false, + 'permission' => false + ], + 'folder' => [ + 'create' => true, + 'delete' => true, + 'rename' => true, + 'copycut' => false, + 'permission' => false, + 'share' => true, + 'path' => './site/file/source/', + ] ], - 'folder' => [ - 'create' => true, - 'delete' => true, - 'rename' => true, - 'copycut' => false, - 'permission' => false, - 'share' => false, - 'path' => './site/file/source/partage/', - ] ], - "admin" => [ + '3' => [ 'name' => 'Administrateur', 'readonly' => true, 'comment' => 'Contrôle total', - 'group' => 3, ] - ], + ] ]; public static $defaultDataI18n = [ 'en_EN' => [ diff --git a/core/module/user/user.php b/core/module/user/user.php index eaa088b9..b8c26517 100644 --- a/core/module/user/user.php +++ b/core/module/user/user.php @@ -386,7 +386,7 @@ class user extends common self::$users[] = [ $userId, $userFirstname . ' ' . $this->getData(['user', $userId, 'lastname']), - helper::translate(self::$groups[(int)$this->getData(['user', $userId, 'group'])]), + helper::translate(self::$groups[(int) $this->getData(['user', $userId, 'group'])]), template::button('userEdit' . $userId, [ 'href' => helper::baseUrl() . 'user/edit/' . $userId . '/' . $_SESSION['csrf'], 'value' => template::ico('pencil'), @@ -413,25 +413,56 @@ class user extends common */ public function permission() { - $g = $this->getData(['permission']); - foreach ($g as $groupId => $groupData) { - self::$userGroups[$groupId] = [ - $groupData['name'], - $groupData['comment'], - template::button('permissionEdit' . $groupId, [ - 'href' => helper::baseUrl() . 'user/permissionEdit/' . $groupId . '/' . $_SESSION['csrf'], - 'value' => template::ico('pencil'), - 'help' => 'Éditer', - 'disabled' => $groupData['readonly'], - ]), - template::button('permissionDelete' . $groupId, [ - 'class' => 'userDelete buttonRed', - 'href' => helper::baseUrl() . 'user/permissionDelete/' . $groupId . '/' . $_SESSION['csrf'], - 'value' => template::ico('trash'), - 'help' => 'Supprimer', - 'disabled' => $groupData['readonly'], - ]) - ]; + foreach ($this->getData(['permission']) as $groupId => $groupData) { + + // Membres sans permissions spécifiques + if ( + $groupId == -1 || + $groupId == 0 || + $groupId == 3 + ) { + self::$userGroups[$groupId] = [ + $groupId, + $groupData['name'], + $groupData['comment'], + template::button('permissionEdit' . $groupId, [ + 'href' => helper::baseUrl() . 'user/permissionEdit/' . $groupId . '/' . $_SESSION['csrf'], + 'value' => template::ico('pencil'), + 'help' => 'Éditer', + 'disabled' => $groupData['readonly'], + ]), + template::button('permissionDelete' . $groupId, [ + 'class' => 'userDelete buttonRed', + 'href' => helper::baseUrl() . 'user/permissionDelete/' . $groupId . '/' . $_SESSION['csrf'], + 'value' => template::ico('trash'), + 'help' => 'Supprimer', + 'disabled' => $groupData['readonly'], + ]) + ]; + } else { + // Enumérer les sous groupes MEMBER et MODERATOR + foreach ($groupData as $subGroupId => $subGroupData) { + echo $subGroupId; + self::$userGroups[$groupId.'.'.$subGroupId] = [ + $groupId . '-' . $subGroupId, + $subGroupData['name'], + $subGroupData['comment'], + template::button('permissionEdit' . $groupId.$subGroupId, [ + 'href' => helper::baseUrl() . 'user/permissionEdit/' . $groupId . '-' . $subGroupId . '/' . $_SESSION['csrf'], + 'value' => template::ico('pencil'), + 'help' => 'Éditer', + 'disabled' => $subGroupData['readonly'], + ]), + template::button('permissionDelete' . $groupId.$subGroupId, [ + 'class' => 'userDelete buttonRed', + 'href' => helper::baseUrl() . 'user/permissionDelete/' . $groupId . '-' . $subGroupId . '/' . $_SESSION['csrf'], + 'value' => template::ico('trash'), + 'help' => 'Supprimer', + 'disabled' => $subGroupData['readonly'], + ]) + ]; + } + } } // Valeurs en sortie $this->addOutput([ @@ -500,7 +531,7 @@ class user extends common self::$sharePath = $this->getSubdirectories('./site/file/source'); self::$sharePath = array_flip(self::$sharePath); - self::$sharePath = array_merge( ['./site/file/source/' => '/'], self::$sharePath); + self::$sharePath = array_merge(['./site/file/source/' => '/'], self::$sharePath); // Valeurs en sortie; $this->addOutput([ @@ -625,8 +656,8 @@ class user extends common $this->setData(['user', $userId, 'connectTimeout', time()]); } // Cas 3 le délai de bloquage court - if ($this->getData(['user', $userId, 'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) > time()) { - $notification = sprintf(helper::translate('Accès bloqué %d minutes'), ($this->getData(['config', 'connect', 'timeout']) / 60)); + if ($this->getData(['user', $userId, 'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) > time()) { + $notification = sprintf(helper::translate('Accès bloqué %d minutes'), ($this->getData(['config', 'connect', 'timeout']) / 60)); } // Valeurs en sortie @@ -889,32 +920,33 @@ class user extends common /** * Liste les dossier contenus dans RFM */ - function getSubdirectories($dir, $basePath = '') { + function getSubdirectories($dir, $basePath = '') + { $subdirs = array(); // Ouvrez le répertoire spécifié $dh = opendir($dir); // Parcourez tous les fichiers et répertoires dans le répertoire while (($file = readdir($dh)) !== false) { - // Ignorer les entrées de répertoire parent et actuel - if ($file == '.' || $file == '..') { - continue; - } - // Construisez le chemin complet du fichier ou du répertoire - $path = $dir . '/' . $file; - // Vérifiez si c'est un répertoire - if (is_dir($path)) { - // Construisez la clé et la valeur pour le tableau associatif - $key = $basePath . '/' . $file; - $value = $path . '/'; - // Ajouter la clé et la valeur au tableau associatif - $subdirs[$key] = $value; - // Appeler la fonction récursivement pour ajouter les sous-répertoires - $subdirs = array_merge($subdirs, $this->getSubdirectories($path, $key)); - } + // Ignorer les entrées de répertoire parent et actuel + if ($file == '.' || $file == '..') { + continue; + } + // Construisez le chemin complet du fichier ou du répertoire + $path = $dir . '/' . $file; + // Vérifiez si c'est un répertoire + if (is_dir($path)) { + // Construisez la clé et la valeur pour le tableau associatif + $key = $basePath . '/' . $file; + $value = $path . '/'; + // Ajouter la clé et la valeur au tableau associatif + $subdirs[$key] = $value; + // Appeler la fonction récursivement pour ajouter les sous-répertoires + $subdirs = array_merge($subdirs, $this->getSubdirectories($path, $key)); + } } // Fermez le gestionnaire de dossier closedir($dh); return $subdirs; - } - + } + } \ No newline at end of file diff --git a/core/module/user/view/permission/permission.php b/core/module/user/view/permission/permission.php index eac88fef..637d7331 100644 --- a/core/module/user/view/permission/permission.php +++ b/core/module/user/view/permission/permission.php @@ -7,4 +7,4 @@ ]); ?> - \ No newline at end of file + \ No newline at end of file diff --git a/core/module/user/view/permissionEdit/permissionEdit.php b/core/module/user/view/permissionEdit/permissionEdit.php index ee428229..f9992c73 100644 --- a/core/module/user/view/permissionEdit/permissionEdit.php +++ b/core/module/user/view/permissionEdit/permissionEdit.php @@ -15,117 +15,127 @@

    - +

    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'download']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'edit']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'create']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'rename']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'upload']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'delete']) - ]); ?> -
    -
    -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'preview']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'duplicate']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'extract']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'copycut']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'file', 'permission']) - ]); ?> -
    -
    -
    -
    - -
    -
    -
    -

    - -

    -
    -
    - $this->getData(['permission', $this->getUrl(2), 'folder', 'create']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'folder', 'delete']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'folder', 'rename']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'folder', 'copycut']) - ]); ?> -
    -
    - $this->getData(['permission', $this->getUrl(2), 'folder', 'permission']) - ]); ?> -
    -
    -
    -
    - + $this->getData(['permission', $this->getUrl(2), 'folder', 'share']) ]); ?>
    'Racine du partage', + 'label' => 'Racine du dossier', 'selected' => $this->getData(['permission', $this->getUrl(2), 'folder', 'path']) ]); ?>
    +
    +
    +
    +

    + +

    +
    +
    + $this->getData(['permission', $this->getUrl(2), 'folder', 'create']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'folder', 'delete']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'folder', 'rename']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'folder', 'copycut']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'folder', 'permission']) + ]); ?> +
    +
    +
    +
    +
    +
    +
    +
    +

    + +

    +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'download']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'edit']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'create']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'rename']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'upload']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'delete']) + ]); ?> +
    +
    +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'preview']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'duplicate']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'extract']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'copycut']) + ]); ?> +
    +
    + $this->getData(['permission', $this->getUrl(2), 'file', 'permission']) + ]); ?> +
    +
    +
    +
    +
    + \ No newline at end of file