14H05 - Base des perms de groupes terminée

a315650f · Sofiane Lasri · 777c8642 · a315650f · a315650f · a315650f
Commit a315650f authored Aug 12, 2021 by Sofiane Lasri
--- a/vbcms-admin/backTasks.php
+++ b/vbcms-admin/backTasks.php
@@ -224,6 +224,33 @@ if (isset($_GET["getNotifications"])) {
 	}
 	echo json_encode($permissions);
 	
+} elseif (isset($_GET["editPermissions"])&&!empty($_GET["editPermissions"]) && verifyUserPermission($_SESSION['user_id'], "vbcms", 'editPermissions')) {
+	if(isJson(urldecode($_GET["editPermissions"]))){
+		$requestDetails = json_decode($_GET["editPermissions"], true);
+
+		if($requestDetails['type'] == 'group' && $requestDetails['id']!=1){ // Le groupe n°1 étant celui des superadmins, ils auront tj tous les droits
+			$query = $bdd->prepare('DELETE FROM `vbcms-groupsPerms` WHERE groupId=?'); // On vide les perms du groupe
+			$query->execute([$requestDetails['id']]);
+			foreach($_POST as $permissionJson => $checked) { // Puis on les recréées
+				$permissionDetail = json_decode(urldecode($permissionJson), true);
+				$query = $bdd->prepare('INSERT INTO `vbcms-groupsPerms` (`groupId`, `extensionName`, `permission`) VALUES (?,?,?)');
+				$query->execute([$requestDetails['id'], $permissionDetail['extension'], $permissionDetail['permission']]);
+			}
+		}elseif($requestDetails['type'] == 'user'){
+			$query = $bdd->prepare('DELETE FROM `vbcms-usersPerms` WHERE userId=?'); // On vide les perms du groupe
+			$query->execute([$requestDetails['id']]);
+			foreach($_POST as $permissionJson => $checked) { // Puis on les recréées
+				$permissionDetail = json_decode(urldecode($permissionJson), true);
+				$query = $bdd->prepare('INSERT INTO `vbcms-usersPerms` (`userId`, `extensionName`, `permission`) VALUES (?,?,?)');
+				$query->execute([$requestDetails['id'], $permissionDetail['extension'], $permissionDetail['permission']]);
+			}
+		}else{
+			echo 'Paramètre non reconnu.';
+		}
+		
+	} else {
+		echo translate('error').': '.translate('thisIsNotJSON');
+	}
 } elseif (isset($_GET["setNetIdLocalAccount"])&&!empty($_GET["setNetIdLocalAccount"]) && (isset($_POST)&&!empty($_POST)) && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageUsersSettings')) {
 	$localAccountExist = $bdd->prepare("SELECT * FROM `vbcms-localAccounts` WHERE netIdAssoc = ?");
 	$localAccountExist->execute([$_GET["setNetIdLocalAccount"]]);


--- a/vbcms-admin/includes/settings/groups.php
+++ b/vbcms-admin/includes/settings/groups.php
@@ -166,7 +166,7 @@ function selectGroup(id){
                        permission: permission.name
                    };
                    $("#permsForm").append('<div class="form-check">\
-                                        <input class="form-check-input" type="checkbox" name="'+encodeURIComponent(JSON.stringify(inputName))+'" '+hasPerm+'>\
+                                        <input class="form-check-input" type="checkbox" name="'+encodeURIComponent(JSON.stringify(inputName))+'" onclick="editPermissions('+id+')" '+hasPerm+'>\
                                        <label class="form-check-label">'+permission.name+'</label>\
                                    </div>');
                });
@@ -175,4 +175,27 @@ function selectGroup(id){
        }
    });
 }
+
+function editPermissions(id){
+    var array = {
+        type: "group",
+        id: id
+    };
+
+    $.post( "<?=VBcmsGetSetting("websiteUrl")?>vbcms-admin/backTasks?editPermissions="+encodeURIComponent(JSON.stringify(array)), $( "#permsForm" ).serialize() )
+    .done(function( data ) {
+        if(data!=""){
+            SnackBar({
+                message: data,
+                status: "danger",
+                timeout: false
+            });
+        } else {
+            SnackBar({
+                message: '<?=translate("success-saving")?>',
+                status: "success"
+            });
+        }
+    });
+}
 </script>
\ No newline at end of file
--- a/vbcms-admin/includes/settingsPage.php
+++ b/vbcms-admin/includes/settingsPage.php
@@ -62,7 +62,7 @@ function getSettingsHTML($params){
                    include "settings/general.php";    
                }elseif($params=="users" && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageUsersSettings')){ 
                    include "settings/users.php"; 
-                }elseif($params=="userGroups" && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageuserGroupsSettings')){ 
+                }elseif($params=="userGroups" && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageUserGroupsSettings')){ 
                    include "settings/groups.php"; 
                } ?>
    </div>


--- a/vbcms-core/permissions.php
+++ b/vbcms-core/permissions.php
 <?php
 $permissions = [
-    'manageUsersSettings',
+    'accessAdmin',
    'viewPermissions',
+    'editPermissions',
    'access-generalSettings',
    'manageUsersSettings',
-    'manageuserGroupsSettings',
+    'manageUserGroupsSettings',
    'permissionsSettings',
    'extAndWsSettings'
 ];
\ No newline at end of file