Skip to content
Snippets Groups Projects
Select Git revision
  • d87f440121b605b3a64192aa8a802ccc063a7be2
  • master default protected
  • b24
  • ll-workflow
  • alc-scindage-donnees-pj
  • FJ_LL_Tbl_Contrat
  • alc-docker-node
  • ll-apiplatform
  • php84
  • ll-rgpd
  • b23
  • alc-filtre-type-intervenant
  • ll-sans-mdb5
  • formules-ancienne-infra
  • ll-formules
  • alc-intervenant-dmep
  • ll-suppr-v_vol-s
  • b20
  • ll-postgresql
  • b23.0.1
  • b22
  • 24.8
  • 24.7
  • 24.6
  • 24.5
  • 24.4
  • 24.3
  • 24.2
  • 24.1
  • 24.0
  • 23.15
  • 24.0-beta19
  • 24.0-beta18
  • 24.0-beta17
  • 24.0-beta16
  • 24.0-beta15
  • 24.0-beta14
  • 24.0-beta13
  • 23.14
  • 24.0-beta12
  • 24.0-beta11
41 results

RoleProvider.php

Blame
    • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    RoleProvider.php 6.87 KiB 
    <?php

namespace Application\Provider\Role;

use Application\Entity\Db\Affectation;
use Application\Entity\Db\Structure as StructureEntity;
use Application\Service\Traits\PersonnelAwareTrait;
use BjyAuthorize\Provider\Role\ProviderInterface;
use UnicaenApp\Service\EntityManagerAwareInterface;
use UnicaenApp\Service\EntityManagerAwareTrait;
use UnicaenAuth\Provider\Privilege\PrivilegeProviderAwareTrait;
use Zend\Permissions\Acl\Role\RoleInterface;
use Application\Acl\Role;
use Zend\ServiceManager\ServiceLocatorAwareTrait;
use Application\Service\Traits\StatutIntervenantAwareTrait;
use UnicaenApp\Traits\SessionContainerTrait;
use Application\Service\Traits\IntervenantAwareTrait;

/**
 * Fournisseur des rôles utilisateurs de l'application :
 * - ceux définis dans la configuration du fournisseur
 *
 *
 */
class RoleProvider implements ProviderInterface, EntityManagerAwareInterface
{
    use EntityManagerAwareTrait;
    use ServiceLocatorAwareTrait;
    use StatutIntervenantAwareTrait;
    use SessionContainerTrait;
    use IntervenantAwareTrait;
    use PersonnelAwareTrait;
    use PrivilegeProviderAwareTrait;

    /**
     * @var array
     */
    protected $config = [];

    /**
     * @var array
     */
    protected $roles;

    /**
     * @var StructureEntity
     */
    protected $structureSelectionnee;

    /**
     * @var array
     */
    private $rolesPrivileges;



    /**
     * Constructeur.
     *
     * @param array $config
     */
    public function __construct($config = [])
    {
        $this->config = $config;
    }



    /**
     * @return RoleInterface[]
         */
    public function getRoles()
    {
        if (null === $this->roles) {
            $this->roles = $this->makeRoles();
        }

        return $this->roles;
    }



    protected function getRolesPrivileges()
    {
        if (!$this->rolesPrivileges){
            $pr = $this->getPrivilegeProvider()->getPrivilegesRoles();
            foreach( $pr as $priv => $roles ){
                foreach( $roles as $role ){
                    if (!isset($this->rolesPrivileges[$role])){
                        $this->rolesPrivileges[$role] = [];
                    }
                    $this->rolesPrivileges[$role][] = $priv;
                }
            }
        }
        return $this->rolesPrivileges;
    }



    protected function makeRoles()
    {
        $roles                  = [];
        $r                      = new Role();
        $roles[$r->getRoleId()] = $r;

        $serviceAuthUserContext = $this->getServiceLocator()->get('AuthUserContext');
        /* @var $serviceAuthUserContext \UnicaenAuth\Service\UserContext */


        if ($ldapUser = $serviceAuthUserContext->getLdapUser()) {
            $supannEmpId = (integer)$ldapUser->getSupannEmpId();
            $intervenant     = $this->getServiceIntervenant()->getBySourceCode($supannEmpId, null, false);
            $personnel       = $this->getServicePersonnel()->getBySourceCode($supannEmpId);
        } else {
            $intervenant = null;
            $personnel = null;
        }

        /* Rôles du personnel */

        // chargement des rôles métiers
        $query = $this->getEntityManager()->createQuery(
        'SELECT DISTINCT
            r, a, s, p
        FROM
            Application\Entity\Db\Role r
            JOIN r.perimetre p
            LEFT JOIN r.affectation a WITH 1=compriseEntre(a.histoCreation,a.histoDestruction) AND a.personnel = :personnel
            LEFT JOIN a.structure s
        WHERE
            1=compriseEntre(r.histoCreation,r.histoDestruction)'
        )->setParameter(':personnel', $personnel);

        $result = $query->getResult();
        $rolesPrivileges = $this->getRolesPrivileges();
        foreach ($result as $dbRole) {
            /* @var $dbRole \Application\Entity\Db\Role */
            $roleId = $dbRole->getRoleId();

                $role = new Role($roleId, 'user', $dbRole->getLibelle());
            if (isset($rolesPrivileges[$roleId])){
                $role->initPrivileges($rolesPrivileges[$roleId]);
            }

            if ($dbRole->getPeutChangerStructure()){
                $role->setPeutChangerStructure(true);
            }
            /* @var $role Role */
            $role->setDbRole( $dbRole );
            $role->setPersonnel($personnel);
            $role->setPerimetre($dbRole->getPerimetre());

            // Si le rôle est de périmètre établissement, alors il se peut que l'on veuille zoomer sur une composante en particulier...
            if ($this->structureSelectionnee && $dbRole->getPerimetre()->isEtablissement()) {
                $role->setStructure($this->structureSelectionnee);
            }

            $roles[$roleId] = $role;

            $affectations = $dbRole->getAffectation();
            foreach ($affectations as $affectation) {
                /* @var $affectation Affectation */
                if ($structure = $affectation->getStructure()) {
                    $affRoleId = $roleId . '-' . $structure->getSourceCode();
                    if (!isset($roles[$affRoleId])) {
                        $affRoleLibelle = $dbRole->getLibelle() . ' (' . $structure->getLibelleCourt() . ')';
                        $affRole        = new \Application\Acl\Role($affRoleId, $roleId, $affRoleLibelle);
                        $affRole->setDbRole( $dbRole );
                        $affRole->setPersonnel($personnel);
                        $affRole->setStructure($structure);
                        $roles[$affRoleId] = $affRole;
                    }
                }
            }
        }

        // Chargement des rôles par statut d'intervenant
        $si = $this->getStatutsInfo();
        foreach ($si as $statut) {
            $role = new Role($statut['role-id'], 'user', $statut['role-name']);

            if ($intervenant) {
                if ($intervenant->getStatut()->getId() == $statut['statut-id']) {
                    $role->setIntervenant($intervenant);
                    $role->initPrivileges($rolesPrivileges[$intervenant->getStatut()->getRoleId()]);
                }
            }
            $roles[$statut['role-id']] = $role;
        }

        return $roles;
    }



    public function getStatutsInfo()
    {
        $session = $this->getSessionContainer();
        if (!isset($session->statutsInfo)) {
            $si      = [];
            $statuts = $this->getServiceStatutIntervenant()->getList();
            foreach ($statuts as $statut) {
                $si[] = [
                    'statut-id'  => $statut->getId(),
                    'role-id'    => $statut->getRoleId(),
                    'role-name'  => $statut->getTypeIntervenant()->getLibelle(),
                ];
            }
            $session->statutsInfo = $si;
            }

        return $session->statutsInfo;
    }



    public function setStructureSelectionnee(StructureEntity $structureSelectionnee = null)
    {
        $this->structureSelectionnee = $structureSelectionnee;

        return $this;
    }
}