Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

added new user edit view

Browse Source
This commit is contained in:
Luca Haid
2025-09-11 10:03:03 +02:00
parent 0fd6ecd85d
commit 1531dad3a0
5 changed files with 211 additions and 1022 deletions
Download Patch File Download Diff File Expand all files Collapse all files

620
Layout/default/User/Form.php
View File

@@ -1,620 +0,0 @@
<?php
$siteTitle = "Benutzer";
?>
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/header.php"); ?>
<!-- start page title -->
<div class="row">
<div class="col-12">
<div class="page-title-box">
<div class="page-title-right">
<ol class="breadcrumb m-0">
<li class="breadcrumb-item"><a href="<?=self::getUrl("Dashboard")?>"><?=MFAPPNAME_SLUG?></a>
</li>
<li class="breadcrumb-item"><a href="<?=self::getUrl("User")?>">Benutzer</a></li>
<li class="breadcrumb-item"><?=($action == "edit") ? "bearbeiten" : "neu"?></li>
</ol>
</div>
<h4 class="page-title">Benutzer</h4>
</div>
</div>
</div>
<!-- end page title -->
<form method="post" action="<?=$this->getUrl("User", "save")?>">
<!-- Main content -->
<div class="row">
<div class="col-lg">
<div class="card bg-light">
<div class="card-body">
<h4 class="header-title mb-3">Benutzer bearbeiten</h4>
<div class="card">
<div class="card-body">
<input type="hidden" name="id" value="<?=$user->id?>"/>
<div class="form-group">
<label for="username">Username:</label>
<input type="text" id="username" name="username" class="form-control"
value="<?=$user->username?>"/>
</div>
<div class="form-group">
<label for="name">Name:</label>
<input type="text" id="name" name="name" class="form-control"
value="<?=$user->name?>"/>
</div>
<div class="form-group">
<label for="email">Email:</label>
<input type="text" id="email" name="email" class="form-control"
value="<?=$user->email?>"/>
</div>
<div class="form-group">
<label for="mobile">Handy Nr.:</label>
<input type="text" id="mobile" placeholder="+436641234xxx" name="mobile"
class="form-control" value="<?=$user->mobile?>"/>
</div>
<div class="form-group">
<label for="address_id">Firma/Person:</label>
<select name="address_id" id="address_id" class="form-control">
<option value=""></option>
<?php foreach($addresses as $address): ?>
<option value="<?=$address->id?>" <?=($address->id == $user->address_id || $address->id == $user->address_id) ? "selected='selected'" : ""?>><?=($address->company) ? $address->company : $address->getFullName()?><?=($address->customer_number) ? " (" . $address->customer_number . ")" : ""?></option>
<?php endforeach; ?>
</select>
</div>
<div class="form-group">
<label for="admin">Admin:</label>
<select name="admin" id="admin"
class="form-control" <?=($user->id == 1) ? "disabled='disabled'" : ""?>>
<option value="false" <?=(isset($user) && !$user->isAdmin()) ? "selected='selected'" : ""?>>
No
</option>
<option value="true" <?=(isset($user) && $user->isAdmin() || $user->id == 1) ? "selected='selected'" : ""?>>
Yes
</option>
</select>
</div>
<div class="form-group">
<label for="active">Aktiv:</label>
<select name="active" id="active" class="form-control">
<option value="false" <?=(isset($user) && !$user->active == 0) ? "selected='selected'" : ""?>>No</option>
<option value="true" <?=(isset($user) && $user->active == 1) ? "selected='selected'" : ""?>>Yes</option>
</select>
</div>
<div class="form-group">
<label for="technician">Techniker:</label>
<select name="technician" id="technician" class="form-control">
<option value="false" <?=(isset($user) && !$user->is("technician")) ? "selected='selected'" : ""?>>
No
</option>
<option value="true" <?=(isset($user) && $user->is("technician")) ? "selected='selected'" : ""?>>
Yes
</option>
</select>
</div>
<div class="form-group">
<label for="employee"><?=TT_SYSOWNER_NAME_HTML?> Mitarbeiter:</label>
<select name="employee" id="employee" class="form-control">
<option value="false" <?=(isset($user) && !$user->is("employee")) ? "selected='selected'" : ""?>>
No
</option>
<option value="true" <?=(isset($user) && $user->is("employee")) ? "selected='selected'" : ""?>>
Yes
</option>
</select>
</div>
<div id="employee-container" <?=(!isset($user) || !$user->is("employee")) ? "hidden" : ""?>>
<div class="form-group">
<label for="employee_number"><?=TT_SYSOWNER_NAME_HTML?> Mitarbeiternummer:</label>
<input type="text" id="employee_number" name="employee_number" class="form-control"
value="<?=(isset($user)) ? (new WorkerFlag($user->id, "employee_number"))->value() : ""?>" />
</div>
<div class="form-group">
<label for="employee_number">Vodia Outbound Identity - Domain:</label>
<input type="text" id="vodia_identity_domain" name="vodia_identity_domain" class="form-control"
value="<?=(isset($user)) ? (new WorkerFlag($user->id, "vodia_identity_domain"))->value() : ""?>" />
</div>
<div class="form-group">
<label for="employee_number">Vodia Outbound Identity - Username (Extension):</label>
<input type="text" id="vodia_identity_username" name="vodia_identity_username" class="form-control"
value="<?=(isset($user)) ? (new WorkerFlag($user->id, "vodia_identity_username"))->value() : ""?>" />
</div>
<div class="form-group">
<label for="employee_number">Vodia Outbound Identity - Standard Identität:</label>
<input type="text" id="vodia_identity_default" name="vodia_identity_default" class="form-control"
value="<?=(isset($user)) ? (new WorkerFlag($user->id, "vodia_identity_default"))->value() : ""?>" />
<small>+43 720 123456</small>
</div>
<div class="form-group">
<label for="project_api_key">OpenProject API Key:</label>
<input type="text" id="project_api_key" name="project_api_key" class="form-control"
value="<?=(isset($user)) ? (new WorkerFlag($user->id, "project_api_key"))->value() : ""?>" />
</div>
</div>
<hr />
<div class="form-group">
<label for="password">Password:</label>
<input type="password" id="password" name="password" class="form-control" value=""/>
</div>
<div class="form-group">
<label for="password2">Repeat Password:</label>
<input type="password" id="password2" name="password2" class="form-control"
value=""/>
</div>
<hr/>
<div class="form-group">
<label for="twofactorrequired">2FA erzwingen:</label>
<select name="twofactorrequired" id="twofactorrequired" class="form-control">
<option value="false" <?=(isset($user) && !$user->twofactorrequired) ? "selected='selected'" : ""?>>
No
</option>
<option value="true" <?=((!isset($user) || !$user->id) || (isset($user) && $user->twofactorrequired)) ? "selected='selected'" : ""?>>
Yes
</option>
</select>
</div>
</div>
</div>
<div class="card">
<div class="card-body">
<h4 class="card-title mb-3">Preorder</h4>
<div class="form-group" id="preorderfront-container">
<label for="preorderfront">Preorder Frontdesk (Semi-Readonly):</label>
<select name="preorderfront" id="preorderfront" class="form-control">
<option value="false" <?=(isset($user) && !$user->is("preorderfront")) ? "selected='selected'" : ""?>>
No
</option>
<option value="true" <?=(isset($user) && $user->is("preorderfront")) ? "selected='selected'" : ""?>>
Yes
</option>
</select>
</div>
<div class="form-group" id="preorder-reporting-container">
<label for="preorderaddressreporting">Preorder Address Reporting API User:</label>
<select name="preorderaddressreporting" id="preorderaddressreporting"
class="form-control">
<option value="false" <?=(isset($user) && !$user->is("preorderaddressreporting")) ? "selected='selected'" : ""?>>
No
</option>
<option value="true" <?=(isset($user) && $user->is("preorderaddressreporting")) ? "selected='selected'" : ""?>>
Yes
</option>
</select>
<small>z.B. Meridiam</small>
</div>
<div class="form-group" id="preorderlogistics-container">
<label for="preorderlogistics">Preorder Logistikpartner:</label>
<select name="preorderlogistics" id="preorderlogistics" class="form-control">
<option value="false" <?=(isset($user) && !$user->is("preorderlogistics")) ? "selected='selected'" : ""?>>
No
</option>
<option value="true" <?=(isset($user) && $user->is("preorderlogistics")) ? "selected='selected'" : ""?>>
Yes
</option>
</select>
</div>
<div class="form-group" id="preorder-network-container">
<label for="preorder_networks">Preorder Netzgebiete:</label>
<?php
$pns = [];
if($user->id) {
$pns = json_decode((new WorkerFlag($user->id, "preorder_networks"))->value());
if(!$pns) {
$pns = [];
}
}
?>
<select name="preorder_networks[]" id="preorder_networks" class="form-control"
multiple="multiple">
<?php foreach(NetworkModel::getAll() as $network): ?>
<option value="<?=$network->id?>" <?=(in_array($network->id, $pns)) ? "selected='selected'" : ""?>><?=$network->name?></option>
<?php endforeach; ?>
</select>
<small>Beschränkt Benutzer auf Netzgebiete. Überschreibt Netzgebiete der Firma. Wenn
leer werden Netzgebiete der Firma angezeigt</small>
</div>
<div class="form-group" id="preorderreadonly-container">
<label for="preorderreadonly">Preorder Readonly:</label>
<select name="preorderreadonly" id="preorderreadonly" class="form-control">
<option value="false" <?=(isset($user) && !$user->is("preorderreadonly")) ? "selected='selected'" : ""?>>
Read/Write
</option>
<option value="true" <?=(isset($user) && $user->is("preorderreadonly")) ? "selected='selected'" : ""?>>
Readonly
</option>
</select>
</div>
<h4 class="mt-2">Preorder Module</h4>
<div class="row mt-3">
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Preorderpricing]"
id="can_preorderpricing"
value="1" <?=($user && $user->can("Preorderpricing")) ? "checked='checked'" : ""?> />
<label for="can_preorderpricing" class="form-check-label">Preorder
Bepreisung</label>
</div>
<div class="form-group form-check">
<input type="checkbox" class="form-check-input"
name="can[PreorderpricingReadonly]" id="can_preorderpricingreadonly"
value="1" <?=$user && $user->can("PreorderpricingReadonly") ? "checked='checked'" : ""?> />
<label for="can_preorderpricingreadonly" class="form-check-label">Preorder
Bepreisung Readonly</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Preorderbilling]"
id="can_preorderbilling"
value="1" <?=($user && $user->can("Preorderbilling")) ? "checked='checked'" : ""?> />
<label for="can_preorderbilling" class="form-check-label">Preorder
Verrechnung</label>
</div>
<div class="form-group form-check">
<input type="checkbox" class="form-check-input"
name="can[PreorderbillingReadonly]" id="can_preorderbillingreadonly"
value="1" <?=$user && $user->can("PreorderbillingReadonly") ? "checked='checked'" : ""?> />
<label for="can_preorderbillingreadonly" class="form-check-label">Preorder
Verrechnung Readonly</label>
</div>
</div>
</div>
</div>
</div>
<div class="card">
<div class="card-body">
<h4 class="card-title mb-3">Zustimmungserklärungen</h4>
<div class="form-group" id="constructionconsent-projects-container">
<label for="constructionconsent_projects">Zustimmungserklärungsprojekte:</label>
<?php
$constructionConsent_projects = [];
if($user->id) {
$constructionConsent_projects = json_decode((new WorkerFlag($user->id, "constructionConsent_projects"))->value());
if(!$constructionConsent_projects) {
$constructionConsent_projects = [];
}
}
?>
<select name="constructionconsent_projects[]" id="constructionconsent_projects"
class="form-control" multiple="multiple">
<?php foreach(ConstructionConsentProject::getAll() as $project): ?>
<option value="<?=$project->id?>" <?=(in_array($project->id, $constructionConsent_projects)) ? "selected='selected'" : ""?>><?=$project->name?></option>
<?php endforeach; ?>
</select>
<small>Benutzer kann nur Zustimmungserklärungen in diesen Projekten sehen</small>
</div>
</div>
</div>
<div class="card">
<div class="card-body">
<h4 class="card-title mb-3">Modulberechtigungen</h4>
<div class="row">
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Building]"
id="can_building"
value="1" <?=($user && $user->can("Building")) ? "checked='checked'" : ""?> />
<label for="can_building" class="form-check-label">Objekte & Anschlüsse
(Gebäude)</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Pipework]"
id="can_pipework"
value="1" <?=$user && $user->can("Pipework") ? "checked='checked'" : ""?> />
<label for="can_pipework" class="form-check-label">Tiefbau</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Linework]"
id="can_linework"
value="1" <?=$user && $user->can("Linework") ? "checked='checked'" : ""?> />
<label for="can_linework" class="form-check-label">Leitungsbau</label>
</div>
</div>
</div>
<div class="row">
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Patching]"
id="can_patching"
value="1" <?=$user && $user->can("Patching") ? "checked='checked'" : ""?> />
<label for="can_patching" class="form-check-label">Patching</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Filestore]"
id="can_filestore"
value="1" <?=$user && $user->can("Filestore") ? "checked='checked'" : ""?> />
<label for="can_filestore" class="form-check-label">Filestore
(Netzbau)</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Cpeprovisioning]"
id="can_cpeprovisioning"
value="1" <?=$user && $user->can("Cpeprovisioning") ? "checked='checked'" : ""?> />
<label for="can_cpeprovisioning" class="form-check-label">CPE
Provisioning</label>
</div>
</div>
</div>
<div class="row">
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Cpeshipping]"
id="can_cpeshipping"
value="1" <?=$user && $user->can("Cpeshipping") ? "checked='checked'" : ""?> />
<label for="can_cpeshipping" class="form-check-label">CPE Versand</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Voipnumbering]"
id="can_voipnumbering"
value="1" <?=$user && $user->can("Voipnumbering") ? "checked='checked'" : ""?> />
<label for="can_voipnumbering" class="form-check-label">VOIP
Nummernverwaltung</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Preorder]"
id="can_preorder"
value="1" <?=$user && $user->can("Preorder") ? "checked='checked'" : ""?> />
<label for="can_preorder" class="form-check-label">Vorbestellung</label>
</div>
</div>
</div>
<div class="row">
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Order]"
id="can_order"
value="1" <?=$user && $user->can("Order") ? "checked='checked'" : ""?> />
<label for="can_order" class="form-check-label">Bestellung</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Billing]"
id="can_billing"
value="1" <?=$user && $user->can("Billing") ? "checked='checked'" : ""?> />
<label for="can_billing" class="form-check-label">Verrechnung</label>
</div>
</div>
</div>
<h4 class="card-title mb-3 mt-3">Lager</h4>
<div class="row">
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[WarehouseAdmin]"
id="can_warehouse_admin"
value="1" <?=($user && $user->can("WarehouseAdmin")) ? "checked='checked'" : ""?> />
<label for="can_warehouse_admin"
class="form-check-label">Lager-Admin</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[WarehouseUser]"
id="can_warehouse_user"
value="1" <?=($user && $user->can("WarehouseUser")) ? "checked='checked'" : ""?> />
<label for="can_warehouse_user" class="form-check-label">Lager-User</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[WarehouseEShop]"
id="can_warehouse_e_shop"
value="1" <?=($user && $user->can("WarehouseEShop")) ? "checked='checked'" : ""?> />
<label for="can_warehouse_e_shop" class="form-check-label">Energie
Steiermark Shop</label>
</div>
</div>
</div>
<h4 class="card-title mb-3 mt-3">Zusatzberechtigungen</h4>
<div class="row">
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Fibu]"
id="can_fibu"
value="1" <?=($user && $user->can("Fibu")) ? "checked='checked'" : ""?> />
<label for="can_fibu" class="form-check-label">Buchhaltung</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[Statistics]"
id="can_statistics"
value="1" <?=($user && $user->can("Statistics")) ? "checked='checked'" : ""?> />
<label for="can_statistics" class="form-check-label">Statistiken
anzeigen</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[ADBExtended]"
id="can_ADBExtended"
value="1" <?=($user && $user->can("ADBExtended")) ? "checked='checked'" : ""?> />
<label for="can_ADBExtended" class="form-check-label">Address-DB erweitert</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[AssetAdmin]"
id="can_AssetAdmin"
value="1" <?=($user && $user->can("AssetAdmin")) ? "checked='checked'" : ""?> />
<label for="can_AssetAdmin" class="form-check-label">Asset-Admin</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[RMLAdmin]"
id="can_RMLAdmin"
value="1" <?=($user && $user->can("RMLAdmin")) ? "checked='checked'" : ""?> />
<label for="can_RMLAdmin" class="form-check-label">RML-Workorder-Admin</label>
</div>
</div>
<div class="col-4">
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" name="can[RMLCompany]"
id="can_RMLCompany"
value="1" <?=($user && $user->can("RMLCompany")) ? "checked='checked'" : ""?> />
<label for="can_RMLCompany" class="form-check-label">RML-Workorder-Firma</label>
</div>
</div>
</div>
<hr/>
<div class="form-group">
<input type="submit" name="submit" value="Speichern" class="btn btn-primary"/>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</form>
<?php if($user->id): ?>
<div class="row">
<div class="col-lg">
<div class="card">
<div class="card-header">
<h3 class="card-title">API Key</h3>
</div>
<div class="card-body">
<div class="form-group">
<input type="text" class="form-control" value="<?=$user->apikey?>" disabled="disabled"/>
</div>
<div class="form-group">
<form method="post" action="<?=self::getUrl("User", "generateApikey")?>">
<input type="hidden" name="id" value="<?=$user->id?>"/>
<?php if($user->apikey): ?>
<button type="submit" class="btn btn-outline-primary"
onclick="if(!confirm('Achtung: Dadurch wird der bisherige API Key ungültig. Wirklich neuen API Key generieren?')) return false;">
Neuen API Key generieren
</button>
<?php else: ?>
<button type="submit" class="btn btn-outline-primary">API Key generieren</button>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
</form>
<?php endif; ?>
<script type="text/javascript">
$(document).ready(function () {
$("#address_id").select2({
allowClear: true,
placeholder: ""
});
$("#preorder_networks").select2({
allowClear: true,
placeholder: "",
closeOnSelect: false
});
$("#constructionconsent_projects").select2({
allowClear: true,
placeholder: "",
closeOnSelect: false
});
<?php if(!$user || (!$user->is("preorderfront") && !$user->is("preorderaddressreporting")) ): ?>
//$("#preorder-network-container").hide();
<?php endif; ?>
<?php if($user && ($user->is("preorderfront")) ): ?>
//$("#preorder-reporting-container").hide();
<?php endif; ?>
<?php if($user && ($user->is("preorderaddressreporting")) ): ?>
//$("#preorderfront-container").hide();
<?php endif; ?>
$("select[name=preorderfront]").change(function () {
if ($("select[name=preorderfront]").val() == "true") {
$("#preorder-reporting-container").hide(500);
} else {
$("#preorder-reporting-container").show(500);
}
});
// preorder-reporting-container
$("select[name=preorderaddressreporting]").change(function () {
if ($("select[name=preorderaddressreporting]").val() == "true") {
$("#preorderfront-container").hide(400);
} else {
$("#preorderfront-container").show(400);
}
});
$("#employee").change(function () {
if ($("#employee").val() == "true") {
$("#employee-container").show(400);
} else {
$("#employee-container").hide(400);
}
});
});
</script>
<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/footer.php"); ?>

403
application/User/UserController.php
View File

@@ -17,12 +17,8 @@ class UserController extends mfBaseController
$this->me = $me;
$this->layout()->set("me", $me);
if (!$me->isAdmin()) {
// all users can call non-action methods
if ($this->action != "" || $request != null) {
$this->redirect("Dashboard");
}
}
if (!$me->isAdmin() && ($this->action != "" || $request != null)) $this->redirect("Dashboard");
if ($_SERVER['REQUEST_METHOD'] === 'POST') $this->postData = json_decode(file_get_contents('php://input'), true);
}
protected function indexAction($request)
@@ -45,53 +41,140 @@ class UserController extends mfBaseController
"isActive" => $user->active,
"id" => $user->id
], UserModel::getAll()),
"ADD_URL" => self::getUrl("User", "add"),
"EDIT_URL" => self::getUrl("User", "edit"),
"ADD_URL" => self::getUrl("User", "Form"),
"EDIT_URL" => self::getUrl("User", "Form"),
"IMPERSONATE_URL" => self::getUrl("User", "impersonate"),
]);
}
protected function addAction($request)
{
if (!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Form');
protected function formAction() {
if (!$this->isAdmin()) $this->redirect("Dashboard");
$roles = TT_NETWORK_ROLES_WITH_OWNER;
$roles[] = "systemowner";
$addresses = AddressModel::search(["addresstype" => $roles]);
$this->layout()->set("addresses", $addresses);
if ($this->request->address_id) {
$this->layout()->set("address_id", $this->request->address_id);
$id = $this->request->id;
$user = ($id && is_numeric($id) && $id > 0) ? new User($id) : new User();
if ($user->id) {
$pageTitle = "Benutzer bearbeiten: " . $user->name;
} else {
$user->id = null;
$user->permissions = (object)['data' => []];
$pageTitle = "Benutzer erstellen";
}
if ($user->id && !$user->id) throw new Exception("User not found.", 404);
$flags = $user->id ? $this->getFlags($user) : [];
$userData = array_merge(
$user->toArray(),
$flags,
['permissions' => (array)$user->permissions->data]
);
$lookups = [
"addresses" => array_map(fn($addr) => ['value' => $addr->id, 'text' => $addr->company ?: $addr->getFullName()], AddressModel::getAll()),
"networks" => array_map(fn($net) => ['value' => $net->id, 'text' => $net->name], NetworkModel::getAll()),
"consentProjects" => array_map(fn($proj) => ['value' => $proj->id, 'text' => $proj->name], ConstructionConsentProject::getAll()),
"permissionTemplates" => UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc']),
"users" => array_map(fn($u) => ['value' => $u->id, 'text' => $u->name], UserModel::search(['active' => 1])),
];
Helper::renderVue($this, "UserEdit", $pageTitle, [
"USER_DATA" => $userData,
"LOOKUPS" => $lookups,
"PERMISSIONS_CONFIG" => TT_USER_PERMISSION,
"SAVE_URL" => self::getUrl("User", "save"),
"API_KEY_URL" => self::getUrl("User", "generateApikey"),
]);
}
protected function editAction($request)
{
if (!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Form');
private function getFlags(User $user): array {
$flags = [
'preorder_networks' => $user->getFlag("preorder_networks")->value(),
'constructionconsent_projects' => $user->getFlag("constructionConsent_projects")->value(),
'employee_number' => $user->getFlag("employee_number")->value(),
'project_api_key' => $user->getFlag("project_api_key")->value(),
'vodia_identity_domain' => $user->getFlag("vodia_identity_domain")->value(),
'vodia_identity_username' => $user->getFlag("vodia_identity_username")->value(),
'vodia_identity_default' => $user->getFlag("vodia_identity_default")->value(),
];
$id = $request['id'];
if (!is_numeric($id) || $id <= 0) {
throw new Exception("User $id not found", 604);
}
$jsonKeys = ['preorder_networks', 'constructionconsent_projects'];
foreach ($flags as $key => &$value)
if (in_array($key, $jsonKeys) && $value) $value = json_decode($value, true);
return $flags;
}
protected function getUserDataForTemplateAction() {
$id = $this->request->id;
if (!$id) self::sendError("User ID is required.");
$user = new User($id);
$this->layout()->set('user', $user);
if (!$user->id) self::sendError("User not found.");
$addresses = AddressModel::getAll();
$this->layout()->set("addresses", $addresses);
$preorderNetworks = $user->getFlag("preorder_networks")->value();
$consentProjects = $user->getFlag("constructionConsent_projects")->value();
self::returnJson([
'permissions' => (array)$user->permissions->data,
'preorder_networks' => $preorderNetworks ? json_decode($preorderNetworks, true) : [],
'constructionconsent_projects' => $consentProjects ? json_decode($consentProjects, true) : [],
'vodia_identity_domain' => $user->getFlag("vodia_identity_domain")->value(),
'vodia_identity_default' => $user->getFlag("vodia_identity_default")->value(),
]);
}
protected function generateApikeyAction($request)
{
if (!$this->isAdmin()) {
$this->redirect("Dashboard");
protected function managePermissionTemplatesAction() {
Helper::renderVue($this, "UserPermissionTemplate", "Berechtigungsvorlagen", ["PERMISSIONS_CONFIG" => TT_USER_PERMISSION]);
}
protected function getPermissionTemplatesAction() {
self::returnJson(array_map(
function ($perm) {
$perm = (array)$perm;
$perm['permissions'] = json_decode($perm['permissions'], true) ?: [];
return $perm;
}, UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc'])
));
}
protected function savePermissionTemplateAction() {
if (empty($this->postData['name'])) self::sendError("Template name is required.");
$data = [
'name' => $this->postData['name'],
'permissions' => json_encode($this->postData['permissions'] ?? []),
];
if (empty($this->postData['id'])) {
$data += ['createBy' => $this->user->id, 'create' => time()];
$id = UserPermissionTemplateModel::create($data);
self::returnJson(['success' => true, 'message' => 'Vorlage erstellt.', 'id' => $id]);
}
$template = UserPermissionTemplateModel::get($this->postData['id']);
$data += [
'id' => $this->postData['id'],
'create' => $template->create,
'createBy' => $template->createBy,
];
UserPermissionTemplateModel::update($data);
self::returnJson(['success' => true, 'message' => 'Vorlage gespeichert.']);
}
protected function deletePermissionTemplateAction() {
$post = json_decode(file_get_contents('php://input'), true);
if (empty($post['id'])) self::sendError("Template ID is required.");
UserPermissionTemplateModel::delete($post['id']);
self::returnJson(['success' => true, 'message' => 'Vorlage gelöscht.']);
}
protected function generateApikeyAction($request) {
if (!$this->isAdmin()) $this->redirect("Dashboard");
$id = $request['id'];
if (!is_numeric($id) || $id < 1) {
$this->layout()->setFlash("User nicht gefunden.", "error");
@@ -112,28 +195,19 @@ class UserController extends mfBaseController
}
protected function profileAction($request)
{
}
protected function saveAction()
{
protected function saveAction() {
$r = $this->request;
$id = $r->id;
if (!$this->isAdmin()) {
$id = $this->me->id;
$request['username'] = $this->me->username;
unset($r->address_id);
}
if (!$id && !$r->username) {
self::redirect('User');
}
if (!$id && !$r->username) self::redirect('User');
$user = new User($id);
// check if new user already exits
if ($this->isAdmin() && !$r->id) {
$tu = new User();
$tu->loadByUsername($r->username);
@@ -145,28 +219,16 @@ class UserController extends mfBaseController
$user->active = $r->active === "true" ? 1 : 0;
if (!$user->permissions) {
$user->permissions = new WorkerPermission();
}
if ($r->username) {
$user->username = $r->username;
}
if ($r->name) {
$user->name = $r->name;
}
if ($r->email) {
$user->email = $r->email;
}
if ($r->mobile) {
$user->mobile = $r->mobile;
} else {
$user->mobile = NULL;
}
if (!$user->permissions) $user->permissions = new WorkerPermission();
if ($r->username) $user->username = $r->username;
if ($r->name) $user->name = $r->name;
if ($r->email) $user->email = $r->email;
if ($r->mobile) $user->mobile = $r->mobile;
else $user->mobile = NULL;
if ($this->isAdmin()) {
if ($r->address_id) {
$user->address_id = intval($r->address_id);
//var_dump($user);exit;
$address = new Address($user->address_id);
if (!$address->id) {
throw new Exception("Unbekannte Firma/Person");
@@ -175,12 +237,7 @@ class UserController extends mfBaseController
$user->address_id = null;
}
// 2fa required
if($r->twofactorrequired == "true") {
$user->twofactorrequired = 1;
} else {
$user->twofactorrequired = 0;
}
$user->twofactorrequired = ($r->twofactorrequired == "true") ? 1 : 0;
}
if ($r->password) {
@@ -199,177 +256,69 @@ class UserController extends mfBaseController
$id = $user->save();
if ($this->isAdmin()) {
if ($r->admin == "true" || $user->id == 1) {
$user->permissions->admin = "true";
} else {
$user->permissions->admin = "false";
$user->permissions->admin = ($r->admin == "true" || $user->id == 1) ? "true" : "false";
$user->permissions->employee = ($r->employee == "true") ? "true" : "false";
$user->permissions->technician = ($r->technician == "true") ? "true" : "false";
$user->permissions->preorderfront = ($r->preorderfront == "true") ? "true" : "false";
$user->permissions->preorderlogistics = ($r->preorderlogistics == "true") ? "true" : "false";
$user->permissions->preorderaddressreporting = ($r->preorderaddressreporting == "true") ? "true" : "false";
$user->permissions->preorderreadonly = ($r->preorderreadonly == "true") ? "true" : "false";
$canPermissions = [
'Building', 'Pipework', 'Linework', 'Patching', 'Filestore',
'Cpeprovisioning', 'Cpeshipping', 'Voipnumbering', 'Preorder',
'Preorderpricing', 'PreorderpricingReadonly', 'Preorderbilling',
'PreorderbillingReadonly', 'Order', 'Billing', 'Fibu', 'Statistics',
'WarehouseAdmin', 'WarehouseEShop', 'WarehouseUser', 'ADBExtended',
'AssetAdmin', 'RMLAdmin', 'RMLCompany'
];
foreach ($canPermissions as $perm) {
$user->permissions->{"can" . $perm} = "false";
}
if ($r->employee == "true") {
$user->permissions->employee = "true";
} else {
$user->permissions->employee = "false";
}
if ($r->technician == "true") {
$user->permissions->technician = "true";
} else {
$user->permissions->technician = "false";
}
if ($r->preorderfront == "true") {
$user->permissions->preorderfront = "true";
} else {
$user->permissions->preorderfront = "false";
}
if ($r->preorderlogistics == "true") {
$user->permissions->preorderlogistics = "true";
} else {
$user->permissions->preorderlogistics = "false";
}
if ($r->preorderaddressreporting == "true") {
$user->permissions->preorderaddressreporting = "true";
} else {
$user->permissions->preorderaddressreporting = "false";
}
if ($r->preorderreadonly == "true") {
$user->permissions->preorderreadonly = "true";
} else {
$user->permissions->preorderreadonly = "false";
}
// set can permissions
$user->permissions->canBuilding = "false";
$user->permissions->canPipework = "false";
$user->permissions->canLinework = "false";
$user->permissions->canPatching = "false";
$user->permissions->canFilestore = "false";
$user->permissions->canCpeprovisioning = "false";
$user->permissions->canCpeshipping = "false";
$user->permissions->canVoipnumbering = "false";
$user->permissions->canPreorder = "false";
$user->permissions->canPreorderpricing = "false";
$user->permissions->canPreorderpricingReadonly = "false";
$user->permissions->canPreorderbilling = "false";
$user->permissions->canPreorderbillingReadonly = "false";
$user->permissions->canOrder = "false";
$user->permissions->canBilling = "false";
$user->permissions->canFibu = "false";
$user->permissions->canStatistics = "false";
$user->permissions->canWarehouseAdmin = "false";
$user->permissions->canWarehouseEShop = "false";
$user->permissions->canWarehouseUser = "false";
$user->permissions->canADBExtended = "false";
$user->permissions->canAssetAdmin = "false";
$user->permissions->canRMLAdmin = "false";
$user->permissions->canRMLCompany = "false";
if($r->get("can") && is_array($r->can)) {
foreach($r->can as $key => $can) {
//var_dump($key . "=> ".$can);
if($can) {
$user->permissions->{"can$key"} = "true";
if ($r->get("can") && is_array($r->can)) {
foreach ($r->can as $key => $can) {
if ($can) {
$user->permissions->{"can" . $key} = "true";
}
}
}
}
$user->permissions->save();
// save networks
$pn = $user->getFlag("preorder_networks");
if (is_array($r->preorder_networks) && count($r->preorder_networks)) {
$pn->value(json_encode($r->preorder_networks));
$pn->save();
function handleWorkerFlag(User $user, $request, string $flagName, $requestKey, $permissionCheck = null) {
$flag = new WorkerFlag($user->id, $flagName);
$value = $request->$requestKey;
if ($value && (!$permissionCheck || $user->permissions->$permissionCheck === "true")) {
$flag->value(is_array($value) ? json_encode($value) : $value);
$flag->save();
return true;
}
$flag->delete();
return false;
}
$preorderNetworks = handleWorkerFlag($user, $r, "preorder_networks", "preorder_networks");
if ($preorderNetworks) {
$user->permissions->canPreorder = "true";
$user->permissions->save();
} else {
$pn->delete();
}
$constructionConsentProjects = $user->getFlag("constructionConsent_projects");
if (is_array($r->constructionconsent_projects) && count($r->constructionconsent_projects)) {
$constructionConsentProjects->value(json_encode($r->constructionconsent_projects));
$constructionConsentProjects->save();
} else {
$constructionConsentProjects->delete();
}
// employee number
$enum = new WorkerFlag($user->id, "employee_number");
if($r->employee_number && $user->permissions->employee == "true") {
$enum->value($r->employee_number);
$enum->save();
} else {
$enum->delete();
}
// workerflag for project_api_key
$pak = new WorkerFlag($user->id, "project_api_key");
if($r->project_api_key) {
$pak->value($r->project_api_key);
$pak->save();
} else {
$pak->delete();
}
// vodia identity data
$vid = new WorkerFlag($user->id, "vodia_identity_domain");
if($r->vodia_identity_domain) {
$vid->value($r->vodia_identity_domain);
$vid->save();
} else {
$vid->delete();
}
$viu = new WorkerFlag($user->id, "vodia_identity_username");
if($r->vodia_identity_username) {
$viu->value($r->vodia_identity_username);
$viu->save();
} else {
$viu->delete();
}
$vdi = new WorkerFlag($user->id, "vodia_identity_default");
if($r->vodia_identity_default) {
$vdi->value($r->vodia_identity_default);
$vdi->save();
} else {
$vdi->delete();
}
handleWorkerFlag($user, $r, "constructionConsent_projects", "constructionconsent_projects");
handleWorkerFlag($user, $r, "employee_number", "employee_number", "employee");
handleWorkerFlag($user, $r, "project_api_key", "project_api_key");
handleWorkerFlag($user, $r, "vodia_identity_domain", "vodia_identity_domain");
handleWorkerFlag($user, $r, "vodia_identity_username", "vodia_identity_username");
handleWorkerFlag($user, $r, "vodia_identity_default", "vodia_identity_default");
}
$this->layout()->setFlash("Benutzer gespeichert.", "success");
self::redirect('User');
}
protected function deleteAction($request)
{
$this->layout()->setFlash("nope");
$this->redirect("User");
if (!$this->isAdmin()) {
$this->redirect("Dashboard");
}
$id = $request['id'];
if (!is_numeric($id) || $id <= 0) {
throw new Exception("User $id not found", 604);
}
$user = new User($id);
if ($user->id == $id) {
$user->delete();
}
self::redirect("User");
}
protected function pwchangeAction($request)
{
$me = new User();

170
application/UserEdit/UserEditController.php
View File

@@ -1,170 +0,0 @@
<?php
class UserEditController extends mfBaseController {
public User $user;
private $postData;
protected function init() {
$this->needlogin = true;
$this->user = new User();
$this->user->loadMe();
$this->layout()->set('me', $this->user);
if (!$this->user->isAdmin()) {
$this->redirect("Dashboard");
}
// if post then set postData
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$this->postData = json_decode(file_get_contents('php://input'), true);
}
}
protected function indexAction() {
$id = $this->request->id;
if (!is_numeric($id) || $id <= 0) throw new Exception("User ID is required.", 400);
$user = new User($id);
if (!$user->id) throw new Exception("User not found.", 404);
$preorderNetworks = $user->getFlag("preorder_networks")->value();
$consentProjects = $user->getFlag("constructionConsent_projects")->value();
$userData = $user->toArray();
$userData['permissions'] = (array)$user->permissions->data;
$userData['preorder_networks'] = $preorderNetworks ? json_decode($preorderNetworks, true) : [];
$userData['constructionconsent_projects'] = $consentProjects ? json_decode($consentProjects, true) : [];
$userData['employee_number'] = $user->getFlag("employee_number")->value();
$userData['project_api_key'] = $user->getFlag("project_api_key")->value();
$userData['vodia_identity_domain'] = $user->getFlag("vodia_identity_domain")->value();
$userData['vodia_identity_username'] = $user->getFlag("vodia_identity_username")->value();
$userData['vodia_identity_default'] = $user->getFlag("vodia_identity_default")->value();
$JS_VARIABLES = [
"USER_DATA" => $userData,
"LOOKUPS" => [
"addresses" => array_map(fn($addr) => ['value' => $addr->id, 'text' => ($addr->company) ? $addr->company : $addr->getFullName()], AddressModel::getAll()),
"networks" => array_map(fn($net) => ['value' => $net->id, 'text' => $net->name], NetworkModel::getAll()),
"consentProjects" => array_map(fn($proj) => ['value' => $proj->id, 'text' => $proj->name], ConstructionConsentProject::getAll()),
"permissionTemplates" => UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc']),
"users" => array_map(fn($u) => ['value' => $u->id, 'text' => $u->name], UserModel::search(['active' => 1])),
],
"PERMISSIONS_CONFIG" => $this->getPermissionsConfig(),
"SAVE_URL" => self::getUrl("User", "save"),
"API_KEY_URL" => self::getUrl("User", "generateApikey"),
];
Helper::renderVue($this, "UserEdit", "Benutzer bearbeiten: " . $user->name, $JS_VARIABLES);
}
protected function getUserDataForTemplateAction() {
$id = $this->request->id;
if (!$id) self::sendError("User ID is required.");
$user = new User($id);
if (!$user->id) self::sendError("User not found.");
$preorderNetworks = $user->getFlag("preorder_networks")->value();
$consentProjects = $user->getFlag("constructionConsent_projects")->value();
self::returnJson([
'permissions' => (array)$user->permissions->data,
'preorder_networks' => $preorderNetworks ? json_decode($preorderNetworks, true) : [],
'constructionconsent_projects' => $consentProjects ? json_decode($consentProjects, true) : [],
'vodia_identity_domain' => $user->getFlag("vodia_identity_domain")->value(),
'vodia_identity_default' => $user->getFlag("vodia_identity_default")->value(),
]);
}
protected function managePermissionTemplatesAction() {
Helper::renderVue($this, "UserPermissionTemplate", "Berechtigungsvorlagen", ["PERMISSIONS_CONFIG" => $this->getPermissionsConfig()]);
}
protected function getPermissionTemplatesAction() {
self::returnJson(array_map(
function ($perm) {
$perm = (array)$perm;
$perm['permissions'] = json_decode($perm['permissions'], true) ?: [];
return $perm;
}, UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc'])
));
}
protected function savePermissionTemplateAction() {
if (empty($this->postData['name'])) self::sendError("Template name is required.");
$data = [
'name' => $this->postData['name'],
'permissions' => json_encode($this->postData['permissions'] ?? []),
];
if (empty($this->postData['id'])) {
$data += ['createBy' => $this->user->id, 'create' => time()];
$id = UserPermissionTemplateModel::create($data);
self::returnJson(['success' => true, 'message' => 'Vorlage erstellt.', 'id' => $id]);
}
$template = UserPermissionTemplateModel::get($this->postData['id']);
$data += [
'id' => $this->postData['id'],
'create' => $template->create,
'createBy' => $template->createBy,
];
UserPermissionTemplateModel::update($data);
self::returnJson(['success' => true, 'message' => 'Vorlage gespeichert.']);
}
protected function deletePermissionTemplateAction() {
$post = json_decode(file_get_contents('php://input'), true);
if (empty($post['id'])) self::sendError("Template ID is required.");
UserPermissionTemplateModel::delete($post['id']);
self::returnJson(['success' => true, 'message' => 'Vorlage gelöscht.']);
}
private function getPermissionsConfig(): array {
return [
'Rollen' => [
'admin' => 'Administrator',
'employee' => TT_SYSOWNER_NAME_HTML . ' Mitarbeiter',
'technician' => 'Techniker',
],
'Preorder' => [
'preorderfront' => 'Frontdesk (Semi-Readonly)',
'preorderlogistics' => 'Logistikpartner',
'preorderaddressreporting' => 'Address Reporting API User',
'preorderreadonly' => 'Readonly',
'canPreorder' => 'Modul: Vorbestellung',
'canPreorderpricing' => 'Modul: Bepreisung',
'canPreorderpricingReadonly' => 'Modul: Bepreisung (Readonly)',
'canPreorderbilling' => 'Modul: Verrechnung',
'canPreorderbillingReadonly' => 'Modul: Verrechnung (Readonly)',
],
'Module' => [
'canBuilding' => 'Objekte & Anschlüsse',
'canPipework' => 'Tiefbau',
'canLinework' => 'Leitungsbau',
'canPatching' => 'Patching',
'canFilestore' => 'Filestore (Netzbau)',
'canCpeprovisioning' => 'CPE Provisioning',
'canCpeshipping' => 'CPE Versand',
'canVoipnumbering' => 'VOIP Nummernverwaltung',
'canOrder' => 'Bestellung',
'canBilling' => 'Verrechnung',
],
'Lager' => [
'canWarehouseAdmin' => 'Lager-Admin',
'canWarehouseUser' => 'Lager-User',
'canWarehouseEShop' => 'Energie Steiermark Shop',
],
'Zusatzberechtigungen' => [
'canFibu' => 'Buchhaltung',
'canStatistics' => 'Statistiken',
'canADBExtended' => 'Address-DB erweitert',
'canAssetAdmin' => 'Anlagen-Admin',
'canRMLAdmin' => 'RML-Workorder-Admin',
'canRMLCompany' => 'RML-Workorder-Firma',
]
];
}
}

4
public/js/pages/UserEdit/UserEdit.css
View File

@@ -97,6 +97,10 @@
align-items: end;
}
.password-generation-grid .form-group {
margin-bottom: 0;
}
.selected-items-viewer {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));

36
public/js/pages/UserEdit/UserEdit.js
View File

@@ -10,7 +10,7 @@ Vue.component("UserEdit", {
</tt-tooltip>
</div>
<div class="user-form-grid">
<tt-input label="Username" v-model="user.username" sm/>
<tt-input label="Username" v-model="user.username" sm :disabled="!isNewUser"/>
<tt-input label="Name" v-model="user.name" sm/>
<tt-input label="Email" v-model="user.email" type="email" sm/>
<tt-input label="Handy Nr." v-model="user.mobile" placeholder="+43..." sm/>
@@ -99,7 +99,7 @@ Vue.component("UserEdit", {
</div>
<tt-input label="Passwort wiederholen" v-model="password.repeat" type="password" sm/>
</tt-card>
<tt-card>
<tt-card v-if="!isNewUser">
<label>API Key</label>
<div class="input-group">
<input type="text" class="form-control form-control-sm" :value="user.apikey" readonly>
@@ -164,12 +164,17 @@ Vue.component("UserEdit", {
}
},
computed: {
isNewUser() {
return !this.user.id;
},
templateOptions() {
const options = this.lookups.permissionTemplates.map(t => ({ value: t.id, text: t.name }));
options.unshift({ value: null, text: 'Vorlage auswählen...' });
return options;
},
permissionChangesTooltip() {
if (this.isNewUser) return "Ein neuer Benutzer wird erstellt.";
const added = [];
const removed = [];
for (const key in this.user.permissions) {
@@ -237,7 +242,7 @@ Vue.component("UserEdit", {
async loadDataFromUser(userId) {
if(!userId) return;
try {
const response = await axios.get(`/UserEdit/getUserDataForTemplate?id=${userId}`);
const response = await axios.get(`/User/getUserDataForTemplate?id=${userId}`);
const dataToApply = response.data;
// Apply Permissions
@@ -263,6 +268,13 @@ Vue.component("UserEdit", {
},
saveUser() {
this.isSaving = true;
if (this.isNewUser && !this.user.username) {
window.notify('error', 'Benutzername ist ein Pflichtfeld.');
this.isSaving = false;
return;
}
if (this.password.new && this.password.new !== this.password.repeat) {
window.notify('error', 'Die Passwörter stimmen nicht überein!');
this.isSaving = false;
@@ -274,6 +286,10 @@ Vue.component("UserEdit", {
const fields = ['id', 'username', 'name', 'email', 'mobile', 'address_id', 'employee_number', 'project_api_key', 'vodia_identity_domain', 'vodia_identity_username', 'vodia_identity_default'];
fields.forEach(field => formData.append(field, this.user[field] || ''));
if (this.isNewUser) {
formData.delete('id');
}
// Append booleans as 'true'/'false' strings
formData.append('active', this.user.active ? 'true' : 'false');
formData.append('twofactorrequired', this.user.twofactorrequired ? 'true' : 'false');
@@ -349,7 +365,17 @@ Vue.component("UserEdit", {
});
this.user.permissions = permissions;
this.initialPermissions = JSON.parse(JSON.stringify(permissions)); // Deep copy for change tracking
this.user.active = this.user.active == 1;
this.user.twofactorrequired = this.user.twofactorrequired == 1;
this.user.active = this.user.active == 1 || this.isNewUser;
this.user.twofactorrequired = this.user.twofactorrequired == 1 || this.isNewUser;
// Set default collapse state for new users
if (this.isNewUser) {
this.collapsedSections = {
permissions: false,
employeeSpecific: false,
projects: false,
security: false,
};
}
}
});