diff --git a/Layout/default/User/Form.php b/Layout/default/User/Form.php deleted file mode 100644 index 90945f6e6..000000000 --- a/Layout/default/User/Form.php +++ /dev/null @@ -1,620 +0,0 @@ - - - - -
-
-
-
-
    -
  1. "> -
    2. -
  2. ">Benutzer
    3. -
    4. -
-
-

Benutzer

-
-
-
- - -
"> - -
-
-
-
-

Benutzer bearbeiten

-
-
- - - -
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
-
- - -
- -
is("employee")) ? "hidden" : ""?>> -
- - value() : ""?>" /> -
- -
- - value() : ""?>" /> -
- -
- - value() : ""?>" /> -
- -
- - value() : ""?>" /> - +43 720 123456 -
- -
- - value() : ""?>" /> -
- -
- - -
- -
- - -
-
- - -
- -
- -
- - -
-
-
- -
-
- -

Preorder

- -
- - -
- -
- - - z.B. Meridiam -
- -
- - -
- -
- - id) { - $pns = json_decode((new WorkerFlag($user->id, "preorder_networks"))->value()); - if(!$pns) { - $pns = []; - } - } - - ?> - - Beschränkt Benutzer auf Netzgebiete. Überschreibt Netzgebiete der Firma. Wenn - leer werden Netzgebiete der Firma angezeigt -
- -
- - -
- -

Preorder Module

-
-
-
- can("Preorderpricing")) ? "checked='checked'" : ""?> /> - -
-
- can("PreorderpricingReadonly") ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Preorderbilling")) ? "checked='checked'" : ""?> /> - -
-
- can("PreorderbillingReadonly") ? "checked='checked'" : ""?> /> - -
-
-
-
-
- -
-
- -

Zustimmungserklärungen

- - -
- - id) { - $constructionConsent_projects = json_decode((new WorkerFlag($user->id, "constructionConsent_projects"))->value()); - if(!$constructionConsent_projects) { - $constructionConsent_projects = []; - } - } - - ?> - - Benutzer kann nur Zustimmungserklärungen in diesen Projekten sehen -
- -
-
- - -
-
- -

Modulberechtigungen

- -
-
-
- can("Building")) ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Pipework") ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Linework") ? "checked='checked'" : ""?> /> - -
-
-
-
-
-
- can("Patching") ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Filestore") ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Cpeprovisioning") ? "checked='checked'" : ""?> /> - -
-
-
-
-
-
- can("Cpeshipping") ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Voipnumbering") ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Preorder") ? "checked='checked'" : ""?> /> - -
-
-
-
-
-
- can("Order") ? "checked='checked'" : ""?> /> - -
-
-
-
- can("Billing") ? "checked='checked'" : ""?> /> - -
-
-
- -

Lager

- -
-
-
- can("WarehouseAdmin")) ? "checked='checked'" : ""?> /> - -
-
- -
-
- can("WarehouseUser")) ? "checked='checked'" : ""?> /> - -
-
- -
-
- can("WarehouseEShop")) ? "checked='checked'" : ""?> /> - -
-
-
- -

Zusatzberechtigungen

- -
-
-
- can("Fibu")) ? "checked='checked'" : ""?> /> - -
-
- -
-
- can("Statistics")) ? "checked='checked'" : ""?> /> - -
-
- -
-
- can("ADBExtended")) ? "checked='checked'" : ""?> /> - -
-
- -
-
- can("AssetAdmin")) ? "checked='checked'" : ""?> /> - -
-
- -
-
- can("RMLAdmin")) ? "checked='checked'" : ""?> /> - -
-
- -
-
- can("RMLCompany")) ? "checked='checked'" : ""?> /> - -
-
-
- -
- -
- -
- -
- -
-
-
-
-
-
- -id): ?> -
-
-
-
-

API Key

-
-
-
- -
-
-
"> - - apikey): ?> - - - - - -
- -
- -
-
-
- - - - - - - \ No newline at end of file diff --git a/application/User/UserController.php b/application/User/UserController.php index 7869c1e3b..b96af6425 100644 --- a/application/User/UserController.php +++ b/application/User/UserController.php @@ -17,12 +17,8 @@ class UserController extends mfBaseController $this->me = $me; $this->layout()->set("me", $me); - if (!$me->isAdmin()) { - // all users can call non-action methods - if ($this->action != "" || $request != null) { - $this->redirect("Dashboard"); - } - } + if (!$me->isAdmin() && ($this->action != "" || $request != null)) $this->redirect("Dashboard"); + if ($_SERVER['REQUEST_METHOD'] === 'POST') $this->postData = json_decode(file_get_contents('php://input'), true); } protected function indexAction($request) @@ -45,53 +41,140 @@ class UserController extends mfBaseController "isActive" => $user->active, "id" => $user->id ], UserModel::getAll()), - "ADD_URL" => self::getUrl("User", "add"), - "EDIT_URL" => self::getUrl("User", "edit"), + "ADD_URL" => self::getUrl("User", "Form"), + "EDIT_URL" => self::getUrl("User", "Form"), "IMPERSONATE_URL" => self::getUrl("User", "impersonate"), ]); } - protected function addAction($request) - { - if (!$this->isAdmin()) { - throw new Exception("Forbidden", 403); - } - $this->layout()->setTemplate('User/Form'); + protected function formAction() { + if (!$this->isAdmin()) $this->redirect("Dashboard"); - $roles = TT_NETWORK_ROLES_WITH_OWNER; - $roles[] = "systemowner"; - $addresses = AddressModel::search(["addresstype" => $roles]); - $this->layout()->set("addresses", $addresses); - - if ($this->request->address_id) { - $this->layout()->set("address_id", $this->request->address_id); + $id = $this->request->id; + $user = ($id && is_numeric($id) && $id > 0) ? new User($id) : new User(); + if ($user->id) { + $pageTitle = "Benutzer bearbeiten: " . $user->name; + } else { + $user->id = null; + $user->permissions = (object)['data' => []]; + $pageTitle = "Benutzer erstellen"; } + + if ($user->id && !$user->id) throw new Exception("User not found.", 404); + + $flags = $user->id ? $this->getFlags($user) : []; + + $userData = array_merge( + $user->toArray(), + $flags, + ['permissions' => (array)$user->permissions->data] + ); + + $lookups = [ + "addresses" => array_map(fn($addr) => ['value' => $addr->id, 'text' => $addr->company ?: $addr->getFullName()], AddressModel::getAll()), + "networks" => array_map(fn($net) => ['value' => $net->id, 'text' => $net->name], NetworkModel::getAll()), + "consentProjects" => array_map(fn($proj) => ['value' => $proj->id, 'text' => $proj->name], ConstructionConsentProject::getAll()), + "permissionTemplates" => UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc']), + "users" => array_map(fn($u) => ['value' => $u->id, 'text' => $u->name], UserModel::search(['active' => 1])), + ]; + + Helper::renderVue($this, "UserEdit", $pageTitle, [ + "USER_DATA" => $userData, + "LOOKUPS" => $lookups, + "PERMISSIONS_CONFIG" => TT_USER_PERMISSION, + "SAVE_URL" => self::getUrl("User", "save"), + "API_KEY_URL" => self::getUrl("User", "generateApikey"), + ]); } - protected function editAction($request) - { - if (!$this->isAdmin()) { - throw new Exception("Forbidden", 403); - } - $this->layout()->setTemplate('User/Form'); + private function getFlags(User $user): array { + $flags = [ + 'preorder_networks' => $user->getFlag("preorder_networks")->value(), + 'constructionconsent_projects' => $user->getFlag("constructionConsent_projects")->value(), + 'employee_number' => $user->getFlag("employee_number")->value(), + 'project_api_key' => $user->getFlag("project_api_key")->value(), + 'vodia_identity_domain' => $user->getFlag("vodia_identity_domain")->value(), + 'vodia_identity_username' => $user->getFlag("vodia_identity_username")->value(), + 'vodia_identity_default' => $user->getFlag("vodia_identity_default")->value(), + ]; - $id = $request['id']; - if (!is_numeric($id) || $id <= 0) { - throw new Exception("User $id not found", 604); - } + $jsonKeys = ['preorder_networks', 'constructionconsent_projects']; + foreach ($flags as $key => &$value) + if (in_array($key, $jsonKeys) && $value) $value = json_decode($value, true); + return $flags; + } + + + protected function getUserDataForTemplateAction() { + $id = $this->request->id; + if (!$id) self::sendError("User ID is required."); $user = new User($id); - $this->layout()->set('user', $user); + if (!$user->id) self::sendError("User not found."); - $addresses = AddressModel::getAll(); - $this->layout()->set("addresses", $addresses); + $preorderNetworks = $user->getFlag("preorder_networks")->value(); + $consentProjects = $user->getFlag("constructionConsent_projects")->value(); + + self::returnJson([ + 'permissions' => (array)$user->permissions->data, + 'preorder_networks' => $preorderNetworks ? json_decode($preorderNetworks, true) : [], + 'constructionconsent_projects' => $consentProjects ? json_decode($consentProjects, true) : [], + 'vodia_identity_domain' => $user->getFlag("vodia_identity_domain")->value(), + 'vodia_identity_default' => $user->getFlag("vodia_identity_default")->value(), + ]); } - protected function generateApikeyAction($request) - { - if (!$this->isAdmin()) { - $this->redirect("Dashboard"); + protected function managePermissionTemplatesAction() { + Helper::renderVue($this, "UserPermissionTemplate", "Berechtigungsvorlagen", ["PERMISSIONS_CONFIG" => TT_USER_PERMISSION]); + } + + protected function getPermissionTemplatesAction() { + self::returnJson(array_map( + function ($perm) { + $perm = (array)$perm; + $perm['permissions'] = json_decode($perm['permissions'], true) ?: []; + return $perm; + }, UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc']) + )); + } + + protected function savePermissionTemplateAction() { + if (empty($this->postData['name'])) self::sendError("Template name is required."); + + $data = [ + 'name' => $this->postData['name'], + 'permissions' => json_encode($this->postData['permissions'] ?? []), + ]; + + if (empty($this->postData['id'])) { + $data += ['createBy' => $this->user->id, 'create' => time()]; + $id = UserPermissionTemplateModel::create($data); + self::returnJson(['success' => true, 'message' => 'Vorlage erstellt.', 'id' => $id]); } + + $template = UserPermissionTemplateModel::get($this->postData['id']); + $data += [ + 'id' => $this->postData['id'], + 'create' => $template->create, + 'createBy' => $template->createBy, + ]; + + UserPermissionTemplateModel::update($data); + self::returnJson(['success' => true, 'message' => 'Vorlage gespeichert.']); + } + + protected function deletePermissionTemplateAction() { + $post = json_decode(file_get_contents('php://input'), true); + if (empty($post['id'])) self::sendError("Template ID is required."); + UserPermissionTemplateModel::delete($post['id']); + self::returnJson(['success' => true, 'message' => 'Vorlage gelöscht.']); + } + + + + protected function generateApikeyAction($request) { + if (!$this->isAdmin()) $this->redirect("Dashboard"); + $id = $request['id']; if (!is_numeric($id) || $id < 1) { $this->layout()->setFlash("User nicht gefunden.", "error"); @@ -112,28 +195,19 @@ class UserController extends mfBaseController } - protected function profileAction($request) - { - - } - - protected function saveAction() - { + protected function saveAction() { $r = $this->request; $id = $r->id; + if (!$this->isAdmin()) { $id = $this->me->id; $request['username'] = $this->me->username; unset($r->address_id); } - if (!$id && !$r->username) { - self::redirect('User'); - } + if (!$id && !$r->username) self::redirect('User'); $user = new User($id); - - // check if new user already exits if ($this->isAdmin() && !$r->id) { $tu = new User(); $tu->loadByUsername($r->username); @@ -145,28 +219,16 @@ class UserController extends mfBaseController $user->active = $r->active === "true" ? 1 : 0; - if (!$user->permissions) { - $user->permissions = new WorkerPermission(); - } - if ($r->username) { - $user->username = $r->username; - } - if ($r->name) { - $user->name = $r->name; - } - if ($r->email) { - $user->email = $r->email; - } - if ($r->mobile) { - $user->mobile = $r->mobile; - } else { - $user->mobile = NULL; - } + if (!$user->permissions) $user->permissions = new WorkerPermission(); + if ($r->username) $user->username = $r->username; + if ($r->name) $user->name = $r->name; + if ($r->email) $user->email = $r->email; + if ($r->mobile) $user->mobile = $r->mobile; + else $user->mobile = NULL; if ($this->isAdmin()) { if ($r->address_id) { $user->address_id = intval($r->address_id); - //var_dump($user);exit; $address = new Address($user->address_id); if (!$address->id) { throw new Exception("Unbekannte Firma/Person"); @@ -175,12 +237,7 @@ class UserController extends mfBaseController $user->address_id = null; } - // 2fa required - if($r->twofactorrequired == "true") { - $user->twofactorrequired = 1; - } else { - $user->twofactorrequired = 0; - } + $user->twofactorrequired = ($r->twofactorrequired == "true") ? 1 : 0; } if ($r->password) { @@ -199,177 +256,69 @@ class UserController extends mfBaseController $id = $user->save(); if ($this->isAdmin()) { - if ($r->admin == "true" || $user->id == 1) { - $user->permissions->admin = "true"; - } else { - $user->permissions->admin = "false"; + $user->permissions->admin = ($r->admin == "true" || $user->id == 1) ? "true" : "false"; + $user->permissions->employee = ($r->employee == "true") ? "true" : "false"; + $user->permissions->technician = ($r->technician == "true") ? "true" : "false"; + $user->permissions->preorderfront = ($r->preorderfront == "true") ? "true" : "false"; + $user->permissions->preorderlogistics = ($r->preorderlogistics == "true") ? "true" : "false"; + $user->permissions->preorderaddressreporting = ($r->preorderaddressreporting == "true") ? "true" : "false"; + $user->permissions->preorderreadonly = ($r->preorderreadonly == "true") ? "true" : "false"; + + $canPermissions = [ + 'Building', 'Pipework', 'Linework', 'Patching', 'Filestore', + 'Cpeprovisioning', 'Cpeshipping', 'Voipnumbering', 'Preorder', + 'Preorderpricing', 'PreorderpricingReadonly', 'Preorderbilling', + 'PreorderbillingReadonly', 'Order', 'Billing', 'Fibu', 'Statistics', + 'WarehouseAdmin', 'WarehouseEShop', 'WarehouseUser', 'ADBExtended', + 'AssetAdmin', 'RMLAdmin', 'RMLCompany' + ]; + + foreach ($canPermissions as $perm) { + $user->permissions->{"can" . $perm} = "false"; } - if ($r->employee == "true") { - $user->permissions->employee = "true"; - } else { - $user->permissions->employee = "false"; - } - - if ($r->technician == "true") { - $user->permissions->technician = "true"; - } else { - $user->permissions->technician = "false"; - } - - if ($r->preorderfront == "true") { - $user->permissions->preorderfront = "true"; - } else { - $user->permissions->preorderfront = "false"; - } - - if ($r->preorderlogistics == "true") { - $user->permissions->preorderlogistics = "true"; - } else { - $user->permissions->preorderlogistics = "false"; - } - - if ($r->preorderaddressreporting == "true") { - $user->permissions->preorderaddressreporting = "true"; - } else { - $user->permissions->preorderaddressreporting = "false"; - } - - if ($r->preorderreadonly == "true") { - $user->permissions->preorderreadonly = "true"; - } else { - $user->permissions->preorderreadonly = "false"; - } - - // set can permissions - $user->permissions->canBuilding = "false"; - $user->permissions->canPipework = "false"; - $user->permissions->canLinework = "false"; - $user->permissions->canPatching = "false"; - $user->permissions->canFilestore = "false"; - $user->permissions->canCpeprovisioning = "false"; - $user->permissions->canCpeshipping = "false"; - $user->permissions->canVoipnumbering = "false"; - $user->permissions->canPreorder = "false"; - $user->permissions->canPreorderpricing = "false"; - $user->permissions->canPreorderpricingReadonly = "false"; - $user->permissions->canPreorderbilling = "false"; - $user->permissions->canPreorderbillingReadonly = "false"; - $user->permissions->canOrder = "false"; - $user->permissions->canBilling = "false"; - $user->permissions->canFibu = "false"; - $user->permissions->canStatistics = "false"; - $user->permissions->canWarehouseAdmin = "false"; - $user->permissions->canWarehouseEShop = "false"; - $user->permissions->canWarehouseUser = "false"; - $user->permissions->canADBExtended = "false"; - $user->permissions->canAssetAdmin = "false"; - $user->permissions->canRMLAdmin = "false"; - $user->permissions->canRMLCompany = "false"; - - if($r->get("can") && is_array($r->can)) { - foreach($r->can as $key => $can) { - //var_dump($key . "=> ".$can); - if($can) { - $user->permissions->{"can$key"} = "true"; + if ($r->get("can") && is_array($r->can)) { + foreach ($r->can as $key => $can) { + if ($can) { + $user->permissions->{"can" . $key} = "true"; + } } - } } $user->permissions->save(); - // save networks - $pn = $user->getFlag("preorder_networks"); - if (is_array($r->preorder_networks) && count($r->preorder_networks)) { - $pn->value(json_encode($r->preorder_networks)); - $pn->save(); + function handleWorkerFlag(User $user, $request, string $flagName, $requestKey, $permissionCheck = null) { + $flag = new WorkerFlag($user->id, $flagName); + $value = $request->$requestKey; + if ($value && (!$permissionCheck || $user->permissions->$permissionCheck === "true")) { + $flag->value(is_array($value) ? json_encode($value) : $value); + $flag->save(); + return true; + } + + $flag->delete(); + return false; + } + + $preorderNetworks = handleWorkerFlag($user, $r, "preorder_networks", "preorder_networks"); + if ($preorderNetworks) { $user->permissions->canPreorder = "true"; $user->permissions->save(); - } else { - $pn->delete(); } - $constructionConsentProjects = $user->getFlag("constructionConsent_projects"); - if (is_array($r->constructionconsent_projects) && count($r->constructionconsent_projects)) { - $constructionConsentProjects->value(json_encode($r->constructionconsent_projects)); - $constructionConsentProjects->save(); - } else { - $constructionConsentProjects->delete(); - } - - // employee number - $enum = new WorkerFlag($user->id, "employee_number"); - if($r->employee_number && $user->permissions->employee == "true") { - $enum->value($r->employee_number); - $enum->save(); - } else { - $enum->delete(); - } - - // workerflag for project_api_key - $pak = new WorkerFlag($user->id, "project_api_key"); - if($r->project_api_key) { - $pak->value($r->project_api_key); - $pak->save(); - } else { - $pak->delete(); - } - - // vodia identity data - $vid = new WorkerFlag($user->id, "vodia_identity_domain"); - if($r->vodia_identity_domain) { - $vid->value($r->vodia_identity_domain); - $vid->save(); - } else { - $vid->delete(); - } - - $viu = new WorkerFlag($user->id, "vodia_identity_username"); - if($r->vodia_identity_username) { - $viu->value($r->vodia_identity_username); - $viu->save(); - } else { - $viu->delete(); - } - - $vdi = new WorkerFlag($user->id, "vodia_identity_default"); - if($r->vodia_identity_default) { - $vdi->value($r->vodia_identity_default); - $vdi->save(); - } else { - $vdi->delete(); - } - - + handleWorkerFlag($user, $r, "constructionConsent_projects", "constructionconsent_projects"); + handleWorkerFlag($user, $r, "employee_number", "employee_number", "employee"); + handleWorkerFlag($user, $r, "project_api_key", "project_api_key"); + handleWorkerFlag($user, $r, "vodia_identity_domain", "vodia_identity_domain"); + handleWorkerFlag($user, $r, "vodia_identity_username", "vodia_identity_username"); + handleWorkerFlag($user, $r, "vodia_identity_default", "vodia_identity_default"); } $this->layout()->setFlash("Benutzer gespeichert.", "success"); self::redirect('User'); } - protected function deleteAction($request) - { - $this->layout()->setFlash("nope"); - $this->redirect("User"); - - if (!$this->isAdmin()) { - $this->redirect("Dashboard"); - } - $id = $request['id']; - - if (!is_numeric($id) || $id <= 0) { - throw new Exception("User $id not found", 604); - } - - $user = new User($id); - if ($user->id == $id) { - $user->delete(); - } - - self::redirect("User"); - } - protected function pwchangeAction($request) { $me = new User(); diff --git a/application/UserEdit/UserEditController.php b/application/UserEdit/UserEditController.php deleted file mode 100644 index c49d9f1f9..000000000 --- a/application/UserEdit/UserEditController.php +++ /dev/null @@ -1,170 +0,0 @@ -needlogin = true; - $this->user = new User(); - $this->user->loadMe(); - $this->layout()->set('me', $this->user); - - if (!$this->user->isAdmin()) { - $this->redirect("Dashboard"); - } - - // if post then set postData - if ($_SERVER['REQUEST_METHOD'] === 'POST') { - $this->postData = json_decode(file_get_contents('php://input'), true); - } - } - - protected function indexAction() { - $id = $this->request->id; - if (!is_numeric($id) || $id <= 0) throw new Exception("User ID is required.", 400); - - $user = new User($id); - if (!$user->id) throw new Exception("User not found.", 404); - - $preorderNetworks = $user->getFlag("preorder_networks")->value(); - $consentProjects = $user->getFlag("constructionConsent_projects")->value(); - - $userData = $user->toArray(); - $userData['permissions'] = (array)$user->permissions->data; - $userData['preorder_networks'] = $preorderNetworks ? json_decode($preorderNetworks, true) : []; - $userData['constructionconsent_projects'] = $consentProjects ? json_decode($consentProjects, true) : []; - $userData['employee_number'] = $user->getFlag("employee_number")->value(); - $userData['project_api_key'] = $user->getFlag("project_api_key")->value(); - $userData['vodia_identity_domain'] = $user->getFlag("vodia_identity_domain")->value(); - $userData['vodia_identity_username'] = $user->getFlag("vodia_identity_username")->value(); - $userData['vodia_identity_default'] = $user->getFlag("vodia_identity_default")->value(); - - - $JS_VARIABLES = [ - "USER_DATA" => $userData, - "LOOKUPS" => [ - "addresses" => array_map(fn($addr) => ['value' => $addr->id, 'text' => ($addr->company) ? $addr->company : $addr->getFullName()], AddressModel::getAll()), - "networks" => array_map(fn($net) => ['value' => $net->id, 'text' => $net->name], NetworkModel::getAll()), - "consentProjects" => array_map(fn($proj) => ['value' => $proj->id, 'text' => $proj->name], ConstructionConsentProject::getAll()), - "permissionTemplates" => UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc']), - "users" => array_map(fn($u) => ['value' => $u->id, 'text' => $u->name], UserModel::search(['active' => 1])), - ], - "PERMISSIONS_CONFIG" => $this->getPermissionsConfig(), - "SAVE_URL" => self::getUrl("User", "save"), - "API_KEY_URL" => self::getUrl("User", "generateApikey"), - ]; - - Helper::renderVue($this, "UserEdit", "Benutzer bearbeiten: " . $user->name, $JS_VARIABLES); - } - - protected function getUserDataForTemplateAction() { - $id = $this->request->id; - if (!$id) self::sendError("User ID is required."); - $user = new User($id); - if (!$user->id) self::sendError("User not found."); - - $preorderNetworks = $user->getFlag("preorder_networks")->value(); - $consentProjects = $user->getFlag("constructionConsent_projects")->value(); - - self::returnJson([ - 'permissions' => (array)$user->permissions->data, - 'preorder_networks' => $preorderNetworks ? json_decode($preorderNetworks, true) : [], - 'constructionconsent_projects' => $consentProjects ? json_decode($consentProjects, true) : [], - 'vodia_identity_domain' => $user->getFlag("vodia_identity_domain")->value(), - 'vodia_identity_default' => $user->getFlag("vodia_identity_default")->value(), - ]); - } - - protected function managePermissionTemplatesAction() { - Helper::renderVue($this, "UserPermissionTemplate", "Berechtigungsvorlagen", ["PERMISSIONS_CONFIG" => $this->getPermissionsConfig()]); - } - - protected function getPermissionTemplatesAction() { - self::returnJson(array_map( - function ($perm) { - $perm = (array)$perm; - $perm['permissions'] = json_decode($perm['permissions'], true) ?: []; - return $perm; - }, UserPermissionTemplateModel::getAll([], null, 0, ['key' => 'name', 'order' => 'asc']) - )); - } - - protected function savePermissionTemplateAction() { - if (empty($this->postData['name'])) self::sendError("Template name is required."); - - $data = [ - 'name' => $this->postData['name'], - 'permissions' => json_encode($this->postData['permissions'] ?? []), - ]; - - if (empty($this->postData['id'])) { - $data += ['createBy' => $this->user->id, 'create' => time()]; - $id = UserPermissionTemplateModel::create($data); - self::returnJson(['success' => true, 'message' => 'Vorlage erstellt.', 'id' => $id]); - } - - $template = UserPermissionTemplateModel::get($this->postData['id']); - $data += [ - 'id' => $this->postData['id'], - 'create' => $template->create, - 'createBy' => $template->createBy, - ]; - - UserPermissionTemplateModel::update($data); - self::returnJson(['success' => true, 'message' => 'Vorlage gespeichert.']); - } - - protected function deletePermissionTemplateAction() { - $post = json_decode(file_get_contents('php://input'), true); - if (empty($post['id'])) self::sendError("Template ID is required."); - UserPermissionTemplateModel::delete($post['id']); - self::returnJson(['success' => true, 'message' => 'Vorlage gelöscht.']); - } - - private function getPermissionsConfig(): array { - return [ - 'Rollen' => [ - 'admin' => 'Administrator', - 'employee' => TT_SYSOWNER_NAME_HTML . ' Mitarbeiter', - 'technician' => 'Techniker', - ], - 'Preorder' => [ - 'preorderfront' => 'Frontdesk (Semi-Readonly)', - 'preorderlogistics' => 'Logistikpartner', - 'preorderaddressreporting' => 'Address Reporting API User', - 'preorderreadonly' => 'Readonly', - 'canPreorder' => 'Modul: Vorbestellung', - 'canPreorderpricing' => 'Modul: Bepreisung', - 'canPreorderpricingReadonly' => 'Modul: Bepreisung (Readonly)', - 'canPreorderbilling' => 'Modul: Verrechnung', - 'canPreorderbillingReadonly' => 'Modul: Verrechnung (Readonly)', - ], - 'Module' => [ - 'canBuilding' => 'Objekte & Anschlüsse', - 'canPipework' => 'Tiefbau', - 'canLinework' => 'Leitungsbau', - 'canPatching' => 'Patching', - 'canFilestore' => 'Filestore (Netzbau)', - 'canCpeprovisioning' => 'CPE Provisioning', - 'canCpeshipping' => 'CPE Versand', - 'canVoipnumbering' => 'VOIP Nummernverwaltung', - 'canOrder' => 'Bestellung', - 'canBilling' => 'Verrechnung', - ], - 'Lager' => [ - 'canWarehouseAdmin' => 'Lager-Admin', - 'canWarehouseUser' => 'Lager-User', - 'canWarehouseEShop' => 'Energie Steiermark Shop', - ], - 'Zusatzberechtigungen' => [ - 'canFibu' => 'Buchhaltung', - 'canStatistics' => 'Statistiken', - 'canADBExtended' => 'Address-DB erweitert', - 'canAssetAdmin' => 'Anlagen-Admin', - 'canRMLAdmin' => 'RML-Workorder-Admin', - 'canRMLCompany' => 'RML-Workorder-Firma', - ] - ]; - } -} \ No newline at end of file diff --git a/public/js/pages/UserEdit/UserEdit.css b/public/js/pages/UserEdit/UserEdit.css index c19304306..ffbe45d53 100644 --- a/public/js/pages/UserEdit/UserEdit.css +++ b/public/js/pages/UserEdit/UserEdit.css @@ -97,6 +97,10 @@ align-items: end; } +.password-generation-grid .form-group { + margin-bottom: 0; +} + .selected-items-viewer { display: grid; grid-template-columns: repeat(auto-fit, minmax(300px, 1fr)); diff --git a/public/js/pages/UserEdit/UserEdit.js b/public/js/pages/UserEdit/UserEdit.js index f4570f813..e3fd97d56 100644 --- a/public/js/pages/UserEdit/UserEdit.js +++ b/public/js/pages/UserEdit/UserEdit.js @@ -10,7 +10,7 @@ Vue.component("UserEdit", {
- + @@ -99,7 +99,7 @@ Vue.component("UserEdit", {
- +
@@ -164,12 +164,17 @@ Vue.component("UserEdit", { } }, computed: { + isNewUser() { + return !this.user.id; + }, templateOptions() { const options = this.lookups.permissionTemplates.map(t => ({ value: t.id, text: t.name })); options.unshift({ value: null, text: 'Vorlage auswählen...' }); return options; }, permissionChangesTooltip() { + if (this.isNewUser) return "Ein neuer Benutzer wird erstellt."; + const added = []; const removed = []; for (const key in this.user.permissions) { @@ -237,7 +242,7 @@ Vue.component("UserEdit", { async loadDataFromUser(userId) { if(!userId) return; try { - const response = await axios.get(`/UserEdit/getUserDataForTemplate?id=${userId}`); + const response = await axios.get(`/User/getUserDataForTemplate?id=${userId}`); const dataToApply = response.data; // Apply Permissions @@ -263,6 +268,13 @@ Vue.component("UserEdit", { }, saveUser() { this.isSaving = true; + + if (this.isNewUser && !this.user.username) { + window.notify('error', 'Benutzername ist ein Pflichtfeld.'); + this.isSaving = false; + return; + } + if (this.password.new && this.password.new !== this.password.repeat) { window.notify('error', 'Die Passwörter stimmen nicht überein!'); this.isSaving = false; @@ -274,6 +286,10 @@ Vue.component("UserEdit", { const fields = ['id', 'username', 'name', 'email', 'mobile', 'address_id', 'employee_number', 'project_api_key', 'vodia_identity_domain', 'vodia_identity_username', 'vodia_identity_default']; fields.forEach(field => formData.append(field, this.user[field] || '')); + if (this.isNewUser) { + formData.delete('id'); + } + // Append booleans as 'true'/'false' strings formData.append('active', this.user.active ? 'true' : 'false'); formData.append('twofactorrequired', this.user.twofactorrequired ? 'true' : 'false'); @@ -349,7 +365,17 @@ Vue.component("UserEdit", { }); this.user.permissions = permissions; this.initialPermissions = JSON.parse(JSON.stringify(permissions)); // Deep copy for change tracking - this.user.active = this.user.active == 1; - this.user.twofactorrequired = this.user.twofactorrequired == 1; + this.user.active = this.user.active == 1 || this.isNewUser; + this.user.twofactorrequired = this.user.twofactorrequired == 1 || this.isNewUser; + + // Set default collapse state for new users + if (this.isNewUser) { + this.collapsedSections = { + permissions: false, + employeeSpecific: false, + projects: false, + security: false, + }; + } } }); \ No newline at end of file