2021-10-08 10:27:40 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Controller;
|
|
|
|
|
|
|
|
|
|
use App\Controller\AppController;
|
|
|
|
|
use Cake\Utility\Hash;
|
|
|
|
|
use Cake\Utility\Text;
|
|
|
|
|
use \Cake\Database\Expression\QueryExpression;
|
|
|
|
|
use Cake\Http\Exception\NotFoundException;
|
|
|
|
|
use Cake\Http\Exception\MethodNotAllowedException;
|
|
|
|
|
use Cake\Http\Exception\ForbiddenException;
|
2022-01-17 15:24:30 +01:00
|
|
|
use Cake\Http\Exception\UnauthorizedException;
|
|
|
|
|
|
2021-10-08 10:27:40 +02:00
|
|
|
|
|
|
|
|
class UserSettingsController extends AppController
|
|
|
|
|
{
|
|
|
|
|
public $quickFilterFields = [['name' => true], ['value' => true]];
|
|
|
|
|
public $filterFields = ['name', 'value', 'Users.id'];
|
|
|
|
|
public $containFields = ['Users'];
|
|
|
|
|
|
|
|
|
|
public function index()
|
|
|
|
|
{
|
|
|
|
|
$conditions = [];
|
2022-01-17 15:24:30 +01:00
|
|
|
$currentUser = $this->ACL->getUser();
|
|
|
|
|
if (empty($currentUser['role']['perm_admin'])) {
|
|
|
|
|
$conditions['user_id'] = $currentUser->id;
|
|
|
|
|
}
|
2021-10-08 10:27:40 +02:00
|
|
|
$this->CRUD->index([
|
2022-01-17 15:24:30 +01:00
|
|
|
'conditions' => $conditions,
|
2021-10-08 10:27:40 +02:00
|
|
|
'contain' => $this->containFields,
|
|
|
|
|
'filters' => $this->filterFields,
|
|
|
|
|
'quickFilters' => $this->quickFilterFields,
|
|
|
|
|
]);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
if (!empty($this->request->getQuery('Users_id'))) {
|
|
|
|
|
$settingsForUser = $this->UserSettings->Users->find()->where([
|
|
|
|
|
'id' => $this->request->getQuery('Users_id')
|
|
|
|
|
])->first();
|
|
|
|
|
$this->set('settingsForUser', $settingsForUser);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-08 16:49:12 +02:00
|
|
|
public function view($id)
|
|
|
|
|
{
|
2022-01-17 15:24:30 +01:00
|
|
|
if (!$this->isLoggedUserAllowedToEdit($id)) {
|
|
|
|
|
throw new NotFoundException(__('Invalid {0}.', 'user setting'));
|
|
|
|
|
}
|
2021-10-08 16:49:12 +02:00
|
|
|
$this->CRUD->view($id, [
|
|
|
|
|
'contain' => ['Users']
|
|
|
|
|
]);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-08 10:27:40 +02:00
|
|
|
public function add($user_id = false)
|
|
|
|
|
{
|
2022-01-17 15:24:30 +01:00
|
|
|
$currentUser = $this->ACL->getUser();
|
2021-10-08 10:27:40 +02:00
|
|
|
$this->CRUD->add([
|
|
|
|
|
'redirect' => ['action' => 'index', $user_id],
|
2022-01-17 15:24:30 +01:00
|
|
|
'beforeSave' => function ($data) use ($currentUser) {
|
|
|
|
|
if (empty($currentUser['role']['perm_admin'])) {
|
|
|
|
|
$data['user_id'] = $currentUser->id;
|
|
|
|
|
}
|
2021-10-08 10:27:40 +02:00
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
]);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
2022-01-17 15:24:30 +01:00
|
|
|
$allUsers = $this->UserSettings->Users->find('list', ['keyField' => 'id', 'valueField' => 'username'])->order(['username' => 'ASC']);
|
|
|
|
|
if (empty($currentUser['role']['perm_admin'])) {
|
|
|
|
|
$allUsers->where(['id' => $currentUser->id]);
|
|
|
|
|
$user_id = $currentUser->id;
|
|
|
|
|
}
|
2021-10-08 10:27:40 +02:00
|
|
|
$dropdownData = [
|
2022-01-17 15:24:30 +01:00
|
|
|
'user' => $allUsers->all()->toArray(),
|
2021-10-08 10:27:40 +02:00
|
|
|
];
|
|
|
|
|
$this->set(compact('dropdownData'));
|
|
|
|
|
$this->set('user_id', $user_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function edit($id)
|
|
|
|
|
{
|
|
|
|
|
$entity = $this->UserSettings->find()->where([
|
|
|
|
|
'id' => $id
|
|
|
|
|
])->first();
|
2022-01-17 15:24:30 +01:00
|
|
|
|
|
|
|
|
if (!$this->isLoggedUserAllowedToEdit($entity)) {
|
|
|
|
|
throw new NotFoundException(__('Invalid {0}.', 'user setting'));
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-08 10:27:40 +02:00
|
|
|
$entity = $this->CRUD->edit($id, [
|
|
|
|
|
'redirect' => ['action' => 'index', $entity->user_id]
|
|
|
|
|
]);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
$dropdownData = [
|
|
|
|
|
'user' => $this->UserSettings->Users->find('list', [
|
|
|
|
|
'sort' => ['username' => 'asc']
|
|
|
|
|
]),
|
|
|
|
|
];
|
|
|
|
|
$this->set(compact('dropdownData'));
|
|
|
|
|
$this->set('user_id', $this->entity->user_id);
|
|
|
|
|
$this->render('add');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function delete($id)
|
|
|
|
|
{
|
2022-01-17 15:24:30 +01:00
|
|
|
if (!$this->isLoggedUserAllowedToEdit($id)) {
|
|
|
|
|
throw new NotFoundException(__('Invalid {0}.', 'user setting'));
|
|
|
|
|
}
|
2021-10-08 10:27:40 +02:00
|
|
|
$this->CRUD->delete($id);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-08 16:49:12 +02:00
|
|
|
public function getSettingByName($settingsName)
|
|
|
|
|
{
|
|
|
|
|
$setting = $this->UserSettings->getSettingByName($this->ACL->getUser(), $settingsName);
|
|
|
|
|
if (is_null($setting)) {
|
|
|
|
|
throw new NotFoundException(__('Invalid {0} for user {1}.', __('User setting'), $this->ACL->getUser()->username));
|
|
|
|
|
}
|
|
|
|
|
$this->CRUD->view($setting->id, [
|
|
|
|
|
'contain' => ['Users']
|
|
|
|
|
]);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
$this->render('view');
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-18 13:28:26 +02:00
|
|
|
public function setSetting($settingsName = false)
|
2021-10-08 16:49:12 +02:00
|
|
|
{
|
|
|
|
|
if (!$this->request->is('get')) {
|
|
|
|
|
$setting = $this->UserSettings->getSettingByName($this->ACL->getUser(), $settingsName);
|
|
|
|
|
if (is_null($setting)) { // setting not found, create it
|
|
|
|
|
$result = $this->UserSettings->createSetting($this->ACL->getUser(), $settingsName, $this->request->getData()['value']);
|
|
|
|
|
} else {
|
|
|
|
|
$result = $this->UserSettings->editSetting($this->ACL->getUser(), $settingsName, $this->request->getData()['value']);
|
|
|
|
|
}
|
|
|
|
|
$success = !empty($result);
|
|
|
|
|
$message = $success ? __('Setting saved') : __('Could not save setting');
|
|
|
|
|
$this->CRUD->setResponseForController('setSetting', $success, $message, $result);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$this->set('settingName', $settingsName);
|
|
|
|
|
}
|
2021-10-08 16:57:38 +02:00
|
|
|
|
2021-10-18 13:28:26 +02:00
|
|
|
public function saveSetting()
|
|
|
|
|
{
|
|
|
|
|
if ($this->request->is('post')) {
|
|
|
|
|
$data = $this->ParamHandler->harvestParams([
|
|
|
|
|
'name',
|
|
|
|
|
'value'
|
|
|
|
|
]);
|
|
|
|
|
$setting = $this->UserSettings->getSettingByName($this->ACL->getUser(), $data['name']);
|
|
|
|
|
if (is_null($setting)) { // setting not found, create it
|
|
|
|
|
$result = $this->UserSettings->createSetting($this->ACL->getUser(), $data['name'], $data['value']);
|
|
|
|
|
} else {
|
|
|
|
|
$result = $this->UserSettings->editSetting($this->ACL->getUser(), $data['name'], $data['value']);
|
|
|
|
|
}
|
|
|
|
|
$success = !empty($result);
|
|
|
|
|
$message = $success ? __('Setting saved') : __('Could not save setting');
|
|
|
|
|
$this->CRUD->setResponseForController('setSetting', $success, $message, $result);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-17 15:24:30 +01:00
|
|
|
public function getBookmarks($forSidebar = false)
|
2021-10-18 13:28:26 +02:00
|
|
|
{
|
|
|
|
|
$bookmarks = $this->UserSettings->getSettingByName($this->ACL->getUser(), $this->UserSettings->BOOKMARK_SETTING_NAME);
|
|
|
|
|
$bookmarks = json_decode($bookmarks['value'], true);
|
|
|
|
|
$this->set('user_id', $this->ACL->getUser()->id);
|
|
|
|
|
$this->set('bookmarks', $bookmarks);
|
|
|
|
|
$this->set('forSidebar', $forSidebar);
|
|
|
|
|
$this->render('/element/UserSettings/saved-bookmarks');
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-08 16:57:38 +02:00
|
|
|
public function saveBookmark()
|
|
|
|
|
{
|
|
|
|
|
if (!$this->request->is('get')) {
|
|
|
|
|
$result = $this->UserSettings->saveBookmark($this->ACL->getUser(), $this->request->getData());
|
|
|
|
|
$success = !empty($result);
|
|
|
|
|
$message = $success ? __('Bookmark saved') : __('Could not save bookmark');
|
|
|
|
|
$this->CRUD->setResponseForController('saveBookmark', $success, $message, $result);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$this->set('user_id', $this->ACL->getUser()->id);
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-18 13:28:26 +02:00
|
|
|
public function deleteBookmark()
|
|
|
|
|
{
|
|
|
|
|
if (!$this->request->is('get')) {
|
|
|
|
|
$result = $this->UserSettings->deleteBookmark($this->ACL->getUser(), $this->request->getData());
|
|
|
|
|
$success = !empty($result);
|
|
|
|
|
$message = $success ? __('Bookmark deleted') : __('Could not delete bookmark');
|
|
|
|
|
$this->CRUD->setResponseForController('deleteBookmark', $success, $message, $result);
|
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
|
return $responsePayload;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$this->set('user_id', $this->ACL->getUser()->id);
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-17 15:24:30 +01:00
|
|
|
/**
|
|
|
|
|
* isLoggedUserAllowedToEdit
|
|
|
|
|
*
|
|
|
|
|
* @param int|\App\Model\Entity\UserSetting $setting
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
private function isLoggedUserAllowedToEdit($setting): bool
|
|
|
|
|
{
|
|
|
|
|
$currentUser = $this->ACL->getUser();
|
|
|
|
|
$isAllowed = false;
|
|
|
|
|
if (!empty($currentUser['role']['perm_admin'])) {
|
|
|
|
|
$isAllowed = true;
|
|
|
|
|
} else {
|
|
|
|
|
if (is_numeric($setting)) {
|
|
|
|
|
$setting = $this->UserSettings->find()->where([
|
|
|
|
|
'id' => $setting
|
|
|
|
|
])->first();
|
|
|
|
|
if (empty($setting)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$isAllowed = $setting->user_id == $currentUser->id;
|
|
|
|
|
}
|
|
|
|
|
return $isAllowed;
|
|
|
|
|
}
|
|
|
|
|
}
|
