major update
This commit is contained in:
@@ -4,17 +4,16 @@ use MintyPHP\Buffer;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\AccessServicesFactory;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Service\CustomField\UserCustomFieldValueService;
|
||||
use MintyPHP\Service\Settings\SettingServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
Guard::requireLogin();
|
||||
$authorizationService = (new AccessServicesFactory())->createAuthorizationService();
|
||||
$request = requestInput();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_CREATE, [
|
||||
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
|
||||
]);
|
||||
@@ -27,33 +26,40 @@ if (!$decision->isAllowed()) {
|
||||
Router::redirect('error/forbidden?url=' . urlencode(Request::pathWithQuery()));
|
||||
return;
|
||||
}
|
||||
$userServicesFactory = new UserServicesFactory();
|
||||
$userAccountService = $userServicesFactory->createUserAccountService();
|
||||
$userAssignmentService = $userServicesFactory->createUserAssignmentService();
|
||||
$userPasswordPolicyService = $userServicesFactory->createUserPasswordPolicyService();
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
$userAssignmentService = app(\MintyPHP\Service\User\UserAssignmentService::class);
|
||||
$userPasswordPolicyService = app(\MintyPHP\Service\User\UserPasswordPolicyService::class);
|
||||
$userCustomFieldValueService = app(UserCustomFieldValueService::class);
|
||||
$passwordMinLength = $userPasswordPolicyService->minLength();
|
||||
$passwordHints = $userPasswordPolicyService->hints();
|
||||
$settingGateway = (new SettingServicesFactory())->createSettingGateway();
|
||||
$settingGateway = app(\MintyPHP\Service\Settings\SettingGateway::class);
|
||||
$directoryScopeGateway = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class);
|
||||
$tenantService = app(\MintyPHP\Service\Tenant\TenantService::class);
|
||||
$roleService = app(\MintyPHP\Service\Access\RoleService::class);
|
||||
$departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$allowedTenantIds = directoryServicesFactory()->createDirectoryScopeGateway()->getUserTenantIds($currentUserId);
|
||||
$uiAccessService = app(UiAccessService::class);
|
||||
$viewAuth['page'] = $uiAccessService->pageCapabilities($currentUserId, UiCapabilityMap::PAGE_USERS_CREATE);
|
||||
$pageAuth = is_array($viewAuth['page'] ?? null) ? $viewAuth['page'] : [];
|
||||
$canManageAssignments = (bool) ($pageAuth['can_manage_assignments'] ?? false);
|
||||
$canEditCustomFieldValues = (bool) ($pageAuth['can_edit_custom_field_values'] ?? false);
|
||||
$allowedTenantIds = $directoryScopeGateway->getUserTenantIds($currentUserId);
|
||||
|
||||
$tenants = directoryServicesFactory()->createTenantService()->list();
|
||||
$tenants = $tenantService->list();
|
||||
if ($allowedTenantIds) {
|
||||
$tenants = array_values(array_filter($tenants, static function (array $tenant) use ($allowedTenantIds): bool {
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
return $tenantId > 0 && in_array($tenantId, $allowedTenantIds, true);
|
||||
}));
|
||||
} elseif (directoryServicesFactory()->createDirectoryScopeGateway()->isStrict()) {
|
||||
} elseif ($directoryScopeGateway->isStrict()) {
|
||||
$tenants = [];
|
||||
}
|
||||
$roles = directoryServicesFactory()->createRoleService()->listActive();
|
||||
$roles = $roleService->listActive();
|
||||
$selectedTenantIds = [];
|
||||
$selectedRoleIds = [];
|
||||
$selectedDepartmentIds = [];
|
||||
$departmentOptionsByTenant = [];
|
||||
$canEditCustomFieldValues = permissionGateway()->userHas($currentUserId, PermissionService::CUSTOM_FIELDS_EDIT_VALUES)
|
||||
&& permissionGateway()->userHas($currentUserId, PermissionService::USERS_UPDATE_ASSIGNMENTS);
|
||||
$customFieldDefinitionsByTenant = [];
|
||||
$customFieldValueMap = [];
|
||||
$customFieldPostedValues = [
|
||||
@@ -61,6 +67,7 @@ $customFieldPostedValues = [
|
||||
'custom_field_values_multi' => [],
|
||||
];
|
||||
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
$form = [
|
||||
'first_name' => '',
|
||||
@@ -82,35 +89,41 @@ $form = [
|
||||
'active' => 1,
|
||||
];
|
||||
|
||||
if (isset($_POST['email'])) {
|
||||
$input = $_POST;
|
||||
$tenantIds = $userAssignmentService->normalizeIdInput($input['tenant_ids'] ?? []);
|
||||
if ($request->hasBody('email')) {
|
||||
$post = $request->bodyAll();
|
||||
$input = $post;
|
||||
$tenantIds = $canManageAssignments ? $userAssignmentService->normalizeIdInput($input['tenant_ids'] ?? []) : [];
|
||||
if ($allowedTenantIds) {
|
||||
$tenantIds = array_values(array_intersect($tenantIds, $allowedTenantIds));
|
||||
} elseif (directoryServicesFactory()->createDirectoryScopeGateway()->isStrict()) {
|
||||
} elseif ($directoryScopeGateway->isStrict()) {
|
||||
$tenantIds = [];
|
||||
}
|
||||
$defaultTenantId = $settingGateway->getDefaultTenantId();
|
||||
if (directoryServicesFactory()->createDirectoryScopeGateway()->isStrict() && !$tenantIds && !$defaultTenantId) {
|
||||
$errors[] = t('Please select at least one tenant');
|
||||
if (
|
||||
$canManageAssignments
|
||||
&& $directoryScopeGateway->isStrict()
|
||||
&& !$tenantIds
|
||||
&& !$defaultTenantId
|
||||
) {
|
||||
$errorBag->addGlobal(t('Please select at least one tenant'));
|
||||
}
|
||||
$selectedTenantIds = $tenantIds;
|
||||
$selectedRoleIds = $userAssignmentService->normalizeIdInput($input['role_ids'] ?? []);
|
||||
$selectedDepartmentIds = $userAssignmentService->normalizeIdInput($input['department_ids'] ?? []);
|
||||
$departmentOptionsByTenant = directoryServicesFactory()->createDepartmentService()->groupActiveByTenantIds($selectedTenantIds);
|
||||
$customFieldDefinitionsByTenant = UserCustomFieldValueService::buildDefinitionsByTenant($selectedTenantIds);
|
||||
$selectedRoleIds = $canManageAssignments ? $userAssignmentService->normalizeIdInput($input['role_ids'] ?? []) : [];
|
||||
$selectedDepartmentIds = $canManageAssignments ? $userAssignmentService->normalizeIdInput($input['department_ids'] ?? []) : [];
|
||||
$departmentOptionsByTenant = $departmentService->groupActiveByTenantIds($selectedTenantIds);
|
||||
$customFieldDefinitionsByTenant = $userCustomFieldValueService->buildDefinitionsByTenant($selectedTenantIds);
|
||||
$customFieldPostedValues = [
|
||||
'custom_field_values' => is_array($_POST['custom_field_values'] ?? null) ? $_POST['custom_field_values'] : [],
|
||||
'custom_field_values_multi' => is_array($_POST['custom_field_values_multi'] ?? null) ? $_POST['custom_field_values_multi'] : [],
|
||||
'custom_field_values' => is_array($post['custom_field_values'] ?? null) ? $post['custom_field_values'] : [],
|
||||
'custom_field_values_multi' => is_array($post['custom_field_values_multi'] ?? null) ? $post['custom_field_values_multi'] : [],
|
||||
];
|
||||
if ($canEditCustomFieldValues) {
|
||||
$customFieldValidationResult = UserCustomFieldValueService::validateForTenants(
|
||||
$customFieldValidationResult = $userCustomFieldValueService->validateForTenants(
|
||||
$selectedTenantIds,
|
||||
$_POST,
|
||||
$post,
|
||||
true
|
||||
);
|
||||
if (!($customFieldValidationResult['ok'] ?? false)) {
|
||||
$errors = array_merge($errors, $customFieldValidationResult['errors'] ?? []);
|
||||
$errorBag->merge($customFieldValidationResult['errors'] ?? []);
|
||||
foreach (array_keys($form) as $fieldKey) {
|
||||
if (!array_key_exists($fieldKey, $input)) {
|
||||
continue;
|
||||
@@ -127,22 +140,22 @@ if (isset($_POST['email'])) {
|
||||
$input['role_ids'] = $selectedRoleIds;
|
||||
$input['department_ids'] = $selectedDepartmentIds;
|
||||
$result = ['ok' => false];
|
||||
if (!$errors) {
|
||||
if (!$errorBag->hasAny()) {
|
||||
$result = $userAccountService->createFromAdmin($input, $currentUserId);
|
||||
$form = $result['form'] ?? $form;
|
||||
$errors = array_merge($errors, $result['errors'] ?? []);
|
||||
$errorBag->merge($result['errors'] ?? []);
|
||||
}
|
||||
|
||||
if (($result['ok'] ?? false) && !$errors) {
|
||||
if (($result['ok'] ?? false) && !$errorBag->hasAny()) {
|
||||
$createdUuid = (string) ($result['uuid'] ?? '');
|
||||
if ($canEditCustomFieldValues && $createdUuid !== '') {
|
||||
$createdUser = $userAccountService->findByUuid($createdUuid);
|
||||
$createdUserId = (int) ($createdUser['id'] ?? 0);
|
||||
if ($createdUserId > 0) {
|
||||
$customFieldSyncResult = UserCustomFieldValueService::syncForUser(
|
||||
$customFieldSyncResult = $userCustomFieldValueService->syncForUser(
|
||||
$createdUserId,
|
||||
$selectedTenantIds,
|
||||
$_POST,
|
||||
$post,
|
||||
true
|
||||
);
|
||||
if (!($customFieldSyncResult['ok'] ?? false)) {
|
||||
@@ -157,7 +170,7 @@ if (isset($_POST['email'])) {
|
||||
}
|
||||
}
|
||||
}
|
||||
$action = (string) ($_POST['action'] ?? 'create');
|
||||
$action = (string) ($post['action'] ?? 'create');
|
||||
if ($action === 'create_close') {
|
||||
Flash::success('User created', 'admin/users', 'user_created');
|
||||
Router::redirect('admin/users');
|
||||
@@ -176,10 +189,12 @@ if (isset($_POST['email'])) {
|
||||
}
|
||||
|
||||
if (!$departmentOptionsByTenant && $selectedTenantIds) {
|
||||
$departmentOptionsByTenant = directoryServicesFactory()->createDepartmentService()->groupActiveByTenantIds($selectedTenantIds);
|
||||
$departmentOptionsByTenant = $departmentService->groupActiveByTenantIds($selectedTenantIds);
|
||||
}
|
||||
if (!$customFieldDefinitionsByTenant && $selectedTenantIds) {
|
||||
$customFieldDefinitionsByTenant = UserCustomFieldValueService::buildDefinitionsByTenant($selectedTenantIds);
|
||||
$customFieldDefinitionsByTenant = $userCustomFieldValueService->buildDefinitionsByTenant($selectedTenantIds);
|
||||
}
|
||||
|
||||
$validationSummaryErrors = $errorBag->toArray();
|
||||
$errors = $errorBag->toFlatList();
|
||||
Buffer::set('title', t('Create user'));
|
||||
|
||||
Reference in New Issue
Block a user