60 lines
2.3 KiB
PHP
60 lines
2.3 KiB
PHP
<?php
|
|
|
|
use MintyPHP\Buffer;
|
|
use MintyPHP\Http\Request;
|
|
use MintyPHP\Router;
|
|
use MintyPHP\Service\Access\AccessServicesFactory;
|
|
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
|
use MintyPHP\Session;
|
|
use MintyPHP\Support\Guard;
|
|
|
|
Guard::requireLogin();
|
|
$authorizationService = (new AccessServicesFactory())->createAuthorizationService();
|
|
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW, [
|
|
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
|
|
]);
|
|
if (!$decision->isAllowed()) {
|
|
if (Request::wantsJson()) {
|
|
http_response_code($decision->status());
|
|
Router::json(['error' => $decision->error()]);
|
|
return;
|
|
}
|
|
Router::redirect('error/forbidden?url=' . urlencode(Request::pathWithQuery()));
|
|
return;
|
|
}
|
|
|
|
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
|
if ($currentUserId > 0) {
|
|
permissionGateway()->getUserPermissions($currentUserId);
|
|
}
|
|
$allowedTenantIds = directoryServicesFactory()->createDirectoryScopeGateway()->getUserTenantIds($currentUserId);
|
|
|
|
Buffer::set('title', t('Users'));
|
|
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
|
$csrfKey = Session::$csrfSessionKey;
|
|
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
|
Buffer::set(
|
|
'grid_csrf',
|
|
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)
|
|
);
|
|
|
|
$tenants = directoryServicesFactory()->createTenantService()->list();
|
|
if ($allowedTenantIds) {
|
|
$tenants = array_values(array_filter($tenants, static function (array $tenant) use ($allowedTenantIds): bool {
|
|
$tenantId = (int) ($tenant['id'] ?? 0);
|
|
return $tenantId > 0 && in_array($tenantId, $allowedTenantIds, true);
|
|
}));
|
|
} elseif (directoryServicesFactory()->createDirectoryScopeGateway()->isStrict()) {
|
|
$tenants = [];
|
|
}
|
|
sortByDescription($tenants);
|
|
|
|
$roles = directoryServicesFactory()->createRoleService()->listActive();
|
|
sortByDescription($roles);
|
|
|
|
$departments = $allowedTenantIds ? directoryServicesFactory()->createDepartmentService()->listByTenantIds($allowedTenantIds) : [];
|
|
if (!$allowedTenantIds && !directoryServicesFactory()->createDirectoryScopeGateway()->isStrict()) {
|
|
$departments = directoryServicesFactory()->createDepartmentService()->list();
|
|
}
|
|
sortByDescription($departments);
|