forked from fa/breadcrumb-the-shire
Extracts the user profile read-view into a core service + shared partial so
modules no longer duplicate the assignment/scope logic, and migrates the
admin/users list as the drawer's second consumer.
Consolidation:
- `core/Service/User/UserProfileViewService` owns the single read-path that
resolves tenants/departments/roles for a user UUID, enforces scope-aware
department visibility, and returns a consistent `{status, user}` shape.
- `templates/partials/app-user-profile.phtml` is the shared render template;
takes `$profileKey` for storage namespace + lightbox grouping.
- `AddressBookService::buildViewContext()` shrinks to a one-line delegation
and drops its `UserAssignmentService` dependency. The old
`modules/addressbook/templates/address-book-profile.phtml` is removed.
admin/users migration:
- `pages/admin/users/view-fragment($id).php` + `(none).phtml` use the core
service and enforce `ABILITY_ADMIN_USERS_VIEW`.
- `admin-users-index.js` replaces the grid-native `linkColumn` on the first
name with a formatter that emits `data-drawer-trigger`; `linkColumn` is
disabled so the drawer click handler wins. `fullUrl` points at the edit
form — drawer → edit is one click.
- Drawer labels wired via page config.
The new `DetailDrawerFragmentContractTest` validated the users fragment
endpoint automatically — no manual test additions were needed.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
137 lines
4.8 KiB
PHP
137 lines
4.8 KiB
PHP
<?php
|
|
|
|
namespace MintyPHP\Service\User;
|
|
|
|
use MintyPHP\Service\Tenant\TenantScopeService;
|
|
|
|
/**
|
|
* Builds the read-only profile view context shared by modules that render a
|
|
* user-profile card (address book detail, admin users quick-view drawer, etc.).
|
|
*
|
|
* The returned context is intentionally minimal and authorization-aware:
|
|
* departments and tenants are scoped to those the viewer also belongs to so
|
|
* org structure never leaks across tenants.
|
|
*/
|
|
class UserProfileViewService
|
|
{
|
|
public function __construct(
|
|
private readonly UserAccountService $userAccountService,
|
|
private readonly UserAssignmentService $userAssignmentService,
|
|
private readonly TenantScopeService $scopeGateway,
|
|
private readonly UserAvatarService $avatarService
|
|
) {
|
|
}
|
|
|
|
/**
|
|
* @return array{status: string, user?: array<string, mixed>}
|
|
*/
|
|
public function buildProfile(int $currentUserId, string $uuid): array
|
|
{
|
|
$uuid = trim($uuid);
|
|
if ($uuid === '') {
|
|
return ['status' => 'invalid_uuid'];
|
|
}
|
|
|
|
$user = $this->userAccountService->findByUuid($uuid);
|
|
if (!$user || !isset($user['id'])) {
|
|
return ['status' => 'not_found'];
|
|
}
|
|
|
|
$targetUserId = (int) $user['id'];
|
|
if ($targetUserId <= 0) {
|
|
return ['status' => 'not_found'];
|
|
}
|
|
|
|
// Users can always view their own profile; others require scope access.
|
|
if (
|
|
$currentUserId !== $targetUserId
|
|
&& !$this->scopeGateway->canAccess('users', $targetUserId, $currentUserId)
|
|
) {
|
|
return ['status' => 'forbidden'];
|
|
}
|
|
|
|
$viewerTenantIds = $this->normalizeIds($this->scopeGateway->getUserTenantIds($currentUserId));
|
|
$assignments = $this->userAssignmentService->buildAssignmentsForUser($targetUserId);
|
|
|
|
$departmentMap = [];
|
|
foreach (($assignments['departments'] ?? []) as $department) {
|
|
if (empty($department['active'])) {
|
|
continue;
|
|
}
|
|
$tenantId = (int) ($department['tenant_id'] ?? 0);
|
|
$label = trim((string) ($department['description'] ?? ''));
|
|
// Only show departments in tenants the viewer also belongs to — prevents leaking org structure.
|
|
if ($tenantId <= 0 || $label === '' || !in_array($tenantId, $viewerTenantIds, true)) {
|
|
continue;
|
|
}
|
|
$departmentMap[$tenantId] ??= [];
|
|
$departmentMap[$tenantId][] = $label;
|
|
}
|
|
foreach ($departmentMap as $tenantId => $labels) {
|
|
$labels = array_values(array_unique($labels));
|
|
natcasesort($labels);
|
|
$departmentMap[$tenantId] = array_values($labels);
|
|
}
|
|
|
|
$primaryTenantId = (int) ($user['primary_tenant_id'] ?? 0);
|
|
$tenantGroups = [];
|
|
foreach (($assignments['tenants'] ?? []) as $tenant) {
|
|
$tenantId = (int) ($tenant['id'] ?? 0);
|
|
$tenantLabel = trim((string) ($tenant['description'] ?? ''));
|
|
$status = strtolower(trim((string) ($tenant['status'] ?? '')));
|
|
if (
|
|
$tenantId <= 0
|
|
|| $tenantLabel === ''
|
|
|| $status !== 'active'
|
|
|| !in_array($tenantId, $viewerTenantIds, true)
|
|
) {
|
|
continue;
|
|
}
|
|
$tenantGroups[] = [
|
|
'label' => $tenantLabel,
|
|
'is_primary' => $primaryTenantId > 0 && $tenantId === $primaryTenantId,
|
|
'departments' => $departmentMap[$tenantId] ?? [],
|
|
];
|
|
}
|
|
|
|
usort($tenantGroups, static fn (array $a, array $b): int => strnatcasecmp(
|
|
(string) $a['label'],
|
|
(string) $b['label']
|
|
));
|
|
|
|
$roleLabels = [];
|
|
foreach (($assignments['roles'] ?? []) as $role) {
|
|
if (empty($role['active'])) {
|
|
continue;
|
|
}
|
|
$label = trim((string) ($role['description'] ?? ''));
|
|
if ($label !== '') {
|
|
$roleLabels[] = $label;
|
|
}
|
|
}
|
|
$roleLabels = array_values(array_unique($roleLabels));
|
|
natcasesort($roleLabels);
|
|
$roleLabels = array_values($roleLabels);
|
|
|
|
$avatarUuid = (string) ($user['uuid'] ?? '');
|
|
$user['has_avatar'] = $avatarUuid !== '' && $this->avatarService->hasAvatar($avatarUuid);
|
|
$user['tenant_groups'] = $tenantGroups;
|
|
$user['role_labels'] = $roleLabels;
|
|
|
|
return [
|
|
'status' => 'ok',
|
|
'user' => $user,
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @param array<int, int|string> $values
|
|
* @return list<int>
|
|
*/
|
|
private function normalizeIds(array $values): array
|
|
{
|
|
$ids = array_values(array_unique(array_map('intval', $values)));
|
|
return array_values(array_filter($ids, static fn (int $id): bool => $id > 0));
|
|
}
|
|
}
|