forked from fa/breadcrumb-the-shire
169 lines
7.0 KiB
PHP
169 lines
7.0 KiB
PHP
<?php
|
|
|
|
use MintyPHP\Domain\Taxonomy\TenantStatus;
|
|
use MintyPHP\Repository\Tenant\TenantMicrosoftAuthRepository;
|
|
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
|
use MintyPHP\Support\Guard;
|
|
|
|
Guard::requireLogin();
|
|
gridRequireGetRequest();
|
|
|
|
$decision = Guard::requireAbilityDecisionOrForbidden(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW);
|
|
$capabilities = $decision->attribute('capabilities', []);
|
|
$allowedTenantIds = is_array($capabilities) ? array_values(array_unique(array_map('intval', (array) ($capabilities['allowed_tenant_ids'] ?? [])))) : [];
|
|
$isStrictScope = is_array($capabilities) ? (bool) ($capabilities['is_strict_scope'] ?? false) : false;
|
|
$hasGlobalAccess = is_array($capabilities) ? (bool) ($capabilities['has_global_access'] ?? false) : false;
|
|
|
|
$filters = gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php');
|
|
|
|
$order = $filters['order'];
|
|
$dir = $filters['dir'];
|
|
$computedOrderKeys = ['theme', 'sso', 'active_users', 'inactive_users'];
|
|
$userTenantRepository = app(\MintyPHP\Repository\Tenant\UserTenantRepository::class);
|
|
$tenantMicrosoftAuthRepository = app(TenantMicrosoftAuthRepository::class);
|
|
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
|
$settingGateway = app(\MintyPHP\Service\Settings\SettingGateway::class);
|
|
|
|
$fetchRows = static function (
|
|
array $tenantRows,
|
|
array $themes,
|
|
string $globalDefaultTheme
|
|
) use ($userTenantRepository, $tenantMicrosoftAuthRepository, $tenantAvatarService, $settingGateway): array {
|
|
$tenantIds = [];
|
|
foreach ($tenantRows as $tenantRow) {
|
|
$tenantId = (int) ($tenantRow['id'] ?? 0);
|
|
if ($tenantId > 0) {
|
|
$tenantIds[] = $tenantId;
|
|
}
|
|
}
|
|
$tenantIds = array_values(array_unique($tenantIds));
|
|
|
|
$tenantSsoMap = $tenantMicrosoftAuthRepository->listByTenantIds($tenantIds);
|
|
$tenantUserCounts = $userTenantRepository->countUsersByTenantIds($tenantIds);
|
|
$tenantActiveUserCounts = $userTenantRepository->countActiveUsersByTenantIds($tenantIds);
|
|
|
|
$defaultTenantId = $settingGateway->getDefaultTenantId();
|
|
$rows = [];
|
|
|
|
foreach ($tenantRows as $row) {
|
|
$tenantId = (int) ($row['id'] ?? 0);
|
|
$tenantTheme = strtolower(trim((string) ($row['default_theme'] ?? '')));
|
|
$themeIsTenantOverride = $tenantTheme !== '' && isset($themes[$tenantTheme]);
|
|
$resolvedThemeKey = $themeIsTenantOverride ? $tenantTheme : $globalDefaultTheme;
|
|
$resolvedThemeLabel = (string) ($themes[$resolvedThemeKey] ?? ucfirst($resolvedThemeKey));
|
|
|
|
$themePolicyRaw = $row['allow_user_theme'] ?? null;
|
|
$themePolicyMode = 'inherit';
|
|
if ($themePolicyRaw !== null && $themePolicyRaw !== '') {
|
|
$normalized = strtolower(trim((string) $themePolicyRaw));
|
|
if (in_array($normalized, ['1', 'true', 'yes', 'on'], true)) {
|
|
$themePolicyMode = 'allow';
|
|
} elseif (in_array($normalized, ['0', 'false', 'no', 'off'], true)) {
|
|
$themePolicyMode = 'disallow';
|
|
}
|
|
}
|
|
|
|
$tenantSso = $tenantSsoMap[$tenantId] ?? null;
|
|
$ssoEnabled = !empty($tenantSso['enabled']);
|
|
$ssoMicrosoftOnly = $ssoEnabled && !empty($tenantSso['enforce_microsoft_login']);
|
|
$usersTotal = (int) ($tenantUserCounts[$tenantId] ?? 0);
|
|
$usersActive = (int) ($tenantActiveUserCounts[$tenantId] ?? 0);
|
|
$usersInactive = max(0, $usersTotal - $usersActive);
|
|
$tenantStatus = TenantStatus::normalizeOr((string) ($row['status'] ?? ''), TenantStatus::Active);
|
|
$tenantUuid = (string) ($row['uuid'] ?? '');
|
|
|
|
$rows[] = [
|
|
'id' => $row['id'] ?? null,
|
|
'uuid' => $tenantUuid,
|
|
'is_default' => $tenantId > 0 && $defaultTenantId === $tenantId,
|
|
'description' => $row['description'] ?? '',
|
|
'status' => $tenantStatus->value,
|
|
'status_badge' => $tenantStatus->badgeVariant(),
|
|
'status_label' => t($tenantStatus->labelToken()),
|
|
'theme' => [
|
|
'key' => $resolvedThemeKey,
|
|
'label' => t($resolvedThemeLabel),
|
|
'is_override' => $themeIsTenantOverride ? 1 : 0,
|
|
'policy_mode' => $themePolicyMode,
|
|
],
|
|
'sso' => [
|
|
'enabled' => $ssoEnabled ? 1 : 0,
|
|
'microsoft_only' => $ssoMicrosoftOnly ? 1 : 0,
|
|
],
|
|
'active_users' => $usersActive,
|
|
'inactive_users' => $usersInactive,
|
|
'created' => dt($row['created'] ?? ''),
|
|
'modified' => dt($row['modified'] ?? ''),
|
|
'has_avatar' => $tenantUuid !== '' && $tenantAvatarService->hasAvatar($tenantUuid),
|
|
];
|
|
}
|
|
|
|
return $rows;
|
|
};
|
|
|
|
$themes = appThemes();
|
|
$globalDefaultTheme = $settingGateway->getAppTheme();
|
|
if ($globalDefaultTheme === null || !isset($themes[$globalDefaultTheme])) {
|
|
$envTheme = strtolower(trim((string) (getenv('APP_THEME') ?: 'light')));
|
|
$globalDefaultTheme = isset($themes[$envTheme]) ? $envTheme : 'light';
|
|
}
|
|
|
|
$listOptions = [
|
|
'limit' => $filters['limit'],
|
|
'offset' => $filters['offset'],
|
|
'search' => $filters['search'],
|
|
'status' => $filters['status'],
|
|
'order' => in_array($order, $computedOrderKeys, true) ? 'description' : $order,
|
|
'dir' => $dir,
|
|
];
|
|
if (!$hasGlobalAccess) {
|
|
if ($allowedTenantIds) {
|
|
$listOptions['tenantIds'] = $allowedTenantIds;
|
|
} elseif ($isStrictScope) {
|
|
$listOptions['tenantIds'] = [];
|
|
}
|
|
}
|
|
|
|
$result = app(\MintyPHP\Service\Tenant\TenantService::class)->listPaged($listOptions);
|
|
|
|
$rows = [];
|
|
$total = (int) ($result['total'] ?? 0);
|
|
if (in_array($order, $computedOrderKeys, true)) {
|
|
$fullResult = app(\MintyPHP\Service\Tenant\TenantService::class)->listPaged([
|
|
...$listOptions,
|
|
'limit' => max(1, $total),
|
|
'offset' => 0,
|
|
'order' => 'description',
|
|
'dir' => 'asc',
|
|
]);
|
|
$rows = $fetchRows($fullResult['rows'] ?? [], $themes, $globalDefaultTheme);
|
|
|
|
usort($rows, static function (array $a, array $b) use ($order, $dir): int {
|
|
$valueA = '';
|
|
$valueB = '';
|
|
if ($order === 'theme') {
|
|
$valueA = strtolower((string) ($a['theme']['label'] ?? ''));
|
|
$valueB = strtolower((string) ($b['theme']['label'] ?? ''));
|
|
} elseif ($order === 'sso') {
|
|
$valueA = ((int) $a['sso']['enabled'] * 10) + (int) $a['sso']['microsoft_only'];
|
|
$valueB = ((int) $b['sso']['enabled'] * 10) + (int) $b['sso']['microsoft_only'];
|
|
} elseif ($order === 'inactive_users') {
|
|
$valueA = (int) $a['inactive_users'];
|
|
$valueB = (int) $b['inactive_users'];
|
|
} else {
|
|
$valueA = (int) $a['active_users'];
|
|
$valueB = (int) $b['active_users'];
|
|
}
|
|
$cmp = $valueA <=> $valueB;
|
|
if ($cmp === 0) {
|
|
$cmp = strcasecmp((string) $a['description'], (string) $b['description']);
|
|
}
|
|
return $dir === 'desc' ? -$cmp : $cmp;
|
|
});
|
|
$rows = array_slice($rows, $filters['offset'], $filters['limit']);
|
|
} else {
|
|
$rows = $fetchRows($result['rows'] ?? [], $themes, $globalDefaultTheme);
|
|
}
|
|
|
|
gridJsonDataResult($rows, $total);
|