Skip to content

K
kohinos-tav
Commit 099c7f78 by Damien Moulard
Options

allow superadmin to delete users in tav env + fix impersonating + return to… 

allow superadmin to delete users in tav env + fix impersonating + return to preventing impersonating in prod envs
parent e7ac1e34
Showing with 35 additions and 14 deletions
src/Admin/UserAdmin.php
......@@ -53,9 +53,7 @@ class UserAdmin extends SonataUserAdmin
parent::configureListFields($listMapper);
unset($this->listModes['mosaic']);
// TODO: SECURITY BREACH, RESET ASAP!!!
// if ('dev' == $_ENV['APP_ENV'] && $this->isGranted('ROLE_ALLOWED_TO_SWITCH')) {
if ($this->isGranted('ROLE_ALLOWED_TO_SWITCH')) {
if ('dev' == $_ENV['APP_ENV'] && $this->isGranted('ROLE_ALLOWED_TO_SWITCH')) {
$listMapper
->add('impersonating', 'string', ['template' => '@SonataUser/Admin/Field/impersonating.html.twig'])
;
......
src/Application/Sonata/UserBundle/Admin/UserAdmin.php
......@@ -48,14 +48,17 @@ class UserAdmin extends BaseUserAdmin
protected function configureRoutes(RouteCollection $collection)
{
if ($this->isChild()) {
$collection->remove('delete');
// Remove 'delete' action for non tav envs
if (!$this->getConfigurationPool()->getContainer()->getParameter('tav_env')) {
if ($this->isChild()) {
$collection->remove('delete');
return;
}
return;
}
// This is the route configuration as a parent
$collection->remove('delete');
// This is the route configuration as a parent
$collection->remove('delete');
}
}
/**
......@@ -83,9 +86,21 @@ class UserAdmin extends BaseUserAdmin
])
;
// TODO: SECURITY BREACH, RESET ASAP!!!
// if ('dev' == $_ENV['APP_ENV'] && $this->isGranted('ROLE_ALLOWED_TO_SWITCH')) {
if ($this->isGranted('ROLE_ALLOWED_TO_SWITCH')) {
// Add delete action on users in TAV envs for super admin
if ($this->isGranted('ROLE_SUPER_ADMIN') && $this->getConfigurationPool()->getContainer()->getParameter('tav_env')) {
$listMapper
->remove('_action')
->add('_action', null, [
'label' => 'Actions',
'actions' => [
'edit' => [],
'delete' => []
],
])
;
}
if ('dev' == $_ENV['APP_ENV'] && $this->isGranted('ROLE_ALLOWED_TO_SWITCH')) {
$listMapper
->add('impersonating', 'string', ['template' => '@SonataUser/Admin/Field/impersonating.html.twig'])
;
......
src/Controller/CRUD/CRUDController.php
......@@ -211,6 +211,14 @@ class CRUDController extends Controller
return $this->redirectTo($object);
}
if ($object->hasRole('ROLE_API')) {
$this->addFlash(
'sonata_flash_error',
'Vous ne pouvez pas supprimer le compte API !'
);
return $this->redirectTo($object);
}
return parent::deleteAction($id);
}
......
src/Entity/Adherent.php
......@@ -76,7 +76,7 @@ class Adherent extends AccountableObject implements AccountableInterface
/**
* @var ArrayCollection|AccountAdherent[]
* @ORM\OneToMany(targetEntity="AccountAdherent", mappedBy="adherent")
* @ORM\OneToMany(targetEntity="AccountAdherent", mappedBy="adherent", cascade={"remove"})
*/
private $accounts;
......
templates/themes/kohinos/common/menu.html.twig
......@@ -80,7 +80,7 @@
</a>
<div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdownUC">
{# COMPTE ou ECOMPTE : @TODO : mettre plutôt dans le header en visible tout le temps ? #}
{% if app.user and is_granted('ROLE_ADHERENT') %}
{% if app.user and app.user.adherent and is_granted('ROLE_ADHERENT') %}
<b class="dropdown-item bg-primary text-white"> Ecompte : {{app.user.adherent.emlcAccount.balance }}</b>
{% elseif app.user and is_granted('ROLE_PRESTATAIRE') and getCurrentPrestataire() != null %}
<b class="dropdown-item bg-primary text-white"> Ecompte : {{getCurrentPrestataire().emlcAccount.balance }}</b>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment