Skip to content
Snippets Groups Projects
Commit b6aa753f authored by Sebastien ANDRE's avatar Sebastien ANDRE
Browse files

hotline : #181902 : admin bib can see users with id_site filter

parent 56272589
No related merge requests found
Pipeline #24253 failed with stage
in 14 minutes and 38 seconds
Hide whitespace changes
Inline Side-by-side
VERSIONS_HOTLINE/181902 0 → 100644
+ 1
0
View file @ b6aa753f
- correctif #181902 : Administration : Avec les droits "Administration: accès en lecture aux fiches adhérents SIGB", un administrateur bibliothèque peut aller sur la gestion des utilisateurs, filtré par sa propre bibliothèque
\ No newline at end of file
library/Class/User/SearchCriteria.php
+ 17
4
View file @ b6aa753f
......@@ -51,12 +51,25 @@ class Class_User_SearchCriteria extends Class_SearchCriteria {
class Class_User_SearchCriteriaLibrary extends Class_SearchCriteria_Select {
protected $_name = 'id_site';
public function buildElement() {
return parent::buildElement()
->setLabel($this->_('Bibliothèque'))
->setMultiOptions(['all' => $this->_('Toutes')] + Class_Bib::findAllLabels());
return Class_Users::getIdentity()->isAdmin()
? (parent::buildElement()
->setLabel($this->_('Bibliothèque'))
->setMultiOptions(['all' => $this->_('Toutes')] + Class_Bib::findAllLabels()))
: null;
}
public function acceptSearchVisitor($visitor) : Class_SearchCriteria_Abstract {
if (Class_Users::getIdentity()->isAdmin())
return parent::acceptSearchVisitor($visitor);
$visitor->addParam($this->_name, Class_Users::getIdentity()
->getIdSite());
return $this;
}
}
......@@ -70,13 +83,13 @@ class Class_User_SearchCriteriaValidSubscription
$_name = 'valid_subscription',
$_value = 0;
public static function newFor($params){
return (Class_User_Membership::isUserMembershipContext())
? Class_User_SearchCriteriaValidSubscriptionUserMembership::newFor($params)
: Class_User_SearchCriteriaValidSubscriptionUser::newFor($params);
}
public function buildElement() {
return new Zend_Form_Element_Checkbox($this->getName(),
['label' => $this->_('Abonnement valide'),
......
tests/application/modules/admin/controllers/UsersControllerRolesTest.php 0 → 100644
+ 157
0
View file @ b6aa753f
<?php
/**
* Copyright (c) 2012-2023, Agence Française Informatique (AFI). All rights reserved.
*
* BOKEH is free software; you can redistribute it and/or modify
* it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
* the Free Software Foundation.
*
* There are special exceptions to the terms and conditions of the AGPL as it
* is applied to this software (see README file).
*
* BOKEH is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
* along with BOKEH; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
abstract class UsersControllerRolesTestCase
extends Admin_AbstractControllerTestCase {
public function setUp() {
parent::setUp();
$this->fixture(Class_Bib::class,
['id' => 1,
'libelle' => 'Annecy']);
$this->fixture(Class_Bib::class,
['id' => 2,
'libelle' => 'Meythet']);
$this->fixture(Class_Users::class,
['id' => 10,
'idabon'=>'65656',
'login' => 'bobo',
'password' => 'oo',
'mail' => 'bobo@bo.com',
'id_site' => 1,
'role_level' => ZendAfi_Acl_AdminControllerRoles::ABONNE_SIGB,
'last_login' => 0]);
$this->fixture(Class_Users::class,
['id' => 20,
'idabon'=>'656789',
'login' => 'tutu',
'password' => 'ru',
'mail' => 'tutu@ru.com',
'id_site' => 2,
'role_level' => ZendAfi_Acl_AdminControllerRoles::ABONNE_SIGB,
'last_login' => 0]);
ZendAfi_Auth::getInstance()->logUser($this->_createUser());
$this->dispatch('/admin/users');
}
protected function _createUser() : ?Class_Users {
return null;
}
}
class UsersControllerRolesAdminBibTest
extends UsersControllerRolesTestCase {
protected function _createUser() : ?Class_Users {
$admin_bib = $this->fixture(Class_Users::class,
['id' => 1,
'login' => 'toto',
'password' => 'ro',
'mail' => 'toto@ro.com',
'id_site' => 1,
'role_level' => ZendAfi_Acl_AdminControllerRoles::ADMIN_BIB,
'last_login' => 0]);
$user_group = $this->fixture(Class_UserGroup::class,
['id' => 28,
'libelle' => 'Admin Bib',
'rights' => [Class_UserGroup::RIGHT_USER_SIGB_USER_READ]]);
$admin_bib->addUserGroup($user_group);
return $admin_bib;
}
/** @test */
public function pageShouldContainsH1_GestionDesUtilisateurs() {
$this->assertXPathContentContains('//h1', 'Gestion des utilisateurs');
}
/** @test */
public function inputBibliothequeShouldNotExist() {
$this->assertNotXPath('//select[@id="search_id_site"]');
}
/** @test */
public function usersTableShouldContainIdentifiantBobo() {
$this->assertXPath('//table[@id="users_table"]/tbody/tr/td[text()="bobo"]');
}
/** @test */
public function usersTableShouldNotContainIdentifiantTutu() {
$this->assertNotXPath('//table[@id="users_table"]//td[text()="tutu"]');
}
}
class UsersControllerRolesAdminPortailTest
extends UsersControllerRolesTestCase {
protected function _createUser() : ?Class_Users {
return $this->fixture(Class_Users::class,
['id' => 1,
'login' => 'toto',
'password' => 'ro',
'mail' => 'toto@ro.com',
'id_site' => 1,
'role_level' => ZendAfi_Acl_AdminControllerRoles::ADMIN_PORTAIL,
'last_login' => 0]);
}
/** @test */
public function pageShouldContainsH1_GestionDesUtilisateurs() {
$this->assertXPathContentContains('//h1', 'Gestion des utilisateurs');
}
/** @test */
public function inputBibliothequeShouldExist() {
$this->assertXPath('//select[@id="search_id_site"]');
}
/** @test */
public function usersTableShouldContainIdentifiantBobo() {
$this->assertXPath('//table[@id="users_table"]/tbody/tr/td[text()="bobo"]');
}
/** @test */
public function usersTableShouldContainIdentifiantTutu() {
$this->assertXPath('//table[@id="users_table"]/tbody/tr/td[text()="tutu"]');
}
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment