From c339cfd35b1cc062da7b1202d330ccfd66f73004 Mon Sep 17 00:00:00 2001
From: Alex Arnaud <alex.arnaud@biblibre.com>
Date: Fri, 20 Feb 2015 12:20:02 +0100
Subject: [PATCH] Hotline#21534 - Change the way users are deleted (Use storm
instead of direct SQL)
---
.../admin/controllers/UsersController.php | 47 +++++++-------
.../admin/controllers/UsersControllerTest.php | 65 ++++++++++++-------
2 files changed, 66 insertions(+), 46 deletions(-)
diff --git a/application/modules/admin/controllers/UsersController.php b/application/modules/admin/controllers/UsersController.php
index ce8d4011f35..226fcc6fb94 100644
--- a/application/modules/admin/controllers/UsersController.php
+++ b/application/modules/admin/controllers/UsersController.php
@@ -25,8 +25,9 @@
// - Faire une recherche par noms
//////////////////////////////////////////////////////////////////////////////////////////
-class Admin_UsersController extends ZendAfi_Controller_Action
-{
+class Admin_UsersController extends ZendAfi_Controller_Action {
+ use Trait_Translator;
+
private $id_zone;
private $id_bib;
private $user;
@@ -189,30 +190,28 @@ class Admin_UsersController extends ZendAfi_Controller_Action
}
}
- //------------------------------------------------------------------------------------------------------
- // Suppression utilisateur
- //------------------------------------------------------------------------------------------------------
- function deleteAction()
- {
- $id_user=$this->_request->getParam('id');
- $user = new Class_Users();
+
+ function deleteAction() {
+ $user_id = $this->_request->getParam('id');
+ $error = '';
+
+ if(!$user = Class_Users::find($user_id))
+ $error = $this->_('Echec de la suppression: Utilisateur inconnu.');
- // Vérifications
- if($id_user == $this->user->ID_USER) $erreur="Vous ne pouvez pas vous supprimer vous-même.";
- if($id_user == 1) $erreur="Il est interdit de détruire le super administrateur.";
-
- $enreg=$user->getUser($id_user);
- if($enreg['ROLE_LEVEL']==6)
- {
- $nb_admin=fetchOne("select count(*) from bib_admin_users where ROLE_LEVEL=6");
- if($nb_admin == 1) $erreur="On ne peut pas supprimer le seul administrateur du portail.";
- }
+ if ($user_id == $this->user->ID_USER)
+ $error = $this->_('Vous ne pouvez pas vous supprimer vous-même.');
+
+ if ($user_id == 1)
+ $error = $this->_('Il est interdit de détruire le super administrateur.');
+
+ if ($user->getRoleLevel() == 6 && Class_Users::countBy(['role_level' => 6]) == 1)
+ $error = $this->_('On ne peut pas supprimer le seul administrateur du portail.');
- // On peut supprimer
- if(!$erreur) {
- $user->deleteUser($id_user);
- } else {
- $this->_helper->notify($erreur);
+ if (!$error) {
+ $user->delete();
+ }
+ else {
+ $this->_helper->notify($error);
}
$this->_redirect('admin/users');
diff --git a/tests/application/modules/admin/controllers/UsersControllerTest.php b/tests/application/modules/admin/controllers/UsersControllerTest.php
index 91937830278..efb11aa247b 100644
--- a/tests/application/modules/admin/controllers/UsersControllerTest.php
+++ b/tests/application/modules/admin/controllers/UsersControllerTest.php
@@ -37,29 +37,32 @@ abstract class UsersControllerWithMarcusTestCase extends AbstractControllerTestC
$group_stagiaires = Class_UserGroup::newInstanceWithId(25, ['libelle' => 'Stagiaires']);
- $this->marcus = Class_Users::getLoader()
- ->newInstanceWithId(10)
- ->setPrenom('Marcus')
- ->setNom('Miller')
- ->setLogin('mmiller')
- ->setMail('marcus@gmail.com')
- ->setPseudo('mimi')
- ->setPassword('mysecret')
- ->setFicheSIGB(array('type_comm' => 0, 'nom_aff' => 'Marcus'))
- ->setRole('abonne_sigb')
- ->setRoleLevel(ZendAfi_Acl_AdminControllerRoles::ABONNE_SIGB)
- ->setBib(Class_Bib::getLoader()->newInstanceWithId(1)->setIdZone(null))
- ->setIdabon('00123')
- ->setOrdreabon(1)
- ->setDateDebut('19-07-2009')
- ->setDateFin('19-07-2010')
- ->setTelephone('01 23 45 67 89')
- ->setMobile('06 23 45 67 89')
- ->setAdresse('34 avenue Funk')
- ->setCodePostal('99000')
- ->setVille('Jazz City')
+ $this->mybib = $this->fixture('Class_Bib', ['id' => 1,
+ 'id_zone' => null]);
+
+ $this->marcus = $this->fixture('Class_Users', ['id' => 10,
+ 'prenom' => 'Marcus',
+ 'nom' => 'Miller',
+ 'login' => 'mmiller',
+ 'mail'=> 'marcus@gmail.com',
+ 'pseudo' => 'mimi',
+ 'password' => 'mysecret',
+ 'role' => 'abonne_sigb',
+ 'role_level' => ZendAfi_Acl_AdminControllerRoles::ABONNE_SIGB,
+ 'idabon' => '00123',
+ 'bib' => $this->mybib,
+ 'ordreabon' => 1,
+ 'date_debut' => '19-07-2009',
+ 'date_fin' => '19-07-2010',
+ 'telephone' => '01 23 45 67 89',
+ 'mobile' => '06 23 45 67 89',
+ 'adresse' => '34 avenue Funk',
+ 'code_postal' => '99000',
+ 'ville' => 'Jazz City',
+ 'civilite' => Class_Users::CIVILITE_MONSIEUR]);
+
+ $this->marcus->setFicheSIGB(array('type_comm' => 0, 'nom_aff' => 'Marcus'))
->setUserGroups([$group_vodeclic,$group_referent])
- ->setCivilite(Class_Users::CIVILITE_MONSIEUR)
->setIntBib(Class_IntBib::newInstanceWithId(1, ['comm_sigb' => 0]));
Storm_Test_ObjectWrapper::onLoaderOfModel('Class_UserGroup')
@@ -261,6 +264,24 @@ class rsControllerEditMarcusAsAdminPortailTest extends UsersControllerWithMarcus
+class UsersControllerDeleteMarcusTest extends UsersControllerWithMarcusTestCase {
+ public function setUp() {
+ parent::setUp();
+ $this->dispatch('/admin/users/delete/id/10', true);
+ Class_Users::clearCache();
+ }
+
+
+ /** @test */
+ public function marcusShouldHaveBeenDeleted() {
+ $this->assertEmpty(Class_Users::find(10));
+ }
+
+}
+
+
+
+
class UsersControllerPostMarcusDataTest extends UsersControllerWithMarcusTestCase {
public function setUp() {
parent::setUp();
--
GitLab