Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Libriciel
web-DPO
Commits
2ddf5906
Commit
2ddf5906
authored
May 13, 2020
by
Christian BUFFIN
Browse files
Corrections concernant la suppression d'un utilisateur.
parent
7af537b4
Changes
8
Expand all
Hide whitespace changes
Inline
Side-by-side
app/Config/Schema/CreationBase/patchs/1.1.0_to_1.2.0.sql
View file @
2ddf5906
...
...
@@ -370,4 +370,14 @@ DELETE FROM valeurs WHERE champ_name IN (
'soustraitantemail'
);
ALTER
TABLE
users
DROP
COLUMN
createdby
;
ALTER
TABLE
commentaires
DROP
CONSTRAINT
"commentaires_user_id_fkey"
;
ALTER
TABLE
commentaires
ALTER
COLUMN
user_id
DROP
NOT
NULL
;
ALTER
TABLE
commentaires
ADD
FOREIGN
KEY
(
user_id
)
REFERENCES
users
(
id
)
ON
DELETE
SET
NULL
ON
UPDATE
CASCADE
;
ALTER
TABLE
commentaires
DROP
CONSTRAINT
"commentaires_destinataire_id_fkey"
;
ALTER
TABLE
commentaires
ALTER
COLUMN
destinataire_id
DROP
NOT
NULL
;
ALTER
TABLE
commentaires
ADD
FOREIGN
KEY
(
destinataire_id
)
REFERENCES
users
(
id
)
ON
DELETE
SET
NULL
ON
UPDATE
CASCADE
;
COMMIT
;
app/Controller/Component/BanettesComponent.php
View file @
2ddf5906
...
...
@@ -68,7 +68,8 @@ class BanettesComponent extends Component {
'fields'
=>
[
'id'
,
'nom'
,
'prenom'
'prenom'
,
$this
->
Fiche
->
User
->
vfNomComplet
()
]
],
'Valeur'
=>
[
...
...
app/Controller/PannelController.php
View file @
2ddf5906
...
...
@@ -483,7 +483,8 @@ class PannelController extends AppController {
'User'
=>
[
'id'
,
'nom'
,
'prenom'
'prenom'
,
'nom_complet'
],
],
'User'
=>
[
...
...
@@ -494,7 +495,8 @@ class PannelController extends AppController {
'User'
=>
[
'id'
,
'nom'
,
'prenom'
'prenom'
,
'nom_complet'
]
],
],
...
...
@@ -844,7 +846,8 @@ class PannelController extends AppController {
'fields'
=>
[
'User.id'
,
'User.nom'
,
'User.prenom'
'User.prenom'
,
'User.nom_complet'
,
],
'joins'
=>
[
$this
->
Droit
->
join
(
'OrganisationUser'
,
[
'type'
=>
"INNER"
]),
...
...
app/Controller/UsersController.php
View file @
2ddf5906
...
...
@@ -85,6 +85,7 @@ class UsersController extends AppController {
$query
=
[
'fields'
=>
[
'User.id'
,
'User.is_dpo'
,
'User.username'
,
'User.nom_complet'
],
...
...
@@ -688,57 +689,108 @@ class UsersController extends AppController {
* @created 17/06/2015
* @version V1.0.0
*/
public
function
delete
(
$id
=
null
)
{
if
(
$this
->
Session
->
read
(
'Auth.User.id'
)
!=
$id
)
{
if
(
$this
->
Droits
->
authorized
(
ListeDroit
::
SUPPRIMER_UTILISATEUR
))
{
$this
->
User
->
id
=
$id
;
public
function
delete
(
$id
)
{
// La même logique que dans la vue et que dans AdminsController
if
(
$id
==
1
||
$id
==
$this
->
Session
->
read
(
'Auth.User.id'
))
{
throw
new
ForbiddenException
(
__d
(
'default'
,
'default.flasherrorPasDroitPage'
));
}
if
(
!
$this
->
User
->
exists
())
{
throw
new
NotFoundException
(
'User invalide'
);
}
$query
=
[
'fields'
=>
[
'Admin.id'
,
'User.id'
,
'User.nom'
,
'User.prenom'
,
'User.is_dpo'
,
],
'contain'
=>
[
'Admin'
],
'conditions'
=>
[
'User.id'
=>
$id
]
];
$user
=
$this
->
User
->
find
(
'first'
,
$query
);
if
(
$id
!=
1
)
{
$success
=
true
;
$this
->
User
->
begin
();
if
(
empty
(
$user
)
===
true
)
{
throw
new
NotFoundException
()
;
}
$success
=
$success
&&
$this
->
OrganisationUser
->
deleteAll
([
'user_id'
=>
$id
]);
// Impossible de supprimer un Superadmin ou un DPO
if
(
empty
(
$user
[
'Admin'
][
'id'
])
===
false
||
$user
[
'User'
][
'is_dpo'
]
===
true
)
{
$msgid
=
'Impossible de supprimer un Superadmin ou un DPO'
;
throw
new
RuntimeException
(
sprintf
(
$msgid
,
$id
));
}
if
(
$success
==
true
)
{
if
(
$this
->
Droits
->
isDpo
())
{
$success
=
$success
&&
$this
->
Organisation
->
updateAll
([
'Organisation.dpo'
=>
null
],
[
'Organisation.dpo'
=>
$id
]
)
!==
false
;
}
$success
=
true
;
$this
->
User
->
begin
();
if
(
$success
==
true
)
{
$success
=
$success
&&
$this
->
User
->
delete
();
}
}
// 1. Mise à jour de EtatFiche.user_id, puis de EtatFiche.previous_user_id avec l'id du DPO de l'entité
foreach
([
'user_id'
,
'previous_user_id'
]
as
$fieldName
)
{
$query
=
[
'fields'
=>
[
'EtatFiche.id'
,
'Organisation.dpo'
,
],
'joins'
=>
[
$this
->
User
->
Fiche
->
join
(
'EtatFiche'
,
[
'type'
=>
'INNER'
]),
$this
->
User
->
Fiche
->
join
(
'Organisation'
,
[
'type'
=>
'INNER'
])
],
'conditions'
=>
[
"EtatFiche.
{
$fieldName
}
"
=>
$id
,
],
];
foreach
(
$this
->
User
->
Fiche
->
find
(
'all'
,
$query
)
as
$fiche
)
{
$success
=
$success
&&
$this
->
User
->
Fiche
->
EtatFiche
->
updateAll
(
[
$fieldName
=>
$fiche
[
'Organisation'
][
'dpo'
]],
[
'id'
=>
$fiche
[
'EtatFiche'
][
'id'
]]
);
}
}
if
(
$success
==
true
)
{
$this
->
User
->
commit
();
$this
->
Session
->
setFlash
(
__d
(
'user'
,
'user.flashsuccessUserSupprimer'
),
'flashsuccess'
);
}
else
{
$this
->
User
->
rollback
();
$this
->
Session
->
setFlash
(
__d
(
'default'
,
'default.flasherrorEnregistrementErreur'
),
'flasherror'
);
}
// 2. Mise à jour de Fiche.user_id avec l'id du DPO de l'entité
$query
=
[
'fields'
=>
[
'Fiche.id'
,
'Organisation.dpo'
,
],
'joins'
=>
[
$this
->
User
->
Fiche
->
join
(
'Organisation'
,
[
'type'
=>
'INNER'
])
],
'conditions'
=>
[
'Fiche.user_id'
=>
$id
,
],
];
foreach
(
$this
->
User
->
Fiche
->
find
(
'all'
,
$query
)
as
$fiche
)
{
$success
=
$success
&&
$this
->
User
->
Fiche
->
updateAll
(
[
'user_id'
=>
$fiche
[
'Organisation'
][
'dpo'
]],
[
'id'
=>
$fiche
[
'Fiche'
][
'id'
]]
);
}
$this
->
redirect
(
$this
->
Referers
->
get
());
}
$success
=
$success
&&
$this
->
User
->
Fiche
->
EtatFiche
->
Commentaire
->
updateAll
(
[
'user_id'
=>
null
],
[
'user_id'
=>
$id
]
);
$this
->
Session
->
setFlash
(
__d
(
'user'
,
'user.flasherrorErreurSupprimerUser'
),
'flasherror'
);
$this
->
redirect
(
$this
->
Referers
->
get
());
}
else
{
$this
->
Session
->
setFlash
(
__d
(
'default'
,
'default.flasherrorPasDroitPage'
),
'flasherror'
);
$this
->
redirect
(
$this
->
Referers
->
get
());
}
$success
=
$success
&&
$this
->
User
->
Fiche
->
EtatFiche
->
Commentaire
->
updateAll
(
[
'destinataire_id'
=>
null
],
[
'destinataire_id'
=>
$id
]
);
$success
=
$success
&&
$this
->
User
->
Notification
->
deleteAll
([
'user_id'
=>
$id
],
false
);
$success
=
$success
&&
$this
->
User
->
delete
(
$id
);
if
(
$success
==
true
)
{
$this
->
User
->
commit
();
$this
->
Session
->
setFlash
(
__d
(
'user'
,
'user.flashsuccessUserSupprimer'
),
'flashsuccess'
);
}
else
{
$this
->
Session
->
setFlash
(
__d
(
'user'
,
'user.flasherrorErreurSuppressionImpossibleUser'
),
'flasherror'
);
$this
->
redirect
(
$this
->
referer
()
);
$this
->
User
->
rollback
(
);
$this
->
Session
->
setFlash
(
__d
(
'default'
,
'default.flasherrorEnregistrementErreur'
),
'flasherror'
);
}
$this
->
redirect
(
$this
->
Referers
->
get
());
}
/**
...
...
app/Locale/fra/LC_MESSAGES/element.po
View file @
2ddf5906
...
...
@@ -21,6 +21,9 @@ msgstr "Rédaction"
msgid "element.CreePar"
msgstr "Créé par"
msgid "element.Cree"
msgstr "Créé"
msgid "element.Le"
msgstr "le"
...
...
@@ -36,12 +39,18 @@ msgstr "En attente de validation"
msgid "element.RecuePar"
msgstr "Reçu par"
msgid "element.Recue"
msgstr "Reçu"
msgid "element.Verrouille"
msgstr "Traitement verrouillé"
msgid "element.VerrouilleePar"
msgstr "Verrouillée par"
msgid "element.Verrouillee"
msgstr "Verrouillée"
msgid "element.ModificationTraitementRegistre"
msgstr "Modification du traitement inséré dans le registre"
...
...
@@ -66,6 +75,12 @@ msgstr "Validé et inscrit au registre"
msgid "element.CommenterPar"
msgstr "Commenté par"
msgid "element.Commenter"
msgstr "Commenté"
msgid "element.CommenterLe"
msgstr "Commenté le"
msgid "element.AttenteConsultation"
msgstr "En attente de consultation"
...
...
app/Model/User.php
View file @
2ddf5906
...
...
@@ -59,6 +59,7 @@ class User extends AppModel {
* @var array
*/
public
$virtualFields
=
[
'is_dpo'
=>
'( EXISTS( SELECT * FROM "organisations" WHERE "organisations"."dpo" = "User"."id" ) )'
,
'nom_complet'
=>
'( COALESCE( "User"."civilite", \'\' ) || \' \' || COALESCE( "User"."prenom", \'\' ) || \' \' || COALESCE( "User"."nom", \'\' ) )'
,
'nom_complet_court'
=>
'( COALESCE( "User"."prenom", \'\' ) || \' \' || COALESCE( "User"."nom", \'\' ) )'
];
...
...
@@ -480,4 +481,10 @@ class User extends AppModel {
return
false
;
}
}
public
function
vfNomComplet
(
$alias
=
null
,
$fieldName
=
'nom_complet'
)
{
$alias
=
$alias
===
null
?
$this
->
alias
:
$alias
;
$sql
=
str_replace
(
"
\"
{
$this
->
name
}
\"
"
,
"
\"
{
$alias
}
\"
"
,
$this
->
virtualFields
[
'nom_complet'
]);
return
"
{
$sql
}
AS
\"
{
$alias
}
__
{
$fieldName
}
\"
"
;
}
}
app/View/Elements/parcours.ctp
View file @
2ddf5906
This diff is collapsed.
Click to expand it.
app/View/Users/index.ctp
View file @
2ddf5906
...
...
@@ -229,7 +229,7 @@ if (empty($results) === false) {
//Bouton de suppression
if
(
$this
->
Session
->
read
(
'Auth.User.id'
)
!=
$result
[
'User'
][
'id'
])
{
if
(
$this
->
Autorisation
->
authorized
(
10
,
$droits
))
{
if
(
$result
[
'User'
][
'id'
]
!=
1
)
{
if
(
$result
[
'User'
][
'id'
]
!=
=
1
&&
$result
[
'User'
][
'is_dpo'
]
===
false
)
{
//Bouton de suppression
$actions
.
=
$this
->
Html
->
link
(
'<span class="fa fa-trash fa-lg"><!----></span>'
,
[
'controller'
=>
'users'
,
...
...
@@ -238,19 +238,8 @@ if (empty($results) === false) {
],
[
'class'
=>
'btn btn-default-danger btn-sm my-tooltip'
,
'title'
=>
__d
(
'user'
,
'user.commentaireSupprimerUser'
),
'escapeTitle'
=>
false
],
__d
(
'user'
,
'user.confirmationSupprimerUser'
)
.
$result
[
'User'
][
'nom_complet'
]
.
' ?'
);
}
else
{
$actions
.
=
$this
->
Html
->
link
(
'<span class="glyphicon glyphicon-trash"><!----></span>'
,
[
'controller'
=>
'users'
,
'action'
=>
'delete'
,
$result
[
'User'
][
'id'
]
],
[
'class'
=>
'btn btn-default-danger btn-sm my-tooltip'
,
'escapeTitle'
=>
false
,
'title'
=>
__d
(
'user'
,
'user.commentaireSupprimerUser'
),
"disabled"
=>
"disabled"
],
__d
(
'user'
,
'user.confirmationSupprimerUser'
)
.
$result
[
'User'
][
'prenom'
]
.
' '
.
$result
[
'User'
][
'nom'
]
.
' ?'
);
],
__d
(
'user'
,
'user.confirmationSupprimerUser'
)
.
$result
[
'User'
][
'nom_complet'
]
.
' ?'
);
}
}
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment