Commit a2961bb7 authored by tguillon's avatar tguillon
Browse files

Modification de l'ajout d'un superadmin.

Mise en place de la modification d'un superadmin.
Modification de l'auto suppression en tant que superadmin
parent e7b4cb01
......@@ -22,6 +22,8 @@
App::uses('ListeDroit', 'Model');
use Libriciel\Utility\Password\PasswordStrengthMeterAnssi;
class AdminsController extends AppController {
public $uses = [
......@@ -59,6 +61,10 @@ class AdminsController extends AppController {
}
$this->set('listeusers', $listeuser);
}
public function add() {
return $this->edit();
}
/**
* Affiche le formulaire d'ajout d'utilisateur, ou enregistre l'utilisateur et ses droits
......@@ -67,59 +73,100 @@ class AdminsController extends AppController {
* @created 17/06/2015
* @version V1.0.0
*/
public function add() {
public function edit($id = null) {
if (true !== ($this->Droits->isSu())) {
throw new ForbiddenException(__d('default', 'default.flasherrorPasDroitPage'));
}
$this->set('title', __d('admin', 'admin.titreAjouterSuperAdmin'));
$options = [
'M.' => 'Monsieur',
'Mme.' => 'Madame'
];
$this->set('options', $options);
if ($this->request->is('post')) {
if ($this->request->is('post') || $this->request->is('put')) {
if('Cancel' === Hash::get($this->request->data, 'submit')) {
$this->redirect(['action' => 'index']);
}
debug($this->request->data);
$success = true;
$this->Admin->begin();
// Travail préparatoire dans le cas d'une modification
if ($this->request->params['action'] === 'edit') {
$this->request->data['User']['id'] = $id;
$this->User->create($this->request->data['Admin']);
$password = (string)Hash::get($this->request->data, 'User.password');
$passwd = (string)Hash::get($this->request->data, 'User.passwd');
if ($password === '' && $password === $passwd) {
unset($this->request->data['User']['password'], $this->request->data['User']['passwd']);
}
}
$success = false !== $this->User->save() && $success;
$this->User->create($this->request->data);
$success = false !== $this->User->save(null, ['atomic' => false]) && $success;
if ($success == true) {
if ($success == true && $this->request->params['action'] != 'edit' ) {
$userId = $this->User->getInsertID();
$this->Admin->create([
$admin = [
'Admin' => [
'user_id' => $userId
]
]);
$success = $success && false !== $this->Admin->save();
];
$success = false !== $this->Admin->save($admin, ['atomic' => false]) && $success;
}
if ($success == true) {
$this->Admin->commit();
$this->Session->setFlash(__d('admin', 'admin.flashsuccessSuperAdminEnregistrer'), 'flashsuccess');
$this->redirect([
'controller' => 'admins',
'action' => 'index'
]);
$this->redirect($this->Referers->get());
} else {
$this->Admin->rollback();
$this->Session->setFlash(__d('admin', 'admin.flasherrorErreurSuperAdminEnregistrer'), 'flasherror');
}
} else if ($this->request->params['action'] === 'edit') {
$query = [
'conditions' => [
'User.id' => $id
],
'fields' => [
'id',
'civilite',
'nom',
'prenom',
'username',
'email',
'telephonefixe',
'telephoneportable',
]
];
$user = $this->User->find('first', $query);
if (empty($user) === true) {
throw new NotFoundException();
}
$this->request->data = $user;
}
$forcePassword = $this->User->getMinUserPasswordStrength($id);
$this->set(compact('forcePassword'));
$minEntropie = $this->_entropiePassword($id);
$this->set(compact('minEntropie'));
$options = array_merge($this->User->enums());
$this->set(compact('options'));
$this->view = 'edit';
}
private function _entropiePassword($id) {
$forcePassword = 5;
$thresholds = array_flip(PasswordStrengthMeterAnssi::thresholds());
return $thresholds[$forcePassword];
}
/**
* @access public
* @created 17/06/2015
......
......@@ -323,7 +323,7 @@ class UsersController extends AppController {
$success = true;
// Travail préparatoire dans le cas d'une modification
if($this->request->params['action'] === 'edit') {
if ($this->request->params['action'] === 'edit') {
$this->request->data['User']['id'] = $id;
$password = (string)Hash::get($this->request->data, 'User.password');
......
......@@ -17,6 +17,9 @@ msgstr "Supers-administrateurs"
msgid "admin.titreAjouterSuperAdmin"
msgstr "Ajouter un Super-administrateur"
msgid "admin.titreEditerSuperAdmin"
msgstr "Modifier un Super-administrateur"
###############################################################################
......@@ -29,7 +32,7 @@ msgid "admin.flashsuccessPrivilegeRetire"
msgstr "Les privilèges ont été retirés"
msgid "admin.flashsuccessSuperAdminEnregistrer"
msgstr "L'utilisateur super-admin a été crée"
msgstr "L'utilisateur super-admin a été enregistré"
###############################################################################
......
......@@ -131,6 +131,36 @@ msgstr "Il n'y a aucun utilisateur dans cette entité "
msgid "user.textAucunUserFiltre"
msgstr "Il n'y a aucun utilisateur pour ces filtres"
msgid "user.filtreChercherDPO"
msgstr "Chercher par DPO"
msgid "user.labelFiltreChercherDPO"
msgstr "DPO"
msgid "user.filtreChercherUtilisateur"
msgstr "Chercher par utilisateur"
msgid "user.labelFiltreChercherUtilisateur"
msgstr "Nom complet"
msgid "user.filtreChercherIdentifiant"
msgstr "Chercher par identifiant"
msgid "user.labelFiltreChercherIdentifiant"
msgstr "Identifiant"
msgid "user.filtreChercherProfil"
msgstr "Chercher par profil"
msgid "user.labelFiltreChercherProfil"
msgstr "Profil"
msgid "user.filtreChercherService"
msgstr "Chercher par service"
msgid "user.labelFiltreChercherService"
msgstr "Service"
###############################################################################
......
......@@ -26,6 +26,65 @@ class Admin extends AppModel {
public $name = 'Admin';
public $validate = [
'password' => [
'checkPasswordStrength' => [
'allowEmpty' => true,
'required' => false,
'rule' => ['checkPasswordStrength'],
'message' => false
]
],
'passwd' => [
[
'rule' => 'notBlank',
'message' => 'Vous devez confirmer le mot de passe'
],
[
'rule' => [
'comparePassword',
'password'
],
'message' => 'Les mots de passe ne sont pas identiques'
]
],
'new_password' => [
'checkPasswordStrength' => [
'allowEmpty' => true,
'required' => false,
'rule' => ['checkPasswordStrength'],
'message' => false
]
],
'new_passwd' => [
[
'rule' => [
'comparePassword',
'new_password'
],
'message' => 'Les mots de passe ne sont pas identiques'
]
],
'nom' => [
[
'rule' => ['custom', REGEXP_ALPHA_FR],
'message' => 'Seulement des lettres sont accepté'
]
],
'prenom' => [
[
'rule' => ['custom', REGEXP_ALPHA_FR],
'message' => 'Seulement des lettres sont accepté'
]
],
'email' => [
[
'rule' => ['custom', REGEXP_EMAIL_FR],
'message' => 'L\'adresse email n\'est pas valide'
]
]
];
/**
* belongsTo associations
*
......
<div class="users form">
<?php
echo $this->Html->script('users.js');
if (isset($this->validationErrors['Admin']) && !empty($this->validationErrors['Admin'])) {
?>
<div class="alert alert-danger" role="alert">
<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
<span class="sr-only">Error:</span>
Ces erreurs se sont produites:
<ul>
<?php
foreach ($this->validationErrors as $donnees) {
foreach ($donnees as $champ) {
foreach ($champ as $error) {
echo '<li>' . $error . '</li>';
}
}
}
?>
</ul>
</div>
<?php
}
echo $this->Form->create('Admin', [
'autocomplete' => 'off',
'inputDefaults' => ['div' => false],
'class' => 'form-horizontal',
'novalidate' => 'novalidate'
]);
?>
<div class="col-md-6">
<?php
echo $this->WebcilForm->inputs([
'username' => ['autocomplete' => 'off', 'required' => true],
'password' => ['autocomplete' => 'off', 'required' => true],
'passwd' => ['type' => 'password','autocomplete' => 'off', 'required' => true],
'civilite' => ['options' => $options, 'empty' => true, 'required' => true],
'nom' => ['required' => true],
'prenom' => ['required' => true],
'email' => ['required' => true],
'telephonefixe' => [],
'telephoneportable' => []
]);
?>
</div>
</div>
</div>
<?php
// Groupe de boutons
echo $this->WebcilForm->buttons(['Cancel', 'Save']);
echo $this->Form->end();
\ No newline at end of file
<?php
use Libriciel\Utility\Password\PasswordStrengthMeterAnssi;
$thresholds = array_flip(PasswordStrengthMeterAnssi::thresholds());
$title = 'add' === $this->request->params['action']
? __d('admin', 'admin.titreAjouterSuperAdmin')
: __d('admin', 'admin.titreEditerSuperAdmin');
$this->set(compact('title'));
if ($this->request->params['action'] == 'add'){
$empty = true;
} else {
$empty = false;
};
if (isset($this->validationErrors['User']) && !empty($this->validationErrors['User'])):?>
<div class="alert alert-danger" role="alert">
<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
<span class="sr-only">Error:</span>
Ces erreurs se sont produites:
<ul>
<?php
foreach ($this->validationErrors as $donnees) {
foreach ($donnees as $champ) {
foreach ($champ as $error) {
echo '<li>' . $error . '</li>';
}
}
}
?>
</ul>
</div>
<?php endif;?>
<?php
echo $this->WebcilForm->create('User', [
'autocomplete' => 'off',
'inputDefaults' => ['div' => false],
'class' => 'form-horizontal',
'novalidate' => 'novalidate'
]);
?>
<div class="users form">
<div class="col-md-6">
<?php
echo $this->WebcilForm->inputs([
'User.password' => [
'id' => 'hiddenpassword',
'value' => '',
'type' => 'hidden',
'placeholder' => false
],
'User.username' => [
'id' => 'username',
'autocomplete' => 'off',
'required' => true
]
]);
if ($this->request->params['action'] === 'edit') {
$libellePassword = __d('user', 'user.champNouveauMotDePasse');
$placeholder = sprintf(__d('user', "user.placeholderChampNewPassword"), $forcePassword);
} else {
$libellePassword = __d('user', 'user.champPassword');
$placeholder = sprintf(__d('user', "user.placeholderChampPassword"), $forcePassword);
}
$password = $this->WebcilForm->inputs([
'User.password' => [
'id' => 'password',
'autocomplete' => 'off',
'required' => true,
'label' => [
'text' => $libellePassword . '<div class="col-md-12 text-center">
<button type="button" class="btn btn-default-primary" data-toggle="modal" data-target="#modalAddForm">
<span class="fa fa-question fa-lg"></span>
</button>
</div>'
],
'placeholder' => $placeholder
],
'User.passwd' => [
'id' => 'passwd',
'autocomplete' => 'off',
'required' => true
]
]);
if ($this->request->params['action'] === 'edit') {
echo $this->Html->tag(
'div',
__d('user', 'user.textInfoMotDePasse').$password,
['class' => 'alert alert-info']
);
} else {
echo $password;
}
echo $this->WebcilForm->inputs([
'User.civilite' => [
'id' => 'civilite',
'options' => $options['User']['civilite'],
'empty' => true,
'required' => true,
'placeholder' => false
],
'User.nom' => [
'id' => 'nom',
'required' => true
],
'User.prenom' => [
'id' => 'prenom',
'required' => true
],
'User.email' => [
'id' => 'email',
'required' => true
],
'User.telephonefixe' => [
'id' => 'telephonefixe'
],
'User.telephoneportable' => [
'id' => 'telephoneportable'
]
]);
?>
</div>
</div>
<div style="clear: both">
<?php
echo $this->WebcilForm->buttons(['Cancel', 'Save']);
?>
</div>
<?php
echo $this->WebcilForm->end();
echo $this->element('modalpassword');
?>
<script type="text/javascript">
$(document).ready(function () {
$("#password").before( "<div id=\"jauge-password\"></div>" );
var minScore = <?= $minEntropie?>,
inputPassword = $('#password');
$('#jauge-password').append(
$('<div></div>')
.addClass('progress')
.height('5px')
.css({'margin-bottom': '5px'})
.append(
$('<div></div>')
.addClass('progress-bar')
.attr('role', 'progressbar')
.attr('aria-valuenow', 0)
.attr('aria-valuemin', 0)
.attr('aria-valuemax', <?=$thresholds[PasswordStrengthMeterAnssi::STRENGTH_STRONG]?>))
);
inputPassword.keyup(function() {
var $this = $(this),
password = $this.val();
$.ajax({
url: '<?php echo Router::url(['controller' => 'Users', 'action' => 'ajax_password']);?>',
method: 'POST',
data: {'password': password},
success: function(data) {
try{
var content = JSON.parse(data),
score = content['entropie'],
progressBar = $('#jauge-password').find('.progress .progress-bar');
progressBar.removeClass('progress-bar-striped');
if (!$this.val()) {
$this.parent().find('span.color-dot').removeClass('green')
.removeClass('red')
.addClass('empty');
} else {
if (score > minScore) {
$this.parent().find('span.color-dot').removeClass('empty')
.removeClass('red')
.addClass('green');
} else {
$this.parent().find('span.color-dot').removeClass('empty')
.removeClass('green')
.addClass('red');
}
}
if (score < <?=$thresholds[PasswordStrengthMeterAnssi::STRENGTH_WEAK]?>) {
progressBar
.removeClass('progress-bar-password-force-2')
.removeClass('progress-bar-password-force-3')
.removeClass('progress-bar-password-force-4')
.removeClass('progress-bar-password-force-5')
.addClass('progress-bar-password-force-1');
} else if (score < <?=$thresholds[PasswordStrengthMeterAnssi::STRENGTH_MEDIUM]?>) {
progressBar
.removeClass('progress-bar-password-force-1')
.removeClass('progress-bar-password-force-3')
.removeClass('progress-bar-password-force-4')
.removeClass('progress-bar-password-force-5')
.addClass('progress-bar-password-force-2');
} else if (score < <?=$thresholds[PasswordStrengthMeterAnssi::STRENGTH_STRONG]?>) {
progressBar
.removeClass('progress-bar-password-force-1')
.removeClass('progress-bar-password-force-2')
.removeClass('progress-bar-password-force-4')
.removeClass('progress-bar-password-force-5')
.addClass('progress-bar-password-force-3');
} else if (score < <?=$thresholds[PasswordStrengthMeterAnssi::STRENGTH_VERY_STRONG]?>) {
progressBar
.removeClass('progress-bar-password-force-1')
.removeClass('progress-bar-password-force-2')
.removeClass('progress-bar-password-force-3')
.removeClass('progress-bar-password-force-5')
.addClass('progress-bar-password-force-4');
} else {
progressBar
.removeClass('progress-bar-password-force-1')
.removeClass('progress-bar-password-force-2')
.removeClass('progress-bar-password-force-3')
.removeClass('progress-bar-password-force-4')
.addClass('progress-bar-password-force-5');
}
progressBar
.attr('aria-valuenow', score)
.width(score / <?=$thresholds[PasswordStrengthMeterAnssi::STRENGTH_VERY_STRONG]?> * 100 + '%');
}catch(e){
console.error(e);
return;
}
},
error: function(e) {
console.error(e);
}
});
});
inputPassword.change(function() {
$('#confirm-password').val('').parent().find('span.color-dot')
.addClass('empty')
.removeClass('green')
.removeClass('red');
});
$('#confirm-password').keyup(function() {
if (!$(this).val()) {
$(this).parent().find('span.color-dot').addClass('empty')
.removeClass('green')
.removeClass('red');
} else if ($(this).val() === inputPassword.val()) {
$(this).parent().find('span.color-dot').removeClass('empty')
.removeClass('red')
.addClass('green');
} else {
$(this).parent().find('span.color-dot').removeClass('empty')
.removeClass('green')
.addClass('red');
}
});
});
</script>
\ No newline at end of file
......@@ -57,8 +57,8 @@
<td class="tdleft">
<div class="btn-group">