diff --git a/config/acl.yaml b/config/acl.yaml index 6655e53f..619bcf9b 100644 --- a/config/acl.yaml +++ b/config/acl.yaml @@ -34,6 +34,36 @@ access_keys: label: Update - id: role.delete label: Delete + - id: apiuser + label: API User Access + acls: + - id: apiuser.menu + label: Menu + - id: apiuser.list + label: List + - id: apiuser.add + label: Add + - id: apiuser.update + label: Update + - id: apiuser.delete + label: Delete + - id: apiuser.role.sadmin + label: Super Admin Role + - id: apiuser.profile + label: User Profile + - id: apirole + label: API Role Access + acls: + - id: apirole.menu + label: Menu + - id: apirole.list + label: List + - id: apirole.add + label: Add + - id: apirole.update + label: Update + - id: apirole.delete + label: Delete - id: logistics label: Logistics Access acls: diff --git a/config/menu.yaml b/config/menu.yaml index fd870fea..d5efba1b 100644 --- a/config/menu.yaml +++ b/config/menu.yaml @@ -16,6 +16,19 @@ main_menu: label: Roles parent: user + - id: apiuser + acl: apiuser.menu + label: API User + icon: flaticon-users + - id: api_user_list + acl: apiuser.list + label: API Users + parent: apiuser + - id: api_role_list + acl: apirole.list + label: API Roles + parent: apiuser + - id: logistics acl: logistics.menu label: Logistics diff --git a/config/routes/api_role.yaml b/config/routes/api_role.yaml new file mode 100644 index 00000000..da1cd5db --- /dev/null +++ b/config/routes/api_role.yaml @@ -0,0 +1,33 @@ +api_role_list: + path: /api-roles + controller: App\Controller\APIRoleController::index + +api_role_rows: + path: /api-roles/rows + controller: App\Controller\APIRoleController::rows + methods: [POST] + +api_role_create: + path: /api-roles/create + controller: App\Controller\APIRoleController::addForm + methods: [GET] + +api_role_create_submit: + path: /api-roles/create + controller: App\Controller\APIRoleController::addSubmit + methods: [POST] + +api_role_update: + path: /api-roles/{id} + controller: App\Controller\APIRoleController::updateForm + methods: [GET] + +api_role_update_submit: + path: /api-roles/{id} + controller: App\Controller\APIRoleController::updateSubmit + methods: [POST] + +api_role_delete: + path: /api-roles/{id} + controller: App\Controller\APIRoleController::destroy + methods: [DELETE] diff --git a/config/routes/api_user.yaml b/config/routes/api_user.yaml new file mode 100644 index 00000000..a3660fd8 --- /dev/null +++ b/config/routes/api_user.yaml @@ -0,0 +1,44 @@ +api_user_list: + path: /apiusers + controller: App\Controller\APIUserController::index + +api_user_rows: + path: /apiusers/rows + controller: App\Controller\APIUserController::rows + methods: [POST] + +api_user_create: + path: /apiusers/create + controller: App\Controller\APIUserController::addForm + methods: [GET] + +api_user_create_submit: + path: /apiusers/create + controller: App\Controller\APIUserController::addSubmit + methods: [POST] + +api_user_update: + path: /apiusers/{id} + controller: App\Controller\APIUserController::updateForm + methods: [GET] + +api_user_update_submit: + path: /apiusers/{id} + controller: App\Controller\APIUserController::updateSubmit + methods: [POST] + +api_user_delete: + path: /apiusers/{id} + controller: App\Controller\APIUserController::destroy + methods: [DELETE] + +api_user_profile: + path: /apiprofile + controller: App\Controller\APIUserController::profileForm + methods: [GET] + +api_user_profile_submit: + path: /apiprofile + controller: App\Controller\APIUserController::profileSubmit + methods: [POST] + diff --git a/src/Controller/APIRoleController.php b/src/Controller/APIRoleController.php new file mode 100644 index 00000000..4fd1d2b0 --- /dev/null +++ b/src/Controller/APIRoleController.php @@ -0,0 +1,151 @@ +acl_gen = $acl_gen; + parent::__construct($menu_gen); + } + + public function index() + { + $this->denyAccessUnlessGranted('apirole.list', null, 'No access.'); + + $params = $this->initParameters('api_role_list'); + + // response + return $this->render('api-role/list.html.twig', $params); + } + + public function rows(Request $req) + { + $this->denyAccessUnlessGranted('apirole.list', null, 'No access.'); + + // build query + $qb = $this->getDoctrine() + ->getRepository(APIRole::class) + ->createQueryBuilder('q'); + + // get datatable params + $datatable = $req->request->get('datatable'); + + // count total records + $tquery = $qb->select('COUNT(q)'); + + // add filters to count query + $this->setQueryFilters($datatable, $tquery); + + $total = $tquery->getQuery() + ->getSingleScalarResult(); + + // get current page number + $page = $datatable['pagination']['page'] ?? 1; + + $perpage = $datatable['pagination']['perpage']; + $offset = ($page - 1) * $perpage; + + // add metadata + $meta = [ + 'page' => $page, + 'perpage' => $perpage, + 'pages' => ceil($total / $perpage), + 'total' => $total, + 'sort' => 'asc', + 'field' => 'id' + ]; + + // build query + $query = $qb->select('q'); + + // add filters to query + $this->setQueryFilters($datatable, $query); + + // check if sorting is present, otherwise use default + if (isset($datatable['sort']['field']) && !empty($datatable['sort']['field'])) { + $order = $datatable['sort']['sort'] ?? 'asc'; + $query->orderBy('q.' . $datatable['sort']['field'], $order); + } else { + $query->orderBy('q.id', 'asc'); + } + + // get rows for this page + $obj_rows = $query->setFirstResult($offset) + ->setMaxResults($perpage) + ->getQuery() + ->getResult(); + + // process rows + $rows = []; + foreach ($obj_rows as $orow) { + // add row data + $row['id'] = $orow->getID(); + $row['name'] = $orow->getName(); + + // add row metadata + $row['meta'] = [ + 'update_url' => '', + 'delete_url' => '' + ]; + + // check if they have access to super admin users + if (!$this->isGranted('user.role.sadmin') && $orow->isSuperAdmin()) + { + $rows[] = $row; + continue; + } + + // add crud urls + if ($this->isGranted('user.update')) + $row['meta']['update_url'] = $this->generateUrl('api_role_update', ['id' => $row['id']]); + if ($this->isGranted('user.delete')) + $row['meta']['delete_url'] = $this->generateUrl('api_role_delete', ['id' => $row['id']]); + + $rows[] = $row; + } + + // response + return $this->json([ + 'meta' => $meta, + 'data' => $rows + ]); + } + + + protected function padACLHierarchy(&$params) + { + // get acl keys hierarchy + $acl_data = $this->acl_gen->getACL(); + $params['acl_hierarchy'] = $acl_data['hierarchy']; + } + + // check if datatable filter is present and append to query + protected function setQueryFilters($datatable, &$query) + { + if (isset($datatable['query']['data-rows-search']) && !empty($datatable['query']['data-rows-search'])) + { + $query->where('q.id LIKE :filter') + ->orWhere('q.name LIKE :filter') + ->setParameter('filter', '%' . $datatable['query']['data-rows-search'] . '%'); + } + } + + + +} diff --git a/templates/api-role/list.html.twig b/templates/api-role/list.html.twig new file mode 100644 index 00000000..db731ca3 --- /dev/null +++ b/templates/api-role/list.html.twig @@ -0,0 +1,141 @@ +{% extends 'base.html.twig' %} + +{% block body %} + +
+
+
+

+ API Roles +

+
+
+
+ +
+ +
+
+
+
+
+
+
+
+
+
+ + + + +
+
+
+
+
+ + + + New API Role + + +
+
+
+
+ +
+ +
+
+
+
+
+{% endblock %} + +{% block scripts %} + +{% endblock %}