update

2026-02-28 14:48:24 +01:00
parent 20f502543a
commit f6ba7ebc36
15 changed files with 1030 additions and 129 deletions
--- a/autoload/Controllers/UsersController.php
+++ b/autoload/Controllers/UsersController.php
@@ -373,8 +373,119 @@ class UsersController
    exit;
  }

+  public static function permissionPopup()
+  {
+    global $user, $mdb;
+    header( 'Content-Type: application/json; charset=utf-8' );
+
+    $response = [ 'status' => 'error', 'msg' => 'Nie mozna otworzyc ustawien uprawnien.' ];
+
+    if ( !$user || !self::canManageUsers( $user, self::getImpersonatorUser() ) )
+    {
+      $response['msg'] = 'Brak uprawnien.';
+      echo json_encode( $response );
+      exit;
+    }
+
+    if ( !\S::csrf_verify() )
+    {
+      $response['msg'] = 'Nieprawidlowy token bezpieczenstwa. Odswiez strone.';
+      echo json_encode( $response );
+      exit;
+    }
+
+    $target_user_id = (int)\S::get( 'user_id' );
+    if ( !$target_user_id )
+    {
+      echo json_encode( $response );
+      exit;
+    }
+
+    $users_repository = new \Domain\Users\UserRepository();
+    $target_user = $users_repository -> byId( $target_user_id );
+    if ( !$target_user )
+    {
+      $response['msg'] = 'Nie znaleziono uzytkownika.';
+      echo json_encode( $response );
+      exit;
+    }
+
+    $permission_repo = new \Domain\Users\PermissionRepository( $mdb );
+    $permissions = (int)$target_user['id'] === self::ADMIN_USER_ID
+      ? \Domain\Users\PermissionRepository::defaults()
+      : $permission_repo -> byUserId( (int)$target_user['id'] );
+
+    $defs = self::permissionDefinitions();
+
+    $response = [
+      'status' => 'success',
+      'popup_content' => \Tpl::view( 'users/permissions-popup', [
+        'target_user' => $target_user,
+        'permissions' => $permissions,
+        'module_labels' => $defs['module_labels'],
+        'permission_groups' => $defs['permission_groups']
+      ] )
+    ];
+
+    echo json_encode( $response );
+    exit;
+  }
+
+  public static function permissionSaveBulk()
+  {
+    global $user, $mdb;
+    header( 'Content-Type: application/json; charset=utf-8' );
+
+    $response = [ 'status' => 'error', 'msg' => 'Wystapil blad podczas zapisywania uprawnien.' ];
+
+    if ( !$user || !self::canManageUsers( $user, self::getImpersonatorUser() ) )
+    {
+      $response['msg'] = 'Brak uprawnien.';
+      echo json_encode( $response );
+      exit;
+    }
+
+    if ( !\S::csrf_verify() )
+    {
+      $response['msg'] = 'Nieprawidlowy token bezpieczenstwa. Odswiez strone.';
+      echo json_encode( $response );
+      exit;
+    }
+
+    $target_user_id = (int)\S::get( 'user_id' );
+    $selected_modules_raw = (string)\S::get( 'selected_modules' );
+
+    if ( !$target_user_id )
+    {
+      echo json_encode( $response );
+      exit;
+    }
+
+    if ( $target_user_id === self::ADMIN_USER_ID )
+    {
+      $response['msg'] = 'Nie mozna zmieniac uprawnien administratora.';
+      echo json_encode( $response );
+      exit;
+    }
+
+    $selected_modules = array_filter( array_map( 'trim', explode( ',', $selected_modules_raw ) ) );
+    $selected_modules = array_values( array_unique( $selected_modules ) );
+
+    $payload = [];
+    foreach ( \Domain\Users\PermissionRepository::MODULES as $module )
+      $payload[ $module ] = in_array( $module, $selected_modules, true ) ? 1 : 0;
+
+    $repo = new \Domain\Users\PermissionRepository( $mdb );
+    $repo -> save( $target_user_id, $payload );
+
+    echo json_encode( [ 'status' => 'success', 'msg' => 'Uprawnienia zostaly zapisane.' ] );
+    exit;
+  }
+
  public static function buildMainViewModel( $current_user, $impersonator_user, array $users, array $permissions_map = [] )
  {
+    $defs = self::permissionDefinitions();
+
    return [
      'current_user' => $current_user,
      'impersonator_user' => $impersonator_user,
@@ -383,14 +494,8 @@ class UsersController
      'can_switch_back' => is_array( $impersonator_user ) and isset( $impersonator_user['id'] ) and (int)$impersonator_user['id'] === self::ADMIN_USER_ID,
      'permissions_map' => $permissions_map,
      'modules' => \Domain\Users\PermissionRepository::MODULES,
-      'module_labels' => [
-        'tasks' => 'Zadania',
-        'projects' => 'Projekty',
-        'work_time' => 'Czas pracy',
-        'finances' => 'Finanse',
-        'crm' => 'CRM',
-        'wiki' => 'Wiki'
-      ]
+      'module_labels' => $defs['module_labels'],
+      'permission_groups' => $defs['permission_groups']
    ];
  }

@@ -423,4 +528,26 @@ class UsersController
    header( 'Location: /' );
    exit;
  }
+
+  private static function permissionDefinitions()
+  {
+    return [
+      'module_labels' => [
+        'tasks' => 'Zadania',
+        'projects_view' => 'Projekty: przegladanie',
+        'projects_add' => 'Projekty: dodawanie',
+        'projects_edit' => 'Projekty: edycja',
+        'projects_delete' => 'Projekty: usuwanie',
+        'work_time' => 'Czas pracy',
+        'finances' => 'Finanse',
+        'crm' => 'CRM',
+        'wiki' => 'Wiki'
+      ],
+      'permission_groups' => [
+        'Podstawowe' => [ 'tasks', 'work_time', 'wiki' ],
+        'Projekty' => [ 'projects_view', 'projects_add', 'projects_edit', 'projects_delete' ],
+        'Pozostale' => [ 'finances', 'crm' ]
+      ]
+    ];
+  }
 }