Browse code
Implement member-group-based standort permissions
Benjamin Roth authored on20/08/2025 13:48:53 Showing3 changed files
- contao/dca/tl_member_group.php
- contao/languages/de/tl_member_group.php
- src/Model/WeinanlieferungSlotsModel.php
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,29 @@ |
| 1 |
+<?php |
|
| 2 |
+ |
|
| 3 |
+/** |
|
| 4 |
+ * This file is part of contao-weinanlieferung-bundle. |
|
| 5 |
+ * |
|
| 6 |
+ * (c) vonRotenberg |
|
| 7 |
+ * |
|
| 8 |
+ * @license commercial |
|
| 9 |
+ */ |
|
| 10 |
+ |
|
| 11 |
+use Contao\CoreBundle\DataContainer\PaletteManipulator; |
|
| 12 |
+ |
|
| 13 |
+// Extend the default palette |
|
| 14 |
+PaletteManipulator::create() |
|
| 15 |
+ ->addLegend('standort_legend', 'redirect_legend', PaletteManipulator::POSITION_BEFORE)
|
|
| 16 |
+ ->addField('standorts', 'standort_legend', PaletteManipulator::POSITION_APPEND)
|
|
| 17 |
+ ->applyToPalette('default', 'tl_member_group')
|
|
| 18 |
+; |
|
| 19 |
+ |
|
| 20 |
+// Add fields to tl_member_group |
|
| 21 |
+$GLOBALS['TL_DCA']['tl_member_group']['fields']['standorts'] = array |
|
| 22 |
+( |
|
| 23 |
+ 'label' => &$GLOBALS['TL_LANG']['tl_member_group']['standorts'], |
|
| 24 |
+ 'exclude' => true, |
|
| 25 |
+ 'inputType' => 'checkbox', |
|
| 26 |
+ 'foreignKey' => 'tl_vr_wa_standort.title', |
|
| 27 |
+ 'eval' => array('multiple'=>true),
|
|
| 28 |
+ 'sql' => "blob NULL" |
|
| 29 |
+); |
| 0 | 30 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,15 @@ |
| 1 |
+<?php |
|
| 2 |
+ |
|
| 3 |
+/** |
|
| 4 |
+ * This file is part of contao-weinanlieferung-bundle. |
|
| 5 |
+ * |
|
| 6 |
+ * (c) vonRotenberg |
|
| 7 |
+ * |
|
| 8 |
+ * @license commercial |
|
| 9 |
+ */ |
|
| 10 |
+ |
|
| 11 |
+// Legends |
|
| 12 |
+$GLOBALS['TL_LANG']['tl_member_group']['standort_legend'] = 'Standort-Berechtigungen'; |
|
| 13 |
+ |
|
| 14 |
+// Fields |
|
| 15 |
+$GLOBALS['TL_LANG']['tl_member_group']['standorts'] = ['Standorte', 'Wählen Sie die Standorte aus, auf die diese Mitgliedergruppe Zugriff haben soll.']; |
| ... | ... |
@@ -15,8 +15,10 @@ namespace vonRotenberg\WeinanlieferungBundle\Model; |
| 15 | 15 |
use Contao\Controller; |
| 16 | 16 |
use Contao\Database; |
| 17 | 17 |
use Contao\Date; |
| 18 |
+use Contao\FrontendUser; |
|
| 18 | 19 |
use Contao\Model; |
| 19 | 20 |
use Contao\Model\Registry; |
| 21 |
+use Contao\StringUtil; |
|
| 20 | 22 |
use Doctrine\DBAL\Connection; |
| 21 | 23 |
|
| 22 | 24 |
class WeinanlieferungSlotsModel extends Model |
| ... | ... |
@@ -27,6 +29,40 @@ class WeinanlieferungSlotsModel extends Model |
| 27 | 29 |
*/ |
| 28 | 30 |
protected static $strTable = 'tl_vr_wa_slot'; |
| 29 | 31 |
|
| 32 |
+ /** |
|
| 33 |
+ * Get allowed standort IDs for the current frontend user |
|
| 34 |
+ * @return array |
|
| 35 |
+ */ |
|
| 36 |
+ protected static function getAllowedStandortIds(): array |
|
| 37 |
+ {
|
|
| 38 |
+ // If no frontend user is logged in, return empty array |
|
| 39 |
+ if (!FrontendUser::getInstance()->id) {
|
|
| 40 |
+ return []; |
|
| 41 |
+ } |
|
| 42 |
+ |
|
| 43 |
+ // Get member groups |
|
| 44 |
+ $memberGroups = StringUtil::deserialize(FrontendUser::getInstance()->groups, true); |
|
| 45 |
+ if (empty($memberGroups)) {
|
|
| 46 |
+ return []; |
|
| 47 |
+ } |
|
| 48 |
+ |
|
| 49 |
+ // Get allowed standorts from member groups |
|
| 50 |
+ $db = Database::getInstance(); |
|
| 51 |
+ $allowedStandorts = []; |
|
| 52 |
+ |
|
| 53 |
+ foreach ($memberGroups as $groupId) {
|
|
| 54 |
+ $group = $db->prepare("SELECT standorts FROM tl_member_group WHERE id=?")
|
|
| 55 |
+ ->execute($groupId); |
|
| 56 |
+ |
|
| 57 |
+ if ($group->standorts) {
|
|
| 58 |
+ $groupStandorts = StringUtil::deserialize($group->standorts, true); |
|
| 59 |
+ $allowedStandorts = array_merge($allowedStandorts, $groupStandorts); |
|
| 60 |
+ } |
|
| 61 |
+ } |
|
| 62 |
+ |
|
| 63 |
+ return array_unique($allowedStandorts); |
|
| 64 |
+ } |
|
| 65 |
+ |
|
| 30 | 66 |
public static function findPublishedById($intId, array $arrOptions=array()) |
| 31 | 67 |
{
|
| 32 | 68 |
$time = time(); |
| ... | ... |
@@ -39,6 +75,12 @@ class WeinanlieferungSlotsModel extends Model |
| 39 | 75 |
|
| 40 | 76 |
$arrColumns[] = "($t.buchbar_ab<=$time OR $t.buchbar_ab = 0 OR $t.buchbar_ab IS NULL) AND $t.buchbar_bis>$time"; |
| 41 | 77 |
|
| 78 |
+ // Check standort permissions |
|
| 79 |
+ $allowedStandortIds = static::getAllowedStandortIds(); |
|
| 80 |
+ if (!empty($allowedStandortIds)) {
|
|
| 81 |
+ $arrColumns[] = "$t.pid IN (" . implode(',', $allowedStandortIds) . ")";
|
|
| 82 |
+ } |
|
| 83 |
+ |
|
| 42 | 84 |
if (!isset($arrOptions['order'])) |
| 43 | 85 |
{
|
| 44 | 86 |
$arrOptions['order'] = "$t.time ASC"; |
| ... | ... |
@@ -59,6 +101,12 @@ class WeinanlieferungSlotsModel extends Model |
| 59 | 101 |
|
| 60 | 102 |
$arrColumns[] = "($t.buchbar_ab<=$time OR $t.buchbar_ab = 0 OR $t.buchbar_ab IS NULL) AND $t.buchbar_bis>$time"; |
| 61 | 103 |
|
| 104 |
+ // Check standort permissions |
|
| 105 |
+ $allowedStandortIds = static::getAllowedStandortIds(); |
|
| 106 |
+ if (!empty($allowedStandortIds) && !in_array($intPid, $allowedStandortIds)) {
|
|
| 107 |
+ return null; // Return null if the requested standort is not allowed |
|
| 108 |
+ } |
|
| 109 |
+ |
|
| 62 | 110 |
if (!isset($arrOptions['order'])) |
| 63 | 111 |
{
|
| 64 | 112 |
$arrOptions['order'] = "$t.time ASC"; |
| ... | ... |
@@ -83,6 +131,17 @@ class WeinanlieferungSlotsModel extends Model |
| 83 | 131 |
return null; |
| 84 | 132 |
} |
| 85 | 133 |
|
| 134 |
+ // Check standort permissions |
|
| 135 |
+ $allowedStandortIds = static::getAllowedStandortIds(); |
|
| 136 |
+ if (!empty($allowedStandortIds)) {
|
|
| 137 |
+ // Filter the provided PIDs by the allowed standort IDs |
|
| 138 |
+ $arrPids = array_intersect($arrPids, $allowedStandortIds); |
|
| 139 |
+ |
|
| 140 |
+ if (empty($arrPids)) {
|
|
| 141 |
+ return null; // Return null if none of the requested standorts are allowed |
|
| 142 |
+ } |
|
| 143 |
+ } |
|
| 144 |
+ |
|
| 86 | 145 |
$time = time(); |
| 87 | 146 |
$t = static::$strTable; |
| 88 | 147 |
$arrColumns = array("$t.pid IN (".implode(',',$arrPids).")");
|
| ... | ... |
@@ -112,12 +171,21 @@ class WeinanlieferungSlotsModel extends Model |
| 112 | 171 |
$t = static::$strTable; |
| 113 | 172 |
$time = Date::floorToMinute(); |
| 114 | 173 |
|
| 174 |
+ // Check standort permissions |
|
| 175 |
+ $allowedStandortIds = static::getAllowedStandortIds(); |
|
| 176 |
+ $arrColumns = array("$t.time >= ?", "$t.tstamp!=0", "$t.published='1' AND ($t.buchbar_ab<=$time OR $t.buchbar_ab = 0 OR $t.buchbar_ab IS NULL) AND $t.buchbar_bis > ?");
|
|
| 177 |
+ $arrValues = [$time, $time, $time]; |
|
| 178 |
+ |
|
| 179 |
+ if (!empty($allowedStandortIds)) {
|
|
| 180 |
+ $arrColumns[] = "$t.pid IN (" . implode(',', $allowedStandortIds) . ")";
|
|
| 181 |
+ } |
|
| 182 |
+ |
|
| 115 | 183 |
if (!isset($arrOptions['order'])) |
| 116 | 184 |
{
|
| 117 | 185 |
$arrOptions['order'] = "$t.time ASC"; |
| 118 | 186 |
} |
| 119 | 187 |
|
| 120 |
- return static::findBy(array("$t.time >= ?","$t.tstamp!=0","$t.published='1' AND ($t.buchbar_ab<=$time OR $t.buchbar_ab = 0 OR $t.buchbar_ab IS NULL) AND $t.buchbar_bis > ?"), [$time,$time,$time], $arrOptions);
|
|
| 188 |
+ return static::findBy($arrColumns, $arrValues, $arrOptions); |
|
| 121 | 189 |
} |
| 122 | 190 |
|
| 123 | 191 |
public function getAvailableBehaelter(bool $inclOvercapacity = false, ?int $intOffset=null) |