<?php
namespace DrukattBundle\EventListener;
use Pimcore\Bundle\AdminBundle\Security\User\UserLoader;
use Pimcore\Event\Model\ElementEvent;
use Pimcore\Logger;
use Pimcore\Model\DataObject\Client;
use Pimcore\Model\DataObject\ClientEquipment;
use Pimcore\Model\DataObject\ClientPart;
use Pimcore\Model\DataObject\Concrete;
use Pimcore\Model\DataObject\Equipment;
use Pimcore\Model\DataObject\EquipmentGroup;
use Pimcore\Model\DataObject\EquipmentPart;
use Symfony\Component\EventDispatcher\GenericEvent;
class ClientEquipmentListener
{
/**
* @var UserLoader
*/
protected $userLoader;
protected $elementPaths;
public function __construct(UserLoader $userLoader)
{
// Logger::debug('checkClientPermissions ClientEquipment Init');
$this->userLoader = $userLoader;
}
public function checkClientPermissions(GenericEvent $event) {
// Permitimos que los clientes puedan ver el botón de guardar para los ClientEquipment
$object = $event->getArgument("object");
if ($object instanceof ClientEquipment) {
//data element that is send to Pimcore backend UI
$data = $event->getArgument("data");
//get current user
//$user = $this->userLoader->getUser();
//check if allowed and if not change permission
if($data['userPermissions']['view']) {
$data['userPermissions']['save'] = true;
}
$event->setArgument("data", $data);
}
}
public function isAllowedPermissions(ElementEvent $event) {
// Permitimos que los clientes puedan guardar los ClientEquipment
if ($this->userLoader->getUser()->isAdmin()) {
return;
}
$object = $event->getElement();
if ($object instanceof ClientEquipment) {
// Logger::debug('isAllowedPermissions is ClientEquipment ' . $event->getArgument('permissionType'));
if ($event->getArgument('permissionType') == 'save') {
$event->setArgument("isAllowed", true);
}
} else if ($object instanceof EquipmentGroup) {
//Logger::debug('isAllowedPermissions is EquipmentGroup ' . $event->getArgument('permissionType'));
if (empty($this->elementPaths)) {
$this->elementPaths = \Pimcore\Model\Element\Service::findForbiddenPaths('object', $this->userLoader->getUser());
}
$isUserElement = false;
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$listing = new ClientPart\Listing();
$listing->setCondition("o_path LIKE ? AND part__id = ?", [$allowedPath . '%', $object->getId()] );
$count = $listing->count();
if ($count > 0) {
$isUserElement = true;
break;
}
}
if (($event->getArgument('permissionType') == 'list' || $event->getArgument('permissionType') == 'view') && !$isUserElement) {
//$event->setArgument("isAllowed", false);
}
} else if ($object instanceof Equipment) {
//Logger::debug('isAllowedPermissions is EquipmentGroup ' . $event->getArgument('permissionType'));
if (empty($this->elementPaths)) {
$this->elementPaths = \Pimcore\Model\Element\Service::findForbiddenPaths('object', $this->userLoader->getUser());
}
$isUserElement = false;
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$listing = new ClientEquipment\Listing();
$listing->setCondition("o_path LIKE ? AND equipment__id = ?", [$allowedPath . '%', $object->getId()] );
$count = $listing->count();
if ($count > 0) {
$isUserElement = true;
break;
}
}
if (($event->getArgument('permissionType') == 'list' || $event->getArgument('permissionType') == 'view') && !$isUserElement) {
//$event->setArgument("isAllowed", false);
}
} else if ($object instanceof EquipmentPart) {
if ($event->getArgument('permissionType') == 'list' || $event->getArgument('permissionType') == 'view') {
$event->setArgument("isAllowed", false);
}
}
}
public function beforeListLoadPermissions(GenericEvent $event) {
// Cambiamos las Consultas para que los Clientes solo vean los Equipment o EquipmentGroup que pertenecen
if ($this->userLoader->getUser()->isAdmin()) {
return;
}
$listing = $event->getArgument("list");
if ($listing instanceof \Pimcore\Model\Search\Backend\Data\Listing) {
$conditionParts = [];
$conditionParts[] = $listing->getCondition();
//Logger::debug('isAllowedPermissions is EquipmentGroup ' . $event->getArgument('permissionType'));
if (empty($this->elementPaths)) {
$this->elementPaths = \Pimcore\Model\Element\Service::findForbiddenPaths('object', $this->userLoader->getUser());
}
//EquipmentGroup
$userPathconditionParts = [];
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$userPathconditionParts[] = '(maintype != ' . $listing->quote('object') . ' OR ' . $listing->quote(EquipmentGroup::classId()) . ' NOT IN (SELECT o_classId FROM `objects` WHERE o_id = id) OR id IN (SELECT part__id FROM `object_' . ClientPart::classId() . '` WHERE o_path LIKE ' . $listing->quote($allowedPath . '%') . '))';
}
if (!empty($userPathconditionParts)) {
$userQueryCondition = implode(' OR ', $userPathconditionParts);
$conditionParts[] = '(' . $userQueryCondition . ')';
}
//Equipment
$userPathconditionParts = [];
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$userPathconditionParts[] = '(maintype != ' . $listing->quote('object') . ' OR ' . $listing->quote(Equipment::classId()) . ' NOT IN (SELECT o_classId FROM `objects` WHERE o_id = id) OR id IN (SELECT equipment__id FROM `object_' . ClientEquipment::classId() . '` WHERE o_path LIKE ' . $listing->quote($allowedPath . '%') . '))';
}
if (!empty($userPathconditionParts)) {
$userQueryCondition = implode(' OR ', $userPathconditionParts);
$conditionParts[] = '(' . $userQueryCondition . ')';
}
//EquipmentPart (no permitido)
$conditionParts[] = $listing->quote(EquipmentPart::classId()) . ' NOT IN (SELECT o_classId FROM `objects` WHERE o_id = id)';
$queryCondition = implode(' AND ', $conditionParts);
$listing->setCondition($queryCondition);
$event->setArgument("list", $listing);
} else if (get_class($listing) == \Pimcore\Model\DataObject\Listing::class) { //Object Tree
//Logger::debug('isAllowedPermissions listing Object Tree 2');
$conditionParts = [];
$conditionParts[] = $listing->getCondition();
//Logger::debug('isAllowedPermissions is EquipmentGroup ' . $event->getArgument('permissionType'));
if (empty($this->elementPaths)) {
$this->elementPaths = \Pimcore\Model\Element\Service::findForbiddenPaths('object', $this->userLoader->getUser());
}
//EquipmentGroup
$userPathconditionParts = [];
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$userPathconditionParts[] = '(objects.o_type != ' . $listing->quote('object') . ' OR objects.o_classId != ' . $listing->quote(EquipmentGroup::classId()) . ' OR objects.o_id IN (SELECT part__id FROM `object_' . ClientPart::classId() . '` WHERE o_path LIKE ' . $listing->quote($allowedPath . '%') . '))';
}
if (!empty($userPathconditionParts)) {
$userQueryCondition = implode(' OR ', $userPathconditionParts);
$conditionParts[] = '(' . $userQueryCondition . ')';
}
//Equipment
$userPathconditionParts = [];
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$userPathconditionParts[] = '(objects.o_type != ' . $listing->quote('object') . ' OR objects.o_classId != ' . $listing->quote(Equipment::classId()) . ' OR objects.o_id IN (SELECT equipment__id FROM `object_' . ClientEquipment::classId() . '` WHERE o_path LIKE ' . $listing->quote($allowedPath . '%') . '))';
}
if (!empty($userPathconditionParts)) {
$userQueryCondition = implode(' OR ', $userPathconditionParts);
$conditionParts[] = '(' . $userQueryCondition . ')';
}
//EquipmentPart (no permitido)
$conditionParts[] = '(objects.o_type != ' . $listing->quote('object') . ' OR objects.o_classId != ' . $listing->quote(EquipmentPart::classId()) . ')';
$queryCondition = implode(' AND ', $conditionParts);
$listing->setCondition($queryCondition);
$event->setArgument("list", $listing);
} else if ($listing instanceof EquipmentGroup\Listing) {
$conditionParts = [];
$conditionParts[] = $listing->getCondition();
//Logger::debug('isAllowedPermissions is EquipmentGroup ' . $event->getArgument('permissionType'));
if (empty($this->elementPaths)) {
$this->elementPaths = \Pimcore\Model\Element\Service::findForbiddenPaths('object', $this->userLoader->getUser());
}
$userPathconditionParts = [];
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$userPathconditionParts[] = 'o_id IN (SELECT part__id FROM `object_' . ClientPart::classId() . '` WHERE o_path LIKE ' . $listing->quote($allowedPath . '%') . ')';
}
if (!empty($userPathconditionParts)) {
$userQueryCondition = implode(' OR ', $userPathconditionParts);
$conditionParts[] = '(' . $userQueryCondition . ')';
}
$queryCondition = implode(' AND ', $conditionParts);
$listing->setCondition($queryCondition);
$event->setArgument("list", $listing);
} else if ($listing instanceof Equipment\Listing) {
$conditionParts = [];
$conditionParts[] = $listing->getCondition();
//Logger::debug('isAllowedPermissions is EquipmentGroup ' . $event->getArgument('permissionType'));
if (empty($this->elementPaths)) {
$this->elementPaths = \Pimcore\Model\Element\Service::findForbiddenPaths('object', $this->userLoader->getUser());
}
$userPathconditionParts = [];
foreach ($this->elementPaths['allowed'] as $allowedPath) {
$userPathconditionParts[] = 'o_id IN (SELECT equipment__id FROM `object_' . ClientEquipment::classId() . '` WHERE o_path LIKE ' . $listing->quote($allowedPath . '%') . ')';
}
if (!empty($userPathconditionParts)) {
$userQueryCondition = implode(' OR ', $userPathconditionParts);
$conditionParts[] = '(' . $userQueryCondition . ')';
}
$queryCondition = implode(' AND ', $conditionParts);
$listing->setCondition($queryCondition);
$event->setArgument("list", $listing);
}
//Logger::debug('beforeListLoadPermissions condition ' . $condition);
}
public function treeGetChildsPreSendDataPermissions(GenericEvent $event) {
// Permitimos que los clientes puedan guardar los ClientEquipment
if ($this->userLoader->getUser()->isAdmin()) {
return;
}
$objects = $event->getArgument("objects");
// Elimina los hijos del EquipmentGroup
if (!empty($objects) && is_array($objects)) {
$equipmentGroup = new EquipmentGroup();
foreach ($objects as $key => $object) {
if (array_key_exists('id', $object) && array_key_exists('className', $object) && $object['className'] == $equipmentGroup->getClassName()) {
//Busca si tiene hijos que no sean de EquipmentPart
$listing = new \Pimcore\Model\DataObject\Listing();
$listing->setCondition('o_parentId = ' . $listing->quote($object['id']) . ' AND (o_type != ' . $listing->quote('object') . ' OR o_classId != ' . $listing->quote(EquipmentPart::classId()) . ')');
$count = $listing->count();
if ($count == 0) {
$objects[$key]['leaf'] = false;
$objects[$key]['expanded'] = false;
$objects[$key]['expandable'] = false;
$objects[$key]['loaded'] = false;
}
}
}
$event->setArgument("objects", $objects);
}
}
}