Ressource restreinte

Reprise de la fonctionnalité développé par @ynaessens en version 3.5

Co-Authored-By: ynaessens <32387726+ynaessens@users.noreply.github.com>

CHANGELOG

@@ -1,3 +1,11 @@
+-----
+--
+-----
+Version 4.3.0 - En cours de développement
+
+[Ajout] Réservation restreinte @ynaessens & @JeromeDevome
+
+
 -----
 --
 -----

admin/admin_col_gauche.php

@@ -99,6 +99,9 @@ function afficheLienNiveau2($nomSection,$image,$liste,$iN2)
 	$liste[] = 'admin_right_admin';
 if (authGetUserLevel(getUserName(), -1, 'area') >= 4)
 	$liste[] = 'admin_access_area';
+$test = grr_sql_query1("SELECT COUNT(`who_can_book`) FROM ".TABLE_PREFIX."_room WHERE `who_can_book` = 0 ");
+if (authGetUserLevel(getUserName(), -1, 'area') >= 4)
+	$liste[] = 'admin_book_room';
 if (authGetUserLevel(getUserName(), -1, 'area') >= 4)
 	$liste[] = 'admin_right';
 if ( (Settings::get("sso_ac_corr_profil_statut") == 'y') && (authGetUserLevel(getUserName(), -1, 'area') >= 5) )

admin/controleurs/admin_book_room.php

@@ -0,0 +1,175 @@
+<?php
+/**
+ * admin_book_room.php
+ * Script de création/modification des ressources de l'application GRR
+ * Dernière modification : $Date: 2023-11-10 00:00$
+ * @author    JeromeB & Yan Naessens
+ * @copyright Copyright 2003-2023 Team DEVOME - JeromeB
+ * @link      http://www.gnu.org/licenses/licenses.html
+ *
+ * This file is part of GRR.
+ *
+ * GRR is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ */
+
+
+$grr_script_name = "admin_book_room.php";
+
+$ok = NULL;
+$id_room = isset($_POST["id_room"]) ? $_POST["id_room"] : (isset($_GET["id_room"]) ? $_GET["id_room"] : -1);
+$d['id_room'] = intval(clean_input($id_room));
+$reg_user_login = isset($_POST["reg_user_login"]) ? $_POST["reg_user_login"] : NULL;
+$reg_multi_user_login = isset($_POST["reg_multi_user_login"]) ? $_POST["reg_multi_user_login"] : NULL;
+$test_user =  isset($_POST["reg_multi_user_login"]) ? "multi" : (isset($_POST["reg_user_login"]) ? "simple" : NULL);
+$action = isset($_GET["action"]) ? $_GET["action"] : NULL;
+$user_name = getUserName();
+$msg = '';
+
+$ressources = array();
+$userAcces = array();
+$userAjout = array();
+
+
+$trad = $vocab;
+
+
+$vocab['user_can_book'] = "peut réserver les ressources restreintes :";
+
+
+if ($test_user == "multi")
+{	
+    if ($d['id_room'] != -1)
+    {
+        if (authGetUserLevel(getUserName(), $d['id_room']) < 4)
+        {
+            showAccessDenied($back);
+            exit();
+        }
+        foreach ($reg_multi_user_login as $valeur)
+        {
+        // On commence par vérifier que l'utilisateur n'est pas déjà présent dans cette liste.
+            $sql = "SELECT * FROM ".TABLE_PREFIX."_j_userbook_room WHERE (login = '".$valeur."' and id_room = '".$d['id_room']."')";
+            $res = grr_sql_query($sql);
+            $test = grr_sql_count($res);
+            if ($test > 0)
+                $msg = get_vocab("warning_exist");
+            else
+            {
+                if ($valeur != '')
+                {
+                    $sql = "INSERT INTO ".TABLE_PREFIX."_j_userbook_room SET login= '$valeur', id_room = '".$d['id_room']."'";
+                    if (grr_sql_command($sql) < 0)
+                        fatal_error(1, "<p>" . grr_sql_error());
+                    else
+                        $msg= get_vocab("add_multi_user_succeed");
+                }
+            }
+        }
+	}
+}
+
+if ($test_user == "simple")
+{
+	if ($d['id_room'] != -1)
+	{
+		if (authGetUserLevel(getUserName(), $d['id_room']) < 4)
+		{
+			showAccessDenied($back);
+			exit();
+		}
+   // On commence par vérifier que l'utilisateur n'est pas déjà présent dans cette liste.
+		$sql = "SELECT * FROM ".TABLE_PREFIX."_j_userbook_room WHERE (login = '$reg_user_login' and id_room = '".$d['id_room']."')";
+		$res = grr_sql_query($sql);
+		$test = grr_sql_count($res);
+		if ($test > 0)
+			$msg = get_vocab("warning_exist");
+		else
+		{
+			if ($reg_user_login != '')
+			{
+				$sql = "INSERT INTO ".TABLE_PREFIX."_j_userbook_room SET login= '$reg_user_login', id_room = '".$d['id_room']."'";
+				if (grr_sql_command($sql) < 0)
+					fatal_error(1, "<p>" . grr_sql_error());
+				else
+					$msg = get_vocab("add_user_succeed");
+			}
+		}
+	}
+}
+
+if ($action=='del_user')
+{
+	if (authGetUserLevel(getUserName(), $d['id_room']) < 4)
+	{
+		showAccessDenied($back);
+		exit();
+	}
+	unset($login_user);
+	$login_user = clean_input($_GET["login_user"]);
+	$sql = "DELETE FROM ".TABLE_PREFIX."_j_userbook_room WHERE (login='$login_user' and id_room = '".$d['id_room']."')";
+	if (grr_sql_command($sql) < 0)
+		fatal_error(1, "<p>" . grr_sql_error());
+	else
+		$msg = get_vocab("del_user_succeed");
+}
+
+
+// première étape : choisir parmi les ressources restreintes
+$sql = "select id, room_name from ".TABLE_PREFIX."_room where who_can_book =0 order by room_name";
+$res = grr_sql_query($sql);
+$nb = grr_sql_count($res);
+
+if (!$res)
+    grr_sql_error($res);
+else
+{
+	for ($i = 0; ($row = grr_sql_row($res, $i)); $i++)
+	{
+		// on vérifie que l'utilisateur connecté a les droits suffisants
+		if (authGetUserLevel($user_name,$d['id_room'])>2)
+            $ressources[] = $row;
+	}
+}
+
+// Deuxième étape : la ressource étant choisie, afficher les utilisateurs autorisés à réserver et le formulaire de mise à jour de la liste
+
+if ($d['id_room'] != -1)
+{
+    $sql = "SELECT u.login, u.nom, u.prenom FROM ".TABLE_PREFIX."_utilisateurs u JOIN ".TABLE_PREFIX."_j_userbook_room j ON u.login=j.login WHERE j.id_room='".$d['id_room']."' ORDER BY u.nom, u.prenom";
+	$res = grr_sql_query($sql);
+    if (!$res)
+        grr_sql_error($res);
+    else {
+        $d['nombre'] = grr_sql_count($res);
+        if ( $d['nombre'] > 0)
+        {
+            for ($i = 0; ($row = grr_sql_row($res, $i)); $i++)
+                $userAcces[] = $row;
+        }
+    }
+
+    $sql = "SELECT login, nom, prenom FROM ".TABLE_PREFIX."_utilisateurs WHERE (etat!='inactif' and (statut='utilisateur' or statut='visiteur' or statut='gestionnaire_utilisateur')) AND login NOT IN (SELECT DISTINCT login FROM ".TABLE_PREFIX."_j_userbook_room WHERE id_room = '".$d['id_room']."') order by nom, prenom";
+    $res = grr_sql_query($sql);
+    if ($res)
+        for ($i = 0; ($row = grr_sql_row($res, $i)); $i++){
+            // on n'affiche que les utilisateurs ayant accès à la ressource
+             if (verif_acces_ressource($row[0],$d['id_room']))
+                $userAjout[] = $row;
+        }
+
+}
+else
+{
+    if ($nb =0)
+        $d['NoRoomRestriction'] = get_vocab("no_restricted_room");
+    else
+        $d['NoRoomRestriction'] = get_vocab("no_room_selected");
+}
+
+
+
+echo $twig->render('admin_book_room.twig', array('liensMenu' => $menuAdminT, 'liensMenuN2' => $menuAdminTN2, 'd' => $d, 'trad' => $trad, 'settings' => $AllSettings, 'ressources' => $ressources, 'userAcces' => $userAcces, 'userAjout' => $userAjout));
+?>

admin/controleurs/admin_edit_room.php

@@ -38,6 +38,7 @@
 $dont_allow_modify  = isset($_POST["dont_allow_modify"]) ? $_POST["dont_allow_modify"] : NULL;
 $qui_peut_reserver_pour  = isset($_POST["qui_peut_reserver_pour"]) ? $_POST["qui_peut_reserver_pour"] : NULL;
 $who_can_see  = isset($_POST["who_can_see"]) ? $_POST["who_can_see"] : NULL;
+$who_can_book  = isset($_POST["who_can_book"]) ? intval(clean_input($_POST["who_can_book"])) : 1;
 $max_booking = isset($_POST["max_booking"]) ? $_POST["max_booking"] : NULL;
 settype($max_booking, "integer");
 if ($max_booking<-1)
@@ -163,6 +164,7 @@
 		dont_allow_modify='".$dont_allow_modify."',
 		qui_peut_reserver_pour = '".$qui_peut_reserver_pour."',
 		who_can_see = '".$who_can_see."',
+		who_can_book = '".$who_can_book."',
 		order_display='".protect_data_sql($area_order)."',
 		type_affichage_reser='".$type_affichage_reser."',
 		max_booking='".$max_booking."',
@@ -195,6 +197,7 @@
 		dont_allow_modify='".$dont_allow_modify."',
 		qui_peut_reserver_pour = '".$qui_peut_reserver_pour."',
 		who_can_see = '".$who_can_see."',
+		who_can_book = '".$who_can_book."',
 		order_display='".protect_data_sql($area_order)."',
 		type_affichage_reser='".$type_affichage_reser."',
 		max_booking='".$max_booking."',
@@ -303,6 +306,7 @@
 	$row["dont_allow_modify"] = 'n';
 	$row["qui_peut_reserver_pour"] = 6;
 	$row["who_can_see"] = 0;
+	$row["who_can_book"] = 1;
 	$row["order_display"]  = 0;
 	$row["type_affichage_reser"]  = 0;
 	$row["max_booking"] = -1;
@@ -326,6 +330,7 @@
 if ($row["id"] != '')
 	$trad['dHidden3'] = "<input type=\"hidden\" name=\"room\" value=\"".$row["id"]."\" />\n";
 
+get_vocab_admin("access");
 get_vocab_admin("miscellaneous");
 get_vocab_admin("name");
 get_vocab_admin("description");
@@ -372,6 +377,7 @@
 get_vocab_admin("activer_fonctionalite_participant");
 get_vocab_admin("visu_fiche_description1");
 get_vocab_admin("visu_fiche_description2");
+get_vocab_admin("who_can_book_explain");
 
 get_vocab_admin("back");
 get_vocab_admin("save");

admin/controleurs/admin_room_del.php

@@ -50,6 +50,7 @@
 		grr_sql_command("DELETE FROM ".TABLE_PREFIX."_entry_moderate WHERE room_id=$room");
 		grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_mailuser_room  WHERE id_room=$room");
 		grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_user_room WHERE id_room=$room");
+		grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_userbook_room WHERE id_room=$room");
 		//Now take out the room itself
 		grr_sql_command("DELETE FROM ".TABLE_PREFIX."_room WHERE id=$room");
 

admin/controleurs/admin_user.php

@@ -60,6 +60,7 @@
 			grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_mailuser_room WHERE login='$temp'");
 			grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_user_area WHERE login='$temp'");
 			grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_user_room WHERE login='$temp'");
+			grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_userbook_room WHERE login='".$temp."'");
 			grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_useradmin_area WHERE login='$temp'");
 			grr_sql_command("DELETE FROM ".TABLE_PREFIX."_j_useradmin_site WHERE login='$temp'");
 			$msg=get_vocab("del_user_succeed");

admin/controleurs/admin_user_modify.php

@@ -455,7 +455,7 @@
 					if ($test_admin_site >= 1)
 					{
 						$a_privileges = 'y';
-						$trad['dAdministrateurSite'] = "<li>".get_vocab("site")." ".$row_site[1].get_vocab("deux_points")." ".get_vocab("administrateur_du_site")."</li>";
+						$d['AdministrateurSite'] = "<li>".get_vocab("site")." ".$row_site[1].get_vocab("deux_points")." ".get_vocab("administrateur_du_site")."</li>";
 					}
 				}
 			}
@@ -543,16 +543,31 @@
 					}
 					$dAdministrateurDomaine .= "</ul>";
 
-					$trad['dAdministrateurDomaine'] = $dAdministrateurDomaine;
+					$d['AdministrateurDomaine'] = $dAdministrateurDomaine;
 				}
 			}
 		}
+
+		// peut réserver une ressource restreinte ?
+		$req_room = "SELECT r.id, r.room_name FROM ".TABLE_PREFIX."_room r JOIN ".TABLE_PREFIX."_j_userbook_room j ON j.id_room = r.id WHERE j.login = '".$user_login."'";
+		$res_room = grr_sql_query($req_room);
+		if ($res_room && grr_sql_count($res_room)>0){
+			$ressoureceRestreinte = "<h3>".get_vocab('user_can_book')."</h3><ul>";
+			while($room = mysqli_fetch_array($res_room)){
+				$ressoureceRestreinte .= "<li>".$room['room_name']." (".$room['id'].") </li>";
+			}
+			$ressoureceRestreinte .= "</ul>";
+			$a_privileges = 'y';
+			$d['ressoureceRestreinte'] = $ressoureceRestreinte;
+		}
+		grr_sql_free($res_room);
+
 		if ($a_privileges == 'n')
 		{
 			if ($utilisateur['statut'] == 'administrateur')
-				$trad['dAdministrateurOuRien'] = "<li>".get_vocab("administrateur_general")."</li>";
+				$d['AdministrateurOuRien'] = "<li>".get_vocab("administrateur_general")."</li>";
 			else
-				$trad['dAdministrateurOuRien'] = "<li>".get_vocab("pas_de_privileges")."</li>";
+				$d['AdministrateurOuRien'] = "<li>".get_vocab("pas_de_privileges")."</li>";
 		}
 	}