From 3ed00edb6e4ca7ccbf47f1b74f1e1b9667a65bff Mon Sep 17 00:00:00 2001
From: xdrm-brackets <doowap31@gmail.com>
Date: Tue, 19 Jul 2016 18:01:16 +0200
Subject: [PATCH] =?UTF-8?q?Client=20Virtuel=20:=20Gestion=20des=20permissi?=
 =?UTF-8?q?ons=20+=20'machine/getPermissions'=20mais=20probl=C3=A8mes=20?=
 =?UTF-8?q?=C3=A0=20r=C3=A9gler?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config/modules.json               |  6 ++-
 config/repositories.json          |  7 +---
 manager/module/machineDefault.php | 33 +++++++++++----
 manager/repo/action.php           |  1 -
 manager/repo/action_merge.php     | 67 +++++++++++++++++++++++++------
 manager/repo/permission.php       | 15 -------
 test/client/interface.php         | 56 ++++++++++++++++++++------
 test/client/lib-min.js            |  2 +-
 test/client/lib.js                |  2 +-
 9 files changed, 131 insertions(+), 58 deletions(-)
 delete mode 100644 manager/repo/permission.php

diff --git a/config/modules.json b/config/modules.json
index f3be48d..017a18d 100755
--- a/config/modules.json
+++ b/config/modules.json
@@ -239,8 +239,10 @@
 
 		"init": {
 			"description": "Données d'initialisation d'une machine.",
-			"permissions": [],
-			"parameters": {},
+			"permissions": ["warehouse"],
+			"parameters": {
+				"id_machine": { "description": "UID de la machine.", "type": "id" }
+			},
 			"output": {
 				"data": { "description": "Données d'initialisation.", "type": "array<mixed>" }
 			}
diff --git a/config/repositories.json b/config/repositories.json
index c5bc068..88424b1 100755
--- a/config/repositories.json
+++ b/config/repositories.json
@@ -92,6 +92,7 @@
 	"action_merge": [
 		"addPermission",
 		"removePermission",
+		"getPermissions",
 
 		"getAll",
 		"getById",
@@ -104,12 +105,6 @@
 	"pin_merge":    [ "getAll", "getByIdChip"   ],
 	"state":        [ "getForChip" ],
 
-	"permission": [
-		"getAll",
-		"getById"
-
-	],
-
 	"warehouse": [
 		"create",
 		"edit",
diff --git a/manager/module/machineDefault.php b/manager/module/machineDefault.php
index f9ea2b5..52bb351 100755
--- a/manager/module/machineDefault.php
+++ b/manager/module/machineDefault.php
@@ -389,9 +389,10 @@
 
 				/* (2) On ajoute l'action au TIMEOUT */
 				$sorted_actions[$action['timeout']][] = [
-					'name'     => $action['name'],
-					'previous' => $action['previous'],
-					'action'   => $action['action']
+					'id_action' => $action['id_action'],
+					'name'      => $action['name'],
+					'previous'  => $action['previous'],
+					'action'    => $action['action']
 				];
 			}
 
@@ -431,13 +432,31 @@
 			}
 
 
+			/* [7] On récupère les utilisateurs + accès sur la machine
+			=========================================================*/
+			/* (1) On récupère les utilisateurs et leurs permissions */
+			$permissionsReq = new Repo('action_merge/getPermissions', [
+				$_SESSION['WAREHOUSE']['id'],
+				$id_machine
+			]);
+			$permissions = ($permissionsReq->error==0) ? $permissionsReq->answer() : [];
 
-			/* [3] Retorne les données
+			/* (2) Pour formatte et indexe les permissions par CODE RFID */
+			$indexed_permissions = [];
+
+			foreach($permissions as $p=>$permission)
+				$indexed_permissions[$permission['code']] = explode(',', $permission['actions']);
+
+
+
+
+			/* [N] Retourne les données
 			=========================================================*/
 			return [
-				'actions' => $sorted_actions,
-				'states'  => $globalStates,
-				'chips'   => $chips
+				'actions'     => $sorted_actions,
+				'states'      => $globalStates,
+				'chips'       => $chips,
+				'permissions' => $indexed_permissions
 			];
 
 		}
diff --git a/manager/repo/action.php b/manager/repo/action.php
index 6fed6ca..966935b 100644
--- a/manager/repo/action.php
+++ b/manager/repo/action.php
@@ -10,7 +10,6 @@
 
 		protected static function table_name(){ static $table_name = 'action'; return $table_name;  }
 
-
 	}
 
 
diff --git a/manager/repo/action_merge.php b/manager/repo/action_merge.php
index aabef72..fca35ce 100644
--- a/manager/repo/action_merge.php
+++ b/manager/repo/action_merge.php
@@ -25,7 +25,7 @@
 			/* [1] On vérifie l'existance du groupe 'target'
 			=========================================================*/
 			/* (1) On rédige la requête */
-			$targetCheckR = new Repo('cluster/getById', [
+			$targetCheckR = new Repo('machine_cluster/getById', [
 				$_SESSION['WAREHOUSE']['id'],
 				$id_target
 			]);
@@ -35,15 +35,11 @@
 			if( $targetCheck === false )
 				return ManagerError::NoMatchFound;
 
-			/* (3) Si il s'agit bien d'un groupe de machines */
-			if( $targetCheck['class'] != clusterRepo::MACHINE_CLASS )
-				return ManagerError::NoMatchFound;
-
 
 			/* [2] On vérifie l'existance du groupe 'source'
 			=========================================================*/
 			/* (1) On rédige la requête */
-			$sourceCheckR = new Repo('cluster/getById', [
+			$sourceCheckR = new Repo('user_cluster/getById', [
 				$_SESSION['WAREHOUSE']['id'],
 				$id_source
 			]);
@@ -53,10 +49,6 @@
 			if( $sourceCheck === false )
 				return ManagerError::NoMatchFound;
 
-			/* (3) Si il s'agit bien d'un groupe d'utilisateurs */
-			if( $sourceCheck['class'] != clusterRepo::USER_CLASS )
-				return ManagerError::NoMatchFound;
-
 
 			/* [3] On vérifie l'existance de l'action
 			=========================================================*/
@@ -91,8 +83,8 @@
 			$insert = Database::getPDO()->prepare("INSERT INTO action_merge(id_action_merge, id_target, id_source, id_action)
 				VALUES(DEFAULT, :id_target, :id_source, :id_action)");
 			$inserted = $insert->execute([
-				':id_target'     => $id_target,
-				':id_source'     => $id_source,
+				':id_target' => $id_target,
+				':id_source' => $id_source,
 				':id_action' => $id_action
 			]);
 
@@ -172,6 +164,57 @@
 
 
 
+
+
+
+		/* RETOURNE LA LISTE D'ACCES POUR UNE MACHINE D'ID DONNE
+		*
+		* @id_warehouse<int> 									UID de l'entrepot
+		* @id_machine<int> 										UID de la machine
+		*
+		* @return permissions<Array> 							Liste des accès des utilisateurs à cette machine
+		*
+		*/
+		public static function getPermissions($id_warehouse, $id_machine){
+
+			$getPermissions = Database::getPDO()->prepare("SELECT u.code, GROUP_CONCAT(DISTINCT a.id_action ORDER BY a.id_action ASC) as actions
+				FROM
+					user                  as u,
+					user_cluster          as uc,
+					user_cluster_merge    as ucm,
+					machine               as m,
+					machine_cluster       as mc,
+					machine_cluster_merge as mcm,
+					action                as a,
+					action_merge          as am
+
+				WHERE u.id_user             = ucm.id_user
+				AND   uc.id_user_cluster    = ucm.id_user_cluster
+				AND   am.id_source          = uc.id_user_cluster
+				AND   m.id_warehouse        = u.id_warehouse
+				AND   m.id_warehouse        = :id_warehouse
+				AND   m.id_machine          = :id_machine
+				AND   m.id_machine          = mcm.id_machine
+				AND   mc.id_machine_cluster = mcm.id_machine_cluster
+				AND   am.id_target          = mc.id_machine_cluster
+				AND   a.id_action           = am.id_action
+
+				GROUP BY u.code");
+
+			$getPermissions->execute([
+				':id_warehouse' => $id_warehouse,
+				':id_machine'   => $id_machine
+			]);
+
+
+			return Database::delNumeric( $getPermissions->fetchAll() );
+
+		}
+
+
+
+
+
 	}
 
 
diff --git a/manager/repo/permission.php b/manager/repo/permission.php
deleted file mode 100644
index f18c17c..0000000
--- a/manager/repo/permission.php
+++ /dev/null
@@ -1,15 +0,0 @@
-<?php
-
-	namespace manager\repo;
-	use \manager\Database;
-	use \manager\ManagerError;
-	use \manager\repo\cluster as clusterRepo;
-
-	class permission extends parentRepo{
-
-		protected static function table_name(){ static $table_name = 'permission'; return $table_name;  }
-
-	}
-
-
-?>
diff --git a/test/client/interface.php b/test/client/interface.php
index 9708abf..fb2c184 100644
--- a/test/client/interface.php
+++ b/test/client/interface.php
@@ -205,7 +205,8 @@
 		<div id='card-stack'>
 			<input id='add-card' placeholder='Code RFID' type='text'>
 			<div class='card'>AB-CD-EF-GH</div>
-			<div class='card'>12-CD-56-GH</div>
+			<div class='card'>10-FE-BD-61</div>
+			<div class='card'>92-55-B9-B3</div>
 		</div>
 
 
@@ -232,13 +233,13 @@
 			var pass = document.getElementById('card-pass');
 
 			/* (3) Variables de suivi */
-			var card     = null;
+			var CARD     = null;
 			var lastCard = null;
 			var lsi      = new localStorageInterface();
 			lsi.createDataset('STATES.CNF' );
 			lsi.createDataset('ACTIONS.CNF');
 			lsi.createDataset('CHIPS.CNF');
-			lsi.createDataset('USERS.CNF'  );
+			lsi.createDataset('PERMISSIONS.CNF'  );
 			lsi.createDataset('SERVER.CNF' );
 			lsi.createDataset('HISTORY.LOG');
 			lsi.createDataset('STATES.LOG' );
@@ -246,11 +247,18 @@
 			/* (4) Récupération des données de fonctionnement */
 			var api = new APIClass('/api/');
 
-			api.send({path: 'machineDefault/init'}, function(response){
-				lsi.import('ACTIONS.CNF', response.actions);
-				lsi.import('STATES.CNF',  response.states);
-				lsi.import('CHIPS.CNF',   response.chips);
-			});
+			var ACTIONS, STATES, CHIPS, PERMISSIONS;
+			api.send({path: 'machineDefault/init', id_machine: 1}, function(response){
+				lsi.import('ACTIONS.CNF',     response.actions);
+				lsi.import('STATES.CNF',      response.states);
+				lsi.import('CHIPS.CNF',       response.chips);
+				lsi.import('PERMISSIONS.CNF', response.permissions);
+
+				ACTIONS     = lsi.export('ACTIONS.CNF');
+				STATES      = lsi.export('STATES.CNF');
+				CHIPS       = lsi.export('CHIPS.CNF');
+				PERMISSIONS = lsi.export('PERMISSIONS.CNF');
+			}, '643405e1004845c2291c244faab192e3ad493b9dec147c8030475794b0f2fa23');
 
 			/* (5) On initialise la carte + les puces */
 			var board = new Board(50);
@@ -316,12 +324,12 @@
 				if( e.keyCode == 13 ) cBox.innerHTML += "<div class='card'>"+e.target.value+"</div>";
 			}, false);
 
+
 			/* [3] Gestion de la sélection de carte
 			=========================================================*/
 			cBox.addEventListener('click', function(e){
 				if( e.target.className == 'card' ){
-					lastCard = card;
-					card = e.target.innerHTML;
+					CARD = e.target.innerHTML;
 
 					var allCards = document.querySelectorAll('#card-stack .card');
 					for( var i = 0 ; i < allCards.length ; i++ )
@@ -330,14 +338,15 @@
 					e.target.addClass('active');
 				}
 			}, false);
-			card = document.querySelector('#card-stack .card').innerHTML;
+			CARD = document.querySelector('#card-stack .card').innerHTML;
 			document.querySelector('#card-stack .card').addClass('active');
 
+
 			/* [4] Passage de carte
 			=========================================================*/
 			var INTERVAL        = null;
 			var COUNT           = 0;
-			var ACTIONS         = lsi.export('ACTIONS.CNF');
+
 
 			/* (0) Routine de comptage de temps
 			---------------------------------------------------------*/
@@ -353,7 +362,28 @@
 				/* (2) Pour chaque action de ce timeout */
 				for( var a in Object.keys(ACTIONS[COUNT]) ){
 
-					/* (3) Si la condition est correcte, On applique la modification de l'état */
+					/* (3) On vérifie que l'utilisateur a la permissions d'effectuer l'action */
+					var hasPermission = false;
+
+					// On vérifie parmis toutes les permissions de cette CARTE
+					if( PERMISSIONS.hasOwnProperty(CARD) )
+					for( var i = 0 ; i < PERMISSIONS[CARD].length ; i++ )
+						if( PERMISSIONS[CARD][i] == ACTIONS[COUNT][a].id_action ){
+							hasPermission = true;
+							break;
+						}
+
+					// Si on a pas la permission, on quitte
+					if( !hasPermission ) return;
+
+
+
+					console.log( CARD, PERMISSIONS[CARD], ACTIONS[COUNT][a].id_action);
+
+					// Si pas la permission, on fait rien
+					if( !hasPermission ) break;
+
+					/* (4) Si la condition est correcte, On applique la modification de l'état */
 					if( previous(ACTIONS[COUNT][a].previous, STATE) ){
 						action(ACTIONS[COUNT][a].action, STATE);
 						break;
diff --git a/test/client/lib-min.js b/test/client/lib-min.js
index 26bd0f5..f5f20ec 100644
--- a/test/client/lib-min.js
+++ b/test/client/lib-min.js
@@ -1,6 +1,6 @@
 var Pin;(function(){Pin=function(a){parseInt(a)==a&&0<=a&&255>=a?this.value=parseInt(a):this.value=0};Pin.prototype={value:this.value};Pin.prototype.set=function(a){parseInt(a)==a&&0<=a&&255>=a&&(this.value=parseInt(a))};Pin.prototype.get=function(){return this.value}})();var Board;
 (function(){Board=function(a){if(!(parseInt(a)!=a||1>a)){this.maxPin=a;this.pins=[];this.listener=[];for(a=0;a<this.maxPin;a++)this.pins[a]=!1;this.listener[a]=null}};Board.prototype={maxPin:this.maxPin,pins:this.pins,listener:this.listener};Board.prototype.plug=function(a){if(!(a.chip instanceof Chip))return!1;for(var b=0;b<a.chip.pins.length;b++)if(this.pins[a.chip.pins[b]]instanceof Pin)return!1;for(b=0;b<a.chip.pins.length;b++)this.pins[a.chip.pins[b]]=a.chip.values[b],this.listener[a.chip.pins[b]]=
-a};Board.prototype.set=function(a,b){if(!(parseInt(a)!=a||a>this.maxPin)&&this.pins[a]instanceof Pin){if("boolean"==typeof b)b=b?255:0;else if(b!=parseInt(b)||0>b||255<b)return;b=parseInt(b);this.pins[a].set(b);null!=this.listener[a]&&this.listener[a].update()}}})();var Chip;
+a};Board.prototype.set=function(a,b){if(!(parseInt(a)!=a||a>this.maxPin)&&this.pins[a]instanceof Pin){if("boolean"==typeof b)b=b?255:0;else if(b!=parseInt(b)||0>b||255<b)return;b=parseInt(b);this.pins[a].set(b);"function"===typeof this.listener[a].update&&this.listener[a].update()}}})();var Chip;
 (function(){Chip=function(a,b){if("string"==typeof a&&(a=a.toLowerCase(),-1!=["spi","i2c","serial"].indexOf(a)&&b instanceof Array)){for(var c=0;c<b.length;c++)if(parseInt(b[c])!=b[c])return;this.type=a;this.pins=b;this.values=[];for(c=0;c<this.pins.length;c++)this.values[c]=new Pin(0)}};Chip.prototype={type:this.type,pins:this.pins,values:this.values};Chip.prototype.setPin=function(a,b){if(!(parseInt(a)!=a||this.pins.length>=a)){if("boolean"==typeof b)b=b?255:0;else if(b!=parseInt(b)||0>b||255<b)return;
 b=parseInt(b);this.values[a].set(b)}};Chip.prototype.setPins=function(a){for(var b=0;b<this.pins.length;b++)this.setPin(b,a[b])};Chip.prototype.getPin=function(a){return parseInt(a)!=a||this.pins.length<=a?!1:this.values[a].get()};Chip.prototype.getPins=function(){for(var a=[],b=0;b<this.pins.length;b++)a[b]=this.getPin(b);return a}})();var LedInterface;
 (function(){LedInterface=function(a,b){a instanceof Chip&&b instanceof Element&&(this.chip=a,this.container=b)};LedInterface.prototype={chip:this.chip,container:this.container};LedInterface.prototype.update=function(){this.container.style.backgroundColor="rgb("+this.chip.getPin(0)+","+this.chip.getPin(1)+","+this.chip.getPin(2)+")"}})();var RelayInterface;
diff --git a/test/client/lib.js b/test/client/lib.js
index 095e0f3..22805e9 100644
--- a/test/client/lib.js
+++ b/test/client/lib.js
@@ -118,7 +118,7 @@ var Board;
 
 		/* [2] On lance le listener
 		=========================================================*/
-		if( this.listener[pinOrder] != null )
+		if( typeof this.listener[pinOrder].update === 'function' )
 			this.listener[pinOrder].update();
 	};