Intégration de l'entrepot dans les 'repositories' (invisibles pour les 'modules') 'machine' et 'user'

2016-07-05 15:50:24 +02:00 · 2016-07-05 15:50:24 +02:00 · 4140936396
parent e630bdb8e0
commit 4140936396
4 changed files with 76 additions and 41 deletions
--- a/manager/Authentification.php
+++ b/manager/Authentification.php
@ -84,7 +84,7 @@

 				// On met à jour les informations
 				$_SESSION['WAREHOUSE'] = [
-					'id'   => $checkRoot->answer()[0]['id_warehouse'],
+					'id'   => (int) $checkRoot->answer()[0]['id_warehouse'],
 					'name' => $checkRoot->answer()[0]['name']
 				];
 			}
@ -104,7 +104,7 @@

 				// On met à jour les informations
 				$_SESSION['ADMIN'] = [
-					'id'       => $checkBranch->answer()[0]['id_admin'],
+					'id'       => (int) $checkBranch->answer()[0]['id_admin'],
 					'username' => $checkBranch->answer()[0]['username'],
 					'mail'     => $checkBranch->answer()[0]['mail']
 				];
--- a/manager/Repo.php
+++ b/manager/Repo.php
@ -46,6 +46,14 @@
 		*
 		*/
 		public function __construct($path=null, $params=null){
+
+			// Si pas authentifié, erreur
+			if( Authentification::auth() < 2 ){
+				$this->error = ManagerError::PermissionError;
+				return false;
+			}
+
+
 			// Si pas parametre manquant, on quitte
 			if( $path == null ){
 				$this->error = ManagerError::MissingPath;
@ -103,6 +111,9 @@


 		public function answer(){
+			if( $this->error != ManagerError::Success )
+				return false;
+
 			return $this->answer;
 		}

--- a/manager/repo/machine.php
+++ b/manager/repo/machine.php
@ -30,11 +30,12 @@

 			/* [2] Creation de la machine
 			=========================================================*/
-			$insert_machine = Database::getPDO()->prepare("INSERT INTO machine(id_machine, code, name)
-				VALUES(DEFAULT, :code, :name)");
+			$insert_machine = Database::getPDO()->prepare("INSERT INTO machine(id_machine, id_warehouse, code, name)
+				VALUES(DEFAULT, :id_warehouse, :code, :name)");
 			$insert_machine->execute([
-				':code' => $code,
-				':name' => $name
+				':id_warehouse' => $_SESSION['WAREHOUSE']['id'],
+				':code'         => $code,
+				':name'         => $name
 			]);

 			/* [3] On retourne l'id_machine ou FALSE si erreur
@ -63,11 +64,17 @@
 		*/
 		public static function search($keyword){
 			// On recupere les donnees
-			$searchmachines = Database::getPDO()->query("SELECT * FROM machine
-				WHERE code      LIKE '%".$keyword."%'
-				OR    name      LIKE '%".$keyword."%'
+			$searchmachines = Database::getPDO()->prepare("SELECT * FROM machine
+				WHERE id_warehouse = :id_warehouse
+				AND   ( code      LIKE '%".$keyword."%'
+					OR  name      LIKE '%".$keyword."%'
+				)
 			");

+			$searchmachines->execute([
+				':id_warehouse' => $_SESSION['WAREHOUSE']['id']
+			]);
+
 			return Database::delNumeric( $searchmachines->fetchAll() );
 		}

@ -136,11 +143,13 @@
 			$edit_machine = Database::getPDO()->prepare("UPDATE machine
 				SET code = :code,
 					name = :name
-				WHERE id_machine = :id_machine");
+				WHERE id_machine   = :id_machine
+				AND   id_warehouse = :id_warehouse");
 			$edit_machine->execute([
-				':code'       => $code,
-				':name'       => $name,
-				':id_machine' => $id_machine
+				':code'         => $code,
+				':name'         => $name,
+				':id_machine'   => $id_machine,
+				':id_warehouse' => $_SESSION['WAREHOUSE']['id']
 			]);


@ -174,8 +183,11 @@
 		public static function delete($id_machine){
 			/* [1] On redige/execute la requete
 			=========================================================*/
-			$delete_machine = Database::getPDO()->prepare("DELETE FROM machine WHERE id_machine = :id_machine");
-			$delete_machine->execute([ ':id_machine' => $id_machine ]);
+			$delete_machine = Database::getPDO()->prepare("DELETE FROM machine WHERE id_machine = :id_machine AND id_warehouse = :id_warehouse");
+			$delete_machine->execute([
+				':id_machine'   => $id_machine,
+				':id_warehouse' => $_SESSION['WAREHOUSE']['id']
+			]);


 			/* [2] On verifie que la machine n'existe plus
--- a/manager/repo/user.php
+++ b/manager/repo/user.php
@ -34,16 +34,17 @@

 			/* [2] Creation de l'utilisateur
 			=========================================================*/
-			$insert_user = Database::getPDO()->prepare("INSERT INTO user(id_user, code, username, firstname, lastname, mail, password, status)
-				VALUES(DEFAULT, :code, :username, :firstname, :lastname, :mail, :password, :status)");
+			$insert_user = Database::getPDO()->prepare("INSERT INTO user(id_user, id_warehouse, code, username, firstname, lastname, mail, password, status)
+				VALUES(DEFAULT, :id_warehouse, :code, :username, :firstname, :lastname, :mail, :password, :status)");
 			$insert_user->execute([
-				':code'      => $code,
-				':username'  => $username,
-				':firstname' => $firstname,
-				':lastname'  => $lastname,
-				':mail'      => $mail,
-				':password'  => $password,
-				':status'    => $status
+				':id_warehouse'  => $_SESSION['WAREHOUSE']['id'],
+				':code'          => $code,
+				':username'      => $username,
+				':firstname'     => $firstname,
+				':lastname'      => $lastname,
+				':mail'          => $mail,
+				':password'      => $password,
+				':status'        => $status
 			]);

 			/* [3] On retourne l'id_user ou FALSE si erreur
@ -72,14 +73,20 @@
 		*/
 		public static function search($keyword){
 			// On recupere les donnees
-			$searchusers = Database::getPDO()->query("SELECT * FROM user
-				WHERE code      LIKE '%".$keyword."%'
-				OR    username  LIKE '%".$keyword."%'
-				OR    firstname LIKE '%".$keyword."%'
-				OR    lastname  LIKE '%".$keyword."%'
-				OR    mail      LIKE '%".$keyword."%'
+			$searchusers = Database::getPDO()->prepare("SELECT * FROM user
+				WHERE id_warehouse = :id_warehouse
+				AND   ( code      LIKE '%".$keyword."%'
+					OR  username  LIKE '%".$keyword."%'
+					OR  firstname LIKE '%".$keyword."%'
+					OR  lastname  LIKE '%".$keyword."%'
+					OR  mail      LIKE '%".$keyword."%'
+				)
 			");

+			$searchusers->execute([
+				':id_warehouse'  => $_SESSION['WAREHOUSE']['id']
+			]);
+
 			return Database::delNumeric( $searchusers->fetchAll() );
 		}

@ -161,16 +168,18 @@
 					mail      = :mail,
 					password  = :password,
 					status    = :status
-				WHERE id_user = :id_user");
+				WHERE id_user      = :id_user
+				AND   id_warehouse = :id_warehouse");
 			$edit_user->execute([
-				':code'      => $code,
-				':username'  => $username,
-				':firstname' => $firstname,
-				':lastname'  => $lastname,
-				':mail'      => $mail,
-				':password'  => $password,
-				':status'    => $status,
-				':id_user'   => $id_user
+				':code'         => $code,
+				':username'     => $username,
+				':firstname'    => $firstname,
+				':lastname'     => $lastname,
+				':mail'         => $mail,
+				':password'     => $password,
+				':status'       => $status,
+				':id_user'      => $id_user,
+				':id_warehouse' => $_SESSION['WAREHOUSE']['id']
 			]);


@ -209,8 +218,11 @@
 		public static function delete($id_user){
 			/* [1] On redige/execute la requete
 			=========================================================*/
-			$delete_user = Database::getPDO()->prepare("DELETE FROM user WHERE id_user = :id_user");
-			$delete_user->execute([ ':id_user' => $id_user ]);
+			$delete_user = Database::getPDO()->prepare("DELETE FROM user WHERE id_user = :id_user AND id_warehouse = :id_warehouse");
+			$delete_user->execute([
+				':id_user'      => $id_user,
+				':id_warehouse' => $_SESSION['WAREHOUSE']['id']
+			]);


 			/* [2] On verifie que l'utilisateur n'existe plus