Merge pull request #1671 from bburnichon/admin-management-PHRAS-949

Demote Admin users on request
2025-10-15 14:03:27 +00:00 · 2016-02-09 13:44:32 +01:00
parent 8f4bf4c7a8 403eb36903
commit 011db3d84e
4 changed files with 21 additions and 7 deletions
--- a/lib/Alchemy/Phrasea/Controller/Admin/DashboardController.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/DashboardController.php
@@ -124,6 +124,10 @@ class DashboardController extends Controller
    public function addAdmins(Request $request)
    {
        $admins = $request->request->get('admins', []);
+
+        // Remove empty values
+        $admins = array_filter($admins);
+
        if (!is_array($admins) || count($admins) === 0) {
            $this->app->abort(400, '"admins" parameter must contains at least one value.');
        }
@@ -134,6 +138,15 @@ class DashboardController extends Controller
        }

        $userRepository = $this->getUserRepository();
+
+        $demotedAdmins = [];
+
+        foreach ($userRepository->findAdmins() as $admin) {
+            if (!in_array($admin->getId(), $admins)) {
+                $demotedAdmins[$admin->getId()] = $admin;
+            }
+        }
+
        $userRepository->findBy(['id' => $admins]);
        $admins = array_map(function ($usrId) use ($userRepository) {
            if (null === $user = $userRepository->find($usrId)) {
@@ -145,7 +158,10 @@ class DashboardController extends Controller

        /** @var UserManipulator $userManipulator */
        $userManipulator = $this->app['manipulator.user'];
+
+        $userManipulator->demote($demotedAdmins);
        $userManipulator->promote($admins);
+
        /** @var ACLManipulator $aclManipulator */
        $aclManipulator = $this->app['manipulator.acl'];
        $aclManipulator->resetAdminRights($admins);
--- a/lib/Alchemy/Phrasea/Model/Manipulator/UserManipulator.php
+++ b/lib/Alchemy/Phrasea/Model/Manipulator/UserManipulator.php
@@ -347,9 +347,9 @@ class UserManipulator implements ManipulatorInterface
    /**
     * Makes given variable traversable.
     *
-     * @param mixed $var
+     * @param User|User[] $var
     *
-     * @return array
+     * @return array|\Traversable|User[]
     */
    private function makeTraversable($var)
    {
--- a/lib/Alchemy/Phrasea/Model/Repositories/UserRepository.php
+++ b/lib/Alchemy/Phrasea/Model/Repositories/UserRepository.php
@@ -25,7 +25,7 @@ class UserRepository extends EntityRepository
    /**
     * Finds admins.
     *
-     * @return array
+     * @return User[]
     */
    public function findAdmins()
    {
--- a/templates/web/admin/dashboard.html.twig
+++ b/templates/web/admin/dashboard.html.twig
@@ -106,11 +106,9 @@
                        </label>
                    </li>
                {% endfor %}
-            </ul>
-            <div class="input-append" style="margin-left:20px">
                <input class="admin_adder input-large" placeholder="{{ 'Add an admin' | trans }}"/>
-                <input type="submit" class="btn btn-warning" value="{{ 'boutton::valider' | trans }}" />
-            </div>
+            </ul>
+            <input type="submit" class="btn btn-warning" value="{{ 'boutton::valider' | trans }}" />
            <input type="hidden" class="new" name="admins[]" />
        </fieldset>
    </form>