167 : Shared documents add, file types and permissions

app/pages/shared_documents/add_shared_document.php

@@ -0,0 +1,40 @@
+<?php
+restrict_access(Access::$ADD_EVENTS);
+
+$v = new Validator();
+$file_upload = $v->upload("file_upload")->required()->mime(UploadField::$FILE_MIME);
+$permission = $v->select("permission")->options(array_column(Permission::cases(), 'value', 'name'))->label("Permission");
+
+
+if ($v->valid()) {
+    $shared_file = em()->getRepository(SharedFile::class)->findOneBy(['path' => $file_upload->file_name]);
+    $shared_file ??= new SharedFile();
+    $shared_file->set($file_upload->file_name, $file_upload->file_type);
+    $shared_file->permission_level = Permission::from($permission->value);
+    if ($file_upload->save_file()) {
+        em()->persist($shared_file);
+        em()->flush();
+    }
+}
+
+page("Ajouter un document");
+?>
+<nav id="page-actions">
+    <a href="/documents" class="secondary"><i class="fas fa-caret-left"></i> Retour</a>
+</nav>
+<form method="post" enctype="multipart/form-data">
+    <?= $v->render_validation() ?>
+    <div>
+        <?= $file_upload->render() ?>
+    </div>
+
+    <div class="col-sm-6 col-12">
+        <?= $permission->render() ?>
+    </div>
+    <div>
+        <button type=" submit" class="outline">
+            Enregistrer
+        </button>
+    </div>
+</form>
+</article>

app/pages/shared_documents/shared_documents.php

@@ -1,28 +1,49 @@
 <?php
-restrict_access(Access::$ADD_EVENTS);
+restrict_access();
 
-$v = new Validator();
-$file_upload = $v->upload("file_upload")->required()->mime(UploadField::$FILE_MIME);
-$permission = $v->select("permission")->options(array_column(Permission::cases(), 'value', 'name'))->label("Permission");
+$can_edit = check_auth(Access::$ADD_EVENTS);
 
+# public files
+$shared_files_users = em()->getRepository(SharedFile::class)->findBy(['permission_level' => Permission::USER]);
 
-if ($v->valid()) {
-    $shared_file = em()->getRepository(SharedFile::class)->findOneBy(['path' => $file_upload->file_name]);
-    $shared_file ??= new SharedFile();
-    $shared_file->set($file_upload->file_name, $file_upload->file_type);
-    if ($file_upload->save_file()) {
-        em()->persist($shared_file);
-        em()->flush();
-    }
+# upper authorisation files
+if ($can_edit) {
+    $shared_files_coach_staff = em()->getRepository(SharedFile::class)->findBy(['permission_level' => Access::$ADD_EVENTS]);
 }
 
-$shared_files = em()->getRepository(SharedFile::class)->findAll();
-
 function render_documents($shared_doc)
-{ ?>
+{
+    $file_mime = $shared_doc->mime;
+
+    switch ($file_mime) {
+        case 'pdf':
+            $file_icon = 'fas fa-file-pdf';
+            break;
+        case 'png':
+        case 'jpg':
+        case 'jpeg':
+        case 'gif':
+            $file_icon = 'fas fa-file-image';
+            break;
+        case 'doc':
+        case 'docx':
+            $file_icon = 'fas fa-file-word';
+            break;
+        case 'xls':
+        case 'xlsx':
+            $file_icon = 'fas fa-file-excel';
+            break;
+        case 'ppt':
+        case 'pptx':
+            $file_icon = 'fas fa-file-powerpoint';
+            break;
+        default:
+            $file_icon = 'fas fa-file';
+            break;
+    } ?>
     <tr class="event-row clickable" onclick="window.location.href = '/telecharger?id=<?= $shared_doc->id ?>'">
         <td>
-            <i class="fas fa-file"></i>
+            <i class="<?= $file_icon ?> fa-lg"></i>
         </td>
         <td>
             <?= $shared_doc->path ?>
@@ -34,32 +55,39 @@ function render_documents($shared_doc)
 <?php }
 
 page("Documents partagés");
-
 ?>
 
-<h3>Ajouter un document</h3>
-<form method="post" enctype="multipart/form-data">
-    <?= $v->render_validation() ?>
-    <div class="row">
-        <div class="col-auto">
-            <?= $file_upload->render() ?>
-        </div>
-        <div>
-            <?= $permission->render() ?>
-        </div>
-        <div>
-            <button type=" submit" class="outline">
-                Enregistrer
-            </button>
-        </div>
-    </div>
-</form>
-</article>
+<?php if ($can_edit): ?>
+    <nav id="page-actions">
+        <a href="/documents/ajouter"><i class="fas fa-plus"></i> Ajouter un document</a>
+    </nav>
+<?php endif ?>
 
-<h3>Documents enregistrés</h3>
+<?php if (count($shared_files_users)): ?>
+    <?php if ($can_edit): ?>
+        <h2>Documents publics</h2>
+    <?php endif ?>
+    <table role="grid">
+        <thead class=header-responsive>
+            <tr>
+                <th></th>
+                <th>Nom du fichier</th>
+                <th></th>
+            </tr>
+        </thead>
+        <tbody>
+
+            <?php foreach ($shared_files_users as $shared_file) {
+                render_documents($shared_file);
+            } ?>
 
-<table role="grid">
-    <?php if (count($shared_files)): ?>
+        </tbody>
+    </table>
+<?php endif ?>
+
+<?php if ($can_edit && count($shared_files_coach_staff)): ?>
+    <h2>Documents admins</h2>
+    <table role="grid">
         <thead class=header-responsive>
             <tr>
                 <th></th>
@@ -69,12 +97,14 @@ function render_documents($shared_doc)
         </thead>
         <tbody>
 
-            <?php foreach ($shared_files as $shared_file) {
+            <?php foreach ($shared_files_coach_staff as $shared_file) {
                 render_documents($shared_file);
             } ?>
 
         </tbody>
-    <?php else: ?>
-        <p class="center">Pas de fichiers pour le moment 🫠</p>
-    <?php endif ?>
-</table>
+    </table>
+<?php endif ?>
+
+<?php if (!count($shared_files_users) && (!$can_edit || !count($shared_files_coach_staff))): ?>
+    <p>Aucun document partagé</p>
+<?php endif ?>

app/pages/shared_documents/shared_documents_delete_confirm.php

@@ -13,6 +13,7 @@
         logger()->info("File {file_path} deleted by user {currentUserLogin}", ['file_path' => $shared_doc->path, 'currentUserLogin' => User::getCurrent()->login]);
         em()->remove($shared_doc);
         em()->flush();
+        Toast::error("Document supprimé");
         redirect("/documents");
     } else {
         $form->set_error("Impossible de supprimer le fichier");

engine/validation/fields.php

@@ -343,16 +343,80 @@ function render()
 class UploadField extends Field
 {
     public static $FILE_MIME = [
-        'jpg' => 'image/jpeg',
-        'png' => 'image/png',
-        'gif' => 'image/gif',
-        'doc' => 'application/msword',
-        'pdf' => 'application/pdf'
+        'image' => [
+            'image/webp',
+            'image/tiff',
+            'image/png',
+            'image/jpeg',
+            'image/gif',
+            'image/x-ms-bmp',
+            'image/x-bmp',
+            'image/x-portable-bitmap',
+            'image/vnd.adobe.photoshop',
+            'image/x-eps',
+            'application/postscript',
+            'application/dicom',
+            'application/pcx',
+            'application/x-pcx',
+            'image/pcx',
+            'image/x-pc-paintbrush',
+            'image/x-pcx',
+            'zz-application/zz-winassoc-pcx',
+            'image/jp2',
+            'image/heif'
+        ],
+        'doc' => ['application/msword',
+            'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+            'application/vnd.ms-word.document.macroEnabled.12',
+            'application/vnd.openxmlformats-officedocument.wordprocessingml.template',
+            'application/vnd.ms-word.template.macroEnabled.12',
+            'application/vnd.oasis.opendocument.text',],
+        'pdf' => ['application/pdf'],
+        'excel' => [
+            'application/vnd.ms-excel',
+            'application/x-ms-excel',
+            'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+            'application/vnd.ms-excel.sheet.macroEnabled.12',
+            'application/vnd.openxmlformats-officedocument.spreadsheetml.template',
+            'application/vnd.ms-excel.template.macroEnabled.12',
+            'application/vnd.oasis.opendocument.spreadsheet',
+        ],
+        'powerpoint' => [
+            'application/vnd.ms-powerpoint',
+            'application/vnd.openxmlformats-officedocument.presentationml.presentation',
+            'application/vnd.ms-powerpoint.presentation.macroEnabled.12',
+            'application/vnd.openxmlformats-officedocument.presentationml.slideshow',
+            'application/vnd.ms-powerpoint.slideshow.macroEnabled.12',
+            'application/vnd.openxmlformats-officedocument.presentationml.template',
+            'application/vnd.ms-powerpoint.template.macroEnabled.12',
+            'application/vnd.ms-powerpoint.addin.macroEnabled.12',
+            'application/vnd.openxmlformats-officedocument.presentationml.slide',
+            'application/vnd.oasis.opendocument.presentation',
+        ]
     ];
     public static $IMAGE_MIME = [
-        'jpg' => 'image/jpeg',
-        'png' => 'image/png',
-        'gif' => 'image/gif'
+        'image' => [
+            'image/webp',
+            'image/tiff',
+            'image/png',
+            'image/jpeg',
+            'image/gif',
+            'image/x-ms-bmp',
+            'image/x-bmp',
+            'image/x-portable-bitmap',
+            'image/vnd.adobe.photoshop',
+            'image/x-eps',
+            'application/postscript',
+            'application/dicom',
+            'application/pcx',
+            'application/x-pcx',
+            'image/pcx',
+            'image/x-pc-paintbrush',
+            'image/x-pcx',
+            'zz-application/zz-winassoc-pcx',
+            'image/jp2',
+            'image/heif'
+        ]
     ];
     function set_type()
     {
@@ -412,8 +476,8 @@ function check(string $msg = null)
 
                     // Check if the name of the file is correct
                     // Accepts every letters and digits including french special caracters, plus "_" "." and "-"
-                    if (!preg_match("`^[-\d\wÀ-ÿ_\.]+$`", $this->file_name) or (mb_strlen($this->file_name, "UTF-8") > 225)) {
-                        $this->set_error("Nom de fichier invalide : seuls les lettres/chiffres et . _ - sont autorisés");
+                    if (!preg_match("`^[-\d\wÀ-ÿ_\. ]+$`", $this->file_name) or (mb_strlen($this->file_name, "UTF-8") > 225)) {
+                        $this->set_error("Nom de fichier invalide : seuls les lettres/chiffres, les espaces et . _ - sont autorisés");
                     }
 
                     // Check custom filesize here. 
@@ -432,10 +496,12 @@ function mime(array $mimes)
             $this->allowed_mime = $mimes;
             // Allow certain file formats
             $finfo = new finfo(FILEINFO_MIME_TYPE);
+            // Flatten the array
+            $flatArray = array_reduce($this->allowed_mime, 'array_merge', []);
             if (
-                !array_search(
+                !in_array(
                     $finfo->file($_FILES[$this->key]['tmp_name']),
-                    $this->allowed_mime,
+                    $flatArray,
                     true
                 )
             ) {
@@ -462,9 +528,9 @@ function save_file()
             unlink($this->target_file);
         $result = move_uploaded_file($_FILES[$this->key]["tmp_name"], $this->target_file);
         if ($result)
-            $this->context->set_success($file_exists ? "Fichier modifié" : "Fichier enregistré");
+            Toast::success($file_exists ? "Fichier modifié" : "Fichier enregistré");
         else
-            $this->set_error("Problème à l'enregistrement");
+            Toast::error("Problème à l'enregistrement");
         return $result;
     }
 

routes.php

@@ -79,6 +79,7 @@
 
 // Shared documents
 Router::add('/documents', 'pages/shared_documents/shared_documents');
+Router::add('/documents/ajouter', 'pages/shared_documents/add_shared_document');
 Router::add('/telecharger', 'uploads/download_file');
 Router::add('/documents/$doc_id/supprimer', 'pages/shared_documents/shared_documents_delete_confirm');