Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

User/rework

Browse Source
This commit is contained in:
Luca Haid
2025-03-17 08:56:54 +00:00
parent 720688e346
commit e28dddc2e2
14 changed files with 613 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
application/User/User.php
View File

@@ -24,26 +24,40 @@ class User extends mfBaseModel {
/**
* Loads currently logged in user
*/
public function loadMe() {
if(defined("INTERNAL_USER_ID") && is_numeric(INTERNAL_USER_ID)) {
$this->fetch(INTERNAL_USER_ID);
return true;
public function loadMe($ignoreImpersonate = false): bool
{
if (defined("INTERNAL_USER_ID") && is_numeric(INTERNAL_USER_ID)) {
return $this->fetch(INTERNAL_USER_ID);
}
$username = $_SESSION[MFAPPNAME.'_username'] ?? null;
if (!$username) {
return false;
}
$res = $this->db->select($this->table,"*","username='$username' and active=1 LIMIT 1");
$user = null;
if ($this->db->num_rows($res)) {
$user = $this->db->fetch_object($res);
// If Impersonating, load the user that is being impersonated
if (isset($_SESSION[MFAPPNAME.'_impersonate']) && !$ignoreImpersonate) {
$username = $_SESSION[MFAPPNAME.'_impersonate'];
$res = $this->db->select($this->table, "*", "username='$username' and active=1 LIMIT 1");
if ($this->db->num_rows($res)) {
$user = $this->db->fetch_object($res);
}
}
}
if (!$user) {
mfLoginController::staticLogout();
return false;
}
$this->load($user);
return true;
}
if(!isset($_SESSION) || !is_array($_SESSION) || !array_key_exists(MFAPPNAME.'_username', $_SESSION)) {
return false;
}
$username = $_SESSION[MFAPPNAME.'_username'];
$res = $this->db->select($this->table,"*","username='$username' LIMIT 1");
if($this->db->num_rows($res)) {
$data = $this->db->fetch_object($res);
$this->load($data);
return true;
}
return false;
}
public function loadByUsername($username) {
$username = $this->db->escape($username);
if(!$username) {

99
application/User/UserController.php
View File

@@ -13,7 +13,7 @@ class UserController extends mfBaseController
{
$this->needlogin = true;
$me = new User();
$me->loadMe();
$me->loadMe(true);
$this->me = $me;
$this->layout()->set("me", $me);
@@ -30,18 +30,25 @@ class UserController extends mfBaseController
if (!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Index');
if ($this->request->filter) {
$users = UserModel::search($this->request->filter);
} else {
$users = UserModel::getAll();
}
$this->layout()->set('users', $users);
//$addresses = AddressModel::getAll();
//$this->layout()->set("addresses", $addresses);
$this->layout()->set("filter", $this->request->filter);
Helper::renderVue($this, "User", "Benutzer", [
"IS_ADMIN" => $this->me->isAdmin(),
"USERS" => array_map(fn($user) => [
"username" => $user->username,
"name" => $user->name,
"address" => ($user->address->company) ? $user->address->company : $user->address->getFullName(),
"email" => $user->email,
"mobile" => $user->mobile,
"twofactor" => [1 => 'Mail', 2 => 'SMS'][$user->twofactor] ?? 'N/A',
"isAdmin" => $user->isAdmin(),
"isTechnician" => $user->is("Technician"),
"isActive" => $user->active,
"id" => $user->id
], UserModel::getAll()),
"ADD_URL" => self::getUrl("User", "add"),
"EDIT_URL" => self::getUrl("User", "edit"),
"IMPERSONATE_URL" => self::getUrl("User", "impersonate"),
]);
}
protected function addAction($request)
@@ -109,7 +116,7 @@ class UserController extends mfBaseController
{
}
protected function saveAction()
{
$r = $this->request;
@@ -136,6 +143,8 @@ class UserController extends mfBaseController
}
}
$user->active = $r->active === "true" ? 1 : 0;
if (!$user->permissions) {
$user->permissions = new WorkerPermission();
}
@@ -165,7 +174,7 @@ class UserController extends mfBaseController
} else {
$user->address_id = null;
}
// 2fa required
if($r->twofactorrequired == "true") {
$user->twofactorrequired = 1;
@@ -201,7 +210,7 @@ class UserController extends mfBaseController
} else {
$user->permissions->employee = "false";
}
if ($r->technician == "true") {
$user->permissions->technician = "true";
} else {
@@ -231,7 +240,7 @@ class UserController extends mfBaseController
} else {
$user->permissions->preorderreadonly = "false";
}
// set can permissions
$user->permissions->canBuilding = "false";
$user->permissions->canPipework = "false";
@@ -253,7 +262,7 @@ class UserController extends mfBaseController
$user->permissions->canWarehouseAdmin = "false";
$user->permissions->canWarehouseEShop = "false";
$user->permissions->canWarehouseUser = "false";
if($r->get("can") && is_array($r->can)) {
foreach($r->can as $key => $can) {
//var_dump($key . "=> ".$can);
@@ -262,22 +271,22 @@ class UserController extends mfBaseController
}
}
}
$user->permissions->save();
// save networks
$pn = $user->getFlag("preorder_networks");
if (is_array($r->preorder_networks) && count($r->preorder_networks)) {
$pn->value(json_encode($r->preorder_networks));
$pn->save();
$user->permissions->canPreorder = "true";
$user->permissions->save();
} else {
$pn->delete();
}
// employee number
$enum = new WorkerFlag($user->id, "employee_number");
if($r->employee_number && $user->permissions->employee == "true") {
@@ -371,14 +380,14 @@ class UserController extends mfBaseController
return $me->isAdmin();
}
protected function apiAction() {
if(!$this->me->is(["Admin"])) {
$this->redirect("Dashboard");
}
$do = $this->request->do;
$data = [];
switch($do) {
case "sse":
$return = $this->startSuperexpertApi();
@@ -401,25 +410,25 @@ class UserController extends mfBaseController
$data['result'] = $return;
$this->returnJson($data);
}
private function startSuperexpertApi() {
$me = new User();
$me->loadMe();
if($me->superexpertEnabled() ) {
// superexpert mode started already
return false;
}
$me->superexpertStart(1800);
return ["valid_to" => $me->getFlag("superexpert_lock_date")->value()];
}
private function extendSuperexpertApi() {
$me = new User();
$me->loadMe();
if(!$me->superexpertEnabled() ) {
// superexpert mode must be started already
$this->log->debug("se not started");
@@ -427,19 +436,19 @@ class UserController extends mfBaseController
}
$this->log->debug("ese");
$me->superexpertExtend(1800);
return ["valid_to" => $me->getFlag("superexpert_lock_date")->value()];
}
private function endSuperexpertApi() {
$me = new User();
$me->loadMe();
if($me->superexpertEnabled() ) {
$me->superexpertStop();
}
return ["valid_to" => null];
}
@@ -448,4 +457,24 @@ class UserController extends mfBaseController
$user = new User($id);
$this->returnJson($user->toArray());
}
protected function impersonateAction() {
if(!$this->me->isAdmin() || $this->me->address_id != 1) {
header("HTTP/1.1 403 Forbidden");
exit;
}
if($this->request->unimpersonate) {
unset($_SESSION[MFAPPNAME.'_impersonate']);
$this->redirect("User");
}
if(!$this->request->username || strlen($this->request->username) < 3) {
header("HTTP/1.1 500 Internal Server Error");
exit;
}
$_SESSION[MFAPPNAME.'_impersonate'] = $this->request->username;
$this->redirect("Dashboard");
}
}

1
application/User/UserModel.php
View File

@@ -14,6 +14,7 @@ class UserModel
public $apikey = null;
public $ip = null;
public $sessionid = null;
public $active = null;
public $create_by = null;