Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

2FA/Remember Me Implementierung

Browse Source 
Userprofile Implementierung

Datatables Padding Anpassungen

Usercontroller und User um Mobile erweitert
This commit is contained in:
Spitzer_Daniel
2023-08-17 09:42:18 +02:00
parent 1887ad222d
commit f95d0b0074
21 changed files with 1643 additions and 554 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
application/User/User.php
View File

@@ -9,7 +9,8 @@ class User extends mfBaseModel {
public $permissions;
public $flags;
public $address;
protected $forcestr = ['mobile','twofactorcode'];
private $my_networks;
public function init() {

506
application/User/UserController.php
View File

@@ -5,260 +5,278 @@
*
* @author fronk
*/
class UserController extends mfBaseController {
private $me;
protected function init($request = null) {
$this->needlogin=true;
$me = new User();
$me->loadMe();
$this->me = $me;
$this->layout()->set("me",$me);
if(!$me->isAdmin()) {
// all users can call non-action methods
if($this->action != "" || $request != null) {
$this->redirect("Dashboard");
}
}
}
protected function indexAction($request) {
if(!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Index');
if($this->request->filter) {
$users = UserModel::search($this->request->filter);
} else {
$users = UserModel::getAll();
}
$this->layout()->set('users',$users);
$addresses = AddressModel::getAll();
$this->layout()->set("addresses", $addresses);
$this->layout()->set("filter", $this->request->filter);
}
protected function addAction($request) {
if(!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Form');
$addresses = AddressModel::getAll();
$this->layout()->set("addresses", $addresses);
if($this->request->address_id) {
$this->layout()->set("address_id", $this->request->address_id);
}
}
protected function editAction($request) {
if(!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Form');
$id=$request['id'];
if(!is_numeric($id) || $id <= 0) {
throw new Exception("User $id not found",604);
}
$user=new User($id);
$this->layout()->set('user',$user);
$addresses = AddressModel::getAll();
$this->layout()->set("addresses", $addresses);
}
protected function generateApikey($request) {
if(!$this->isAdmin()) {
$this->redirect("Dashboard");
}
$id = $request['id'];
if(!is_numeric($id) || $id < 1) {
$this->layout()->setFlash("User nicht gefunden.", "error");
$this->redirect("User");
}
$user = new User($id);
if(!$user->id) {
$this->layout()->setFlash("User nicht gefunden.", "error");
$this->redirect("User");
}
$user->apikey = $user->createApiKey();
$user->save();
$this->layout()->setFlash("API Key erfolgreich generiert.", "success");
$this->redirect("User", "edit", ['id' => $id]);
}
protected function profileAction($request) {
}
class UserController extends mfBaseController
{
private $me;
protected function init($request = null)
{
$this->needlogin = true;
$me = new User();
$me->loadMe();
$this->me = $me;
$this->layout()->set("me", $me);
protected function saveAction() {
$r = $this->request;
$id = $r->id;
if(!$this->isAdmin()) {
$id = $this->me->id;
$request['username'] = $this->me->username;
unset($r->address_id);
}
if(!$id && !$r->username) {
self::redirect('User');
}
$user = new User($id);
// check if new user already exits
if($this->isAdmin() && !$r->id) {
$tu = new User();
$tu->loadByUsername($r->username);
if($tu->id) {
$this->layout()->setFlash("Benutzer mit diesem Benutzername bereits vorhanden!", "error");
$this->redirect("User");
}
}
if(!$user->permissions) {
$user->permissions = new WorkerPermission();
}
if($r->username) {
$user->username = $r->username;
}
if($r->name) {
$user->name = $r->name;
}
if($r->email) {
$user->email = $r->email;
}
if($r->address_id) {
if($this->isAdmin()) {
$user->address_id = intval($r->address_id);
//var_dump($user);exit;
$address = new Address($user->address_id);
if(!$address->id) {
throw new Exception("Unbekannte Firma/Person");
if (!$me->isAdmin()) {
// all users can call non-action methods
if ($this->action != "" || $request != null) {
$this->redirect("Dashboard");
}
}
}
}
if($r->password) {
if($r->password === $r->password2) {
$user->password=mfLoginController::generatePasswordHash($r->password);
} else {
$this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
}
protected function indexAction($request)
{
if (!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Index');
if ($this->request->filter) {
$users = UserModel::search($this->request->filter);
} else {
$users = UserModel::getAll();
}
$this->layout()->set('users', $users);
$addresses = AddressModel::getAll();
$this->layout()->set("addresses", $addresses);
$this->layout()->set("filter", $this->request->filter);
}
$user->edit_by = $this->me->id;
if(!$id) {
$user->create_by = $this->me->id;
protected function addAction($request)
{
if (!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Form');
$addresses = AddressModel::getAll();
$this->layout()->set("addresses", $addresses);
if ($this->request->address_id) {
$this->layout()->set("address_id", $this->request->address_id);
}
}
$id = $user->save();
if($this->isAdmin()) {
if($r->admin == "true" || $user->id == 1) {
$user->permissions->admin = "true";
} else {
$user->permissions->admin = "false";
}
if($r->technician == "true") {
$user->permissions->technician = "true";
} else {
$user->permissions->technician = "false";
}
if($r->preorderfront == "true") {
$user->permissions->preorderfront = "true";
} else {
$user->permissions->preorderfront = "false";
}
$user->permissions->save();
// save networks
$pn = $user->getFlag("preorder_networks");
if($r->preorderfront == "true" && is_array($r->preorder_networks) && count($r->preorder_networks)) {
$pn->value(json_encode($r->preorder_networks));
$pn->save();
} else {
$pn->delete();
}
protected function editAction($request)
{
if (!$this->isAdmin()) {
throw new Exception("Forbidden", 403);
}
$this->layout()->setTemplate('User/Form');
$id = $request['id'];
if (!is_numeric($id) || $id <= 0) {
throw new Exception("User $id not found", 604);
}
$user = new User($id);
$this->layout()->set('user', $user);
$addresses = AddressModel::getAll();
$this->layout()->set("addresses", $addresses);
}
$this->layout()->setFlash("Benutzer gespeichert.", "success");
self::redirect('User');
}
protected function deleteAction($request) {
if(!$this->isAdmin()) {
$this->redirect("Bridge");
protected function generateApikey($request)
{
if (!$this->isAdmin()) {
$this->redirect("Dashboard");
}
$id = $request['id'];
if (!is_numeric($id) || $id < 1) {
$this->layout()->setFlash("User nicht gefunden.", "error");
$this->redirect("User");
}
$user = new User($id);
if (!$user->id) {
$this->layout()->setFlash("User nicht gefunden.", "error");
$this->redirect("User");
}
$user->apikey = $user->createApiKey();
$user->save();
$this->layout()->setFlash("API Key erfolgreich generiert.", "success");
$this->redirect("User", "edit", ['id' => $id]);
}
$id = $request['id'];
if(!is_numeric($id) || $id <= 0) {
throw new Exception("User $id not found",604);
protected function profileAction($request)
{
}
$user = new User($id);
if($user->id == $id) {
$user->delete();
}
self::redirect("User");
}
protected function pwchangeAction($request) {
$me = new User();
$me->loadMe();
$pw1 = $request['password'];
$pw2 = $request['password2'];
if(!$pw1 == $pw2) {
throw new Exception("Passwords don't match! Password change aborted.");
}
if(strlen($pw1) < 8) {
throw new Exception("Passwords must be 8 characters minimum!");
}
if($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
throw new Exception("Be a little more creative with your password please...");
}
$me->password = mfLoginController::generatePasswordHash($pw1);
$me->save();
$this->redirect("Dashboard");
}
public function getUsers() {
$users=array();
$res=$this->db()->select(MFUSERTABLE,'*','1=1 ORDER BY username');
if($this->db()->num_rows($res)) {
while($data=$this->db()->fetch_object($res)) {
$users[$data->id]=new User($data);
}
protected function saveAction()
{
$r = $this->request;
$id = $r->id;
if (!$this->isAdmin()) {
$id = $this->me->id;
$request['username'] = $this->me->username;
unset($r->address_id);
}
if (!$id && !$r->username) {
self::redirect('User');
}
$user = new User($id);
// check if new user already exits
if ($this->isAdmin() && !$r->id) {
$tu = new User();
$tu->loadByUsername($r->username);
if ($tu->id) {
$this->layout()->setFlash("Benutzer mit diesem Benutzername bereits vorhanden!", "error");
$this->redirect("User");
}
}
if (!$user->permissions) {
$user->permissions = new WorkerPermission();
}
if ($r->username) {
$user->username = $r->username;
}
if ($r->name) {
$user->name = $r->name;
}
if ($r->email) {
$user->email = $r->email;
}
if ($r->mobile) {
$user->mobile = $r->mobile;
} else {
$user->mobile = NULL;
}
if ($r->address_id) {
if ($this->isAdmin()) {
$user->address_id = intval($r->address_id);
//var_dump($user);exit;
$address = new Address($user->address_id);
if (!$address->id) {
throw new Exception("Unbekannte Firma/Person");
}
}
}
if ($r->password) {
if ($r->password === $r->password2) {
$user->password = mfLoginController::generatePasswordHash($r->password);
} else {
$this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
}
}
$user->edit_by = $this->me->id;
if (!$id) {
$user->create_by = $this->me->id;
}
$id = $user->save();
if ($this->isAdmin()) {
if ($r->admin == "true" || $user->id == 1) {
$user->permissions->admin = "true";
} else {
$user->permissions->admin = "false";
}
if ($r->technician == "true") {
$user->permissions->technician = "true";
} else {
$user->permissions->technician = "false";
}
if ($r->preorderfront == "true") {
$user->permissions->preorderfront = "true";
} else {
$user->permissions->preorderfront = "false";
}
$user->permissions->save();
// save networks
$pn = $user->getFlag("preorder_networks");
if ($r->preorderfront == "true" && is_array($r->preorder_networks) && count($r->preorder_networks)) {
$pn->value(json_encode($r->preorder_networks));
$pn->save();
} else {
$pn->delete();
}
}
$this->layout()->setFlash("Benutzer gespeichert.", "success");
self::redirect('User');
}
protected function deleteAction($request)
{
if (!$this->isAdmin()) {
$this->redirect("Bridge");
}
$id = $request['id'];
if (!is_numeric($id) || $id <= 0) {
throw new Exception("User $id not found", 604);
}
$user = new User($id);
if ($user->id == $id) {
$user->delete();
}
self::redirect("User");
}
protected function pwchangeAction($request)
{
$me = new User();
$me->loadMe();
$pw1 = $request['password'];
$pw2 = $request['password2'];
if (!$pw1 == $pw2) {
throw new Exception("Passwords don't match! Password change aborted.");
}
if (strlen($pw1) < 8) {
throw new Exception("Passwords must be 8 characters minimum!");
}
if ($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
throw new Exception("Be a little more creative with your password please...");
}
$me->password = mfLoginController::generatePasswordHash($pw1);
$me->save();
$this->redirect("Dashboard");
}
public function getUsers()
{
$users = array();
$res = $this->db()->select(MFUSERTABLE, '*', '1=1 ORDER BY username');
if ($this->db()->num_rows($res)) {
while ($data = $this->db()->fetch_object($res)) {
$users[$data->id] = new User($data);
}
}
return $users;
}
private function isAdmin()
{
$me = new User();
$this->layout->set("me", $me);
$me->loadMe();
return $me->isAdmin();
}
return $users;
}
private function isAdmin() {
$me = new User();
$this->layout->set("me", $me);
$me->loadMe();
return $me->isAdmin();
}
}