thetool/application/User/UserController.php at 4ea492793165625b28778a17fe579f2fbb8171aa

Files

Frank Schubert 4ea4927931 Initial commit

2021-03-29 23:04:42 +02:00

200 lines

4.9 KiB

PHP

Raw Blame History

 <?php
 /**
  * Description of UserController
  *
  * @author fronk
  */
 class UserController extends mfBaseController {
   private $me;
   protected function init($request = null) {
     $this->needlogin=true;
     $me = new User();
     $me->loadMe();
     $this->me = $me;
     $this->layout()->set("me",$me);
     if(!$me->isAdmin()) {
       // all users can call non-action methods
       if($this->action != "" || $request != null) {
         $this->redirect("Dashboard");
       }
     }
   }
   protected function indexAction($request) {
     if(!$this->isAdmin()) {
       throw new Exception("Forbidden", 403);
     }
     $this->layout()->setTemplate('User/Index');
     $users=$this->getUsers();
     $this->layout()->set('users',$users);
     $pc = new ProviderController();
     $providers = $pc->getProvider();
     $this->layout()->set("providers", $providers);
   }
   protected function addAction($request) {
     if(!$this->isAdmin()) {
       throw new Exception("Forbidden", 403);
     }
     $this->layout()->setTemplate('User/Form');
     $pc = new ProviderController();
     $providers = $pc->getProvider();
     $this->layout()->set("providers", $providers);
   }
   protected function editAction($request) {
     if(!$this->isAdmin()) {
       throw new Exception("Forbidden", 403);
     }
     $this->layout()->setTemplate('User/Form');
     $id=$request['id'];
     if(!is_numeric($id) || $id <= 0) {
       throw new Exception("User $id not found",604);
     }
     $user=new User($id);
     $this->layout()->set('user',$user);
     $pc = new ProviderController();
     $providers = $pc->getProvider();
     $this->layout()->set("providers", $providers);
   }
   protected function profileAction($request) {
   }
   protected function saveAction($request) {
     //$this->log->debug("UserController::save");
     $id = $request['id'];
     if(!$this->isAdmin()) {
       $id = $this->me->id;
       $request['username'] = $this->me->username;
       unset($request['provider_id']);
     }
     if(!$id && !$request['username']) {
       self::redirect('User');
     }
     $user = new User($id);
     if($request['username']) {
       $user->username = $request['username'];
     }
     if($request['name']) {
       $user->name = $request['name'];
     }
     if($request['email']) {
       $user->email = $request['email'];
     }
     if($request['provider_id']) {
       if($this->isAdmin()) {
         $user->provider_id = intval($request['provider_id']);
         //var_dump($user);exit;
         $provider = new Provider($user->provider_id);
         if(!$provider->id) {
           throw new Exception("Unbekannter Provider");
         }
       }
     }
     if($request['password']) {
       if($request['password'] === $request['password2']) {
         $user->password=mfLoginController::generatePasswordHash($request['password']);
       } else {
         $this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
       }
     }
     $id = $user->save();
     if($this->isAdmin()) {
       if($request['admin'] == "true" || $user->id == 1) {
         $user->permissions->admin = "true";
       } else {
         $user->permissions->admin = "false";
       }
       if($request['ticketadmin'] == "true") {
         $user->permissions->ticketadmin = "true";
       } else {
         $user->permissions->ticketadmin = "false";
       }
       $user->permissions->save();
     }
     $this->layout()->setFlash("Benutzer gespeichert.", "success");
     self::redirect('User');
   }
   protected function deleteAction($request) {
     if(!$this->isAdmin()) {
       $this->redirect("Bridge");
     }
     $id = $request['id'];
     if(!is_numeric($id) || $id <= 0) {
       throw new Exception("User $id not found",604);
     }
     $user = new User($id);
     if($user->id == $id) {
         $user->delete();
     }
     self::redirect("User");
   }
   protected function pwchangeAction($request) {
     $me = new User();
     $me->loadMe();
     $pw1 = $request['password'];
     $pw2 = $request['password2'];
     if(!$pw1 == $pw2) {
       throw new Exception("Passwords don't match! Password change aborted.");
     }
     if(strlen($pw1) < 8) {
       throw new Exception("Passwords must be 8 characters minimum!");
     }
     if($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
       throw new Exception("Be a little more creative with your password please...");
     }
     $me->password = mfLoginController::generatePasswordHash($pw1);
     $me->save();
     $this->redirect("Dashboard");
   }
   public function getUsers() {
     $users=array();
     $res=$this->db()->select(MFUSERTABLE,'*','1=1 ORDER BY username');
     if($this->db()->num_rows($res)) {
       while($data=$this->db()->fetch_object($res)) {
         $users[$data->id]=new User($data);
       }
     }
     return $users;
   }
   private function isAdmin() {
     $me = new User();
     $this->layout->set("me", $me);
     $me->loadMe();
     return $me->isAdmin();
   }
 }

200 lines 4.9 KiB PHP Raw Blame History

200 lines

4.9 KiB

PHP

Raw Blame History