summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Rettberg2015-04-23 17:40:24 +0200
committerSimon Rettberg2015-04-23 17:40:24 +0200
commit47517c76094834d582121b84098c84c0bcb8353f (patch)
tree2d2d174956b0174e645ef246bb78ba1c683885b6
parent+AGB, +DeleteUser feature (diff)
downloadbwlp-webadmin-47517c76094834d582121b84098c84c0bcb8353f.tar.gz
bwlp-webadmin-47517c76094834d582121b84098c84c0bcb8353f.tar.xz
bwlp-webadmin-47517c76094834d582121b84098c84c0bcb8353f.zip
Add AddUser mask for creating test accounts
-rw-r--r--inc/user.inc.php17
-rw-r--r--index.php1
-rw-r--r--modules/adduser.inc.php81
-rw-r--r--templates/adduser/_page.html68
-rw-r--r--templates/main-menu.html6
5 files changed, 172 insertions, 1 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php
index e2b7e43..3325421 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -76,6 +76,16 @@ class User
{
return isset(self::$user['role']) && self::$user['role'] === 'tutor';
}
+
+ public static function isAdmin()
+ {
+ // TODO: Not hardcoded; per Institution...
+ return in_array(self::getShibId(), array(
+ '5fb22037697816a70a847d15245c9f88',
+ '94e48d34587ab9963a2013ddc97e1e45',
+ 'fb91f270a95a5b006be916f2b2da305c',
+ ), true);
+ }
public static function getOrganizationId()
{
@@ -111,6 +121,13 @@ class User
}
return self::$organization;
}
+
+ public static function getShibId()
+ {
+ if (empty(self::$user['shibid']))
+ return false;
+ return self::$user['shibid'];
+ }
public static function load()
{
diff --git a/index.php b/index.php
index b38753d..8e06975 100644
--- a/index.php
+++ b/index.php
@@ -106,6 +106,7 @@ User::load();
Render::addTemplate('main-menu', array(
'url' => urlencode($_SERVER['REQUEST_URI']),
'user' => User::getName(),
+ 'admin' => User::isAdmin(),
));
Message::renderList();
diff --git a/modules/adduser.inc.php b/modules/adduser.inc.php
new file mode 100644
index 0000000..fc0dfa7
--- /dev/null
+++ b/modules/adduser.inc.php
@@ -0,0 +1,81 @@
+<?php
+
+class Page_AddUser extends Page
+{
+
+ protected function doPreprocess()
+ {
+ User::load();
+ if (!User::isShibbolethAuth()) {
+ Message::addError('Not bwIDM');
+ Util::redirect('?do=Main');
+ }
+ if (!User::isAdmin()) {
+ Message::addError('Not admin!');
+ Util::redirect('?do=Main');
+ }
+ // Add?
+ if (Request::post('action') === 'add') {
+ $organizationid = Request::post('organization', '');
+ $firstname = Request::post('firstname', '');
+ $lastname = Request::post('lastname', '');
+ $password = Request::post('password', '');
+ $login = Request::post('login', '');
+ if (empty($organizationid)) {
+ Message::addError('Keine Einrichtung gewählt.');
+ } else if (empty($firstname) || empty($lastname)
+ || empty($login) || empty($password)) {
+ Message:addError('Ein Feld wurde nicht ausgefüllt.');
+ } else {
+ // Validate login
+ if (preg_match('/^[a-z0-9_\.\-]+@([a-z0-9_\.\-]+)$/i', $login, $out)) {
+ // Complete login
+ $suffix = $out[1];
+ } else if (strpos($login, '@') !== false) {
+ // Has @ but invalid format
+ Message::addError('Ungültige Syntax für Login');
+ $suffix = '<invalid>';
+ } else {
+ // No @, try add orgid
+ $suffix = $organizationid;
+ $login .= "@$suffix";
+ }
+ $ok = Database::queryFirst('SELECT organizationid FROM satellite_suffix WHERE organizationid = :o AND suffix = :s LIMIT 1', array(
+ 'o' => $organizationid,
+ 's' => $suffix
+ ));
+ if ($ok === false) {
+ Message::addError('Login-Suffix @{{0}} ist ungültig.', $suffix);
+ } else {
+ Database::exec('INSERT INTO user (login, password, organizationid, firstname, lastname, email) '
+ . ' VALUES (:login, :password, :organization, :firstname, :lastname, :email)', array(
+ 'login' => $login,
+ 'password' => Crypto::hash6($password),
+ 'organization' => $organizationid,
+ 'firstname' => $firstname,
+ 'lastname' => $lastname,
+ 'email' => Request::post('email')
+ ));
+ Message::addSuccess('Benutzer {{0}} angelegt', $login);
+ }
+ }
+ Util::redirect('?do=Main');
+ }
+ }
+
+ protected function doRender()
+ {
+ // Show mask
+ $res = Database::simpleQuery('SELECT organizationid, name FROM satellite ORDER BY name ASC');
+ $orgs = array();
+ $orgs[] = array(
+ 'organizationid' => '',
+ 'name' => ' -- Bitte wählen -- '
+ );
+ while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+ $orgs[] = $row;
+ }
+ Render::addTemplate('adduser/_page', array('orgs' => $orgs));
+ }
+
+} \ No newline at end of file
diff --git a/templates/adduser/_page.html b/templates/adduser/_page.html
new file mode 100644
index 0000000..857c2c4
--- /dev/null
+++ b/templates/adduser/_page.html
@@ -0,0 +1,68 @@
+<h2>Neuen Benutzer hinzufügen</h2>
+
+<form method="post" action="?do=AddUser">
+ <input type="hidden" name="token" value="{{token}}">
+ <input type="hidden" name="action" value="add">
+ <div class="form-narrow">
+
+ <div class="input-group">
+ <span class="input-group-addon slx-ga">
+ Einrichtung
+ </span>
+ <select class="form-control" name="organization" onchange="setorg(this)">
+ {{#orgs}}
+ <option value="{{organizationid}}">{{name}}</option>
+ {{/orgs}}
+ </select>
+ </div>
+
+ <div class="input-group">
+ <span class="input-group-addon slx-ga">
+ Login
+ </span>
+ <input class="form-control" name="login" placeholder="mmuster@einrichtung" id="login">
+ </div>
+
+ <div class="input-group">
+ <span class="input-group-addon slx-ga">
+ Passwort
+ </span>
+ <input class="form-control" name="password" placeholder="letmein">
+ </div>
+
+ <div class="input-group">
+ <span class="input-group-addon slx-ga">
+ Vorname
+ </span>
+ <input class="form-control" name="firstname" placeholder="Max">
+ </div>
+
+ <div class="input-group">
+ <span class="input-group-addon slx-ga">
+ Nachname
+ </span>
+ <input class="form-control" name="lastname" placeholder="Muster">
+ </div>
+
+ <div class="input-group">
+ <span class="input-group-addon slx-ga">
+ Mail
+ </span>
+ <input class="form-control" name="email" placeholder="spam@aol.com">
+ </div>
+
+ <div class="pull-right">
+ <button type="submit" class="btn btn-primary">Anlegen</button>
+ </div>
+
+ </div>
+</form>
+
+<script type="text/javascript">
+function setorg(e) {
+ var l = $('#login');
+ if (l.val().length !== 0 && l.val().charAt(0) !== '@')
+ return;
+ l.val('@' + $(e).val());
+}
+</script> \ No newline at end of file
diff --git a/templates/main-menu.html b/templates/main-menu.html
index 8e78bc2..2cfe389 100644
--- a/templates/main-menu.html
+++ b/templates/main-menu.html
@@ -10,6 +10,11 @@
<a class="navbar-brand" href="?do=Main"><img src="/img/bwLehrpool_198x46.png" alt="bwLehrpool"></a>
</div>
<div class="navbar-collapse collapse">
+ <ul class="nav navbar-nav">
+ {{#admin}}
+ <li><a href="?do=AddUser">AddUser</a></li>
+ {{/admin}}
+ </ul>
<ul class="nav navbar-nav navbar-right">
{{#user}}
<li>
@@ -28,4 +33,3 @@
</div>
</div>
</div>
-