From 59430e90b1b9334761d815aeb6e519effe7e5243 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 13 Feb 2018 17:52:52 +0100
Subject: [dozmod] Move subpages to pages/, hide pages where user has no
permission
---
modules-available/dozmod/inc/pagedozmodlog.inc.php | 163 ----------
.../dozmod/inc/pagedozmodusers.inc.php | 121 --------
.../dozmod/inc/pagemailtemplates.inc.php | 136 --------
modules-available/dozmod/lang/de/module.json | 2 +-
modules-available/dozmod/lang/de/permissions.json | 24 +-
modules-available/dozmod/lang/en/module.json | 2 +-
modules-available/dozmod/lang/en/permissions.json | 24 +-
modules-available/dozmod/page.inc.php | 341 +++------------------
modules-available/dozmod/pages/actionlog.inc.php | 168 ++++++++++
.../dozmod/pages/expiredimages.inc.php | 97 ++++++
modules-available/dozmod/pages/mailconfig.inc.php | 97 ++++++
.../dozmod/pages/runtimeconfig.inc.php | 112 +++++++
modules-available/dozmod/pages/templates.inc.php | 139 +++++++++
modules-available/dozmod/pages/users.inc.php | 121 ++++++++
.../dozmod/permissions/permissions.json | 12 +-
.../dozmod/templates/images-delete.html | 1 +
modules-available/dozmod/templates/mailconfig.html | 7 +-
.../dozmod/templates/runtimeconfig.html | 1 +
18 files changed, 823 insertions(+), 745 deletions(-)
delete mode 100644 modules-available/dozmod/inc/pagedozmodlog.inc.php
delete mode 100644 modules-available/dozmod/inc/pagedozmodusers.inc.php
delete mode 100644 modules-available/dozmod/inc/pagemailtemplates.inc.php
create mode 100644 modules-available/dozmod/pages/actionlog.inc.php
create mode 100644 modules-available/dozmod/pages/expiredimages.inc.php
create mode 100644 modules-available/dozmod/pages/mailconfig.inc.php
create mode 100644 modules-available/dozmod/pages/runtimeconfig.inc.php
create mode 100644 modules-available/dozmod/pages/templates.inc.php
create mode 100644 modules-available/dozmod/pages/users.inc.php
diff --git a/modules-available/dozmod/inc/pagedozmodlog.inc.php b/modules-available/dozmod/inc/pagedozmodlog.inc.php
deleted file mode 100644
index 80441cd1..00000000
--- a/modules-available/dozmod/inc/pagedozmodlog.inc.php
+++ /dev/null
@@ -1,163 +0,0 @@
-action = Request::get('action', '', 'string');
- if ($this->action !== '' && $this->action !== 'showtarget' && $this->action !== 'showuser') {
- Util::traceError('Invalid action for actionlog: "' . $this->action . '"');
- }
- $this->uuid = Request::get('uuid', '', 'string');
- }
-
- protected function doRender()
- {
- Render::addTemplate('actionlog-header');
- if ($this->action === '') {
- $this->generateLog("SELECT al.dateline, al.targetid, al.description,"
- . " img.displayname AS imgname, tu.firstname AS tfirstname, tu.lastname AS tlastname, l.displayname AS lecturename,"
- . " al.userid AS uuserid, usr.firstname AS ufirstname, usr.lastname AS ulastname"
- . " FROM sat.actionlog al"
- . " LEFT JOIN sat.imagebase img ON (img.imagebaseid = targetid)"
- . " LEFT JOIN sat.user usr ON (usr.userid = al.userid)"
- . " LEFT JOIN sat.user tu ON (tu.userid = al.targetid)"
- . " LEFT JOIN sat.lecture l ON (l.lectureid = targetid)"
- . " ORDER BY al.dateline DESC LIMIT 500", array(), true, true);
- } elseif ($this->action === 'showuser') {
- if (User::hasPermission("log.showuser")) {
- $this->listUser();
- }
- } else {
- if (User::hasPermission("log.showtarget")) {
- $this->listTarget();
- }
- }
- }
-
- private function listUser()
- {
- // Query user
- $user = Database::queryFirst('SELECT userid, firstname, lastname, email, lastlogin,'
- . ' organization.displayname AS orgname FROM sat.user'
- . ' LEFT JOIN sat.organization USING (organizationid)'
- . ' WHERE userid = :uuid'
- . ' LIMIT 1', array('uuid' => $this->uuid));
- if ($user === false) {
- Message::addError('unknown-userid', $this->uuid);
- Util::redirect('?do=dozmod§ion=actionlog');
- }
- // Mangle date and render
- $user['lastlogin_s'] = date('d.m.Y H:i', $user['lastlogin']);
- Render::addTemplate('actionlog-user', $user);
- // Finally add the actionlog
- $this->generateLog("SELECT al.dateline, al.targetid, al.description,"
- . " img.displayname AS imgname, usr.firstname AS tfirstname, usr.lastname AS tlastname, l.displayname AS lecturename"
- . " FROM sat.actionlog al"
- . " LEFT JOIN sat.imagebase img ON (img.imagebaseid = targetid)"
- . " LEFT JOIN sat.user usr ON (usr.userid = targetid)"
- . " LEFT JOIN sat.lecture l ON (l.lectureid = targetid)"
- . " WHERE al.userid = :uuid"
- . " ORDER BY al.dateline DESC LIMIT 500", array('uuid' => $this->uuid), false, true);
- }
-
- private function listTarget()
- {
- // We have to guess what kind of target it is
- if (!$this->addImageHeader()
- && !$this->addLectureHeader()) {
- Message::addError('unknown-targetid', $this->uuid);
- // Keep going, there might still be log entries for a deleted uuid
- }
-
- // Finally add the actionlog
- $this->generateLog("SELECT al.dateline, al.userid AS uuserid, al.description,"
- . " usr.firstname AS ufirstname, usr.lastname AS ulastname"
- . " FROM sat.actionlog al"
- . " LEFT JOIN sat.user usr ON (usr.userid = al.userid)"
- . " WHERE al.targetid = :uuid"
- . " ORDER BY al.dateline DESC LIMIT 500", array('uuid' => $this->uuid), true, false);
- }
-
- private function addImageHeader()
- {
- $image = Database::queryFirst('SELECT o.userid AS ouserid, o.firstname AS ofirstname, o.lastname AS olastname,'
- . ' u.userid AS uuserid, u.firstname AS ufirstname, u.lastname AS ulastname,'
- . ' img.displayname, img.description, img.createtime, img.updatetime,'
- . ' os.displayname AS osname'
- . ' FROM sat.imagebase img'
- . ' LEFT JOIN sat.user o ON (img.ownerid = o.userid)'
- . ' LEFT JOIN sat.user u ON (img.updaterid = u.userid)'
- . ' LEFT JOIN sat.operatingsystem os ON (img.osid = os.osid)'
- . ' WHERE img.imagebaseid = :uuid'
- . ' LIMIT 1', array('uuid' => $this->uuid));
- if ($image !== false) {
- // Mangle date and render
- $image['createtime_s'] = date('d.m.Y H:i', $image['createtime']);
- $image['updatetime_s'] = date('d.m.Y H:i', $image['updatetime']);
- $image['descriptionHtml'] = nl2br(htmlspecialchars($image['description']));
- Render::addTemplate('actionlog-image', $image);
- }
- return $image !== false;
- }
-
- private function addLectureHeader()
- {
- $lecture = Database::queryFirst('SELECT o.userid AS ouserid, o.firstname AS ofirstname, o.lastname AS olastname,'
- . ' u.userid AS uuserid, u.firstname AS ufirstname, u.lastname AS ulastname,'
- . ' l.displayname, l.description, l.createtime, l.updatetime,'
- . ' img.displayname AS imgname, img.imagebaseid'
- . ' FROM sat.lecture l'
- . ' LEFT JOIN sat.user o ON (l.ownerid = o.userid)'
- . ' LEFT JOIN sat.user u ON (l.updaterid = u.userid)'
- . ' LEFT JOIN sat.imageversion ver ON (ver.imageversionid = l.imageversionid)'
- . ' LEFT JOIN sat.imagebase img ON (img.imagebaseid = ver.imagebaseid)'
- . ' WHERE l.lectureid = :uuid'
- . ' LIMIT 1', array('uuid' => $this->uuid));
- if ($lecture !== false) {
- // Mangle date and render
- $lecture['createtime_s'] = date('d.m.Y H:i', $lecture['createtime']);
- $lecture['updatetime_s'] = date('d.m.Y H:i', $lecture['updatetime']);
- $lecture['descriptionHtml'] = nl2br(htmlspecialchars($lecture['description']));
- Render::addTemplate('actionlog-lecture', $lecture);
- }
- return $lecture !== false;
- }
-
- private function generateLog($query, $params, $showActor, $showTarget)
- {
- // query action log
- $res = Database::simpleQuery($query, $params);
- $events = array();
- while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- $row['dateline_s'] = date('d.m.Y H:i', $row['dateline']);
- if (isset($row['imgname'])) {
- $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showtarget&uuid=' . $row['targetid'];
- $row['targetname'] = $row['imgname'];
- } elseif (isset($row['tlastname'])) {
- $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showuser&uuid=' . $row['targetid'];
- $row['targetname'] = $row['tlastname'] . ', ' . $row['tfirstname'];
- } elseif (isset($row['lecturename'])) {
- $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showtarget&uuid=' . $row['targetid'];
- $row['targetname'] = $row['lecturename'];
- }
- $events[] = $row;
- }
- $data = array('events' => $events);
- if ($showActor) {
- $data['showActor'] = true;
- }
- if ($showTarget) {
- $data['showTarget'] = true;
- }
-
- $data['allowedShowUser'] = User::hasPermission("log.showuser");
- $data['allowedShowTarget'] = User::hasPermission("log.showtarget");
- Render::addTemplate('actionlog-log', $data);
- }
-
-}
\ No newline at end of file
diff --git a/modules-available/dozmod/inc/pagedozmodusers.inc.php b/modules-available/dozmod/inc/pagedozmodusers.inc.php
deleted file mode 100644
index f4ac852b..00000000
--- a/modules-available/dozmod/inc/pagedozmodusers.inc.php
+++ /dev/null
@@ -1,121 +0,0 @@
-listUsers();
- $this->listOrganizations();
- }
-
- protected function doAjax()
- {
- User::load();
-
- $action = Request::post('action', '', 'string');
- if ($action === 'setmail' || $action === 'setsu' || $action == 'setlogin') {
- if (User::hasPermission("users.".$action)) {
- $this->setUserOption($action);
- }
- } elseif ($action === 'setorglogin') {
- if (User::hasPermission("users.orglogin")) {
- $this->setOrgOption($action);
- }
- } else {
- die('No such action');
- }
- }
-
- // Helpers
-
- private function listUsers()
- {
- $res = Database::simpleQuery('SELECT userid, firstname, lastname, email, lastlogin, user.canlogin, issuperuser, emailnotifications,'
- . ' organization.displayname AS orgname FROM sat.user'
- . ' LEFT JOIN sat.organization USING (organizationid)'
- . ' ORDER BY lastname ASC, firstname ASC');
- $rows = array();
- while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- $row['canlogin'] = $this->checked($row['canlogin']);
- $row['issuperuser'] = $this->checked($row['issuperuser']);
- $row['emailnotifications'] = $this->checked($row['emailnotifications']);
- $row['lastlogin'] = date('d.m.Y', $row['lastlogin']);
- $rows[] = $row;
- }
- Render::addTemplate('userlist', array('users' => $rows));
- }
-
- private function listOrganizations()
- {
- $res = Database::simpleQuery('SELECT organizationid, displayname, canlogin FROM sat.organization'
- . ' ORDER BY displayname ASC');
- $rows = array();
- while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- $row['canlogin'] = $this->checked($row['canlogin']);
- $rows[] = $row;
- }
- Render::addTemplate('orglist', array('organizations' => $rows));
- }
-
- private function checked($val)
- {
- if ($val)
- return 'checked="checked"';
- return '';
- }
-
- private function setUserOption($option)
- {
- $val = (string) Request::post('value', '-');
- if ($val !== '1' && $val !== '0')
- die('Nein');
- if ($option === 'setmail') {
- $field = 'emailnotifications';
- } elseif ($option === 'setsu') {
- $field = 'issuperuser';
- } elseif ($option === 'setlogin') {
- $field = 'canlogin';
- } else {
- die('Unknown');
- }
- $user = (string) Request::post('userid', '?');
- $ret = Database::exec("UPDATE sat.user SET $field = :onoff WHERE userid = :userid", array(
- 'userid' => $user,
- 'onoff' => $val
- ));
- error_log("Setting $field to $val for $user - affected: $ret");
- if ($ret === false)
- die('Error');
- if ($ret === 0)
- die(1 - $val);
- die($val);
- }
-
- private function setOrgOption($option)
- {
- $val = (string) Request::post('value', '-');
- if ($val !== '1' && $val !== '0')
- die('Nein');
- if ($option === 'setorglogin') {
- $field = 'canlogin';
- } else {
- die('Unknown');
- }
- $ret = Database::exec("UPDATE sat.organization SET $field = :onoff WHERE organizationid = :organizationid", array(
- 'organizationid' => (string) Request::post('organizationid', ''),
- 'onoff' => $val
- ));
- if ($ret === false)
- die('Error');
- if ($ret === 0)
- die(1 - $val);
- die($val);
- }
-
-}
\ No newline at end of file
diff --git a/modules-available/dozmod/inc/pagemailtemplates.inc.php b/modules-available/dozmod/inc/pagemailtemplates.inc.php
deleted file mode 100644
index ff47977f..00000000
--- a/modules-available/dozmod/inc/pagemailtemplates.inc.php
+++ /dev/null
@@ -1,136 +0,0 @@
-fetchTemplates();
- } elseif ($action === 'save') {
- if (User::hasPermission("templates.save")) {
- $this->handleSave();
- }
- } elseif ($action === 'reset') {
- if(User::hasPermission("templates.reset")) {
- $this->handleReset();
- }
- } else {
- Message::addError('main.invalid-action', $action);
- Util::redirect('?do=dozmod§ion=templates');
- }
- }
-
- private function enrichHtml() {
- /* for each template */
- foreach ($this->templates as &$t) {
- $lis = "";
- $optManVars = "";
- $optVars = "";
- foreach ($t['mandatory_variables'] as $var) {
- $optManVars .= "";
- $lis .= "$var";
- }
- foreach($t['optional_variables'] as $var) {
- $optVars .= "";
- $lis .= "$var";
- }
- /* also options for hidden inputs */
-
- $t['html_availableVariables'] = $lis;
- $t['html_mandatoryVariables'] = $optManVars;
- $t['html_optionalVariables'] = $optVars;
-
- /* also for javascript */
- $t['list_mandatoryVariables'] =
- implode(',', $t['mandatory_variables']);
-
- $t['list_optionalVariables'] =
- implode(',', $t['optional_variables']);
-
- settype($t['original'], 'bool');
- settype($t['edit_version'], 'int');
- settype($t['version'], 'int');
- $t['modified'] = !$t['original'];
- $t['conflict'] = !$t['original'] && $t['edit_version'] < $t['version'];
- }
- }
-
- protected function doRender()
- {
- $this->enrichHtml();
- Render::addTemplate('templates', [
- 'templates' => $this->templates,
- 'allowedReset' => User::hasPermission("templates.reset"),
- 'allowedSave' => User::hasPermission("templates.save"),
- ]);
- }
-
- private function forcmp($string)
- {
- return trim(str_replace("\r\n", "\n", $string));
- }
-
- private function handleSave()
- {
- $data = Request::post('templates');
- if (is_array($data)) {
- $this->fetchTemplates();
- foreach ($this->templates as &$template) {
- if (isset($data[$template['name']])) {
- if ($this->forcmp($template['template']) !== $this->forcmp($data[$template['name']]['template'])) {
- if (empty($template['original_template'])) {
- $template['original_template'] = $template['template'];
- }
- $template['edit_version'] = $template['version'];
- }
- $template['original'] = (empty($template['original_template']) && $template['original'])
- || $this->forcmp($template['original_template']) === $this->forcmp($data[$template['name']]['template']);
- if ($template['original']) {
- $template['original_template'] = '';
- }
- $template['template'] = $data[$template['name']]['template'];
- }
- }
- unset($template);
- $data = json_encode(array('templates' => $this->templates));
- Database::exec("UPDATE sat.configuration SET value = :value WHERE parameter = 'templates'", array('value' => $data));
- Message::addSuccess('templates-saved');
- } else {
- Message::addError('nothing-submitted');
- }
- Util::redirect('?do=dozmod§ion=templates');
- }
-
- private function handleReset()
- {
- $result = Download::asStringPost('http://127.0.0.1:9080/do/reset-mail-templates', array(), 10, $code);
- if ($code == 999) {
- Message::addError('timeout');
- } elseif ($code != 200) {
- Message::addError('dozmod-error', $code);
- } else {
- Message::addSuccess('all-templates-reset', $result);
- }
- Util::redirect('?do=dozmod§ion=templates');
- }
-
- private function fetchTemplates() {
- $templates= Database::queryFirst('SELECT value FROM sat.configuration WHERE parameter = :param', array('param' => 'templates'));
- if ($templates != null) {
- $templates = @json_decode($templates['value'], true);
- if (is_array($templates)) {
- $names = array_map(function ($e) { return $e['name']; }, $templates['templates']);
- array_multisort($names, SORT_ASC, $templates['templates']);
- $this->templates = $templates['templates'];
- }
- }
-
- }
-
-}
diff --git a/modules-available/dozmod/lang/de/module.json b/modules-available/dozmod/lang/de/module.json
index 02e8c84d..c9acd4ee 100644
--- a/modules-available/dozmod/lang/de/module.json
+++ b/modules-available/dozmod/lang/de/module.json
@@ -4,7 +4,7 @@
"submenu_actionlog": "Aktions-Log",
"submenu_expiredimages": "Abgelaufene VM-Versionen",
"submenu_mailconfig": "Email-Konfiguration",
- "submenu_runtime": "Limits und Standardwerte",
+ "submenu_runtimeconfig": "Limits und Standardwerte",
"submenu_templates": "Textbausteine f\u00fcr E-Mails",
"submenu_users": "Benutzer und Berechtigungen"
}
\ No newline at end of file
diff --git a/modules-available/dozmod/lang/de/permissions.json b/modules-available/dozmod/lang/de/permissions.json
index 07158a1d..9c5af91d 100644
--- a/modules-available/dozmod/lang/de/permissions.json
+++ b/modules-available/dozmod/lang/de/permissions.json
@@ -1,14 +1,14 @@
{
- "images.delete": "Zur Löschung vorgemerkete Abbilder löschen.",
- "mail.save": "Änderungen an der SMTP-Konfiguration zum Versenden von Mails speichern.",
- "mail.testmail": "Eine Test E-Mail verschicken.",
- "runtimeconfig.save": "Änderungen an der Laufzeit-Konfiguration speichern.",
- "templates.save": "E-Mail Templates speichern.",
- "templates.reset": "E-Mail Templates zurücksetzen.",
- "users.setmail": "E-Mail Benachrichtigungen für einzelne Benutzer aktivieren/deaktivieren.",
- "users.setlogin": "Anmeldungen für einzelne Benutzer aktivieren/deaktivieren.",
- "users.setsu": "Benutzer zu SuperUser ernennen.",
- "users.orglogin": "Anmeldungen für Benutzer von bestimmten Einrichtungen aktivieren/deaktivieren.",
- "log.showuser": "User Data im Aktions-Log anzeigen.",
- "log.showtarget": "Target Data im Aktions-Log anzeigen."
+ "actionlog.showtarget": "Target Data im Aktions-Log anzeigen.",
+ "actionlog.showuser": "User Data im Aktions-Log anzeigen.",
+ "expiredimages.delete": "Zur L\u00f6schung vorgemerkete Abbilder l\u00f6schen.",
+ "mailconfig.save": "\u00c4nderungen an der SMTP-Konfiguration zum Versenden von Mails speichern.",
+ "mailconfig.testmail": "Eine Test E-Mail verschicken.",
+ "runtimeconfig.save": "\u00c4nderungen an der Laufzeit-Konfiguration speichern.",
+ "templates.reset": "E-Mail Templates zur\u00fccksetzen.",
+ "templates.save": "E-Mail Templates speichern.",
+ "users.setorglogin": "Anmeldungen f\u00fcr Benutzer von bestimmten Einrichtungen aktivieren\/deaktivieren.",
+ "users.setlogin": "Anmeldungen f\u00fcr einzelne Benutzer aktivieren\/deaktivieren.",
+ "users.setmail": "E-Mail Benachrichtigungen f\u00fcr einzelne Benutzer aktivieren\/deaktivieren.",
+ "users.setsu": "Benutzer zu SuperUser ernennen."
}
\ No newline at end of file
diff --git a/modules-available/dozmod/lang/en/module.json b/modules-available/dozmod/lang/en/module.json
index 17a2b838..b7a04762 100644
--- a/modules-available/dozmod/lang/en/module.json
+++ b/modules-available/dozmod/lang/en/module.json
@@ -4,7 +4,7 @@
"submenu_actionlog": "action log",
"submenu_expiredimages": "Expired VM versions",
"submenu_mailconfig": "email configuration",
- "submenu_runtime": "limits and defaults",
+ "submenu_runtimeconfig": "limits and defaults",
"submenu_templates": "templates",
"submenu_users": "users and permissions"
}
\ No newline at end of file
diff --git a/modules-available/dozmod/lang/en/permissions.json b/modules-available/dozmod/lang/en/permissions.json
index 923a8461..a86cf155 100644
--- a/modules-available/dozmod/lang/en/permissions.json
+++ b/modules-available/dozmod/lang/en/permissions.json
@@ -1,14 +1,14 @@
{
- "images.delete": "Delete images marked for deletion.",
- "mail.save": "Save SMTP configuration for sending mails.",
- "mail.testmail": "Send a testmail.",
- "runtimeconfig.save": "Save limits and defaults of a runtime configuration.",
- "templates.save": "Save email templates.",
- "templates.reset": "Reset email templates.",
- "users.setmail": "Enable/Disable Email Notification.",
- "users.setlogin": "Enable/Disable Login.",
- "users.setsu": "Set User to superuser.",
- "users.orglogin": "Enalbe/Disable Login for Users from certain organisations.",
- "log.showuser": "Show User Data in Log.",
- "log.showtarget": "Show Target Data in Log."
+ "actionlog.showtarget": "Show Target Data in Log.",
+ "actionlog.showuser": "Show User Data in Log.",
+ "expiredimages.delete": "Delete images marked for deletion.",
+ "mailconfig.save": "Save SMTP configuration for sending mails.",
+ "mailconfig.testmail": "Send a testmail.",
+ "runtimeconfig.save": "Save limits and defaults of a runtime configuration.",
+ "templates.reset": "Reset email templates.",
+ "templates.save": "Save email templates.",
+ "users.setorglogin": "Enalbe\/Disable Login for Users from certain organisations.",
+ "users.setlogin": "Enable\/Disable Login.",
+ "users.setmail": "Enable\/Disable Email Notification.",
+ "users.setsu": "Set User to superuser."
}
\ No newline at end of file
diff --git a/modules-available/dozmod/page.inc.php b/modules-available/dozmod/page.inc.php
index b58d57aa..a8e0da0e 100644
--- a/modules-available/dozmod/page.inc.php
+++ b/modules-available/dozmod/page.inc.php
@@ -2,25 +2,37 @@
class Page_DozMod extends Page
{
- /** @var \Page sub page classes */
- private $subPage = false;
+ /** @var bool true if we have a proper subpage */
+ private $haveSubPage = false;
+
+ private $validSections = ['expiredimages', 'mailconfig', 'templates', 'runtimeconfig', 'users', 'actionlog'];
+
+ private $section;
private function setupSubPage()
{
- if ($this->subPage !== false)
+ if ($this->haveSubPage !== false)
return;
/* different pages for different sections */
- $section = Request::any('section', 'mailconfig', 'string');
- /* instantiate sub pages */
- if ($section === 'templates') {
- $this->subPage = new Page_mail_templates();
- }
- if ($section === 'users') {
- $this->subPage = new Page_dozmod_users();
- }
- if ($section === 'actionlog') {
- $this->subPage = new Page_dozmod_log();
- }
+ $this->section = Request::any('section', false, 'string');
+ if ($this->section === 'blockstats') // HACK HACK
+ return;
+ if ($this->section === false) {
+ foreach ($this->validSections as $this->section) {
+ if (User::hasPermission($this->section . '.*'))
+ break;
+ }
+ } elseif (!in_array($this->section, $this->validSections)) {
+ Util::traceError('Invalid section: ' . $this->section);
+ }
+ // Check permissions
+ User::assertPermission($this->section . '.*');
+ $include = 'modules/' . Page::getModule()->getIdentifier() . '/pages/' . $this->section . '.inc.php';
+ if (!file_exists($include))
+ return;
+
+ require_once $include;
+ $this->haveSubPage = true;
}
protected function doPreprocess()
@@ -32,117 +44,41 @@ class Page_DozMod extends Page
Util::redirect('?do=Main');
}
- /* add sub-menus */
- Dashboard::addSubmenu('?do=dozmod§ion=expiredimages', Dictionary::translate('submenu_expiredimages', true));
- Dashboard::addSubmenu('?do=dozmod§ion=mailconfig', Dictionary::translate('submenu_mailconfig', true));
- Dashboard::addSubmenu('?do=dozmod§ion=templates', Dictionary::translate('submenu_templates', true));
- Dashboard::addSubmenu('?do=dozmod§ion=runtimeconfig', Dictionary::translate('submenu_runtime', true));
- Dashboard::addSubmenu('?do=dozmod§ion=users', Dictionary::translate('submenu_users', true));
- Dashboard::addSubmenu('?do=dozmod§ion=actionlog', Dictionary::translate('submenu_actionlog', true));
-
$this->setupSubPage();
- if ($this->subPage !== false) {
- $this->subPage->doPreprocess();
- return;
+ if ($this->haveSubPage !== false) {
+ SubPage::doPreprocess();
+ }
+ // Catch unhandled POST redirect
+ if (Request::isPost()) {
+ Util::redirect('?do=dozmod§ion=' . $this->section);
}
- /* execute actions */
- $action = Request::post('action', false, 'string');
+ /* Leave this here for translation module
+ Dictionary::translate('submenu_expiredimages', true);
+ Dictionary::translate('submenu_mailconfig', true);
+ Dictionary::translate('submenu_templates', true);
+ Dictionary::translate('submenu_runtimeconfig', true);
+ Dictionary::translate('submenu_users', true);
+ Dictionary::translate('submenu_actionlog', true);
+ */
- if ($action === 'mail') {
- if (User::hasPermission("mail.save")) {
- $this->mailHandler();
- }
- } elseif ($action === 'runtime') {
- if (User::hasPermission("runtimeconfig.save")) {
- $this->runtimeHandler();
- }
- } elseif ($action === 'delimages') {
- if (User::hasPermission("images.delete")) {
- $result = $this->handleDeleteImages();
- if (!empty($result)) {
- Message::addInfo('delete-images', $result);
- }
- Util::redirect('?do=DozMod');
+ /* add sub-menus */
+ foreach ($this->validSections as $section) {
+ if (User::hasPermission($section . '.*')) {
+ Dashboard::addSubmenu('?do=dozmod§ion=' . $section, Dictionary::translate('submenu_' . $section, true));
}
- } elseif ($action !== false) {
- Util::traceError('Invalid action: ' . $action);
}
}
protected function doRender()
{
/* different pages for different sections */
- if ($this->subPage !== false) {
- $this->subPage->doRender();
+ if ($this->haveSubPage !== false) {
+ SubPage::doRender();
return;
}
- $section = Request::get('section', false, 'string');
-
- if ($section === false || $section === 'expiredimages') {
- $expiredImages = $this->loadExpiredImages();
- if ($section === false && empty($expiredImages)) {
- $section = 'mailconfig';
- } else {
- $section = 'expiredimages';
- }
- }
-
- if ($section === 'expiredimages') {
- if (empty($expiredImages)) {
- Message::addSuccess('no-expired-images');
- } else {
- Render::addTemplate('images-delete', array('images' => $expiredImages, 'allowedDelete' => User::hasPermission("images.delete")));
- }
- }
- if ($section === 'mailconfig') {
- // Mail config
- $mailConf = Database::queryFirst('SELECT value FROM sat.configuration WHERE parameter = :param', array('param' => 'mailconfig'));
- if ($mailConf != null) {
- $mailConf = @json_decode($mailConf['value'], true);
- if (is_array($mailConf)) {
- $mailConf['set_' . $mailConf['ssl']] = 'selected="selected"';
- }
- }
- $mailConf['allowedSave'] = User::hasPermission('mail.save');
- $mailConf['allowedTest'] = User::hasPermission('mail.testmail');
- Render::addTemplate('mailconfig', $mailConf);
- }
- if ($section === 'runtimeconfig') {
- // Runtime config
- $runtimeConf = Database::queryFirst('SELECT value FROM sat.configuration WHERE parameter = :param', array('param' => 'runtimelimits'));
- if ($runtimeConf !== false) {
- $runtimeConf = json_decode($runtimeConf['value'], true);
-
- /* convert some value to corresponding "selected" texts */
- if ($runtimeConf['defaultLecturePermissions']['edit']) {
- $runtimeConf['defaultLecturePermissions']['edit'] = 'checked';
- }
- if ($runtimeConf['defaultLecturePermissions']['admin']) {
- $runtimeConf['defaultLecturePermissions']['admin'] = 'checked';
- }
- if ($runtimeConf['defaultImagePermissions']['edit']) {
- $runtimeConf['defaultImagePermissions']['edit'] = 'checked';
- }
- if ($runtimeConf['defaultImagePermissions']['admin']) {
- $runtimeConf['defaultImagePermissions']['admin'] = 'checked';
- }
- if ($runtimeConf['defaultImagePermissions']['link']) {
- $runtimeConf['defaultImagePermissions']['link'] = 'checked';
- }
- if ($runtimeConf['defaultImagePermissions']['download']) {
- $runtimeConf['defaultImagePermissions']['download'] = 'checked';
- }
-
- if ($runtimeConf['allowLoginByDefault']) {
- $runtimeConf['allowLoginByDefault'] = 'checked';
- }
- }
- $runtimeConf['allowedSave'] = User::hasPermission("runtimeconfig.save");
- Render::addTemplate('runtimeconfig', $runtimeConf);
- }
- if ($section === 'blockstats') {
+ if ($this->section === 'blockstats') {
$this->showBlockStats();
}
@@ -164,73 +100,19 @@ class Page_DozMod extends Page
Render::addTemplate('blockstats', $data);
}
- private function loadExpiredImages()
- {
- $res = Database::simpleQuery("SELECT b.displayname,"
- . " own.firstname, own.lastname, own.email,"
- . " v.imageversionid, v.createtime, v.filesize, v.deletestate,"
- . " lat.expiretime AS latexptime, lat.deletestate AS latdelstate"
- . " FROM sat.imageversion v"
- . " INNER JOIN sat.imagebase b ON (b.imagebaseid = v.imagebaseid)"
- . " INNER JOIN sat.user own ON (b.ownerid = own.userid)"
- . " LEFT JOIN sat.imageversion lat ON (b.latestversionid = lat.imageversionid)"
- . " WHERE v.deletestate <> 'KEEP'"
- . " ORDER BY b.displayname ASC, v.createtime ASC");
- $NOW = time();
- $rows = array();
- while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- if ($row['latexptime'] > $NOW && $row['latdelstate'] === 'KEEP') {
- $row['hasNewerClass'] = 'glyphicon-ok green';
- $row['checked'] = 'checked';
- } else {
- $row['hasNewerClass'] = 'glyphicon-remove red';
- }
- if ($row['deletestate'] === 'WANT_DELETE') {
- $row['name_extra_class'] = 'slx-strike';
- }
- $row['version'] = date('d.m.Y H:i:s', $row['createtime']);
- $row['rawfilesize'] = $row['filesize'];
- $row['filesize'] = Util::readableFileSize($row['filesize']);
- $rows[] = $row;
- }
- return $rows;
- }
-
- private function cleanMailArray()
- {
- $keys = array('host', 'port', 'ssl', 'senderAddress', 'replyTo', 'username', 'password', 'serverName');
- $data = array();
- foreach ($keys as $key) {
- $data[$key] = Request::post($key, '');
- settype($data[$key], 'string');
- if (is_numeric($data[$key])) {
- settype($data[$key], 'int');
- }
- }
- return $data;
- }
-
protected function doAjax()
{
User::load();
-
$this->setupSubPage();
- if ($this->subPage !== false) {
- $this->subPage->doAjax();
+
+ if ($this->haveSubPage !== false) {
+ SubPage::doAjax();
return;
}
$action = Request::post('action');
- if ($action === 'mail') {
- if (User::hasPermission("mail.testmail")) {
- $this->handleTestMail();
- }
- } elseif ($action === 'delimages') {
- if (User::hasPermission("images.delete")) {
- die($this->handleDeleteImages());
- }
- } elseif ($action === 'getblockinfo') {
+ if ($action === 'getblockinfo') {
$this->ajaxGetBlockInfo();
}
}
@@ -264,125 +146,4 @@ class Page_DozMod extends Page
die(Render::parse('blockstats-details', $data));
}
- private function handleDeleteImages()
- {
- $images = Request::post('images', false);
- if (is_array($images)) {
- foreach ($images as $image => $val) {
- if (strtolower($val) !== 'on')
- continue;
- Database::exec("UPDATE sat.imageversion SET deletestate = 'WANT_DELETE'"
- . " WHERE deletestate = 'SHOULD_DELETE' AND imageversionid = :imageversionid", array(
- 'imageversionid' => $image
- ));
- }
- if (!empty($images)) {
- $ret = Download::asStringPost('http://127.0.0.1:9080/do/delete-images', false, 10, $code);
- if ($code == 999) {
- $ret .= "\nConnection to DMSD failed.";
- }
- return $ret;
- }
- }
- return false;
- }
-
- private function handleTestMail()
- {
- $do = Request::post('button');
- if ($do === 'test') {
- // Prepare array
- $data = $this->cleanMailArray();
- Header('Content-Type: text/plain; charset=utf-8');
- $data['recipient'] = Request::post('recipient', '');
- if (!preg_match('/.+@.+\..+/', $data['recipient'])) {
- $result = 'No recipient given!';
- } else {
- $result = Download::asStringPost('http://127.0.0.1:9080/do/mailtest', $data, 10, $code);
- if ($code == 999) {
- $result .= "\nTimeout.";
- } elseif ($code != 200) {
- $result .= "\nReturn code $code";
- }
- }
- die($result);
- }
- }
-
- private function mailHandler()
- {
- // Check action
- $do = Request::post('button');
- if ($do === 'save') {
- // Prepare array
- $data = $this->cleanMailArray();
- $data = json_encode($data);
- Database::exec('INSERT INTO sat.configuration (parameter, value)'
- . ' VALUES (:param, :value)'
- . ' ON DUPLICATE KEY UPDATE value = VALUES(value)', array(
- 'param' => 'mailconfig',
- 'value' => $data
- ));
- Message::addSuccess('mail-config-saved');
- } else {
- Message::addError('main.invalid-action', $do);
- }
- Util::redirect('?do=DozMod§ion=mailconfig');
- }
-
- private function runtimeHandler()
- {
- // Check action
- $do = Request::post('button');
- if ($do === 'save') {
- $data = [];
- $data['defaultLecturePermissions'] = Request::post('defaultLecturePermissions', NULL, "array");
- $data['defaultImagePermissions'] = Request::post('defaultImagePermissions', NULL, "array");
-
- $params = [
- 'int' => [
- 'maxImageValidityDays' => array('min' => 7, 'max' => 9999),
- 'maxLectureValidityDays' => array('min' => 7, 'max' => 9999),
- 'maxLocationsPerLecture' => array('min' => 0, 'max' => 999),
- 'maxTransfers' => array('min' => 1, 'max' => 10),
- ],
- 'bool' => [
- 'allowLoginByDefault' => array('default' => true)
- ],
- ];
- foreach ($params as $type => $list) {
- foreach ($list as $field => $limits) {
- $default = isset($limits['default']) ? $limits['default'] : false;
- $value = Request::post($field, $default);
- settype($value, $type);
- if (isset($limits['min']) && $value < $limits['min']) {
- $value = $limits['min'];
- }
- if (isset($limits['max']) && $value > $limits['max']) {
- $value = $limits['max'];
- }
- $data[$field] = $value;
- }
- }
-
- /* ensure types */
- settype($data['defaultLecturePermissions']['edit'], 'boolean');
- settype($data['defaultLecturePermissions']['admin'], 'boolean');
- settype($data['defaultImagePermissions']['edit'], 'boolean');
- settype($data['defaultImagePermissions']['admin'], 'boolean');
- settype($data['defaultImagePermissions']['link'], 'boolean');
- settype($data['defaultImagePermissions']['download'], 'boolean');
-
- $data = json_encode($data);
- Database::exec('INSERT INTO sat.configuration (parameter, value)'
- . ' VALUES (:param, :value)'
- . ' ON DUPLICATE KEY UPDATE value = VALUES(value)', array(
- 'param' => 'runtimelimits',
- 'value' => $data
- ));
- Message::addSuccess('runtimelimits-config-saved');
- }
- Util::redirect('?do=DozMod§ion=runtimeconfig');
- }
-
}
diff --git a/modules-available/dozmod/pages/actionlog.inc.php b/modules-available/dozmod/pages/actionlog.inc.php
new file mode 100644
index 00000000..6cbd2868
--- /dev/null
+++ b/modules-available/dozmod/pages/actionlog.inc.php
@@ -0,0 +1,168 @@
+ self::$uuid));
+ if ($user === false) {
+ Message::addError('unknown-userid', self::$uuid);
+ Util::redirect('?do=dozmod§ion=actionlog');
+ }
+ // Mangle date and render
+ $user['lastlogin_s'] = date('d.m.Y H:i', $user['lastlogin']);
+ Render::addTemplate('actionlog-user', $user);
+ // Finally add the actionlog
+ self::generateLog("SELECT al.dateline, al.targetid, al.description,"
+ . " img.displayname AS imgname, usr.firstname AS tfirstname, usr.lastname AS tlastname, l.displayname AS lecturename"
+ . " FROM sat.actionlog al"
+ . " LEFT JOIN sat.imagebase img ON (img.imagebaseid = targetid)"
+ . " LEFT JOIN sat.user usr ON (usr.userid = targetid)"
+ . " LEFT JOIN sat.lecture l ON (l.lectureid = targetid)"
+ . " WHERE al.userid = :uuid"
+ . " ORDER BY al.dateline DESC LIMIT 500", array('uuid' => self::$uuid), false, true);
+ }
+
+ private static function listTarget()
+ {
+ // We have to guess what kind of target it is
+ if (!self::addImageHeader()
+ && !self::addLectureHeader()) {
+ Message::addError('unknown-targetid', self::$uuid);
+ // Keep going, there might still be log entries for a deleted uuid
+ }
+
+ // Finally add the actionlog
+ self::generateLog("SELECT al.dateline, al.userid AS uuserid, al.description,"
+ . " usr.firstname AS ufirstname, usr.lastname AS ulastname"
+ . " FROM sat.actionlog al"
+ . " LEFT JOIN sat.user usr ON (usr.userid = al.userid)"
+ . " WHERE al.targetid = :uuid"
+ . " ORDER BY al.dateline DESC LIMIT 500", array('uuid' => self::$uuid), true, false);
+ }
+
+ private static function addImageHeader()
+ {
+ $image = Database::queryFirst('SELECT o.userid AS ouserid, o.firstname AS ofirstname, o.lastname AS olastname,'
+ . ' u.userid AS uuserid, u.firstname AS ufirstname, u.lastname AS ulastname,'
+ . ' img.displayname, img.description, img.createtime, img.updatetime,'
+ . ' os.displayname AS osname'
+ . ' FROM sat.imagebase img'
+ . ' LEFT JOIN sat.user o ON (img.ownerid = o.userid)'
+ . ' LEFT JOIN sat.user u ON (img.updaterid = u.userid)'
+ . ' LEFT JOIN sat.operatingsystem os ON (img.osid = os.osid)'
+ . ' WHERE img.imagebaseid = :uuid'
+ . ' LIMIT 1', array('uuid' => self::$uuid));
+ if ($image !== false) {
+ // Mangle date and render
+ $image['createtime_s'] = date('d.m.Y H:i', $image['createtime']);
+ $image['updatetime_s'] = date('d.m.Y H:i', $image['updatetime']);
+ $image['descriptionHtml'] = nl2br(htmlspecialchars($image['description']));
+ Render::addTemplate('actionlog-image', $image);
+ }
+ return $image !== false;
+ }
+
+ private static function addLectureHeader()
+ {
+ $lecture = Database::queryFirst('SELECT o.userid AS ouserid, o.firstname AS ofirstname, o.lastname AS olastname,'
+ . ' u.userid AS uuserid, u.firstname AS ufirstname, u.lastname AS ulastname,'
+ . ' l.displayname, l.description, l.createtime, l.updatetime,'
+ . ' img.displayname AS imgname, img.imagebaseid'
+ . ' FROM sat.lecture l'
+ . ' LEFT JOIN sat.user o ON (l.ownerid = o.userid)'
+ . ' LEFT JOIN sat.user u ON (l.updaterid = u.userid)'
+ . ' LEFT JOIN sat.imageversion ver ON (ver.imageversionid = l.imageversionid)'
+ . ' LEFT JOIN sat.imagebase img ON (img.imagebaseid = ver.imagebaseid)'
+ . ' WHERE l.lectureid = :uuid'
+ . ' LIMIT 1', array('uuid' => self::$uuid));
+ if ($lecture !== false) {
+ // Mangle date and render
+ $lecture['createtime_s'] = date('d.m.Y H:i', $lecture['createtime']);
+ $lecture['updatetime_s'] = date('d.m.Y H:i', $lecture['updatetime']);
+ $lecture['descriptionHtml'] = nl2br(htmlspecialchars($lecture['description']));
+ Render::addTemplate('actionlog-lecture', $lecture);
+ }
+ return $lecture !== false;
+ }
+
+ private static function generateLog($query, $params, $showActor, $showTarget)
+ {
+ // query action log
+ $res = Database::simpleQuery($query, $params);
+ $events = array();
+ while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+ $row['dateline_s'] = date('d.m.Y H:i', $row['dateline']);
+ if (isset($row['imgname'])) {
+ $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showtarget&uuid=' . $row['targetid'];
+ $row['targetname'] = $row['imgname'];
+ } elseif (isset($row['tlastname'])) {
+ $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showuser&uuid=' . $row['targetid'];
+ $row['targetname'] = $row['tlastname'] . ', ' . $row['tfirstname'];
+ } elseif (isset($row['lecturename'])) {
+ $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showtarget&uuid=' . $row['targetid'];
+ $row['targetname'] = $row['lecturename'];
+ }
+ $events[] = $row;
+ }
+ $data = array('events' => $events);
+ if ($showActor) {
+ $data['showActor'] = true;
+ }
+ if ($showTarget) {
+ $data['showTarget'] = true;
+ }
+
+ $data['allowedShowUser'] = User::hasPermission("actionlog.showuser");
+ $data['allowedShowTarget'] = User::hasPermission("actionlog.showtarget");
+ Render::addTemplate('actionlog-log', $data);
+ }
+
+ public static function doAjax()
+ {
+
+ }
+
+}
\ No newline at end of file
diff --git a/modules-available/dozmod/pages/expiredimages.inc.php b/modules-available/dozmod/pages/expiredimages.inc.php
new file mode 100644
index 00000000..2b5a2274
--- /dev/null
+++ b/modules-available/dozmod/pages/expiredimages.inc.php
@@ -0,0 +1,97 @@
+ $val) {
+ if (strtolower($val) !== 'on')
+ continue;
+ Database::exec("UPDATE sat.imageversion SET deletestate = 'WANT_DELETE'"
+ . " WHERE deletestate = 'SHOULD_DELETE' AND imageversionid = :imageversionid", array(
+ 'imageversionid' => $image
+ ));
+ }
+ if (!empty($images)) {
+ $ret = Download::asStringPost('http://127.0.0.1:9080/do/delete-images', false, 10, $code);
+ if ($code == 999) {
+ $ret .= "\nConnection to DMSD failed.";
+ }
+ return $ret;
+ }
+ }
+ return false;
+ }
+
+ private static function loadExpiredImages()
+ {
+ $res = Database::simpleQuery("SELECT b.displayname,"
+ . " own.firstname, own.lastname, own.email,"
+ . " v.imageversionid, v.createtime, v.filesize, v.deletestate,"
+ . " lat.expiretime AS latexptime, lat.deletestate AS latdelstate"
+ . " FROM sat.imageversion v"
+ . " INNER JOIN sat.imagebase b ON (b.imagebaseid = v.imagebaseid)"
+ . " INNER JOIN sat.user own ON (b.ownerid = own.userid)"
+ . " LEFT JOIN sat.imageversion lat ON (b.latestversionid = lat.imageversionid)"
+ . " WHERE v.deletestate <> 'KEEP'"
+ . " ORDER BY b.displayname ASC, v.createtime ASC");
+ $NOW = time();
+ $rows = array();
+ while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+ if ($row['latexptime'] > $NOW && $row['latdelstate'] === 'KEEP') {
+ $row['hasNewerClass'] = 'glyphicon-ok green';
+ $row['checked'] = 'checked';
+ } else {
+ $row['hasNewerClass'] = 'glyphicon-remove red';
+ }
+ if ($row['deletestate'] === 'WANT_DELETE') {
+ $row['name_extra_class'] = 'slx-strike';
+ }
+ $row['version'] = date('d.m.Y H:i:s', $row['createtime']);
+ $row['rawfilesize'] = $row['filesize'];
+ $row['filesize'] = Util::readableFileSize($row['filesize']);
+ $rows[] = $row;
+ }
+ return $rows;
+ }
+
+ public static function doRender()
+ {
+ $expiredImages = self::loadExpiredImages();
+
+ if (empty($expiredImages)) {
+ Message::addSuccess('no-expired-images');
+ } else {
+ Render::addTemplate('images-delete', array('images' => $expiredImages, 'allowedDelete' => User::hasPermission("expiredimages.delete")));
+ }
+ }
+
+ public static function doAjax()
+ {
+ $action = Request::post('action');
+ if ($action === 'delimages') {
+ User::assertPermission("expiredimages.delete");
+ die(self::handleDeleteImages());
+ }
+ die('Huh?');
+ }
+
+}
diff --git a/modules-available/dozmod/pages/mailconfig.inc.php b/modules-available/dozmod/pages/mailconfig.inc.php
new file mode 100644
index 00000000..1f0a750c
--- /dev/null
+++ b/modules-available/dozmod/pages/mailconfig.inc.php
@@ -0,0 +1,97 @@
+ 'mailconfig',
+ 'value' => $data
+ ));
+ Message::addSuccess('mail-config-saved');
+ } else {
+ Message::addError('main.invalid-action', $do);
+ }
+ Util::redirect('?do=DozMod§ion=mailconfig');
+ }
+
+ private static function cleanMailArray()
+ {
+ $keys = array('host', 'port', 'ssl', 'senderAddress', 'replyTo', 'username', 'password', 'serverName');
+ $data = array();
+ foreach ($keys as $key) {
+ $data[$key] = Request::post($key, '');
+ settype($data[$key], 'string');
+ if (is_numeric($data[$key])) {
+ settype($data[$key], 'int');
+ }
+ }
+ return $data;
+ }
+
+ public static function doRender()
+ {
+ // Mail config
+ $mailConf = Database::queryFirst('SELECT value FROM sat.configuration WHERE parameter = :param', array('param' => 'mailconfig'));
+ if ($mailConf != null) {
+ $mailConf = @json_decode($mailConf['value'], true);
+ if (is_array($mailConf)) {
+ $mailConf['set_' . $mailConf['ssl']] = 'selected="selected"';
+ }
+ }
+ Permission::addGlobalTags($mailConf['perms'], NULL, ['mailconfig.save', 'mailconfig.testmail']);
+ Render::addTemplate('mailconfig', $mailConf);
+ }
+
+ public static function doAjax()
+ {
+ $action = Request::post('action');
+ if ($action === 'mail') {
+ if (User::hasPermission("mailconfig.testmail")) {
+ self::handleTestMail();
+ }
+ }
+ }
+
+ private static function handleTestMail()
+ {
+ $do = Request::post('button');
+ if ($do === 'test') {
+ // Prepare array
+ $data = self::cleanMailArray();
+ Header('Content-Type: text/plain; charset=utf-8');
+ $data['recipient'] = Request::post('recipient', '');
+ if (!preg_match('/.+@.+\..+/', $data['recipient'])) {
+ $result = 'No recipient given!';
+ } else {
+ $result = Download::asStringPost('http://127.0.0.1:9080/do/mailtest', $data, 10, $code);
+ if ($code == 999) {
+ $result .= "\nTimeout.";
+ } elseif ($code != 200) {
+ $result .= "\nReturn code $code";
+ }
+ }
+ die($result);
+ }
+ }
+
+}
diff --git a/modules-available/dozmod/pages/runtimeconfig.inc.php b/modules-available/dozmod/pages/runtimeconfig.inc.php
new file mode 100644
index 00000000..63ba4650
--- /dev/null
+++ b/modules-available/dozmod/pages/runtimeconfig.inc.php
@@ -0,0 +1,112 @@
+ [
+ 'maxImageValidityDays' => array('min' => 7, 'max' => 9999),
+ 'maxLectureValidityDays' => array('min' => 7, 'max' => 9999),
+ 'maxLocationsPerLecture' => array('min' => 0, 'max' => 999),
+ 'maxTransfers' => array('min' => 1, 'max' => 10),
+ ],
+ 'bool' => [
+ 'allowLoginByDefault' => array('default' => true)
+ ],
+ ];
+ foreach ($params as $type => $list) {
+ foreach ($list as $field => $limits) {
+ $default = isset($limits['default']) ? $limits['default'] : false;
+ $value = Request::post($field, $default);
+ settype($value, $type);
+ if (isset($limits['min']) && $value < $limits['min']) {
+ $value = $limits['min'];
+ }
+ if (isset($limits['max']) && $value > $limits['max']) {
+ $value = $limits['max'];
+ }
+ $data[$field] = $value;
+ }
+ }
+
+ /* ensure types */
+ settype($data['defaultLecturePermissions']['edit'], 'boolean');
+ settype($data['defaultLecturePermissions']['admin'], 'boolean');
+ settype($data['defaultImagePermissions']['edit'], 'boolean');
+ settype($data['defaultImagePermissions']['admin'], 'boolean');
+ settype($data['defaultImagePermissions']['link'], 'boolean');
+ settype($data['defaultImagePermissions']['download'], 'boolean');
+
+ $data = json_encode($data);
+ Database::exec('INSERT INTO sat.configuration (parameter, value)'
+ . ' VALUES (:param, :value)'
+ . ' ON DUPLICATE KEY UPDATE value = VALUES(value)', array(
+ 'param' => 'runtimelimits',
+ 'value' => $data
+ ));
+ Message::addSuccess('runtimelimits-config-saved');
+ }
+ Util::redirect('?do=DozMod§ion=runtimeconfig');
+ }
+
+ public static function doRender()
+ {
+ // Runtime config
+ $runtimeConf = Database::queryFirst('SELECT value FROM sat.configuration WHERE parameter = :param', array('param' => 'runtimelimits'));
+ if ($runtimeConf !== false) {
+ $runtimeConf = json_decode($runtimeConf['value'], true);
+
+ /* convert some value to corresponding "selected" texts */
+ if ($runtimeConf['defaultLecturePermissions']['edit']) {
+ $runtimeConf['defaultLecturePermissions']['edit'] = 'checked';
+ }
+ if ($runtimeConf['defaultLecturePermissions']['admin']) {
+ $runtimeConf['defaultLecturePermissions']['admin'] = 'checked';
+ }
+ if ($runtimeConf['defaultImagePermissions']['edit']) {
+ $runtimeConf['defaultImagePermissions']['edit'] = 'checked';
+ }
+ if ($runtimeConf['defaultImagePermissions']['admin']) {
+ $runtimeConf['defaultImagePermissions']['admin'] = 'checked';
+ }
+ if ($runtimeConf['defaultImagePermissions']['link']) {
+ $runtimeConf['defaultImagePermissions']['link'] = 'checked';
+ }
+ if ($runtimeConf['defaultImagePermissions']['download']) {
+ $runtimeConf['defaultImagePermissions']['download'] = 'checked';
+ }
+
+ if ($runtimeConf['allowLoginByDefault']) {
+ $runtimeConf['allowLoginByDefault'] = 'checked';
+ }
+ }
+ $runtimeConf['allowedSave'] = User::hasPermission("runtimeconfig.save");
+ Render::addTemplate('runtimeconfig', $runtimeConf);
+ }
+
+ public static function doAjax()
+ {
+
+ }
+
+}
diff --git a/modules-available/dozmod/pages/templates.inc.php b/modules-available/dozmod/pages/templates.inc.php
new file mode 100644
index 00000000..b857115f
--- /dev/null
+++ b/modules-available/dozmod/pages/templates.inc.php
@@ -0,0 +1,139 @@
+$var";
+ $lis .= "$var";
+ }
+ foreach($t['optional_variables'] as $var) {
+ $optVars .= "";
+ $lis .= "$var";
+ }
+ /* also options for hidden inputs */
+
+ $t['html_availableVariables'] = $lis;
+ $t['html_mandatoryVariables'] = $optManVars;
+ $t['html_optionalVariables'] = $optVars;
+
+ /* also for javascript */
+ $t['list_mandatoryVariables'] =
+ implode(',', $t['mandatory_variables']);
+
+ $t['list_optionalVariables'] =
+ implode(',', $t['optional_variables']);
+
+ settype($t['original'], 'bool');
+ settype($t['edit_version'], 'int');
+ settype($t['version'], 'int');
+ $t['modified'] = !$t['original'];
+ $t['conflict'] = !$t['original'] && $t['edit_version'] < $t['version'];
+ }
+ }
+
+ public static function doRender()
+ {
+ self::enrichHtml();
+ Render::addTemplate('templates', [
+ 'templates' => self::$templates,
+ 'allowedReset' => User::hasPermission("templates.reset"),
+ 'allowedSave' => User::hasPermission("templates.save"),
+ ]);
+ }
+
+ private static function forcmp($string)
+ {
+ return trim(str_replace("\r\n", "\n", $string));
+ }
+
+ private static function handleSave()
+ {
+ $data = Request::post('templates');
+ if (is_array($data)) {
+ self::fetchTemplates();
+ foreach (self::$templates as &$template) {
+ if (isset($data[$template['name']])) {
+ if (self::forcmp($template['template']) !== self::forcmp($data[$template['name']]['template'])) {
+ if (empty($template['original_template'])) {
+ $template['original_template'] = $template['template'];
+ }
+ $template['edit_version'] = $template['version'];
+ }
+ $template['original'] = (empty($template['original_template']) && $template['original'])
+ || self::forcmp($template['original_template']) === self::forcmp($data[$template['name']]['template']);
+ if ($template['original']) {
+ $template['original_template'] = '';
+ }
+ $template['template'] = $data[$template['name']]['template'];
+ }
+ }
+ unset($template);
+ $data = json_encode(array('templates' => self::$templates));
+ Database::exec("UPDATE sat.configuration SET value = :value WHERE parameter = 'templates'", array('value' => $data));
+ Message::addSuccess('templates-saved');
+ } else {
+ Message::addError('nothing-submitted');
+ }
+ Util::redirect('?do=dozmod§ion=templates');
+ }
+
+ private static function handleReset()
+ {
+ $result = Download::asStringPost('http://127.0.0.1:9080/do/reset-mail-templates', array(), 10, $code);
+ if ($code == 999) {
+ Message::addError('timeout');
+ } elseif ($code != 200) {
+ Message::addError('dozmod-error', $code);
+ } else {
+ Message::addSuccess('all-templates-reset', $result);
+ }
+ Util::redirect('?do=dozmod§ion=templates');
+ }
+
+ private static function fetchTemplates() {
+ $templates= Database::queryFirst('SELECT value FROM sat.configuration WHERE parameter = :param', array('param' => 'templates'));
+ if ($templates != null) {
+ $templates = @json_decode($templates['value'], true);
+ if (is_array($templates)) {
+ $names = array_map(static function ($e) { return $e['name']; }, $templates['templates']);
+ array_multisort($names, SORT_ASC, $templates['templates']);
+ self::$templates = $templates['templates'];
+ }
+ }
+
+ }
+
+ public static function doAjax()
+ {
+
+ }
+
+}
diff --git a/modules-available/dozmod/pages/users.inc.php b/modules-available/dozmod/pages/users.inc.php
new file mode 100644
index 00000000..79d13827
--- /dev/null
+++ b/modules-available/dozmod/pages/users.inc.php
@@ -0,0 +1,121 @@
+fetch(PDO::FETCH_ASSOC)) {
+ $row['canlogin'] = self::checked($row['canlogin']);
+ $row['issuperuser'] = self::checked($row['issuperuser']);
+ $row['emailnotifications'] = self::checked($row['emailnotifications']);
+ $row['lastlogin'] = date('d.m.Y', $row['lastlogin']);
+ $rows[] = $row;
+ }
+ Render::addTemplate('userlist', array('users' => $rows));
+ }
+
+ private static function listOrganizations()
+ {
+ $res = Database::simpleQuery('SELECT organizationid, displayname, canlogin FROM sat.organization'
+ . ' ORDER BY displayname ASC');
+ $rows = array();
+ while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+ $row['canlogin'] = self::checked($row['canlogin']);
+ $rows[] = $row;
+ }
+ Render::addTemplate('orglist', array('organizations' => $rows));
+ }
+
+ private static function checked($val)
+ {
+ if ($val)
+ return 'checked="checked"';
+ return '';
+ }
+
+ private static function setUserOption($option)
+ {
+ $val = (string) Request::post('value', '-');
+ if ($val !== '1' && $val !== '0')
+ die('Nein');
+ if ($option === 'setmail') {
+ $field = 'emailnotifications';
+ } elseif ($option === 'setsu') {
+ $field = 'issuperuser';
+ } elseif ($option === 'setlogin') {
+ $field = 'canlogin';
+ } else {
+ die('Unknown');
+ }
+ $user = (string) Request::post('userid', '?');
+ $ret = Database::exec("UPDATE sat.user SET $field = :onoff WHERE userid = :userid", array(
+ 'userid' => $user,
+ 'onoff' => $val
+ ));
+ error_log("Setting $field to $val for $user - affected: $ret");
+ if ($ret === false)
+ die('Error');
+ if ($ret === 0)
+ die(1 - $val);
+ die($val);
+ }
+
+ private static function setOrgOption($option)
+ {
+ $val = (string) Request::post('value', '-');
+ if ($val !== '1' && $val !== '0')
+ die('Nein');
+ if ($option === 'setorglogin') {
+ $field = 'canlogin';
+ } else {
+ die('Unknown');
+ }
+ $ret = Database::exec("UPDATE sat.organization SET $field = :onoff WHERE organizationid = :organizationid", array(
+ 'organizationid' => (string) Request::post('organizationid', ''),
+ 'onoff' => $val
+ ));
+ if ($ret === false)
+ die('Error');
+ if ($ret === 0)
+ die(1 - $val);
+ die($val);
+ }
+
+}
\ No newline at end of file
diff --git a/modules-available/dozmod/permissions/permissions.json b/modules-available/dozmod/permissions/permissions.json
index b4ff034b..c149cb69 100644
--- a/modules-available/dozmod/permissions/permissions.json
+++ b/modules-available/dozmod/permissions/permissions.json
@@ -1,17 +1,17 @@
{
- "images.delete": {
+ "expiredimages.delete": {
"location-aware": false
},
- "log.showtarget": {
+ "actionlog.showtarget": {
"location-aware": false
},
- "log.showuser": {
+ "actionlog.showuser": {
"location-aware": false
},
- "mail.save": {
+ "mailconfig.save": {
"location-aware": false
},
- "mail.testmail": {
+ "mailconfig.testmail": {
"location-aware": false
},
"runtimeconfig.save": {
@@ -23,7 +23,7 @@
"templates.save": {
"location-aware": false
},
- "users.orglogin": {
+ "users.setorglogin": {
"location-aware": false
},
"users.setlogin": {
diff --git a/modules-available/dozmod/templates/images-delete.html b/modules-available/dozmod/templates/images-delete.html
index ed75a0d2..78690426 100644
--- a/modules-available/dozmod/templates/images-delete.html
+++ b/modules-available/dozmod/templates/images-delete.html
@@ -9,6 +9,7 @@