From f73a41753d2608187a0c85a28e419b8ea839d671 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 23 Feb 2018 15:26:17 +0100 Subject: [adduser] Extend module to simple user manager (add/edit/remove) TODO: Assign roles --- modules-available/adduser/page.inc.php | 198 +++++++++++++++++++++++++++------ 1 file changed, 162 insertions(+), 36 deletions(-) (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index 87aaeef1..a4edcf59 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -7,51 +7,177 @@ class Page_AddUser extends Page { User::load(); - if (isset($_POST['action']) && $_POST['action'] === 'adduser') { - // Check required fields - if (empty($_POST['user']) || empty($_POST['pass1']) || empty($_POST['pass2']) || empty($_POST['fullname'])) { - Message::addError('main.empty-field'); - Util::redirect('?do=AddUser'); - } elseif ($_POST['pass1'] !== $_POST['pass2']) { - Message::addError('password-mismatch'); - Util::redirect('?do=AddUser'); - } elseif (!User::hasPermission('superadmin') && Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false) { - Message::addError('adduser-disabled'); - Util::redirect('?do=Session&action=login'); + $action = Request::post(('action'), false, 'string'); + + if ($action === 'adduser') { + $this->addUser(); + } elseif ($action === 'edituser') { + $this->editUser(); + } elseif ($action === 'deleteuser') { + $this->deleteUser(); + } + if (Request::isPost()) { + Util::redirect('?do=adduser'); + } + } + + private function addUser() + { + // Check required fields + $login = Request::post('login', '', 'string'); + $pass1 = Request::post('pass1', '', 'string'); + $pass2 = Request::post('pass2', '', 'string'); + $fullname = Request::post('fullname', '', 'string'); + $phone = Request::post('phone', '', 'string'); + $email = Request::post('email', '', 'string'); + if (empty($login) || empty($pass1) || empty($pass2) || empty($fullname)) { + Message::addError('main.empty-field'); + return; + } elseif ($pass1 !== $pass2) { + Message::addError('password-mismatch'); + return; + } else { + if (Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false) { + User::assertPermission('user.add'); + } + $data = array( + 'login' => $login, + 'pass' => Crypto::hash6($pass1), + 'fullname' => $fullname, + 'phone' => $phone, + 'email' => $email, + ); + Database::exec('INSERT INTO user SET login = :login, passwd = :pass, fullname = :fullname, phone = :phone, email = :email', $data); + $id = Database::lastInsertId(); + // Make it superadmin if first user. This method sucks as it's a race condition but hey... + $ret = Database::queryFirst('SELECT Count(*) AS num FROM user'); + if ($ret !== false && $ret['num'] == 1) { + $ret = Database::exec('UPDATE user SET permissions = 1, userid = 1 WHERE userid = :id', ['id' => $id], true); + if ($ret !== false) { + EventLog::clear(); + } + EventLog::info('Created first user ' . $login); + } else { + EventLog::info(User::getName() . ' created user ' . $login); + } + Message::addInfo('adduser-success'); + return; + } + } + + private function editUser() + { + User::assertPermission('user.edit'); + $userid = Request::post('userid', false, 'int'); + if ($userid === false) { + Message::addError('main.parameter-missing', 'userid'); + return; + } + $user = Database::queryFirst('SELECT userid, login, fullname, phone, email + FROM user WHERE userid = :userid', compact('userid')); + if ($user === false) { + Message::addError('user-not-found', $userid); + return; + } + // Check required fields + $login = Request::post('login', '', 'string'); + $pass1 = Request::post('pass1', '', 'string'); + $pass2 = Request::post('pass2', '', 'string'); + $fullname = Request::post('fullname', '', 'string'); + $phone = Request::post('phone', '', 'string'); + $email = Request::post('email', '', 'string'); + if (empty($login) || empty($fullname)) { + Message::addError('main.empty-field'); + } elseif (!(empty($pass1) && empty($pass2)) && $pass1 !== $pass2) { + Message::addError('password-mismatch'); + } else { + $data = array( + 'login' => $login, + 'fullname' => $fullname, + 'phone' => $phone, + 'email' => $email, + 'userid' => $userid, + ); + $ret = Database::exec('UPDATE user SET login = :login, fullname = :fullname, phone = :phone, email = :email WHERE userid = :userid', $data, true); + if ($ret === false) { + Message::addError('db-error', Database::lastError()); } else { - $data = array( - 'user' => $_POST['user'], - 'pass' => Crypto::hash6($_POST['pass1']), - 'fullname' => $_POST['fullname'], - 'phone' => $_POST['phone'], - 'email' => $_POST['email'], - ); - if (Database::exec('INSERT INTO user SET login = :user, passwd = :pass, fullname = :fullname, phone = :phone, email = :email', $data) != 1) { - Util::traceError('Could not create new user in DB'); + if ($ret > 0) { + Message::addSuccess('user-edited'); } - // Make it superadmin if first user. This method sucks as it's a race condition but hey... - $ret = Database::queryFirst('SELECT Count(*) AS num FROM user'); - if ($ret !== false && $ret['num'] == 1) { - Database::exec('UPDATE user SET permissions = 1'); - EventLog::clear(); - EventLog::info('Created first user ' . $_POST['user']); - } else { - EventLog::info(User::getName() . ' created user ' . $_POST['user']); + if (!empty($pass1)) { + $data = [ + 'pass' => Crypto::hash6($pass1), + 'userid' => $userid, + ]; + Database::exec('UPDATE user SET passwd = :pass WHERE userid = :userid', $data); + Message::addSuccess('password-changed'); } - Message::addInfo('adduser-success'); - Util::redirect('?do=Session&action=login'); } } + Util::redirect('?do=adduser&show=edituser&userid=' . $userid); + } + + private function deleteUser() + { + User::assertPermission('user.remove'); + $userid = Request::post('userid', false, 'int'); + if ($userid === false) { + Message::addError('main.parameter-missing', 'userid'); + return; + } + //\\ + $user = Database::queryFirst('SELECT userid, login, fullname, phone, email + FROM user WHERE userid = :userid', compact('userid')); + if ($user === false) { + Message::addError('user-not-found', $userid); + return; + } + if ($user['userid'] == 1 || $user['userid'] == User::getId()) { + Message::addError('cannot-delete-1-self'); + return; + } + Database::exec('DELETE FROM user WHERE userid = :userid', compact('userid')); + Message::addSuccess('user-deleted', $userid); } protected function doRender() { - // No user was added, check if current user is allowed to add a new user - // Currently you can only add users if there is no user yet. :) - if (!User::hasPermission('superadmin') && Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false) { - Message::addError('adduser-disabled'); - } else { - Render::addTemplate('page-adduser', $_POST); + Render::addTemplate('header'); + $hasUsers = (Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false); + $show = Request::get('show', ($hasUsers ? 'list' : 'adduser'), 'string'); + if ($show === 'adduser') { + // Can add user if: - no user exists yet; - user has explicit permission to add users + if ($hasUsers) { + User::assertPermission('user.add'); + } + Render::addTemplate('page-adduser'); + } elseif ($show === 'edituser') { + User::assertPermission('user.edit'); + $userid = Request::get('userid', false, 'int'); + if ($userid === false) { + Message::addError('main.parameter-missing', 'userid'); + Util::redirect('?do=adduser&show=list'); + } + $user = Database::queryFirst('SELECT userid, login, fullname, phone, email + FROM user WHERE userid = :userid', compact('userid')); + if ($user === false) { + Message::addError('user-not-found', $userid); + } else { + // TODO: LDAP -> disallow pw change, maybe other fields too? + Render::addTemplate('page-edituser', $user); + } + } elseif ($show === 'list') { + User::assertPermission('list.view'); + $page = new Paginate('SELECT userid, login, fullname, phone, email FROM user ORDER BY login', 50); + $data = ['list' => $page->exec()->fetchAll(PDO::FETCH_ASSOC)]; + foreach ($data['list'] as &$u) { + // Don't allow deleting user 1 and self + $u['hide_delete'] = $u['userid'] == 1 || $u['userid'] == User::getId(); + } + unset($u); + Permission::addGlobalTags($data['perms'], null, ['user.add', 'user.edit', 'user.remove']); + $page->render('page-userlist', $data); } } -- cgit v1.2.3-55-g7522 From 00851bd25e57938a79356d2efb36c2bea1697760 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 23 Feb 2018 18:41:49 +0100 Subject: [adduser] Support setting user's roles on add/edit --- modules-available/adduser/page.inc.php | 33 ++++++ .../adduser/templates/page-adduser.html | 74 +++++++------ .../adduser/templates/page-edituser.html | 120 ++++++++++----------- .../adduser/templates/user-permissions.html | 24 +++++ .../inc/permissiondbupdate.inc.php | 28 ++++- .../permissionmanager/inc/permissionutil.inc.php | 23 ++++ 6 files changed, 198 insertions(+), 104 deletions(-) create mode 100644 modules-available/adduser/templates/user-permissions.html (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index a4edcf59..d1615828 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -61,6 +61,7 @@ class Page_AddUser extends Page EventLog::info(User::getName() . ' created user ' . $login); } Message::addInfo('adduser-success'); + $this->saveRoles($id); return; } } @@ -113,6 +114,7 @@ class Page_AddUser extends Page Database::exec('UPDATE user SET passwd = :pass WHERE userid = :userid', $data); Message::addSuccess('password-changed'); } + $this->saveRoles($userid); } } Util::redirect('?do=adduser&show=edituser&userid=' . $userid); @@ -141,6 +143,19 @@ class Page_AddUser extends Page Message::addSuccess('user-deleted', $userid); } + private function saveRoles($userid) + { + if (!Module::isAvailable('permissionmanager')) + return; + if (!User::hasPermission('.permissionmanager.users.edit-roles')) + return; + $roles = Request::post('roles', [], 'array'); + $ret = PermissionDbUpdate::setRolesForUser([$userid], $roles); + if ($ret > 0) { + Message::addSuccess('roles-updated'); + } + } + protected function doRender() { Render::addTemplate('header'); @@ -151,7 +166,12 @@ class Page_AddUser extends Page if ($hasUsers) { User::assertPermission('user.add'); } + Render::openTag('form', ['class' => 'form-adduser', 'action' => '?do=adduser', 'method' => 'post']); Render::addTemplate('page-adduser'); + if ($hasUsers) { + $this->showPermissions(); + } + Render::closeTag('form'); } elseif ($show === 'edituser') { User::assertPermission('user.edit'); $userid = Request::get('userid', false, 'int'); @@ -165,7 +185,10 @@ class Page_AddUser extends Page Message::addError('user-not-found', $userid); } else { // TODO: LDAP -> disallow pw change, maybe other fields too? + Render::openTag('form', ['class' => 'form-adduser', 'action' => '?do=adduser', 'method' => 'post']); Render::addTemplate('page-edituser', $user); + $this->showPermissions($userid); + Render::closeTag('form'); } } elseif ($show === 'list') { User::assertPermission('list.view'); @@ -181,4 +204,14 @@ class Page_AddUser extends Page } } + private function showPermissions($userid = false) + { + if (!Module::isAvailable('permissionmanager')) + return; + if (!User::hasPermission('.permissionmanager.users.edit-roles')) + return; + $data = ['roles' => PermissionUtil::getRoles($userid, false)]; + Render::addTemplate('user-permissions', $data); + } + } diff --git a/modules-available/adduser/templates/page-adduser.html b/modules-available/adduser/templates/page-adduser.html index 58d705f8..bd16dbbf 100644 --- a/modules-available/adduser/templates/page-adduser.html +++ b/modules-available/adduser/templates/page-adduser.html @@ -1,39 +1,37 @@ -
- - -

{{lang_createUser}}

-
-
-
+ + +

{{lang_createUser}}

+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- -
-
- - - +
+ + diff --git a/modules-available/adduser/templates/page-edituser.html b/modules-available/adduser/templates/page-edituser.html index b8e51b5c..36293b11 100644 --- a/modules-available/adduser/templates/page-edituser.html +++ b/modules-available/adduser/templates/page-edituser.html @@ -1,72 +1,70 @@ -
- - -

{{lang_editUser}}

+ + +

{{lang_editUser}}

-
-
-
-
-
-
-
-

- {{lang_changeLoginHint}} -

-
+
+
+
+
+
+
+
+

+ {{lang_changeLoginHint}} +

+
-
-
-
-
-
+
+
+
- {{#password_disabled}} -
-
-
-

- {{lang_changeOwnPasswordHint}} -

-
+
+
+{{#password_disabled}} +
+
+
+

+ {{lang_changeOwnPasswordHint}} +

- {{/password_disabled}} -
+
+{{/password_disabled}} +
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
-
-
-
-
+
+
+
-
+
+
-
-
-
- -
+
+
+
+
- - - - +
+ + + diff --git a/modules-available/adduser/templates/user-permissions.html b/modules-available/adduser/templates/user-permissions.html new file mode 100644 index 00000000..ce51630f --- /dev/null +++ b/modules-available/adduser/templates/user-permissions.html @@ -0,0 +1,24 @@ +

{{lang_assignRoles}}

+ + + + + + + + + + + {{#roles}} + + + + + {{/roles}} + +
{{lang_role}}
{{rolename}} +
+ + +
+
\ No newline at end of file diff --git a/modules-available/permissionmanager/inc/permissiondbupdate.inc.php b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php index 1f56f4ea..5f528a37 100644 --- a/modules-available/permissionmanager/inc/permissiondbupdate.inc.php +++ b/modules-available/permissionmanager/inc/permissiondbupdate.inc.php @@ -7,17 +7,19 @@ class PermissionDbUpdate * Insert all user/role combinations into the role_x_user table. * * @param int[] $users userids - * @param string[] $roles roleids + * @param int[] $roles roleids */ public static function addRoleToUser($users, $roles) { + if (empty($users) || empty($roles)) + return 0; $arg = array(); foreach ($users AS $userid) { foreach ($roles AS $roleid) { $arg[] = compact('userid', 'roleid'); } } - Database::exec("INSERT IGNORE INTO role_x_user (userid, roleid) VALUES :arg", + return Database::exec("INSERT IGNORE INTO role_x_user (userid, roleid) VALUES :arg", ['arg' => $arg]); } @@ -25,12 +27,28 @@ class PermissionDbUpdate * Remove all user/role combinations from the role_x_user table. * * @param int[] $users userids - * @param string[] $roles roleids + * @param int[] $roles roleids */ public static function removeRoleFromUser($users, $roles) { + if (empty($users) || empty($roles)) + return 0; $query = "DELETE FROM role_x_user WHERE userid IN (:users) AND roleid IN (:roles)"; - Database::exec($query, array("users" => $users, "roles" => $roles)); + return Database::exec($query, array("users" => $users, "roles" => $roles)); + } + + /** + * Assign the specified roles to given users, removing any roles from the users + * that are not in the given set. + * + * @param int[] $users list of user ids + * @param int[] $roles list of role ids + */ + public static function setRolesForUser($users, $roles) + { + $count = Database::exec("DELETE FROM role_x_user WHERE userid in (:users) AND roleid NOT IN (:roles)", + compact('users', 'roles')); + return $count + self::addRoleToUser($users, $roles); } /** @@ -40,7 +58,7 @@ class PermissionDbUpdate */ public static function deleteRole($roleid) { - Database::exec("DELETE FROM role WHERE roleid = :roleid", array("roleid" => $roleid)); + return Database::exec("DELETE FROM role WHERE roleid = :roleid", array("roleid" => $roleid)); } /** diff --git a/modules-available/permissionmanager/inc/permissionutil.inc.php b/modules-available/permissionmanager/inc/permissionutil.inc.php index 29663ed9..a3a2b610 100644 --- a/modules-available/permissionmanager/inc/permissionutil.inc.php +++ b/modules-available/permissionmanager/inc/permissionutil.inc.php @@ -231,6 +231,28 @@ class PermissionUtil return $permissions; } + /** + * Get all existing roles. + * + * @param int|false $userid Which user to consider, false = none + * @param bool $onlyMatching true = filter roles the user doesn't have + * @return array list of roles + */ + public static function getRoles($userid = false, $onlyMatching = true) + { + if ($userid === false) { + return Database::queryAll('SELECT roleid, rolename FROM role ORDER BY rolename ASC'); + } + $ret = Database::queryAll('SELECT r.roleid, r.rolename, u.userid AS hasRole FROM role r + LEFT JOIN role_x_user u ON (r.roleid = u.roleid AND u.userid = :userid) + GROUP BY r.roleid + ORDER BY rolename ASC', ['userid' => $userid]); + foreach ($ret as &$role) { + settype($role['hasRole'], 'bool'); + } + return $ret; + } + /** * Place a permission into the given permission tree. * @@ -252,4 +274,5 @@ class PermissionUtil } $tree = array('description' => $description, 'location-aware' => $locationAware, 'isLeaf' => true); } + } \ No newline at end of file -- cgit v1.2.3-55-g7522 From 74dc127c932c8cf1c8d025b1134b21bd97587428 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Sat, 24 Feb 2018 12:47:20 +0100 Subject: [adduser] Consistent method naming --- modules-available/adduser/page.inc.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index d1615828..60785d6c 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -169,7 +169,7 @@ class Page_AddUser extends Page Render::openTag('form', ['class' => 'form-adduser', 'action' => '?do=adduser', 'method' => 'post']); Render::addTemplate('page-adduser'); if ($hasUsers) { - $this->showPermissions(); + $this->showRoles(); } Render::closeTag('form'); } elseif ($show === 'edituser') { @@ -187,7 +187,7 @@ class Page_AddUser extends Page // TODO: LDAP -> disallow pw change, maybe other fields too? Render::openTag('form', ['class' => 'form-adduser', 'action' => '?do=adduser', 'method' => 'post']); Render::addTemplate('page-edituser', $user); - $this->showPermissions($userid); + $this->showRoles($userid); Render::closeTag('form'); } } elseif ($show === 'list') { @@ -204,7 +204,7 @@ class Page_AddUser extends Page } } - private function showPermissions($userid = false) + private function showRoles($userid = false) { if (!Module::isAvailable('permissionmanager')) return; -- cgit v1.2.3-55-g7522 From 4bc146d5e2bf3dfcddf674aa366bdebd1c1e2a4a Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 27 Mar 2018 10:35:05 +0200 Subject: [adduser] Show name of deleted user in confirmation message Refs #3344 --- modules-available/adduser/lang/de/messages.json | 2 +- modules-available/adduser/lang/en/messages.json | 2 +- modules-available/adduser/page.inc.php | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/lang/de/messages.json b/modules-available/adduser/lang/de/messages.json index 207e8056..a744ae5f 100644 --- a/modules-available/adduser/lang/de/messages.json +++ b/modules-available/adduser/lang/de/messages.json @@ -5,7 +5,7 @@ "password-changed": "Passwort ge\u00e4ndert", "password-mismatch": "Passwort und Passwortbest\u00e4tigung stimmen nicht \u00fcberein", "roles-updated": "Rollen aktualisiert", - "user-deleted": "Benutzer {{0}} gel\u00f6scht", + "user-deleted": "Benutzer {{0}} (ID={1}}) gel\u00f6scht", "user-edited": "Benutzerdaten wurden ge\u00e4ndert", "user-not-found": "Benutzer mit ID {{0}} nicht gefunden" } \ No newline at end of file diff --git a/modules-available/adduser/lang/en/messages.json b/modules-available/adduser/lang/en/messages.json index d55e0ec6..67bca6f9 100644 --- a/modules-available/adduser/lang/en/messages.json +++ b/modules-available/adduser/lang/en/messages.json @@ -5,7 +5,7 @@ "password-changed": "Password changed", "password-mismatch": "Password and password confirmation do not match", "roles-updated": "Roles have been updated", - "user-deleted": "Deleted user {{0}}", + "user-deleted": "Deleted user {{0}} (ID={{1}})", "user-edited": "User data has been updated", "user-not-found": "User with ID {{0}} not found" } \ No newline at end of file diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index 60785d6c..c43a04e6 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -129,7 +129,7 @@ class Page_AddUser extends Page return; } //\\ - $user = Database::queryFirst('SELECT userid, login, fullname, phone, email + $user = Database::queryFirst('SELECT userid, login FROM user WHERE userid = :userid', compact('userid')); if ($user === false) { Message::addError('user-not-found', $userid); @@ -140,7 +140,7 @@ class Page_AddUser extends Page return; } Database::exec('DELETE FROM user WHERE userid = :userid', compact('userid')); - Message::addSuccess('user-deleted', $userid); + Message::addSuccess('user-deleted', $user['login'], $userid); } private function saveRoles($userid) -- cgit v1.2.3-55-g7522 From 018339a07bd6511275b6a780cd9a2b54eb319414 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Mon, 9 Apr 2018 17:04:38 +0200 Subject: [adduser] Rename permission to view-list --- modules-available/adduser/page.inc.php | 2 +- modules-available/adduser/permissions/permissions.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index c43a04e6..3af4ea6d 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -191,7 +191,7 @@ class Page_AddUser extends Page Render::closeTag('form'); } } elseif ($show === 'list') { - User::assertPermission('list.view'); + User::assertPermission('user.view-list'); $page = new Paginate('SELECT userid, login, fullname, phone, email FROM user ORDER BY login', 50); $data = ['list' => $page->exec()->fetchAll(PDO::FETCH_ASSOC)]; foreach ($data['list'] as &$u) { diff --git a/modules-available/adduser/permissions/permissions.json b/modules-available/adduser/permissions/permissions.json index e778b893..e8fd0a5e 100644 --- a/modules-available/adduser/permissions/permissions.json +++ b/modules-available/adduser/permissions/permissions.json @@ -8,7 +8,7 @@ "user.remove": { "location-aware": false }, - "list.view": { + "user.view-list": { "location-aware": false } } \ No newline at end of file -- cgit v1.2.3-55-g7522 From 1a4c38fddc0003ca36e2c3838b5a4c9233d51a35 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Mon, 9 Apr 2018 18:09:07 +0200 Subject: [adduser] JS checks while editing user; second save button below role list --- modules-available/adduser/page.inc.php | 5 +++- .../adduser/templates/js-add-edit.html | 26 ++++++++++++++++++ .../adduser/templates/page-adduser.html | 32 ++++------------------ .../adduser/templates/page-edituser.html | 14 ++++++---- .../adduser/templates/user-permissions.html | 12 +++++++- 5 files changed, 55 insertions(+), 34 deletions(-) create mode 100644 modules-available/adduser/templates/js-add-edit.html (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index 3af4ea6d..e95cb78a 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -106,7 +106,7 @@ class Page_AddUser extends Page if ($ret > 0) { Message::addSuccess('user-edited'); } - if (!empty($pass1)) { + if (!empty($pass1) && $userid !== User::getId()) { $data = [ 'pass' => Crypto::hash6($pass1), 'userid' => $userid, @@ -168,6 +168,7 @@ class Page_AddUser extends Page } Render::openTag('form', ['class' => 'form-adduser', 'action' => '?do=adduser', 'method' => 'post']); Render::addTemplate('page-adduser'); + Render::addTemplate('js-add-edit'); if ($hasUsers) { $this->showRoles(); } @@ -184,9 +185,11 @@ class Page_AddUser extends Page if ($user === false) { Message::addError('user-not-found', $userid); } else { + $user['password_disabled'] = User::getId() === $userid ? 'disabled' : false; // TODO: LDAP -> disallow pw change, maybe other fields too? Render::openTag('form', ['class' => 'form-adduser', 'action' => '?do=adduser', 'method' => 'post']); Render::addTemplate('page-edituser', $user); + Render::addTemplate('js-add-edit'); $this->showRoles($userid); Render::closeTag('form'); } diff --git a/modules-available/adduser/templates/js-add-edit.html b/modules-available/adduser/templates/js-add-edit.html new file mode 100644 index 00000000..95454c22 --- /dev/null +++ b/modules-available/adduser/templates/js-add-edit.html @@ -0,0 +1,26 @@ + \ No newline at end of file diff --git a/modules-available/adduser/templates/page-adduser.html b/modules-available/adduser/templates/page-adduser.html index 18d79a3b..08587373 100644 --- a/modules-available/adduser/templates/page-adduser.html +++ b/modules-available/adduser/templates/page-adduser.html @@ -30,34 +30,12 @@
- +
- - \ No newline at end of file + \ No newline at end of file diff --git a/modules-available/adduser/templates/page-edituser.html b/modules-available/adduser/templates/page-edituser.html index 36293b11..68376213 100644 --- a/modules-available/adduser/templates/page-edituser.html +++ b/modules-available/adduser/templates/page-edituser.html @@ -4,7 +4,7 @@
-
@@ -18,9 +18,9 @@
-
+
-
{{#password_disabled}} @@ -37,7 +37,7 @@
-

@@ -59,12 +59,16 @@
- +
+ diff --git a/modules-available/adduser/templates/user-permissions.html b/modules-available/adduser/templates/user-permissions.html index ce51630f..11ebd77a 100644 --- a/modules-available/adduser/templates/user-permissions.html +++ b/modules-available/adduser/templates/user-permissions.html @@ -21,4 +21,14 @@ {{/roles}} - \ No newline at end of file + + +
+
+
+ +
+
\ No newline at end of file -- cgit v1.2.3-55-g7522 From 8fd7ce430269d2999dcba3696ab6557fa59a4e94 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 19 Apr 2018 16:12:57 +0200 Subject: [adduser] Assign first created user role "Super-Admin" --- modules-available/adduser/page.inc.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index e95cb78a..a841f251 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -56,6 +56,8 @@ class Page_AddUser extends Page if ($ret !== false) { EventLog::clear(); } + // same for permissionmanager + Database::exec("INSERT INTO `role_x_user` (userid, roleid) VALUES (:id, 1)", ['id' => $id], true); EventLog::info('Created first user ' . $login); } else { EventLog::info(User::getName() . ' created user ' . $login); -- cgit v1.2.3-55-g7522 From 27e7c658d12384d15b4c47483a181b6912f21b36 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 27 Apr 2018 14:46:20 +0200 Subject: [adduser] Print userid=1 bold in userlist --- modules-available/adduser/page.inc.php | 4 ++++ modules-available/adduser/templates/page-userlist.html | 14 ++++++++------ 2 files changed, 12 insertions(+), 6 deletions(-) (limited to 'modules-available/adduser/page.inc.php') diff --git a/modules-available/adduser/page.inc.php b/modules-available/adduser/page.inc.php index a841f251..cffe33f9 100644 --- a/modules-available/adduser/page.inc.php +++ b/modules-available/adduser/page.inc.php @@ -202,9 +202,13 @@ class Page_AddUser extends Page foreach ($data['list'] as &$u) { // Don't allow deleting user 1 and self $u['hide_delete'] = $u['userid'] == 1 || $u['userid'] == User::getId(); + if ($u['userid'] == 1) { + $u['userClass'] = 'slx-bold'; + } } unset($u); Permission::addGlobalTags($data['perms'], null, ['user.add', 'user.edit', 'user.remove']); + Module::isAvailable('js_stupidtable'); $page->render('page-userlist', $data); } } diff --git a/modules-available/adduser/templates/page-userlist.html b/modules-available/adduser/templates/page-userlist.html index 8d9c6de0..262553f6 100644 --- a/modules-available/adduser/templates/page-userlist.html +++ b/modules-available/adduser/templates/page-userlist.html @@ -5,20 +5,22 @@
- +
- - - - + + + + + {{#list}} - + + -- cgit v1.2.3-55-g7522
{{lang_login}}{{lang_name}}{{lang_phone}}{{lang_email}}{{lang_userIdCol}}{{lang_login}}{{lang_name}}{{lang_phone}}{{lang_email}}
{{login}}{{userid}}{{login}} {{fullname}} {{phone}} {{email}}