From 59430e90b1b9334761d815aeb6e519effe7e5243 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 13 Feb 2018 17:52:52 +0100
Subject: [dozmod] Move subpages to pages/, hide pages where user has no
permission
---
modules-available/dozmod/inc/pagedozmodlog.inc.php | 163 ---------------------
.../dozmod/inc/pagedozmodusers.inc.php | 121 ---------------
.../dozmod/inc/pagemailtemplates.inc.php | 136 -----------------
3 files changed, 420 deletions(-)
delete mode 100644 modules-available/dozmod/inc/pagedozmodlog.inc.php
delete mode 100644 modules-available/dozmod/inc/pagedozmodusers.inc.php
delete mode 100644 modules-available/dozmod/inc/pagemailtemplates.inc.php
(limited to 'modules-available/dozmod/inc')
diff --git a/modules-available/dozmod/inc/pagedozmodlog.inc.php b/modules-available/dozmod/inc/pagedozmodlog.inc.php
deleted file mode 100644
index 80441cd1..00000000
--- a/modules-available/dozmod/inc/pagedozmodlog.inc.php
+++ /dev/null
@@ -1,163 +0,0 @@
-action = Request::get('action', '', 'string');
- if ($this->action !== '' && $this->action !== 'showtarget' && $this->action !== 'showuser') {
- Util::traceError('Invalid action for actionlog: "' . $this->action . '"');
- }
- $this->uuid = Request::get('uuid', '', 'string');
- }
-
- protected function doRender()
- {
- Render::addTemplate('actionlog-header');
- if ($this->action === '') {
- $this->generateLog("SELECT al.dateline, al.targetid, al.description,"
- . " img.displayname AS imgname, tu.firstname AS tfirstname, tu.lastname AS tlastname, l.displayname AS lecturename,"
- . " al.userid AS uuserid, usr.firstname AS ufirstname, usr.lastname AS ulastname"
- . " FROM sat.actionlog al"
- . " LEFT JOIN sat.imagebase img ON (img.imagebaseid = targetid)"
- . " LEFT JOIN sat.user usr ON (usr.userid = al.userid)"
- . " LEFT JOIN sat.user tu ON (tu.userid = al.targetid)"
- . " LEFT JOIN sat.lecture l ON (l.lectureid = targetid)"
- . " ORDER BY al.dateline DESC LIMIT 500", array(), true, true);
- } elseif ($this->action === 'showuser') {
- if (User::hasPermission("log.showuser")) {
- $this->listUser();
- }
- } else {
- if (User::hasPermission("log.showtarget")) {
- $this->listTarget();
- }
- }
- }
-
- private function listUser()
- {
- // Query user
- $user = Database::queryFirst('SELECT userid, firstname, lastname, email, lastlogin,'
- . ' organization.displayname AS orgname FROM sat.user'
- . ' LEFT JOIN sat.organization USING (organizationid)'
- . ' WHERE userid = :uuid'
- . ' LIMIT 1', array('uuid' => $this->uuid));
- if ($user === false) {
- Message::addError('unknown-userid', $this->uuid);
- Util::redirect('?do=dozmod§ion=actionlog');
- }
- // Mangle date and render
- $user['lastlogin_s'] = date('d.m.Y H:i', $user['lastlogin']);
- Render::addTemplate('actionlog-user', $user);
- // Finally add the actionlog
- $this->generateLog("SELECT al.dateline, al.targetid, al.description,"
- . " img.displayname AS imgname, usr.firstname AS tfirstname, usr.lastname AS tlastname, l.displayname AS lecturename"
- . " FROM sat.actionlog al"
- . " LEFT JOIN sat.imagebase img ON (img.imagebaseid = targetid)"
- . " LEFT JOIN sat.user usr ON (usr.userid = targetid)"
- . " LEFT JOIN sat.lecture l ON (l.lectureid = targetid)"
- . " WHERE al.userid = :uuid"
- . " ORDER BY al.dateline DESC LIMIT 500", array('uuid' => $this->uuid), false, true);
- }
-
- private function listTarget()
- {
- // We have to guess what kind of target it is
- if (!$this->addImageHeader()
- && !$this->addLectureHeader()) {
- Message::addError('unknown-targetid', $this->uuid);
- // Keep going, there might still be log entries for a deleted uuid
- }
-
- // Finally add the actionlog
- $this->generateLog("SELECT al.dateline, al.userid AS uuserid, al.description,"
- . " usr.firstname AS ufirstname, usr.lastname AS ulastname"
- . " FROM sat.actionlog al"
- . " LEFT JOIN sat.user usr ON (usr.userid = al.userid)"
- . " WHERE al.targetid = :uuid"
- . " ORDER BY al.dateline DESC LIMIT 500", array('uuid' => $this->uuid), true, false);
- }
-
- private function addImageHeader()
- {
- $image = Database::queryFirst('SELECT o.userid AS ouserid, o.firstname AS ofirstname, o.lastname AS olastname,'
- . ' u.userid AS uuserid, u.firstname AS ufirstname, u.lastname AS ulastname,'
- . ' img.displayname, img.description, img.createtime, img.updatetime,'
- . ' os.displayname AS osname'
- . ' FROM sat.imagebase img'
- . ' LEFT JOIN sat.user o ON (img.ownerid = o.userid)'
- . ' LEFT JOIN sat.user u ON (img.updaterid = u.userid)'
- . ' LEFT JOIN sat.operatingsystem os ON (img.osid = os.osid)'
- . ' WHERE img.imagebaseid = :uuid'
- . ' LIMIT 1', array('uuid' => $this->uuid));
- if ($image !== false) {
- // Mangle date and render
- $image['createtime_s'] = date('d.m.Y H:i', $image['createtime']);
- $image['updatetime_s'] = date('d.m.Y H:i', $image['updatetime']);
- $image['descriptionHtml'] = nl2br(htmlspecialchars($image['description']));
- Render::addTemplate('actionlog-image', $image);
- }
- return $image !== false;
- }
-
- private function addLectureHeader()
- {
- $lecture = Database::queryFirst('SELECT o.userid AS ouserid, o.firstname AS ofirstname, o.lastname AS olastname,'
- . ' u.userid AS uuserid, u.firstname AS ufirstname, u.lastname AS ulastname,'
- . ' l.displayname, l.description, l.createtime, l.updatetime,'
- . ' img.displayname AS imgname, img.imagebaseid'
- . ' FROM sat.lecture l'
- . ' LEFT JOIN sat.user o ON (l.ownerid = o.userid)'
- . ' LEFT JOIN sat.user u ON (l.updaterid = u.userid)'
- . ' LEFT JOIN sat.imageversion ver ON (ver.imageversionid = l.imageversionid)'
- . ' LEFT JOIN sat.imagebase img ON (img.imagebaseid = ver.imagebaseid)'
- . ' WHERE l.lectureid = :uuid'
- . ' LIMIT 1', array('uuid' => $this->uuid));
- if ($lecture !== false) {
- // Mangle date and render
- $lecture['createtime_s'] = date('d.m.Y H:i', $lecture['createtime']);
- $lecture['updatetime_s'] = date('d.m.Y H:i', $lecture['updatetime']);
- $lecture['descriptionHtml'] = nl2br(htmlspecialchars($lecture['description']));
- Render::addTemplate('actionlog-lecture', $lecture);
- }
- return $lecture !== false;
- }
-
- private function generateLog($query, $params, $showActor, $showTarget)
- {
- // query action log
- $res = Database::simpleQuery($query, $params);
- $events = array();
- while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- $row['dateline_s'] = date('d.m.Y H:i', $row['dateline']);
- if (isset($row['imgname'])) {
- $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showtarget&uuid=' . $row['targetid'];
- $row['targetname'] = $row['imgname'];
- } elseif (isset($row['tlastname'])) {
- $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showuser&uuid=' . $row['targetid'];
- $row['targetname'] = $row['tlastname'] . ', ' . $row['tfirstname'];
- } elseif (isset($row['lecturename'])) {
- $row['targeturl'] = '?do=dozmod§ion=actionlog&action=showtarget&uuid=' . $row['targetid'];
- $row['targetname'] = $row['lecturename'];
- }
- $events[] = $row;
- }
- $data = array('events' => $events);
- if ($showActor) {
- $data['showActor'] = true;
- }
- if ($showTarget) {
- $data['showTarget'] = true;
- }
-
- $data['allowedShowUser'] = User::hasPermission("log.showuser");
- $data['allowedShowTarget'] = User::hasPermission("log.showtarget");
- Render::addTemplate('actionlog-log', $data);
- }
-
-}
\ No newline at end of file
diff --git a/modules-available/dozmod/inc/pagedozmodusers.inc.php b/modules-available/dozmod/inc/pagedozmodusers.inc.php
deleted file mode 100644
index f4ac852b..00000000
--- a/modules-available/dozmod/inc/pagedozmodusers.inc.php
+++ /dev/null
@@ -1,121 +0,0 @@
-listUsers();
- $this->listOrganizations();
- }
-
- protected function doAjax()
- {
- User::load();
-
- $action = Request::post('action', '', 'string');
- if ($action === 'setmail' || $action === 'setsu' || $action == 'setlogin') {
- if (User::hasPermission("users.".$action)) {
- $this->setUserOption($action);
- }
- } elseif ($action === 'setorglogin') {
- if (User::hasPermission("users.orglogin")) {
- $this->setOrgOption($action);
- }
- } else {
- die('No such action');
- }
- }
-
- // Helpers
-
- private function listUsers()
- {
- $res = Database::simpleQuery('SELECT userid, firstname, lastname, email, lastlogin, user.canlogin, issuperuser, emailnotifications,'
- . ' organization.displayname AS orgname FROM sat.user'
- . ' LEFT JOIN sat.organization USING (organizationid)'
- . ' ORDER BY lastname ASC, firstname ASC');
- $rows = array();
- while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- $row['canlogin'] = $this->checked($row['canlogin']);
- $row['issuperuser'] = $this->checked($row['issuperuser']);
- $row['emailnotifications'] = $this->checked($row['emailnotifications']);
- $row['lastlogin'] = date('d.m.Y', $row['lastlogin']);
- $rows[] = $row;
- }
- Render::addTemplate('userlist', array('users' => $rows));
- }
-
- private function listOrganizations()
- {
- $res = Database::simpleQuery('SELECT organizationid, displayname, canlogin FROM sat.organization'
- . ' ORDER BY displayname ASC');
- $rows = array();
- while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- $row['canlogin'] = $this->checked($row['canlogin']);
- $rows[] = $row;
- }
- Render::addTemplate('orglist', array('organizations' => $rows));
- }
-
- private function checked($val)
- {
- if ($val)
- return 'checked="checked"';
- return '';
- }
-
- private function setUserOption($option)
- {
- $val = (string) Request::post('value', '-');
- if ($val !== '1' && $val !== '0')
- die('Nein');
- if ($option === 'setmail') {
- $field = 'emailnotifications';
- } elseif ($option === 'setsu') {
- $field = 'issuperuser';
- } elseif ($option === 'setlogin') {
- $field = 'canlogin';
- } else {
- die('Unknown');
- }
- $user = (string) Request::post('userid', '?');
- $ret = Database::exec("UPDATE sat.user SET $field = :onoff WHERE userid = :userid", array(
- 'userid' => $user,
- 'onoff' => $val
- ));
- error_log("Setting $field to $val for $user - affected: $ret");
- if ($ret === false)
- die('Error');
- if ($ret === 0)
- die(1 - $val);
- die($val);
- }
-
- private function setOrgOption($option)
- {
- $val = (string) Request::post('value', '-');
- if ($val !== '1' && $val !== '0')
- die('Nein');
- if ($option === 'setorglogin') {
- $field = 'canlogin';
- } else {
- die('Unknown');
- }
- $ret = Database::exec("UPDATE sat.organization SET $field = :onoff WHERE organizationid = :organizationid", array(
- 'organizationid' => (string) Request::post('organizationid', ''),
- 'onoff' => $val
- ));
- if ($ret === false)
- die('Error');
- if ($ret === 0)
- die(1 - $val);
- die($val);
- }
-
-}
\ No newline at end of file
diff --git a/modules-available/dozmod/inc/pagemailtemplates.inc.php b/modules-available/dozmod/inc/pagemailtemplates.inc.php
deleted file mode 100644
index ff47977f..00000000
--- a/modules-available/dozmod/inc/pagemailtemplates.inc.php
+++ /dev/null
@@ -1,136 +0,0 @@
-fetchTemplates();
- } elseif ($action === 'save') {
- if (User::hasPermission("templates.save")) {
- $this->handleSave();
- }
- } elseif ($action === 'reset') {
- if(User::hasPermission("templates.reset")) {
- $this->handleReset();
- }
- } else {
- Message::addError('main.invalid-action', $action);
- Util::redirect('?do=dozmod§ion=templates');
- }
- }
-
- private function enrichHtml() {
- /* for each template */
- foreach ($this->templates as &$t) {
- $lis = "";
- $optManVars = "";
- $optVars = "";
- foreach ($t['mandatory_variables'] as $var) {
- $optManVars .= "";
- $lis .= "$var";
- }
- foreach($t['optional_variables'] as $var) {
- $optVars .= "";
- $lis .= "$var";
- }
- /* also options for hidden inputs */
-
- $t['html_availableVariables'] = $lis;
- $t['html_mandatoryVariables'] = $optManVars;
- $t['html_optionalVariables'] = $optVars;
-
- /* also for javascript */
- $t['list_mandatoryVariables'] =
- implode(',', $t['mandatory_variables']);
-
- $t['list_optionalVariables'] =
- implode(',', $t['optional_variables']);
-
- settype($t['original'], 'bool');
- settype($t['edit_version'], 'int');
- settype($t['version'], 'int');
- $t['modified'] = !$t['original'];
- $t['conflict'] = !$t['original'] && $t['edit_version'] < $t['version'];
- }
- }
-
- protected function doRender()
- {
- $this->enrichHtml();
- Render::addTemplate('templates', [
- 'templates' => $this->templates,
- 'allowedReset' => User::hasPermission("templates.reset"),
- 'allowedSave' => User::hasPermission("templates.save"),
- ]);
- }
-
- private function forcmp($string)
- {
- return trim(str_replace("\r\n", "\n", $string));
- }
-
- private function handleSave()
- {
- $data = Request::post('templates');
- if (is_array($data)) {
- $this->fetchTemplates();
- foreach ($this->templates as &$template) {
- if (isset($data[$template['name']])) {
- if ($this->forcmp($template['template']) !== $this->forcmp($data[$template['name']]['template'])) {
- if (empty($template['original_template'])) {
- $template['original_template'] = $template['template'];
- }
- $template['edit_version'] = $template['version'];
- }
- $template['original'] = (empty($template['original_template']) && $template['original'])
- || $this->forcmp($template['original_template']) === $this->forcmp($data[$template['name']]['template']);
- if ($template['original']) {
- $template['original_template'] = '';
- }
- $template['template'] = $data[$template['name']]['template'];
- }
- }
- unset($template);
- $data = json_encode(array('templates' => $this->templates));
- Database::exec("UPDATE sat.configuration SET value = :value WHERE parameter = 'templates'", array('value' => $data));
- Message::addSuccess('templates-saved');
- } else {
- Message::addError('nothing-submitted');
- }
- Util::redirect('?do=dozmod§ion=templates');
- }
-
- private function handleReset()
- {
- $result = Download::asStringPost('http://127.0.0.1:9080/do/reset-mail-templates', array(), 10, $code);
- if ($code == 999) {
- Message::addError('timeout');
- } elseif ($code != 200) {
- Message::addError('dozmod-error', $code);
- } else {
- Message::addSuccess('all-templates-reset', $result);
- }
- Util::redirect('?do=dozmod§ion=templates');
- }
-
- private function fetchTemplates() {
- $templates= Database::queryFirst('SELECT value FROM sat.configuration WHERE parameter = :param', array('param' => 'templates'));
- if ($templates != null) {
- $templates = @json_decode($templates['value'], true);
- if (is_array($templates)) {
- $names = array_map(function ($e) { return $e['name']; }, $templates['templates']);
- array_multisort($names, SORT_ASC, $templates['templates']);
- $this->templates = $templates['templates'];
- }
- }
-
- }
-
-}
--
cgit v1.2.3-55-g7522