From 59430e90b1b9334761d815aeb6e519effe7e5243 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 13 Feb 2018 17:52:52 +0100 Subject: [dozmod] Move subpages to pages/, hide pages where user has no permission --- modules-available/dozmod/pages/users.inc.php | 121 +++++++++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 modules-available/dozmod/pages/users.inc.php (limited to 'modules-available/dozmod/pages/users.inc.php') diff --git a/modules-available/dozmod/pages/users.inc.php b/modules-available/dozmod/pages/users.inc.php new file mode 100644 index 00000000..79d13827 --- /dev/null +++ b/modules-available/dozmod/pages/users.inc.php @@ -0,0 +1,121 @@ +fetch(PDO::FETCH_ASSOC)) { + $row['canlogin'] = self::checked($row['canlogin']); + $row['issuperuser'] = self::checked($row['issuperuser']); + $row['emailnotifications'] = self::checked($row['emailnotifications']); + $row['lastlogin'] = date('d.m.Y', $row['lastlogin']); + $rows[] = $row; + } + Render::addTemplate('userlist', array('users' => $rows)); + } + + private static function listOrganizations() + { + $res = Database::simpleQuery('SELECT organizationid, displayname, canlogin FROM sat.organization' + . ' ORDER BY displayname ASC'); + $rows = array(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $row['canlogin'] = self::checked($row['canlogin']); + $rows[] = $row; + } + Render::addTemplate('orglist', array('organizations' => $rows)); + } + + private static function checked($val) + { + if ($val) + return 'checked="checked"'; + return ''; + } + + private static function setUserOption($option) + { + $val = (string) Request::post('value', '-'); + if ($val !== '1' && $val !== '0') + die('Nein'); + if ($option === 'setmail') { + $field = 'emailnotifications'; + } elseif ($option === 'setsu') { + $field = 'issuperuser'; + } elseif ($option === 'setlogin') { + $field = 'canlogin'; + } else { + die('Unknown'); + } + $user = (string) Request::post('userid', '?'); + $ret = Database::exec("UPDATE sat.user SET $field = :onoff WHERE userid = :userid", array( + 'userid' => $user, + 'onoff' => $val + )); + error_log("Setting $field to $val for $user - affected: $ret"); + if ($ret === false) + die('Error'); + if ($ret === 0) + die(1 - $val); + die($val); + } + + private static function setOrgOption($option) + { + $val = (string) Request::post('value', '-'); + if ($val !== '1' && $val !== '0') + die('Nein'); + if ($option === 'setorglogin') { + $field = 'canlogin'; + } else { + die('Unknown'); + } + $ret = Database::exec("UPDATE sat.organization SET $field = :onoff WHERE organizationid = :organizationid", array( + 'organizationid' => (string) Request::post('organizationid', ''), + 'onoff' => $val + )); + if ($ret === false) + die('Error'); + if ($ret === 0) + die(1 - $val); + die($val); + } + +} \ No newline at end of file -- cgit v1.2.3-55-g7522 From 2ace18342feec01dd3d0cacf7c399b4c05a647b4 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 21 Mar 2018 17:06:25 +0100 Subject: [dozmod] Fix visibility of doAjax --- modules-available/dozmod/pages/users.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules-available/dozmod/pages/users.inc.php') diff --git a/modules-available/dozmod/pages/users.inc.php b/modules-available/dozmod/pages/users.inc.php index 79d13827..0791da2e 100644 --- a/modules-available/dozmod/pages/users.inc.php +++ b/modules-available/dozmod/pages/users.inc.php @@ -14,7 +14,7 @@ class SubPage self::listOrganizations(); } - protected static function doAjax() + public static function doAjax() { User::load(); -- cgit v1.2.3-55-g7522 From bf6d65f55eacde61e996b3b08994ddc6e66e0424 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 28 Mar 2018 14:30:22 +0200 Subject: [dozmod] Simplify permissions, don't link user in userlist if actionlog is inaccessible Closes #3332 --- modules-available/dozmod/lang/de/permissions.json | 9 ++++----- modules-available/dozmod/lang/de/template-tags.json | 7 +------ modules-available/dozmod/lang/en/permissions.json | 9 ++++----- modules-available/dozmod/lang/en/template-tags.json | 7 +------ modules-available/dozmod/pages/actionlog.inc.php | 11 +++-------- modules-available/dozmod/pages/users.inc.php | 5 ++++- modules-available/dozmod/permissions/permissions.json | 8 ++++---- modules-available/dozmod/templates/actionlog-log.html | 6 ++++-- modules-available/dozmod/templates/userlist.html | 6 +++++- 9 files changed, 30 insertions(+), 38 deletions(-) (limited to 'modules-available/dozmod/pages/users.inc.php') diff --git a/modules-available/dozmod/lang/de/permissions.json b/modules-available/dozmod/lang/de/permissions.json index 9c5af91d..df913265 100644 --- a/modules-available/dozmod/lang/de/permissions.json +++ b/modules-available/dozmod/lang/de/permissions.json @@ -1,14 +1,13 @@ { - "actionlog.showtarget": "Target Data im Aktions-Log anzeigen.", - "actionlog.showuser": "User Data im Aktions-Log anzeigen.", + "actionlog.view": "Aktions-Log einsehen.", "expiredimages.delete": "Zur L\u00f6schung vorgemerkete Abbilder l\u00f6schen.", "mailconfig.save": "\u00c4nderungen an der SMTP-Konfiguration zum Versenden von Mails speichern.", - "mailconfig.testmail": "Eine Test E-Mail verschicken.", "runtimeconfig.save": "\u00c4nderungen an der Laufzeit-Konfiguration speichern.", "templates.reset": "E-Mail Templates zur\u00fccksetzen.", "templates.save": "E-Mail Templates speichern.", - "users.setorglogin": "Anmeldungen f\u00fcr Benutzer von bestimmten Einrichtungen aktivieren\/deaktivieren.", "users.setlogin": "Anmeldungen f\u00fcr einzelne Benutzer aktivieren\/deaktivieren.", "users.setmail": "E-Mail Benachrichtigungen f\u00fcr einzelne Benutzer aktivieren\/deaktivieren.", - "users.setsu": "Benutzer zu SuperUser ernennen." + "users.setorglogin": "Anmeldungen f\u00fcr Benutzer von bestimmten Einrichtungen aktivieren\/deaktivieren.", + "users.setsu": "Benutzer zu SuperUser ernennen.", + "users.view": "Benutzerliste sehen." } \ No newline at end of file diff --git a/modules-available/dozmod/lang/de/template-tags.json b/modules-available/dozmod/lang/de/template-tags.json index a1c23d2e..84f6e0de 100644 --- a/modules-available/dozmod/lang/de/template-tags.json +++ b/modules-available/dozmod/lang/de/template-tags.json @@ -40,7 +40,6 @@ "lang_lecturePermissionEdit": "Bearbeiten", "lang_loadDefaults": "Alle Texte auf Auslieferungszustand zur\u00fccksetzen", "lang_mailConfig": "SMTP-Konfiguration zum Versenden von Mails", - "lang_mailConfigHeadline": "EMail-Konfiguration", "lang_mailDescription": "F\u00fcllen Sie die folgenden Felder aus, wenn sie m\u00f6chten, dass Dozierende per Mail benachrichtigt werden, falls eine von ihnen genutzte oder erstellte VM oder Veranstaltung abl\u00e4uft. Um diese Funktion zu deaktivieren, lassen Sie eines der mit (*) gekennzeichneten Felder leer. Wenn das hier angegebene E-Mail-Konto nur zum Versenden von Mails genutzt wird, sollten Sie einen Auto-Responder einrichten f\u00fcr den Fall, dass ein Dozierender auf eine der automatisch generierten Mails antwortet (bzw. eine explizit angegebene Reply-To Adresse ignoriert).", "lang_mailTemplates": "E-Mail Templates", "lang_maxImageValidity": "G\u00fcltigkeitsdauer neuer VM-Versionen (Tage)", @@ -50,7 +49,6 @@ "lang_miscOptions": "Verschiedene Einstellungen", "lang_modified": "Modifiziert", "lang_organization": "Einrichtung", - "lang_organizationList": "Liste der Einrichtungen", "lang_organizationListHeader": "Nutzungsrechte f\u00fcr den Satelliten festlegen", "lang_os": "Betriebssystem", "lang_owner": "Besitzer", @@ -61,7 +59,6 @@ "lang_replaceWithOriginal": "Originaltext in Textbox laden", "lang_replyTo": "Reply-To Adresse", "lang_runtimeConfig": "Laufzeit-Konfiguration", - "lang_runtimeConfigHeadline": "Laufzeit-Konfiguration", "lang_runtimeConfigLimits": "Beschr\u00e4nkungen", "lang_senderAddress": "Absenderadresse", "lang_senderName": "Absender Anzeigename", @@ -71,7 +68,6 @@ "lang_sslExplicit": "Explizites SSL (\"STARTTLS\")", "lang_sslImplicit": "Implizites SSL", "lang_sslNone": "Kein SSL", - "lang_subHeading": "Images, die abgelaufen oder besch\u00e4digt sind", "lang_superUser": "Ist SuperUser (darf alle Veranstaltungen und VMs bearbeiten\/l\u00f6schen)", "lang_system": "System", "lang_template": "Template", @@ -83,10 +79,9 @@ "lang_updateTime": "Letzte Bearbeitung", "lang_user": "Benutzername", "lang_userId": "Benutzer-ID", - "lang_userList": "Benutzerliste", "lang_userListDescription": "Hier k\u00f6nnen Sie individuelle Nutzer zu \"Super-Usern\" machen. Diese haben in der bwLehrpool-Suite auf alle Veranstaltungen und VMs Vollzugriff, unabh\u00e4ngig von den gesetzten Berechtigungen. Au\u00dferdem k\u00f6nnen Sie hier Benutzer vom Zugriff mittels der bwLehrpool-Suite ausschlie\u00dfen.", "lang_userListHeader": "Dem Satelliten bekannte Benutzer", "lang_usernameplaceholder": "SMTP Benutzername", "lang_version": "Version vom", "lang_when": "Wann" -} +} \ No newline at end of file diff --git a/modules-available/dozmod/lang/en/permissions.json b/modules-available/dozmod/lang/en/permissions.json index a86cf155..0827c8d2 100644 --- a/modules-available/dozmod/lang/en/permissions.json +++ b/modules-available/dozmod/lang/en/permissions.json @@ -1,14 +1,13 @@ { - "actionlog.showtarget": "Show Target Data in Log.", - "actionlog.showuser": "Show User Data in Log.", + "actionlog.view": "View action log.", "expiredimages.delete": "Delete images marked for deletion.", "mailconfig.save": "Save SMTP configuration for sending mails.", - "mailconfig.testmail": "Send a testmail.", "runtimeconfig.save": "Save limits and defaults of a runtime configuration.", "templates.reset": "Reset email templates.", "templates.save": "Save email templates.", - "users.setorglogin": "Enalbe\/Disable Login for Users from certain organisations.", "users.setlogin": "Enable\/Disable Login.", "users.setmail": "Enable\/Disable Email Notification.", - "users.setsu": "Set User to superuser." + "users.setorglogin": "Enalbe\/Disable Login for Users from certain organisations.", + "users.setsu": "Set User to superuser.", + "users.view": "View user list." } \ No newline at end of file diff --git a/modules-available/dozmod/lang/en/template-tags.json b/modules-available/dozmod/lang/en/template-tags.json index f12e4ab8..329f7260 100644 --- a/modules-available/dozmod/lang/en/template-tags.json +++ b/modules-available/dozmod/lang/en/template-tags.json @@ -40,7 +40,6 @@ "lang_lecturePermissionEdit": "Edit", "lang_loadDefaults": "Reset all templates to their defaults", "lang_mailConfig": "SMTP configuration for sending mails", - "lang_mailConfigHeadline": "Email Configuration", "lang_mailDescription": "Fill in the following fields if you want to notify tutors\/professors\/lecturers about expiring VMs and lectures. If you leave one of the required fields blank, the feature will be disabled.", "lang_mailTemplates": "E-Mail Templates", "lang_maxImageValidity": "New VM validity (days)", @@ -50,7 +49,6 @@ "lang_miscOptions": "Misc options", "lang_modified": "modified", "lang_organization": "Organization", - "lang_organizationList": "List of Organizations", "lang_organizationListHeader": "Set access permissions for organizations", "lang_os": "Operating System", "lang_owner": "Owner", @@ -61,7 +59,6 @@ "lang_replaceWithOriginal": "load original text into text box", "lang_replyTo": "Reply-To address", "lang_runtimeConfig": "Limits and Defaults", - "lang_runtimeConfigHeadline": "Configure Limits and Defaults for bwLehrpool-Suite", "lang_runtimeConfigLimits": "Limitations", "lang_senderAddress": "Sender address", "lang_senderName": "Sender's display name", @@ -71,7 +68,6 @@ "lang_sslExplicit": "Explicit SSL (\"STARTTLS\")", "lang_sslImplicit": "Implicit SSL", "lang_sslNone": "No SSL", - "lang_subHeading": "Expired or damaged images", "lang_superUser": "Is super user (can edit\/delete all lectures and VMs)", "lang_system": "System", "lang_template": "Template", @@ -83,10 +79,9 @@ "lang_updateTime": "Last update", "lang_user": "User name", "lang_userId": "User id", - "lang_userList": "User List", "lang_userListDescription": "Here you can promote \"super users\", which will have all permissions in the bwLehrpool-Suite. You can also ban users from accessing this server via the bwLehrpool-Suite.", "lang_userListHeader": "Users known to this satellite", "lang_usernameplaceholder": "SMTP Username", "lang_version": "Version timestamp", "lang_when": "When" -} +} \ No newline at end of file diff --git a/modules-available/dozmod/pages/actionlog.inc.php b/modules-available/dozmod/pages/actionlog.inc.php index 6cbd2868..a014ddf7 100644 --- a/modules-available/dozmod/pages/actionlog.inc.php +++ b/modules-available/dozmod/pages/actionlog.inc.php @@ -8,6 +8,7 @@ class SubPage public static function doPreprocess() { + User::assertPermission("actionlog.view"); self::$action = Request::get('action', '', 'string'); if (self::$action !== '' && self::$action !== 'showtarget' && self::$action !== 'showuser') { Util::traceError('Invalid action for actionlog: "' . self::$action . '"'); @@ -29,13 +30,9 @@ class SubPage . " LEFT JOIN sat.lecture l ON (l.lectureid = targetid)" . " ORDER BY al.dateline DESC LIMIT 500", array(), true, true); } elseif (self::$action === 'showuser') { - if (User::hasPermission("actionlog.showuser")) { - self::listUser(); - } + self::listUser(); } else { - if (User::hasPermission("actionlog.showtarget")) { - self::listTarget(); - } + self::listTarget(); } } @@ -155,8 +152,6 @@ class SubPage $data['showTarget'] = true; } - $data['allowedShowUser'] = User::hasPermission("actionlog.showuser"); - $data['allowedShowTarget'] = User::hasPermission("actionlog.showtarget"); Render::addTemplate('actionlog-log', $data); } diff --git a/modules-available/dozmod/pages/users.inc.php b/modules-available/dozmod/pages/users.inc.php index 0791da2e..0c958feb 100644 --- a/modules-available/dozmod/pages/users.inc.php +++ b/modules-available/dozmod/pages/users.inc.php @@ -48,7 +48,10 @@ class SubPage $row['lastlogin'] = date('d.m.Y', $row['lastlogin']); $rows[] = $row; } - Render::addTemplate('userlist', array('users' => $rows)); + Render::addTemplate('userlist', array( + 'users' => $rows, + 'nameTag' => User::hasPermission('actionlog.view') ? 'a' : 'span', + )); } private static function listOrganizations() diff --git a/modules-available/dozmod/permissions/permissions.json b/modules-available/dozmod/permissions/permissions.json index c46768d7..b9c82107 100644 --- a/modules-available/dozmod/permissions/permissions.json +++ b/modules-available/dozmod/permissions/permissions.json @@ -2,10 +2,7 @@ "expiredimages.delete": { "location-aware": false }, - "actionlog.showtarget": { - "location-aware": false - }, - "actionlog.showuser": { + "actionlog.view": { "location-aware": false }, "mailconfig.save": { @@ -31,5 +28,8 @@ }, "users.setsu": { "location-aware": false + }, + "users.view": { + "location-aware": false } } \ No newline at end of file diff --git a/modules-available/dozmod/templates/actionlog-log.html b/modules-available/dozmod/templates/actionlog-log.html index 8aa57207..7caa3d34 100644 --- a/modules-available/dozmod/templates/actionlog-log.html +++ b/modules-available/dozmod/templates/actionlog-log.html @@ -18,7 +18,9 @@ {{#showActor}} {{#uuserid}} - {{#allowedShowUser}}{{/allowedShowUser}} {{ulastname}}, {{ufirstname}}{{#allowedShowUser}}{{/allowedShowUser}} + + {{ulastname}}, {{ufirstname}} + {{/uuserid}} {{^uuserid}} {{lang_system}} @@ -28,7 +30,7 @@ {{#showTarget}} {{#targeturl}} - {{#allowedShowTarget}}{{/allowedShowTarget}}{{targetname}}{{#allowedShowTarget}}{{/allowedShowTarget}} + {{targetname}} {{/targeturl}} {{^targeturl}} {{targetname}} diff --git a/modules-available/dozmod/templates/userlist.html b/modules-available/dozmod/templates/userlist.html index b8080b44..3b919099 100644 --- a/modules-available/dozmod/templates/userlist.html +++ b/modules-available/dozmod/templates/userlist.html @@ -22,7 +22,11 @@ {{#users}} - {{lastname}}, {{firstname}} + + <{{nameTag}} href="?do=dozmod&section=actionlog&action=showuser&uuid={{userid}}"> + {{lastname}}, {{firstname}} + + {{orgname}} {{lastlogin}} {{email}} -- cgit v1.2.3-55-g7522 From e23af9e58c4a3cd01b63a0ff519d92183f429db1 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 10 Apr 2018 15:46:43 +0200 Subject: [dozmod] Require explicit view permission for user list --- modules-available/dozmod/pages/users.inc.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules-available/dozmod/pages/users.inc.php') diff --git a/modules-available/dozmod/pages/users.inc.php b/modules-available/dozmod/pages/users.inc.php index 0c958feb..23457ca6 100644 --- a/modules-available/dozmod/pages/users.inc.php +++ b/modules-available/dozmod/pages/users.inc.php @@ -5,7 +5,8 @@ class SubPage public static function doPreprocess() { - + // Currently there's only one view, actions are ajax + User::assertPermission('users.view'); } public static function doRender() -- cgit v1.2.3-55-g7522 From 0df8ff53f4c71ffc4b0fdf72a520adfe08fed513 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 12 Apr 2018 20:35:22 +0200 Subject: [dozmod] Properly sort "last login" column in user list --- modules-available/dozmod/pages/users.inc.php | 4 ++-- modules-available/dozmod/templates/userlist.html | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'modules-available/dozmod/pages/users.inc.php') diff --git a/modules-available/dozmod/pages/users.inc.php b/modules-available/dozmod/pages/users.inc.php index 23457ca6..a81bcb8b 100644 --- a/modules-available/dozmod/pages/users.inc.php +++ b/modules-available/dozmod/pages/users.inc.php @@ -46,7 +46,7 @@ class SubPage $row['canlogin'] = self::checked($row['canlogin']); $row['issuperuser'] = self::checked($row['issuperuser']); $row['emailnotifications'] = self::checked($row['emailnotifications']); - $row['lastlogin'] = date('d.m.Y', $row['lastlogin']); + $row['lastlogin_s'] = date('d.m.Y', $row['lastlogin']); $rows[] = $row; } Render::addTemplate('userlist', array( @@ -122,4 +122,4 @@ class SubPage die($val); } -} \ No newline at end of file +} diff --git a/modules-available/dozmod/templates/userlist.html b/modules-available/dozmod/templates/userlist.html index 3b919099..6b19907d 100644 --- a/modules-available/dozmod/templates/userlist.html +++ b/modules-available/dozmod/templates/userlist.html @@ -28,7 +28,7 @@ {{orgname}} - {{lastlogin}} + {{lastlogin_s}} {{email}}
-- cgit v1.2.3-55-g7522 From 26b2103a01cdde7907debde987c0b47f8c8a889e Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 12 Apr 2018 20:44:25 +0200 Subject: [dozmod] Don't show 1.1.1970 for users that never logged in --- modules-available/dozmod/pages/users.inc.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'modules-available/dozmod/pages/users.inc.php') diff --git a/modules-available/dozmod/pages/users.inc.php b/modules-available/dozmod/pages/users.inc.php index a81bcb8b..50f0f763 100644 --- a/modules-available/dozmod/pages/users.inc.php +++ b/modules-available/dozmod/pages/users.inc.php @@ -43,10 +43,13 @@ class SubPage . ' ORDER BY lastname ASC, firstname ASC'); $rows = array(); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + settype($row['lastlogin'], 'int'); $row['canlogin'] = self::checked($row['canlogin']); $row['issuperuser'] = self::checked($row['issuperuser']); $row['emailnotifications'] = self::checked($row['emailnotifications']); - $row['lastlogin_s'] = date('d.m.Y', $row['lastlogin']); + if ($row['lastlogin'] !== 0) { + $row['lastlogin_s'] = date('d.m.Y', $row['lastlogin']); + } $rows[] = $row; } Render::addTemplate('userlist', array( -- cgit v1.2.3-55-g7522