mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-10-17 14:30:58 +00:00
add method maySwitchToUser(), fix getReverseSubstitutes()
This commit is contained in:
Uwe Steinmann
parent
a80f4090af
commit
207f0b255f
|
|
@ -130,6 +130,13 @@ class SeedDMS_Core_User { /* {{{ */
|
||||||
*/
|
*/
|
||||||
var $_substitutes;
|
var $_substitutes;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var array reverse list of users this user can substitute
|
||||||
|
*
|
||||||
|
* @access protected
|
||||||
|
*/
|
||||||
|
var $_rev_substitutes;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var object reference to the dms instance this user belongs to
|
* @var object reference to the dms instance this user belongs to
|
||||||
*
|
*
|
||||||
|
|
@ -157,6 +164,8 @@ class SeedDMS_Core_User { /* {{{ */
|
||||||
$this->_loginFailures = $loginFailures;
|
$this->_loginFailures = $loginFailures;
|
||||||
$this->_quota = $quota;
|
$this->_quota = $quota;
|
||||||
$this->_homeFolder = $homeFolder;
|
$this->_homeFolder = $homeFolder;
|
||||||
|
$this->_substitutes = null;
|
||||||
|
$this->_rev_substitutes = null;
|
||||||
$this->_dms = null;
|
$this->_dms = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1530,24 +1539,28 @@ class SeedDMS_Core_User { /* {{{ */
|
||||||
function getReverseSubstitutes() { /* {{{ */
|
function getReverseSubstitutes() { /* {{{ */
|
||||||
$db = $this->_dms->getDB();
|
$db = $this->_dms->getDB();
|
||||||
|
|
||||||
if (!isset($this->_substitutes))
|
if (!isset($this->_rev_substitutes)) {
|
||||||
{
|
$queryStr = "SELECT `tblUsers`.* FROM `tblUserSubstitutes` ".
|
||||||
$queryStr = "SELECT tblUsers`.* FROM `tblUserSubstitutes` ".
|
"LEFT JOIN `tblUsers` ON `tblUserSubstitutes`.`user` = `tblUsers`.`id` ".
|
||||||
"LEFT JOIN `tblUsers` ON `tblUserSubstitutes`.`user` = `tblUsers`.`userID` ".
|
|
||||||
"WHERE `tblUserSubstitutes`.`substitute`='". $this->_id ."'";
|
"WHERE `tblUserSubstitutes`.`substitute`='". $this->_id ."'";
|
||||||
|
/* None admins can only be substitutes for regular users, otherwise
|
||||||
|
* regular users can become admin
|
||||||
|
*/
|
||||||
|
if(!$this->isAdmin())
|
||||||
|
$queryStr .= " AND `tblUsers`.`role` = ".SeedDMS_Core_User::role_user;
|
||||||
$resArr = $db->getResultArray($queryStr);
|
$resArr = $db->getResultArray($queryStr);
|
||||||
if (is_bool($resArr) && $resArr == false)
|
if (is_bool($resArr) && $resArr == false)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
$this->_substitutes = array();
|
$this->_rev_substitutes = array();
|
||||||
$classname = $this->_dms->getClassname('user');
|
$classname = $this->_dms->getClassname('user');
|
||||||
foreach ($resArr as $row) {
|
foreach ($resArr as $row) {
|
||||||
$user = new $classname($row["id"], $row["login"], $row["pwd"], $row["fullName"], $row["email"], $row["language"], $row["theme"], $row["comment"], $row["role"], $row["hidden"], $row["disabled"], $row["pwdExpiration"], $row["loginfailures"], $row["quota"], $row["homefolder"]);
|
$user = new $classname($row["id"], $row["login"], $row["pwd"], $row["fullName"], $row["email"], $row["language"], $row["theme"], $row["comment"], $row["role"], $row["hidden"], $row["disabled"], $row["pwdExpiration"], $row["loginfailures"], $row["quota"], $row["homefolder"]);
|
||||||
$user->setDMS($this->_dms);
|
$user->setDMS($this->_dms);
|
||||||
array_push($this->_substitutes, $user);
|
array_push($this->_rev_substitutes, $user);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $this->_substitutes;
|
return $this->_rev_substitutes;
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -1596,7 +1609,7 @@ class SeedDMS_Core_User { /* {{{ */
|
||||||
|
|
||||||
$this->_substitutes = null;
|
$this->_substitutes = null;
|
||||||
return true;
|
return true;
|
||||||
}
|
} /* }}} */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if user is a substitute of the current user
|
* Check if user is a substitute of the current user
|
||||||
|
|
@ -1617,5 +1630,33 @@ class SeedDMS_Core_User { /* {{{ */
|
||||||
return false;
|
return false;
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if user may switch to the given user
|
||||||
|
*
|
||||||
|
* Switching to the given user is only allowed if the given user
|
||||||
|
* is a substitute for the current user.
|
||||||
|
*
|
||||||
|
* @return boolean true if successful otherwise false
|
||||||
|
*/
|
||||||
|
function maySwitchToUser($touser) { /* {{{ */
|
||||||
|
$db = $this->_dms->getDB();
|
||||||
|
|
||||||
|
if(get_class($touser) != $this->_dms->getClassname('user'))
|
||||||
|
return false;
|
||||||
|
|
||||||
|
/* switching to an admin account is always forbitten, unless the
|
||||||
|
* current user is admin itself
|
||||||
|
*/
|
||||||
|
if(!$this->isAdmin() && $touser->isAdmin())
|
||||||
|
return false;
|
||||||
|
|
||||||
|
$queryStr = "SELECT * FROM tblUserSubstitutes WHERE substitute=" . $this->_id . " AND user=".$touser->getID();
|
||||||
|
$resArr = $db->getResultArray($queryStr);
|
||||||
|
if (is_bool($resArr) && $resArr == false) return false;
|
||||||
|
if (count($resArr) == 1) return true;
|
||||||
|
|
||||||
|
return false;
|
||||||
|
} /* }}} */
|
||||||
|
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
?>
|
?>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user