mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-11-26 15:32:13 +00:00
- drop isAdmin and isGuest in user management and replaced it with
a 'role'
This commit is contained in:
steinm
parent
a7b2e11d5c
commit
4fc45c65ae
|
|
@ -536,7 +536,7 @@ class LetoDMS_DMS {
|
|||
|
||||
$resArr = $resArr[0];
|
||||
|
||||
$user = new LetoDMS_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["isAdmin"], $resArr["isGuest"], $resArr["hidden"]);
|
||||
$user = new LetoDMS_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["role"], $resArr["hidden"]);
|
||||
$user->setDMS($this);
|
||||
return $user;
|
||||
} /* }}} */
|
||||
|
|
@ -558,7 +558,7 @@ class LetoDMS_DMS {
|
|||
|
||||
$resArr = $resArr[0];
|
||||
|
||||
$user = new LetoDMS_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["isAdmin"], $resArr["isGuest"], $resArr["hidden"]);
|
||||
$user = new LetoDMS_User($resArr["id"], $resArr["login"], $resArr["pwd"], $resArr["fullName"], $resArr["email"], $resArr["language"], $resArr["theme"], $resArr["comment"], $resArr["role"], $resArr["hidden"]);
|
||||
$user->setDMS($this);
|
||||
return $user;
|
||||
} /* }}} */
|
||||
|
|
@ -573,7 +573,7 @@ class LetoDMS_DMS {
|
|||
$users = array();
|
||||
|
||||
for ($i = 0; $i < count($resArr); $i++) {
|
||||
$user = new LetoDMS_User($resArr[$i]["id"], $resArr[$i]["login"], $resArr[$i]["pwd"], $resArr[$i]["fullName"], $resArr[$i]["email"], (isset($resArr["language"])?$resArr["language"]:NULL), (isset($resArr["theme"])?$resArr["theme"]:NULL), $resArr[$i]["comment"], $resArr[$i]["isAdmin"], $resArr[$i]["isGuest"], $resArr[$i]["hidden"]);
|
||||
$user = new LetoDMS_User($resArr[$i]["id"], $resArr[$i]["login"], $resArr[$i]["pwd"], $resArr[$i]["fullName"], $resArr[$i]["email"], (isset($resArr["language"])?$resArr["language"]:NULL), (isset($resArr["theme"])?$resArr["theme"]:NULL), $resArr[$i]["comment"], $resArr[$i]["role"], $resArr[$i]["hidden"]);
|
||||
$user->setDMS($this);
|
||||
$users[$i] = $user;
|
||||
}
|
||||
|
|
@ -581,11 +581,11 @@ class LetoDMS_DMS {
|
|||
return $users;
|
||||
} /* }}} */
|
||||
|
||||
function addUser($login, $pwd, $fullName, $email, $language, $theme, $comment, $isAdmin=0, $isGuest=0, $isHidden=0) { /* {{{ */
|
||||
function addUser($login, $pwd, $fullName, $email, $language, $theme, $comment, $role=0, $isHidden=0) { /* {{{ */
|
||||
if (is_object($this->getUserByLogin($login))) {
|
||||
return false;
|
||||
}
|
||||
$queryStr = "INSERT INTO tblUsers (login, pwd, fullName, email, language, theme, comment, isAdmin, isGuest, hidden) VALUES ('".$login."', '".$pwd."', '".$fullName."', '".$email."', '".$language."', '".$theme."', '".$comment."', '".$isAdmin."', '".$isGuest."', '".$isHidden."')";
|
||||
$queryStr = "INSERT INTO tblUsers (login, pwd, fullName, email, language, theme, comment, role, isGuest, hidden) VALUES ('".$login."', '".$pwd."', '".$fullName."', '".$email."', '".$language."', '".$theme."', '".$comment."', '".$role."', '".$isHidden."')";
|
||||
$res = $this->db->getResult($queryStr);
|
||||
if (!$res)
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -1252,13 +1252,13 @@ class LetoDMS_Document { /* {{{ */
|
|||
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
|
||||
"WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ".
|
||||
"AND `tblUsers`.`isGuest` = 0)";
|
||||
"AND `tblUsers`.`role` != LetoDMS_User::role_guest)";
|
||||
}
|
||||
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
|
||||
"(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"WHERE (`tblUsers`.`isGuest` = 0) ".
|
||||
"WHERE (`tblUsers`.`role` != LetoDMS_User::role_guest) ".
|
||||
"AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ".
|
||||
"OR (`tblUsers`.`isAdmin` = 1)".
|
||||
"OR (`tblUsers`.`role` = LetoDMS_User::role_admin)".
|
||||
(strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))").
|
||||
")) ORDER BY `login`";
|
||||
}
|
||||
|
|
@ -1267,16 +1267,16 @@ class LetoDMS_Document { /* {{{ */
|
|||
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
|
||||
"WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")".
|
||||
"AND `tblUsers`.`isGuest` = 0 ".
|
||||
"AND `tblUsers`.`role` != LetoDMS_User::role_guest ".
|
||||
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))");
|
||||
}
|
||||
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
|
||||
"(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ".
|
||||
"OR (`tblUsers`.`isAdmin` = 1))".
|
||||
"OR (`tblUsers`.`role` = LetoDMS_User::role_admin))".
|
||||
"UNION ".
|
||||
"(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"WHERE `tblUsers`.`isGuest` = 0 ".
|
||||
"WHERE `tblUsers`.`role` != LetoDMS_User::role_guest ".
|
||||
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))").
|
||||
" ORDER BY `login`";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -859,13 +859,13 @@ class LetoDMS_Folder {
|
|||
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
|
||||
"WHERE `tblGroupMembers`.`groupID` IN (". $groupIDs .") ".
|
||||
"AND `tblUsers`.`isGuest` = 0)";
|
||||
"AND `tblUsers`.`role` != LetoDMS_User::role_guest)";
|
||||
}
|
||||
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
|
||||
"(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"WHERE (`tblUsers`.`isGuest` = 0) ".
|
||||
"WHERE (`tblUsers`.`role` != LetoDMS_User::role_guest) ".
|
||||
"AND ((`tblUsers`.`id` = ". $this->_ownerID . ") ".
|
||||
"OR (`tblUsers`.`isAdmin` = 1)".
|
||||
"OR (`tblUsers`.`role` = LetoDMS_User::role_admin)".
|
||||
(strlen($userIDs) == 0 ? "" : " OR (`tblUsers`.`id` IN (". $userIDs ."))").
|
||||
")) ORDER BY `login`";
|
||||
}
|
||||
|
|
@ -874,16 +874,16 @@ class LetoDMS_Folder {
|
|||
$queryStr = "(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
|
||||
"WHERE `tblGroupMembers`.`groupID` NOT IN (". $groupIDs .")".
|
||||
"AND `tblUsers`.`isGuest` = 0 ".
|
||||
"AND `tblUsers`.`role` != LetoDMS_User::role_guest ".
|
||||
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))");
|
||||
}
|
||||
$queryStr .= (strlen($queryStr)==0 ? "" : " UNION ").
|
||||
"(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"WHERE (`tblUsers`.`id` = ". $this->_ownerID . ") ".
|
||||
"OR (`tblUsers`.`isAdmin` = 1))".
|
||||
"OR (`tblUsers`.`role` = LetoDMS_User::role_admin))".
|
||||
"UNION ".
|
||||
"(SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"WHERE `tblUsers`.`isGuest` = 0 ".
|
||||
"WHERE `tblUsers`.`role` != LetoDMS_User::role_guest ".
|
||||
(strlen($userIDs) == 0 ? ")" : " AND (`tblUsers`.`id` NOT IN (". $userIDs .")))").
|
||||
" ORDER BY `login`";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,20 +23,92 @@
|
|||
* @version Release: @package_version@
|
||||
*/
|
||||
class LetoDMS_User {
|
||||
/**
|
||||
* @var integer id of user
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_id;
|
||||
|
||||
/**
|
||||
* @var string login name of user
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_login;
|
||||
|
||||
/**
|
||||
* @var string password of user as saved in database (md5)
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_pwd;
|
||||
|
||||
/**
|
||||
* @var string full human readable name of user
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_fullName;
|
||||
|
||||
/**
|
||||
* @var string email address of user
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_email;
|
||||
|
||||
/**
|
||||
* @var string prefered language of user
|
||||
* possible values are 'English', 'German', 'Chinese_ZH_TW', 'Czech'
|
||||
* 'Francais', 'Hungarian', 'Italian', 'Portuguese_BR', 'Slovak',
|
||||
* 'Spanish'
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_language;
|
||||
|
||||
/**
|
||||
* @var string preselected theme of user
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_theme;
|
||||
|
||||
/**
|
||||
* @var string comment of user
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_comment;
|
||||
var $_isAdmin;
|
||||
var $_isGuest;
|
||||
|
||||
/**
|
||||
* @var string role of user. Can be one of LetoDMS_User::role_user,
|
||||
* LetoDMS_User::role_admin, LetoDMS_User::role_guest
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_role;
|
||||
|
||||
/**
|
||||
* @var string true if user shall be hidden
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_isHidden;
|
||||
|
||||
/**
|
||||
* @var object reference to the dms instance this user belongs to
|
||||
*
|
||||
* @access protected
|
||||
*/
|
||||
var $_dms;
|
||||
|
||||
function LetoDMS_User($id, $login, $pwd, $fullName, $email, $language, $theme, $comment, $isAdmin, $isGuest, $isHidden=0) {
|
||||
const role_user = '0';
|
||||
const role_admin = '1';
|
||||
const role_guest = '2';
|
||||
|
||||
function LetoDMS_User($id, $login, $pwd, $fullName, $email, $language, $theme, $comment, $role, $isHidden=0) {
|
||||
$this->_id = $id;
|
||||
$this->_login = $login;
|
||||
$this->_pwd = $pwd;
|
||||
|
|
@ -45,8 +117,7 @@ class LetoDMS_User {
|
|||
$this->_language = $language;
|
||||
$this->_theme = $theme;
|
||||
$this->_comment = $comment;
|
||||
$this->_isAdmin = $isAdmin;
|
||||
$this->_isGuest = $isGuest;
|
||||
$this->_role = $role;
|
||||
$this->_isHidden = $isHidden;
|
||||
$this->_dms = null;
|
||||
}
|
||||
|
|
@ -155,31 +226,42 @@ class LetoDMS_User {
|
|||
return true;
|
||||
} /* }}} */
|
||||
|
||||
function isAdmin() { return $this->_isAdmin; }
|
||||
function getRole() { return $this->_role; }
|
||||
|
||||
function setRole($newrole) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblUsers SET role = " . $newrole . " WHERE id = " . $this->_id;
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
$this->_role = $newrole;
|
||||
return true;
|
||||
} /* }}} */
|
||||
|
||||
function isAdmin() { return ($this->_role == LetoDMS_User::role_admin); }
|
||||
|
||||
function setAdmin($isAdmin) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$isAdmin = ($isAdmin) ? "1" : "0";
|
||||
$queryStr = "UPDATE tblUsers SET isAdmin = " . $isAdmin . " WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE tblUsers SET role = " . LetoDMS_User::role_admin . " WHERE id = " . $this->_id;
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
$this->_isAdmin = $isAdmin;
|
||||
$this->_role = LetoDMS_User::role_admin;
|
||||
return true;
|
||||
} /* }}} */
|
||||
|
||||
function isGuest() { return $this->_isGuest; }
|
||||
function isGuest() { return ($this->_role == LetoDMS_User::role_guest); }
|
||||
|
||||
function setGuest($isGuest) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$isGuest = ($isGuest) ? "1" : "0";
|
||||
$queryStr = "UPDATE tblUsers SET isGuest = " . $isGuest . " WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE tblUsers SET role = " . LetoDMS_User::role_guest . " WHERE id = " . $this->_id;
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
$this->_isGuest = $isGuest;
|
||||
$this->_role = LetoDMS_User::role_guest;
|
||||
return true;
|
||||
} /* }}} */
|
||||
|
||||
|
|
|
|||
|
|
@ -151,7 +151,7 @@ if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
|
|||
if (!is_bool($search)) {
|
||||
$info = ldap_get_entries($ds, $search);
|
||||
if (!is_bool($info) && $info["count"]==1 && $info[0]["count"]>0) {
|
||||
$user = addUser($login, null, $info[0]['cn'][0], $info[0]['mail'][0], $settings->_language, $settings->_theme, "");
|
||||
$user = $dms->addUser($login, null, $info[0]['cn'][0], $info[0]['mail'][0], $settings->_language, $settings->_theme, "");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -42,15 +42,14 @@ if ($action == "adduser") {
|
|||
$name = sanitizeString($_POST["name"]);
|
||||
$email = sanitizeString($_POST["email"]);
|
||||
$comment = sanitizeString($_POST["comment"]);
|
||||
$isAdmin = (isset($_POST["isadmin"]) && $_POST["isadmin"]==1 ? 1 : 0);
|
||||
$isGuest = (isset($_POST["isguest"]) && $_POST["isguest"]==1 ? 1 : 0);
|
||||
$role = sanitizeString($_POST["role"]);
|
||||
$isHidden = (isset($_POST["ishidden"]) && $_POST["ishidden"]==1 ? 1 : 0);
|
||||
|
||||
if (is_object($dms->getUserByLogin($login))) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("user_exists"));
|
||||
}
|
||||
|
||||
$newUser = $dms->addUser($login, md5($_POST["pwd"]), $name, $email, $settings->_language, $settings->_theme, $comment, $isAdmin, $isGuest, $isHidden);
|
||||
$newUser = $dms->addUser($login, md5($_POST["pwd"]), $name, $email, $settings->_language, $settings->_theme, $comment, $role, $isHidden);
|
||||
if ($newUser) {
|
||||
|
||||
if (isset($_FILES["userfile"]) && is_uploaded_file($_FILES["userfile"]["tmp_name"]) && $_FILES["userfile"]["size"] > 0 && $_FILES['userfile']['error']==0)
|
||||
|
|
@ -148,8 +147,7 @@ else if ($action == "edituser") {
|
|||
$name = sanitizeString($_POST["name"]);
|
||||
$email = sanitizeString($_POST["email"]);
|
||||
$comment = sanitizeString($_POST["comment"]);
|
||||
$isAdmin = (isset($_POST["isadmin"]) && $_POST["isadmin"]==1 ? 1 : 0);
|
||||
$isGuest = (isset($_POST["isguest"]) && $_POST["isguest"]==1 ? 1 : 0);
|
||||
$role = sanitizeString($_POST["role"]);
|
||||
$isHidden = (isset($_POST["ishidden"]) && $_POST["ishidden"]==1 ? 1 : 0);
|
||||
|
||||
if ($editedUser->getLogin() != $login)
|
||||
|
|
@ -162,10 +160,8 @@ else if ($action == "edituser") {
|
|||
$editedUser->setEmail($email);
|
||||
if ($editedUser->getComment() != $comment)
|
||||
$editedUser->setComment($comment);
|
||||
if ($editedUser->isAdmin() != $isAdmin)
|
||||
$editedUser->setAdmin($isAdmin);
|
||||
if ($editedUser->isGuest() != $isGuest)
|
||||
$editedUser->setGuest($isGuest);
|
||||
if ($editedUser->getRole() != $role)
|
||||
$editedUser->setRole($role);
|
||||
if ($editedUser->isHidden() != $isHidden)
|
||||
$editedUser->setHidden($isHidden);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user