gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-14 13:42:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

allow to substitute user for regular users

Browse Source
This commit is contained in:
Uwe Steinmann 2015-05-19 19:44:18 +02:00
parent 6c1ac6f038
commit 536ead64ac
6 changed files with 44 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
inc/inc.Authentication.php
View File

@ -41,9 +41,13 @@ $session->updateAccess($dms_session);
/* Load user data */ /* Load user data */
$user = $dms->getUser($resArr["userID"]); $user = $dms->getUser($resArr["userID"]);
if($user->isAdmin()) { /* Check if user was substituted */
if($resArr["su"]) { if($resArr["su"] && $su = $dms->getUser($resArr["su"])) {
$user = $dms->getUser($resArr["su"]); /* Admin may always substitute the user, but regular users are*/
if($user->isAdmin() || $user->maySwitchToUser($su)) {
$user = $su;
} else {
$session->resetSu();
} }
} }
if (!is_object($user)) { if (!is_object($user)) {

20
op/op.SubstituteUser.php
View File

@ -25,14 +25,30 @@ include("../inc/inc.DBInit.php");
include("../inc/inc.ClassUI.php"); include("../inc/inc.ClassUI.php");
include("../inc/inc.Authentication.php"); include("../inc/inc.Authentication.php");
if (!$user->isAdmin()) { /* Check if the form data comes for a trusted request */
UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); if(!checkFormKey('substituteuser', 'GET')) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
} }
if (!isset($_GET["userid"])) { if (!isset($_GET["userid"])) {
UI::exitError(getMLText("admin_tools"),getMLText("unknown_id")); UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));
} }
/* Check if user is allowed to switch to a different user */
if (!$user->isAdmin()) {
$substitutes = $user->getReverseSubstitutes();
$found = false;
foreach($substitutes as $subsuser) {
/* Make sure a substitution is allowed and the substituted user
* is not an admin.
*/
if($subsuser->getID() == $_GET["userid"] && !$subsuser->isAdmin())
$found = true;
}
if(!$found)
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
}
$session->setSu($_GET['userid']); $session->setSu($_GET['userid']);
$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_substituted_user'))); $session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_substituted_user')));

8
out/out.SubstituteUser.php
View File

@ -26,12 +26,12 @@ include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassAccessOperation.php"); include("../inc/inc.ClassAccessOperation.php");
include("../inc/inc.Authentication.php"); include("../inc/inc.Authentication.php");
if (!$user->isAdmin()) { if ($user->isAdmin()) {
UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); $allUsers = $dms->getAllUsers($settings->_sortUsersInList);
} else {
$allUsers = $user->getReverseSubstitutes();
} }
$allUsers = $dms->getAllUsers($settings->_sortUsersInList);
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1]); $view = UI::factory($theme, $tmp[1]);
if($view) { if($view) {

14
views/bootstrap/class.Bootstrap.php
View File

@ -280,9 +280,17 @@ $(document).ready(function () {
echo " </ul>\n"; echo " </ul>\n";
echo " </li>\n"; echo " </li>\n";
} }
if($this->params['user']->isAdmin()) { if(!$this->params['session']->getSu()) {
$showdivider = true; if($this->params['user']->isAdmin()) {
echo " <li><a href=\"../out/out.SubstituteUser.php\">".getMLText("substitute_user")."</a></li>\n"; $showdivider = true;
echo " <li><a href=\"../out/out.SubstituteUser.php\">".getMLText("substitute_user")."</a></li>\n";
} elseif($substitutes = $this->params['user']->getReverseSubstitutes()) {
if(count($substitutes) == 1) {
echo " <li><a href=\"../op/op.SubstituteUser.php?userid=".$substitutes[0]->getID()."&formtoken=".createFormKey('substituteuser')."\">".getMLText("substitute_to_user", array('username'=>$substitutes[0]->getFullName()))."</a></li>\n";
} else {
echo " <li><a href=\"../out/out.SubstituteUser.php\">".getMLText("substitute_user")."</a></li>\n";
}
}
} }
if($showdivider) if($showdivider)
echo " <li class=\"divider\"></li>\n"; echo " <li class=\"divider\"></li>\n";

2
views/bootstrap/class.SubstituteUser.php
View File

@ -68,7 +68,7 @@ class SeedDMS_View_SubstituteUser extends SeedDMS_Bootstrap_Style {
echo "</td>"; echo "</td>";
echo "<td>"; echo "<td>";
if($currUser->getID() != $user->getID()) { if($currUser->getID() != $user->getID()) {
echo "<a class=\"btn\" href=\"../op/op.SubstituteUser.php?userid=".$currUser->getID()."\"><i class=\"icon-exchange\"></i> ".getMLText('substitute_user')."</a> "; echo "<a class=\"btn\" href=\"../op/op.SubstituteUser.php?userid=".$currUser->getID()."&formtoken=".createFormKey('substituteuser')."\"><i class=\"icon-exchange\"></i> ".getMLText('substitute_user')."</a> ";
} }
echo "</td>"; echo "</td>";
echo "</tr>"; echo "</tr>";

6
views/bootstrap/class.UsrMgr.php
View File

@ -193,10 +193,10 @@ class SeedDMS_View_UsrMgr extends SeedDMS_Bootstrap_Style {
?> ?>
<tr> <tr>
<td> <td>
<div class="cbSelectTitle"><?php printMLText("substitute_user");?>:</div> <div class="cbSelectTitle"><?php printMLText("possible_substitutes");?>:</div>
</td> </td>
<td> <td>
<select class="chzn-select-deselect" name="substitute[]" multiple="multiple" data-placeholder="<?php printMLText('select_users'); ?>" data-no_results_text="<?php printMLText('unknown_owner'); ?>"> <select class="chzn-select" name="substitute[]" multiple="multiple" data-placeholder="<?php printMLText('select_users'); ?>" data-no_results_text="<?php printMLText('unknown_owner'); ?>">
<?php <?php
if($currUser) { if($currUser) {
$substitutes = $currUser->getSubstitutes(); $substitutes = $currUser->getSubstitutes();
@ -204,7 +204,7 @@ class SeedDMS_View_UsrMgr extends SeedDMS_Bootstrap_Style {
$substitutes = array(); $substitutes = array();
} }
foreach ($users as $usr) { foreach ($users as $usr) {
if ($usr->isGuest() || ($currUser && $usr->getID() == $currUser->getID())) if ($usr->isGuest() || ($currUser && !$usr->isAdmin() && $currUser->isAdmin()) || ($currUser && $usr->getID() == $currUser->getID()))
continue; continue;
$checked=false; $checked=false;
foreach ($substitutes as $r) if ($r->getID()==$usr->getID()) $checked=true; foreach ($substitutes as $r) if ($r->getID()==$usr->getID()) $checked=true;