242 lines
9.4 KiB
PHP
242 lines
9.4 KiB
PHP
<?php
|
|
|
|
class UserController extends Zend_Controller_Action
|
|
{
|
|
public function init()
|
|
{
|
|
$ajaxContext = $this->_helper->getHelper('AjaxContext');
|
|
$ajaxContext->addActionContext('get-hosts', 'json')
|
|
->addActionContext('get-user-data-table-info', 'json')
|
|
->addActionContext('get-user-data', 'json')
|
|
->addActionContext('remove-user', 'json')
|
|
->addActionContext('edit-user', 'json')
|
|
->initContext();
|
|
}
|
|
|
|
public function addUserAction()
|
|
{
|
|
// Start the session to re-open write permission to the session so we can
|
|
// create the namespace for our csrf token verification
|
|
SessionHelper::reopenSessionForWriting();
|
|
|
|
$request = $this->getRequest();
|
|
|
|
Zend_Layout::getMvcInstance()->assign('parent_page', 'Settings');
|
|
|
|
foreach ([
|
|
'js/datatables/js/jquery.dataTables.js',
|
|
'js/datatables/plugin/dataTables.pluginAPI.js',
|
|
'js/airtime/user/user.js',
|
|
] as $file) {
|
|
$this->view->headScript()->appendFile(Assets::url($file), 'text/javascript');
|
|
}
|
|
|
|
$this->view->headLink()->appendStylesheet(Assets::url('css/users.css'));
|
|
|
|
$form = new Application_Form_AddUser();
|
|
|
|
$this->view->successMessage = '';
|
|
|
|
if ($request->isPost()) {
|
|
$params = $request->getPost();
|
|
$postData = explode('&', $params['data']);
|
|
$formData = [];
|
|
foreach ($postData as $k => $v) {
|
|
$v = explode('=', $v);
|
|
$formData[$v[0]] = urldecode($v[1]);
|
|
}
|
|
|
|
if ($form->isValid($formData)) {
|
|
if ($form->validateLogin($formData)) {
|
|
$user = new Application_Model_User($formData['user_id']);
|
|
if (empty($formData['user_id'])) {
|
|
$user->setLogin($formData['login']);
|
|
}
|
|
$user->setFirstName($formData['first_name']);
|
|
$user->setLastName($formData['last_name']);
|
|
// We don't allow 6 x's as a password.
|
|
// The reason is because we that as a password placeholder
|
|
// on the client side.
|
|
if ($formData['password'] != 'xxxxxx') {
|
|
$user->setPassword($formData['password']);
|
|
}
|
|
if (array_key_exists('type', $formData)) {
|
|
if ($formData['type'] != UTYPE_SUPERADMIN) { // Don't allow any other user to be promoted to Super Admin
|
|
$user->setType($formData['type']);
|
|
}
|
|
}
|
|
$user->setEmail($formData['email']);
|
|
$user->setCellPhone($formData['cell_phone']);
|
|
$user->setSkype($formData['skype']);
|
|
$user->setJabber($formData['jabber']);
|
|
$user->save();
|
|
|
|
$form->reset();
|
|
$this->view->form = $form;
|
|
|
|
if (strlen($formData['user_id']) == 0) {
|
|
$this->view->successMessage = "<div class='success'>" . _('User added successfully!') . '</div>';
|
|
} else {
|
|
$this->view->successMessage = "<div class='success'>" . _('User updated successfully!') . '</div>';
|
|
}
|
|
|
|
$this->_helper->json->sendJson(['valid' => 'true', 'html' => $this->view->render('user/add-user.phtml')]);
|
|
} else {
|
|
$this->view->form = $form;
|
|
$this->_helper->json->sendJson(['valid' => 'false', 'html' => $this->view->render('user/add-user.phtml')]);
|
|
}
|
|
} else {
|
|
$this->view->form = $form;
|
|
$this->_helper->json->sendJson(['valid' => 'false', 'html' => $this->view->render('user/add-user.phtml')]);
|
|
}
|
|
}
|
|
|
|
$this->view->form = $form;
|
|
}
|
|
|
|
public function getHostsAction()
|
|
{
|
|
$search = $this->_getParam('term');
|
|
$this->view->hosts = Application_Model_User::getHosts($search);
|
|
}
|
|
|
|
public function getUserDataTableInfoAction()
|
|
{
|
|
$post = $this->getRequest()->getPost();
|
|
$users = Application_Model_User::getUsersDataTablesInfo($post);
|
|
|
|
$this->_helper->json->sendJson($users);
|
|
}
|
|
|
|
public function getUserDataAction()
|
|
{
|
|
$id = $this->_getParam('id');
|
|
$this->view->entries = Application_Model_User::GetUserData($id);
|
|
}
|
|
|
|
public function editUserAction()
|
|
{
|
|
Zend_Layout::getMvcInstance()->assign('parent_page', 'Settings');
|
|
|
|
SessionHelper::reopenSessionForWriting();
|
|
|
|
$request = $this->getRequest();
|
|
$form = new Application_Form_EditUser();
|
|
if ($request->isPost()) {
|
|
$formData = $request->getPost();
|
|
|
|
if (
|
|
$form->isValid($formData)
|
|
&& $form->validateLogin($formData['cu_login'], $formData['cu_user_id'])
|
|
) {
|
|
$user = new Application_Model_User($formData['cu_user_id']);
|
|
// Stupid hack because our schema enforces non-null first_name
|
|
// even though by default the admin user has no first name... (....)
|
|
if (Application_Model_User::getCurrentUser()->isSuperAdmin()) {
|
|
if (empty($formData['cu_first_name'])) {
|
|
$formData['cu_first_name'] = 'admin';
|
|
$formData['cu_last_name'] = 'admin'; // ditto, avoid non-null DB constraint
|
|
}
|
|
}
|
|
if (isset($formData['cu_first_name'])) {
|
|
$user->setFirstName($formData['cu_first_name']);
|
|
}
|
|
|
|
if (isset($formData['cu_last_name'])) {
|
|
$user->setLastName($formData['cu_last_name']);
|
|
}
|
|
// We don't allow 6 x's as a password.
|
|
// The reason is because we use that as a password placeholder
|
|
// on the client side.
|
|
if (
|
|
array_key_exists('cu_password', $formData) && ($formData['cu_password'] != 'xxxxxx')
|
|
&& (!empty($formData['cu_password']))
|
|
) {
|
|
$user->setPassword($formData['cu_password']);
|
|
}
|
|
|
|
if (array_key_exists('cu_email', $formData)) {
|
|
$user->setEmail($formData['cu_email']);
|
|
}
|
|
|
|
if (array_key_exists('cu_cell_phone', $formData)) {
|
|
$user->setCellPhone($formData['cu_cell_phone']);
|
|
}
|
|
|
|
if (array_key_exists('cu_skype', $formData)) {
|
|
$user->setSkype($formData['cu_skype']);
|
|
}
|
|
|
|
if (array_key_exists('cu_jabber', $formData)) {
|
|
$user->setJabber($formData['cu_jabber']);
|
|
}
|
|
|
|
$user->save();
|
|
|
|
Application_Model_Preference::SetUserLocale($formData['cu_locale']);
|
|
Application_Model_Preference::SetUserTimezone($formData['cu_timezone']);
|
|
|
|
// configure localization with new locale setting
|
|
Application_Model_Locale::configureLocalization($formData['cu_locale']);
|
|
// reinitialize form so language gets translated
|
|
$form = new Application_Form_EditUser();
|
|
|
|
$this->view->successMessage = "<div class='success'>" . _('Settings updated successfully!') . '</div>';
|
|
}
|
|
$this->view->form = $form;
|
|
$this->view->html = $this->view->render('user/edit-user.phtml');
|
|
}
|
|
$this->view->form = $form;
|
|
$this->view->html = $this->view->render('user/edit-user.phtml');
|
|
}
|
|
|
|
public function removeUserAction()
|
|
{
|
|
// action body
|
|
$delId = $this->_getParam('id');
|
|
$valid_actions = ['delete_cascade', 'reassign_to'];
|
|
$files_action = $this->_getParam('deleted_files');
|
|
|
|
// TODO : remove this. we only use default for now not to break the UI.
|
|
if (!$files_action) { // set default action
|
|
$files_action = 'reassign_to';
|
|
$new_owner = Application_Model_User::getFirstAdmin($delId);
|
|
}
|
|
|
|
// only delete when valid action is selected for the owned files
|
|
if (!in_array($files_action, $valid_actions)) {
|
|
return;
|
|
}
|
|
|
|
$userInfo = Zend_Auth::getInstance()->getStorage()->read();
|
|
$userId = $userInfo->id;
|
|
|
|
// Don't let users delete themselves
|
|
if ($delId == $userId) {
|
|
return;
|
|
}
|
|
|
|
$user = new Application_Model_User($delId);
|
|
|
|
// Don't allow super admins to be deleted.
|
|
if ($user->isSuperAdmin()) {
|
|
return;
|
|
}
|
|
|
|
// Take care of the user's files by either assigning them to somebody
|
|
// or deleting them all
|
|
if ($files_action == 'delete_cascade') {
|
|
$user->deleteAllFiles();
|
|
} elseif ($files_action == 'reassign_to') {
|
|
// TODO : fix code to actually use the line below and pick a
|
|
// real owner instead of defaulting to the first found admin
|
|
// $new_owner_id = $this->_getParam("new_owner");
|
|
// $new_owner = new Application_Model_User($new_owner_id);
|
|
$user->donateFilesTo($new_owner);
|
|
Logging::info("Reassign to user {$new_owner->getDbId()}");
|
|
}
|
|
// Finally delete the user
|
|
$this->view->entries = $user->delete();
|
|
}
|
|
}
|