From c4d9c825dd8cab2f7afe2dd6c03254fc2b943329 Mon Sep 17 00:00:00 2001 From: coderkun Date: Thu, 1 May 2014 14:21:05 +0200 Subject: [PATCH] implement managing of users --- configs/AppConfig.inc | 4 +- controllers/UsersController.inc | 167 +++++++++++++++++++++++++++++++- models/UserrolesModel.inc | 43 ++++++++ views/html/users/index.tpl | 1 + views/html/users/manage.tpl | 51 ++++++++++ 5 files changed, 263 insertions(+), 3 deletions(-) create mode 100644 views/html/users/manage.tpl diff --git a/configs/AppConfig.inc b/configs/AppConfig.inc index d6de6eba..42f49db4 100644 --- a/configs/AppConfig.inc +++ b/configs/AppConfig.inc @@ -170,8 +170,8 @@ * @var array */ public static $routes = array( - array('^users/([^/]+)/(edit|delete)/?$', 'users/$2/$1', true), - array('^users/(?!(index|login|register|logout|create|edit|delete))/?', 'users/user/$1', true), + array('^users/([^/]+)/(edit|delete)/?$', 'users/$2/$1', true), + array('^users/(?!(index|login|register|logout|manage|create|edit|delete))/?', 'users/user/$1', true), array('^seminaries/([^/]+)/(edit|delete)/?$', 'seminaries/$2/$1', true), array('^seminaries/(?!(index|create|edit|delete))/?', 'seminaries/seminary/$1', true), array('^questgroups/([^/]+)/(create)/?$', 'questgroups/$2/$1', true), diff --git a/controllers/UsersController.inc b/controllers/UsersController.inc index 03b9c4c0..c616e080 100644 --- a/controllers/UsersController.inc +++ b/controllers/UsersController.inc @@ -36,7 +36,7 @@ * * @var array */ - public $models = array('users', 'characters', 'avatars', 'media', 'characterroles'); + public $models = array('users', 'userroles', 'characters', 'characterroles', 'avatars', 'media'); /** * Required components * @@ -238,6 +238,101 @@ } + /** + * Action: manage. + * + * Manage users. + */ + public function manage() + { + $selectedUsers = array(); + global $sortorder; + + if($this->request->getRequestMethod() == 'POST') + { + // Set sortorder + $sortorder = $this->request->getPostParam('sortorder'); + + // Do action + $selectedUsers = $this->request->getPostParam('users'); + if(!is_array($selectedUsers)) { + $selectedUsers = array(); + } + if(!is_null($this->request->getPostParam('actions')) && count($this->request->getPostParam('actions')) > 0 && !is_null($this->request->getPostParam('users')) && count($this->request->getPostParam('users')) > 0) + { + $actions = $this->request->getPostParam('actions'); + $action = array_keys($actions)[0]; + + switch($action) + { + // Add/remove role to/from Characters + case 'addrole': + case 'removerole': + // Determine role and check permissions + $role = null; + switch($actions[$action]) + { + case _('Admin'): + if(!in_array('admin', \hhu\z\controllers\IntermediateController::$user['roles'])) { + throw new \nre\exceptions\AccessDeniedException(); + } + $role = 'admin'; + break; + case _('Moderator'): + if(!in_array('admin', \hhu\z\controllers\IntermediateController::$user['roles'])) { + throw new \nre\exceptions\AccessDeniedException(); + } + $role = 'moderator'; + break; + case _('User'): + if(count(array_intersect(array('admin', 'moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) <= 0) { + throw new \nre\exceptions\AccessDeniedException(); + } + $role = 'user'; + break; + } + + // Add role + if($action == 'addrole') { + foreach($selectedUsers as &$userId) { + $this->Userroles->addUserroleToUser($userId, $role); + } + } + // Remove role + else { + foreach($selectedUsers as &$userId) { + $this->Userroles->removeUserroleFromUser($userId, $role); + } + } + break; + } + } + } + + // Get registered users + $users = $this->Users->getUsers(); + foreach($users as &$user) { + $user['roles'] = array_map(function($r) { return $r['name']; }, $this->Userroles->getUserrolesForUserById($user['id'])); + } + + // Sort users + $sortorder = (!is_null($sortorder)) ? $sortorder : 'username'; + $sortMethod = 'sortUsersBy'.ucfirst(strtolower($sortorder)); + if(method_exists($this, $sortMethod)) { + usort($users, array($this, $sortMethod)); + } + else { + throw new \nre\exceptions\ParamsNotValidException($sortorder); + } + + + // Pass data to view + $this->set('users', $users); + $this->set('selectedUsers', $selectedUsers); + $this->set('sortorder', $sortorder); + } + + /** * Action: create. * @@ -451,6 +546,76 @@ } } + + /** + * Compare two users by their username. + * + * @param array $a User a + * @param array $b User b + * @return int Result of comparison + */ + private function sortUsersByUsername($a, $b) + { + if($a['username'] == $b['username']) { + return 0; + } + + + return ($a['username'] < $b['username']) ? -1 : 1; + } + + + /** + * Compare two users by their userroles. + * + * @param array $a Character a + * @param array $b Character b + * @return int Result of comparison + */ + private function sortUsersByRole($a, $b) + { + if(in_array('admin', $a['roles'])) + { + if(in_array('admin', $b['roles'])) { + return 0; + } + return -1; + } + if(in_array('moderator', $a['roles'])) + { + if(in_array('admin', $b['roles'])) { + return 1; + } + if(in_array('moderator', $b['roles'])) { + return 0; + } + return -1; + } + if(in_array('user', $a['roles'])) + { + if(in_array('admin', $b['roles']) || in_array('moderator', $b['roles'])) { + return 1; + } + if(in_array('user', $b['roles'])) { + return 0; + } + return -1; + } + if(in_array('guest', $a['roles'])) + { + if(in_array('admin', $b['roles']) || in_array('moderator', $b['roles']) || in_array('user', $b['roles'])) { + return 1; + } + if(in_array('guest', $b['roles'])) { + return 0; + } + return -1; + } + + + return 1; + } + } ?> diff --git a/models/UserrolesModel.inc b/models/UserrolesModel.inc index 33121a21..ebdd00f1 100644 --- a/models/UserrolesModel.inc +++ b/models/UserrolesModel.inc @@ -72,6 +72,49 @@ ); } + + /** + * Add a role to a user. + * + * @param int $userId ID of user to add role to + * @param string $userrole Role to add + */ + public function addUserroleToUser($userId, $userrole) + { + $this->db->query( + 'INSERT IGNORE INTO users_userroles '. + '(user_id, userrole_id) '. + 'SELECT ?, id '. + 'FROM userroles '. + 'WHERE name = ?', + 'is', + $userId, + $userrole + ); + } + + + /** + * Remove a role from a user. + * + * @param int $userId ID of user to remove role from + * @param string $userrole Role to remove + */ + public function removeUserroleFromUser($userId, $userrole) + { + $this->db->query( + 'DELETE FROM users_userroles '. + 'WHERE user_id = ? AND userrole_id = ('. + 'SELECT id '. + 'FROM userroles '. + 'WHERE name = ?'. + ')', + 'is', + $userId, + $userrole + ); + } + } ?> diff --git a/views/html/users/index.tpl b/views/html/users/index.tpl index e2b34271..8a5cb847 100644 --- a/views/html/users/index.tpl +++ b/views/html/users/index.tpl @@ -4,6 +4,7 @@

    diff --git a/views/html/users/manage.tpl b/views/html/users/manage.tpl new file mode 100644 index 00000000..3b89208c --- /dev/null +++ b/views/html/users/manage.tpl @@ -0,0 +1,51 @@ +
    + +
    + + +

    + +
    +
    +

    Sortierung:

    + + +
    +
    +
      + +
    • + checked="checked" disabled="disabled"/> + +
      • + +
    +
    +
    + + + + + + +
    +
    + + + + + + +
    +