diff --git a/app/classes/database.php b/app/classes/database.php
index ca90434..a70a5f8 100644
--- a/app/classes/database.php
+++ b/app/classes/database.php
@@ -42,6 +42,8 @@ class Database {
try {
$this->pdo = new PDO("sqlite:" . $options['dbFile']);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+ // enable foreign key constraints (not ON by default in SQLite3)
+ $this->pdo->exec('PRAGMA foreign_keys = ON;');
} catch (PDOException $e) {
$error = getError('SQLite connection failed: ', $e->getMessage());
}
diff --git a/app/classes/user.php b/app/classes/user.php
index 4014990..d31e7fe 100644
--- a/app/classes/user.php
+++ b/app/classes/user.php
@@ -47,14 +47,46 @@ class User {
}
// get user details
- public function getUserDetails($username) {
- $sql = 'SELECT * FROM users_meta um
+ public function getUserDetails($user_id) {
+ $sql = 'SELECT
+ um.*,
+ u.username
+ FROM
+ users_meta um
LEFT JOIN users u
- ON um.user_id = u.id
- WHERE u.username = :username';
+ ON um.user_id = u.id
+ WHERE
+ u.id = :user_id';
+
$query = $this->db->prepare($sql);
$query->execute([
- ':username' => $username,
+ ':user_id' => $user_id,
+ ]);
+
+ return $query->fetchAll(PDO::FETCH_ASSOC);
+
+ }
+
+ // get user rights
+ public function getUserRights($user_id) {
+ $sql = 'SELECT
+ u.id AS user_id,
+ u.username,
+ r.item AS right_name
+ FROM
+ users u
+ LEFT JOIN users_rights ur
+ ON u.id = ur.user_id
+ LEFT JOIN rights r
+ ON ur.right_id = r.id
+ WHERE
+ u.id = :user_id
+ AND
+ ur.enabled = 1';
+
+ $query = $this->db->prepare($sql);
+ $query->execute([
+ ':user_id' => $user_id,
]);
return $query->fetchAll(PDO::FETCH_ASSOC);
diff --git a/app/pages/profile.php b/app/pages/profile.php
index f1639aa..4e81f84 100644
--- a/app/pages/profile.php
+++ b/app/pages/profile.php
@@ -5,20 +5,20 @@ require '../app/classes/user.php';
$userObject = new User($dbWeb);
-$userDetails = $userObject->getUserDetails($user);
+$user_id = $userObject->getUserId($user)[0]['id'];
+$userDetails = $userObject->getUserDetails($user_id);
+$userRights = $userObject->getUserRights($user_id);
// if a form is submitted, it's from the edit page
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- $user_id = $userObject->getUserId($user)[0]['id'];
-
$item = $_REQUEST['item'] ?? '';
// avatar removal
if ($item === 'avatar' && $action === 'remove') {
$result = $userObject->removeAvatar($user_id, $config['avatars_path'].$userDetails[0]['avatar']);
if ($result === true) {
- $_SESSION['notice'] .= "Avatar for user \"{$user}\" is removed. ";
+ $_SESSION['notice'] .= "Avatar for user \"{$userDetails[0]['username']}\" is removed. ";
} else {
$_SESSION['error'] .= "Removing the avatar failed. Error: $result ";
}
diff --git a/app/templates/profile-edit.php b/app/templates/profile-edit.php
index 3501041..174233f 100644
--- a/app/templates/profile-edit.php
+++ b/app/templates/profile-edit.php
@@ -101,7 +101,7 @@
This action cannot be undone.
-
diff --git a/doc/jilo-web.rights.schema b/doc/jilo-web.rights.schema
new file mode 100644
index 0000000..9d561a2
--- /dev/null
+++ b/doc/jilo-web.rights.schema
@@ -0,0 +1,13 @@
+INSERT INTO rights VALUES(1,'superuser');
+INSERT INTO rights VALUES(2,'edit users');
+INSERT INTO rights VALUES(3,'view config file');
+INSERT INTO rights VALUES(4,'edit config file');
+INSERT INTO rights VALUES(5,'view own profile');
+INSERT INTO rights VALUES(6,'edit own profile');
+INSERT INTO rights VALUES(7,'view all profiles');
+INSERT INTO rights VALUES(8,'edit all profiles');
+INSERT INTO rights VALUES(9,'view app logs');
+INSERT INTO rights VALUES(10,'view all platforms');
+INSERT INTO rights VALUES(11,'edit all platforms');
+INSERT INTO rights VALUES(12,'view all agents');
+INSERT INTO rights VALUES(13,'edit all agents');
diff --git a/doc/jilo-web.schema b/doc/jilo-web.schema
index e063625..6d9ec26 100644
--- a/doc/jilo-web.schema
+++ b/doc/jilo-web.schema
@@ -1,3 +1,4 @@
+
CREATE TABLE users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL UNIQUE,
@@ -9,13 +10,20 @@ CREATE TABLE users_meta (
name TEXT,
email TEXT,
avatar TEXT,
- bio TEXT
+ bio TEXT,
+ FOREIGN KEY (user_id) REFERENCES users(id)
);
CREATE TABLE users_rights (
+ user_id INTEGER,
+ right_id INTEGER,
+ enabled INTEGER NOT NULL CHECK (enabled IN (0, 1)),
+ PRIMARY KEY (user_id, right_id),
+ FOREIGN KEY (user_id) REFERENCES users(id),
+ FOREIGN KEY (right_id) REFERENCES rights(id)
+);
+CREATE TABLE rights (
id INTEGER PRIMARY KEY AUTOINCREMENT,
- user_id INTEGER NOT NULL,
- item TEXT,
- rights TEXT
+ item TEXT NOT NULL UNIQUE
);
CREATE TABLE platforms (
id INTEGER PRIMARY KEY AUTOINCREMENT,
@@ -28,7 +36,8 @@ CREATE TABLE jilo_agents (
platform_id INTEGER NOT NULL,
type_id INTEGER NOT NULL,
url TEXT NOT NULL,
- secret_key TEXT
+ secret_key TEXT,
+ FOREIGN KEY (platform_id) REFERENCES platforms(id)
);
CREATE TABLE jilo_agent_types (
id INTEGER PRIMARY KEY AUTOINCREMENT,