Adds initial support for user rights

main
Yasen Pramatarov 2024-09-11 16:21:05 +03:00
parent 1efb3b6a17
commit 70163e1c5e
7 changed files with 75 additions and 16 deletions

View File

@ -42,6 +42,8 @@ class Database {
try { try {
$this->pdo = new PDO("sqlite:" . $options['dbFile']); $this->pdo = new PDO("sqlite:" . $options['dbFile']);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// enable foreign key constraints (not ON by default in SQLite3)
$this->pdo->exec('PRAGMA foreign_keys = ON;');
} catch (PDOException $e) { } catch (PDOException $e) {
$error = getError('SQLite connection failed: ', $e->getMessage()); $error = getError('SQLite connection failed: ', $e->getMessage());
} }

View File

@ -47,14 +47,46 @@ class User {
} }
// get user details // get user details
public function getUserDetails($username) { public function getUserDetails($user_id) {
$sql = 'SELECT * FROM users_meta um $sql = 'SELECT
um.*,
u.username
FROM
users_meta um
LEFT JOIN users u LEFT JOIN users u
ON um.user_id = u.id ON um.user_id = u.id
WHERE u.username = :username'; WHERE
u.id = :user_id';
$query = $this->db->prepare($sql); $query = $this->db->prepare($sql);
$query->execute([ $query->execute([
':username' => $username, ':user_id' => $user_id,
]);
return $query->fetchAll(PDO::FETCH_ASSOC);
}
// get user rights
public function getUserRights($user_id) {
$sql = 'SELECT
u.id AS user_id,
u.username,
r.item AS right_name
FROM
users u
LEFT JOIN users_rights ur
ON u.id = ur.user_id
LEFT JOIN rights r
ON ur.right_id = r.id
WHERE
u.id = :user_id
AND
ur.enabled = 1';
$query = $this->db->prepare($sql);
$query->execute([
':user_id' => $user_id,
]); ]);
return $query->fetchAll(PDO::FETCH_ASSOC); return $query->fetchAll(PDO::FETCH_ASSOC);

View File

@ -5,20 +5,20 @@ require '../app/classes/user.php';
$userObject = new User($dbWeb); $userObject = new User($dbWeb);
$userDetails = $userObject->getUserDetails($user); $user_id = $userObject->getUserId($user)[0]['id'];
$userDetails = $userObject->getUserDetails($user_id);
$userRights = $userObject->getUserRights($user_id);
// if a form is submitted, it's from the edit page // if a form is submitted, it's from the edit page
if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$user_id = $userObject->getUserId($user)[0]['id'];
$item = $_REQUEST['item'] ?? ''; $item = $_REQUEST['item'] ?? '';
// avatar removal // avatar removal
if ($item === 'avatar' && $action === 'remove') { if ($item === 'avatar' && $action === 'remove') {
$result = $userObject->removeAvatar($user_id, $config['avatars_path'].$userDetails[0]['avatar']); $result = $userObject->removeAvatar($user_id, $config['avatars_path'].$userDetails[0]['avatar']);
if ($result === true) { if ($result === true) {
$_SESSION['notice'] .= "Avatar for user \"{$user}\" is removed. "; $_SESSION['notice'] .= "Avatar for user \"{$userDetails[0]['username']}\" is removed. ";
} else { } else {
$_SESSION['error'] .= "Removing the avatar failed. Error: $result "; $_SESSION['error'] .= "Removing the avatar failed. Error: $result ";
} }

View File

@ -101,7 +101,7 @@
<br /> <br />
This action cannot be undone. This action cannot be undone.
</div> </div>
<div class="modal-footer"> <div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button> <button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
<form id="remove-avatar-form" data-action="remove-avatar" method="POST" action="<?= $app_root ?>?page=profile&action=remove&item=avatar"> <form id="remove-avatar-form" data-action="remove-avatar" method="POST" action="<?= $app_root ?>?page=profile&action=remove&item=avatar">
<button type="button" class="btn btn-danger" id="confirm-delete">Delete Avatar</button> <button type="button" class="btn btn-danger" id="confirm-delete">Delete Avatar</button>

View File

@ -56,7 +56,10 @@
<label class="form-label"><small>rights:</small></label> <label class="form-label"><small>rights:</small></label>
</div> </div>
<div class="col-md-8 text-start bg-light"> <div class="col-md-8 text-start bg-light">
<?= $userDetails[0]['rights'] ?? '' ?> <?php foreach ($userRights as $right) { ?>
<?= $right['right_name'] ?>
<br />
<?php } ?>
</div> </div>
</div> </div>

View File

@ -0,0 +1,13 @@
INSERT INTO rights VALUES(1,'superuser');
INSERT INTO rights VALUES(2,'edit users');
INSERT INTO rights VALUES(3,'view config file');
INSERT INTO rights VALUES(4,'edit config file');
INSERT INTO rights VALUES(5,'view own profile');
INSERT INTO rights VALUES(6,'edit own profile');
INSERT INTO rights VALUES(7,'view all profiles');
INSERT INTO rights VALUES(8,'edit all profiles');
INSERT INTO rights VALUES(9,'view app logs');
INSERT INTO rights VALUES(10,'view all platforms');
INSERT INTO rights VALUES(11,'edit all platforms');
INSERT INTO rights VALUES(12,'view all agents');
INSERT INTO rights VALUES(13,'edit all agents');

View File

@ -1,3 +1,4 @@
CREATE TABLE users ( CREATE TABLE users (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL UNIQUE, username TEXT NOT NULL UNIQUE,
@ -9,13 +10,20 @@ CREATE TABLE users_meta (
name TEXT, name TEXT,
email TEXT, email TEXT,
avatar TEXT, avatar TEXT,
bio TEXT bio TEXT,
FOREIGN KEY (user_id) REFERENCES users(id)
); );
CREATE TABLE users_rights ( CREATE TABLE users_rights (
user_id INTEGER,
right_id INTEGER,
enabled INTEGER NOT NULL CHECK (enabled IN (0, 1)),
PRIMARY KEY (user_id, right_id),
FOREIGN KEY (user_id) REFERENCES users(id),
FOREIGN KEY (right_id) REFERENCES rights(id)
);
CREATE TABLE rights (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER NOT NULL, item TEXT NOT NULL UNIQUE
item TEXT,
rights TEXT
); );
CREATE TABLE platforms ( CREATE TABLE platforms (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -28,7 +36,8 @@ CREATE TABLE jilo_agents (
platform_id INTEGER NOT NULL, platform_id INTEGER NOT NULL,
type_id INTEGER NOT NULL, type_id INTEGER NOT NULL,
url TEXT NOT NULL, url TEXT NOT NULL,
secret_key TEXT secret_key TEXT,
FOREIGN KEY (platform_id) REFERENCES platforms(id)
); );
CREATE TABLE jilo_agent_types ( CREATE TABLE jilo_agent_types (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,