Adds initial support for user rights
parent
1efb3b6a17
commit
70163e1c5e
|
|
@ -42,6 +42,8 @@ class Database {
|
|||
try {
|
||||
$this->pdo = new PDO("sqlite:" . $options['dbFile']);
|
||||
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
// enable foreign key constraints (not ON by default in SQLite3)
|
||||
$this->pdo->exec('PRAGMA foreign_keys = ON;');
|
||||
} catch (PDOException $e) {
|
||||
$error = getError('SQLite connection failed: ', $e->getMessage());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,14 +47,46 @@ class User {
|
|||
}
|
||||
|
||||
// get user details
|
||||
public function getUserDetails($username) {
|
||||
$sql = 'SELECT * FROM users_meta um
|
||||
public function getUserDetails($user_id) {
|
||||
$sql = 'SELECT
|
||||
um.*,
|
||||
u.username
|
||||
FROM
|
||||
users_meta um
|
||||
LEFT JOIN users u
|
||||
ON um.user_id = u.id
|
||||
WHERE u.username = :username';
|
||||
ON um.user_id = u.id
|
||||
WHERE
|
||||
u.id = :user_id';
|
||||
|
||||
$query = $this->db->prepare($sql);
|
||||
$query->execute([
|
||||
':username' => $username,
|
||||
':user_id' => $user_id,
|
||||
]);
|
||||
|
||||
return $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
}
|
||||
|
||||
// get user rights
|
||||
public function getUserRights($user_id) {
|
||||
$sql = 'SELECT
|
||||
u.id AS user_id,
|
||||
u.username,
|
||||
r.item AS right_name
|
||||
FROM
|
||||
users u
|
||||
LEFT JOIN users_rights ur
|
||||
ON u.id = ur.user_id
|
||||
LEFT JOIN rights r
|
||||
ON ur.right_id = r.id
|
||||
WHERE
|
||||
u.id = :user_id
|
||||
AND
|
||||
ur.enabled = 1';
|
||||
|
||||
$query = $this->db->prepare($sql);
|
||||
$query->execute([
|
||||
':user_id' => $user_id,
|
||||
]);
|
||||
|
||||
return $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
|
|
|||
|
|
@ -5,20 +5,20 @@ require '../app/classes/user.php';
|
|||
|
||||
$userObject = new User($dbWeb);
|
||||
|
||||
$userDetails = $userObject->getUserDetails($user);
|
||||
$user_id = $userObject->getUserId($user)[0]['id'];
|
||||
$userDetails = $userObject->getUserDetails($user_id);
|
||||
$userRights = $userObject->getUserRights($user_id);
|
||||
|
||||
// if a form is submitted, it's from the edit page
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
|
||||
$user_id = $userObject->getUserId($user)[0]['id'];
|
||||
|
||||
$item = $_REQUEST['item'] ?? '';
|
||||
|
||||
// avatar removal
|
||||
if ($item === 'avatar' && $action === 'remove') {
|
||||
$result = $userObject->removeAvatar($user_id, $config['avatars_path'].$userDetails[0]['avatar']);
|
||||
if ($result === true) {
|
||||
$_SESSION['notice'] .= "Avatar for user \"{$user}\" is removed. ";
|
||||
$_SESSION['notice'] .= "Avatar for user \"{$userDetails[0]['username']}\" is removed. ";
|
||||
} else {
|
||||
$_SESSION['error'] .= "Removing the avatar failed. Error: $result ";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -101,7 +101,7 @@
|
|||
<br />
|
||||
This action cannot be undone.
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cancel</button>
|
||||
<form id="remove-avatar-form" data-action="remove-avatar" method="POST" action="<?= $app_root ?>?page=profile&action=remove&item=avatar">
|
||||
<button type="button" class="btn btn-danger" id="confirm-delete">Delete Avatar</button>
|
||||
|
|
|
|||
|
|
@ -56,7 +56,10 @@
|
|||
<label class="form-label"><small>rights:</small></label>
|
||||
</div>
|
||||
<div class="col-md-8 text-start bg-light">
|
||||
<?= $userDetails[0]['rights'] ?? '' ?>
|
||||
<?php foreach ($userRights as $right) { ?>
|
||||
<?= $right['right_name'] ?>
|
||||
<br />
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,13 @@
|
|||
INSERT INTO rights VALUES(1,'superuser');
|
||||
INSERT INTO rights VALUES(2,'edit users');
|
||||
INSERT INTO rights VALUES(3,'view config file');
|
||||
INSERT INTO rights VALUES(4,'edit config file');
|
||||
INSERT INTO rights VALUES(5,'view own profile');
|
||||
INSERT INTO rights VALUES(6,'edit own profile');
|
||||
INSERT INTO rights VALUES(7,'view all profiles');
|
||||
INSERT INTO rights VALUES(8,'edit all profiles');
|
||||
INSERT INTO rights VALUES(9,'view app logs');
|
||||
INSERT INTO rights VALUES(10,'view all platforms');
|
||||
INSERT INTO rights VALUES(11,'edit all platforms');
|
||||
INSERT INTO rights VALUES(12,'view all agents');
|
||||
INSERT INTO rights VALUES(13,'edit all agents');
|
||||
|
|
@ -1,3 +1,4 @@
|
|||
|
||||
CREATE TABLE users (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
username TEXT NOT NULL UNIQUE,
|
||||
|
|
@ -9,13 +10,20 @@ CREATE TABLE users_meta (
|
|||
name TEXT,
|
||||
email TEXT,
|
||||
avatar TEXT,
|
||||
bio TEXT
|
||||
bio TEXT,
|
||||
FOREIGN KEY (user_id) REFERENCES users(id)
|
||||
);
|
||||
CREATE TABLE users_rights (
|
||||
user_id INTEGER,
|
||||
right_id INTEGER,
|
||||
enabled INTEGER NOT NULL CHECK (enabled IN (0, 1)),
|
||||
PRIMARY KEY (user_id, right_id),
|
||||
FOREIGN KEY (user_id) REFERENCES users(id),
|
||||
FOREIGN KEY (right_id) REFERENCES rights(id)
|
||||
);
|
||||
CREATE TABLE rights (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
user_id INTEGER NOT NULL,
|
||||
item TEXT,
|
||||
rights TEXT
|
||||
item TEXT NOT NULL UNIQUE
|
||||
);
|
||||
CREATE TABLE platforms (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
|
|
@ -28,7 +36,8 @@ CREATE TABLE jilo_agents (
|
|||
platform_id INTEGER NOT NULL,
|
||||
type_id INTEGER NOT NULL,
|
||||
url TEXT NOT NULL,
|
||||
secret_key TEXT
|
||||
secret_key TEXT,
|
||||
FOREIGN KEY (platform_id) REFERENCES platforms(id)
|
||||
);
|
||||
CREATE TABLE jilo_agent_types (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
|
|
|
|||
Loading…
Reference in New Issue