Usergroup system

This commit is contained in:
Markus Wang Halvorsen 2017-11-11 17:00:08 +01:00
parent 53aec5edf5
commit 1ce3490ff0
9 changed files with 305 additions and 12 deletions

20
composer.lock generated
View File

@ -4,6 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"hash": "bb9526f4307712d731a88758f3903639",
"content-hash": "eff76bfaa958c3f30a87781731812450",
"packages": [
{
@ -51,7 +52,7 @@
"psr",
"psr-3"
],
"time": "2016-10-10T12:19:37+00:00"
"time": "2016-10-10 12:19:37"
},
{
"name": "robrichards/xmlseclibs",
@ -92,7 +93,7 @@
"xml",
"xmldsig"
],
"time": "2016-09-08T13:31:44+00:00"
"time": "2016-09-08 13:31:44"
},
{
"name": "simplesamlphp/saml2",
@ -141,20 +142,20 @@
}
],
"description": "SAML2 PHP library from SimpleSAMLphp",
"time": "2016-12-02T12:45:13+00:00"
"time": "2016-12-02 12:45:13"
},
{
"name": "simplesamlphp/simplesamlphp",
"version": "v1.14.16",
"version": "v1.14.12",
"source": {
"type": "git",
"url": "https://github.com/simplesamlphp/simplesamlphp.git",
"reference": "9ebbbbc7fa334d55526c2a5e230d9941002cdcb8"
"reference": "353a77be570b29f42812a44245947b4fb030a5da"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/simplesamlphp/simplesamlphp/zipball/9ebbbbc7fa334d55526c2a5e230d9941002cdcb8",
"reference": "9ebbbbc7fa334d55526c2a5e230d9941002cdcb8",
"url": "https://api.github.com/repos/simplesamlphp/simplesamlphp/zipball/353a77be570b29f42812a44245947b4fb030a5da",
"reference": "353a77be570b29f42812a44245947b4fb030a5da",
"shasum": ""
},
"require": {
@ -162,7 +163,6 @@
"ext-dom": "*",
"ext-hash": "*",
"ext-json": "*",
"ext-mbstring": "*",
"ext-openssl": "*",
"ext-pcre": "*",
"ext-spl": "*",
@ -212,7 +212,7 @@
"sp",
"ws-federation"
],
"time": "2017-09-04T12:11:47+00:00"
"time": "2017-03-30 12:11:17"
},
{
"name": "whitehat101/apr1-md5",
@ -256,7 +256,7 @@
"MD5",
"apr1"
],
"time": "2015-02-11T11:06:42+00:00"
"time": "2015-02-11 11:06:42"
}
],
"packages-dev": [],

5
dist/pvv.sql vendored
View File

@ -15,4 +15,9 @@ CREATE TABLE "projects" (
"owneruname" TEXT,
"description" TEXT,
"active" BOOLEAN
);
CREATE TABLE "users" (
"uname" TEXT,
"groups" INT DEFAULT 0
);

@ -1 +1 @@
Subproject commit 391377324c10e6249dc31fc2bede7c58880c8951
Subproject commit 7b2dc91100becd0c3d15de8764ad279ded0d3a58

View File

@ -15,4 +15,9 @@ CREATE TABLE "projects" (
"owneruname" TEXT,
"description" TEXT,
"active" BOOLEAN
);
CREATE TABLE "users" (
"uname" TEXT,
"groups" INT DEFAULT 0
);

View File

@ -0,0 +1,139 @@
<?php
namespace pvv\admin;
use \PDO;
class UserManager{
private $pdo;
public $usergroups = [
'admin' => 1,
'prosjekt' => 2,
'hendelser' => 4
];
public function __construct($pdo){
$this->pdo = $pdo;
}
public function setupUser($uname, $groups){
$query = 'INSERT INTO users (uname, groups) VALUES (:uname, :groups)';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
$statement->bindParam(':groups', $groups, PDO::PARAM_INT);
$statement->execute();
}
public function updateFlags($uname, $flags){
$query = 'UPDATE users set groups=:groups WHERE uname=:uname';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':groups', $flags, PDO::PARAM_INT);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
}
public function addGroup($uname, $group){
$userFlags = $this->getUsergroups();
if($userFlags){
$newFlags = ($group | $userFlags);
$this->updateFlags($uname, $newFlags);
}else{
$this->setupUser($uname, $group);
}
}
public function removeGroup($uname, $group){
$userFlags = $this->getUsergroups();
if($userFlags){
$newFlags = ($userFlags & (~ $group));
$this->updateFlags($uname, $newFlags);
}
}
public function setGroups($uname, $groups){
$query = 'SELECT * FROM users WHERE uname=:uname LIMIT 1';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
$statement->execute();
if($statement->fetch()){
$query = 'UPDATE users set groups=:groups WHERE uname=:uname';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':groups', $groups, PDO::PARAM_INT);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
$statement->execute();
}else{
$this->setupUser($uname, $groups);
}
}
public function hasGroup($uname, $groupName){
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
return ($userFlags & $this->usergroups[$groupName]);
}
// for convenience
public function isAdmin($uname){
return $this->hasGroup($uname, 'admin');
}
public function getFlagfromNames($names){
$resultFlag = 0;
foreach($this->usergroups as $name => $flag){
if(in_array($name, $names)){
$resultFlag = ($resultFlag | $flag);
}
}
return $resultFlag;
}
public function getUsergroups($uname){
$query = 'SELECT groups FROM users WHERE uname=:uname LIMIT 1';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
$statement->execute();
return $statement->fetch()[0];
}
public function getUsergroupNames($uname){
$usersGroups = [];
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
foreach($this->usergroups as $name => $flag){
if($userFlags & $flag){
$usersGroups[] = $name;
}
}
return $usersGroups;
}
public function getAllUserData(){
$query = 'SELECT uname FROM users ORDER BY uname ASC';
$statement = $this->pdo->prepare($query);
$statement->execute();
$users = [];
foreach($statement->fetchAll() as $userData){
$uname = $userData['uname'];
$users[] = [
'name' => $uname,
'groups' => $this->getUsergroupNames($uname)
];
}
return $users;
}
}

View File

@ -0,0 +1,88 @@
<?php
ini_set('display_errors', '1');
date_default_timezone_set('Europe/Oslo');
setlocale(LC_ALL, 'no_NO');
error_reporting(E_ALL);
require __DIR__ . '/../../../src/_autoload.php';
require __DIR__ . '/../../../sql_config.php';
require_once(__DIR__ . '/../../../vendor/simplesamlphp/simplesamlphp/lib/_autoload.php');
$as = new SimpleSAML_Auth_Simple('default-sp');
$attrs = $as->getAttributes();
$pdo = new \PDO($dbDsn, $dbUser, $dbPass);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$userManager = new \pvv\admin\UserManager($pdo);
require_once(__DIR__ . '/../../../vendor/simplesamlphp/simplesamlphp/lib/_autoload.php');
$as = new SimpleSAML_Auth_Simple('default-sp');
$as->requireAuth();
$attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
exit();
}
$users = $userManager->getAllUserData();
?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" href="../../css/normalize.css">
<link rel="stylesheet" href="../../css/style.css">
<link rel="stylesheet" href="../../css/events.css">
<link rel="stylesheet" href="../../css/admin.css">
<nav>
<ul>
<li class="active"><a href="index.php">hjem</a></li>
<li><a href="aktiviteter/">aktiviteter</a></li>
<li><a href="../prosjekt/">prosjekter</a></li>
<li><a href="kontakt">kontakt</a></li>
<li><a href="pvv/">wiki</a></li>
</ul>
<?php
$attr = $as->getAttributes();
if($attr){
$uname = $attr["uid"][0];
echo '<p class="login">logget inn som: ' . $uname . '</p>';
}else{
echo '<a class="login" href="' . $as->getLoginURL() . '">logg inn</a>';
}
?>
</nav>
<header class="admin">Bruker&shy;administrasjon</header>
<main>
<article>
<form action="./update.php" method="post">
<table class="userlist">
<tr><th>Brukernavn</th><th>Brukergrupper</th></tr>
<?php
foreach($users as $i => $data){
$uname = $data['name'];
$groupFlag = $userManager->getUsergroups($uname);
?>
<tr>
<td><?= $uname; ?></td>
<?php
foreach($userManager->usergroups as $name => $group){
echo '<td><input type="checkbox" ' . (($groupFlag & $group) ? 'checked' : '') . ' name="' . $uname . '_' . $name . '">' . $name . '</td>';
}
?>
</tr>
<?php
}
?>
</table>
<input type="submit" class="btn" value="Lagre">
</form>
</article>
</main>

View File

@ -0,0 +1,41 @@
<?php
ini_set('display_errors', '1');
date_default_timezone_set('Europe/Oslo');
setlocale(LC_ALL, 'no_NO');
error_reporting(E_ALL);
require __DIR__ . '/../../../src/_autoload.php';
require __DIR__ . '/../../../sql_config.php';
$pdo = new \PDO($dbDsn, $dbUser, $dbPass);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$userManager = new \pvv\admin\UserManager($pdo);
require_once(__DIR__ . '/../../../vendor/simplesamlphp/simplesamlphp/lib/_autoload.php');
$as = new SimpleSAML_Auth_Simple('default-sp');
$as->requireAuth();
$attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
exit();
}
// 2d array of usernames and their corresponding group flags
$userFlags = [];
foreach($_POST as $namegroup => $check){
$data = explode('_', $namegroup);
if(!isset($userFlags[$data[0]])){
$userFlags[$data[0]] = 0;
}
$userFlags[$data[0]] = ($userFlags[$data[0]] | $userManager->usergroups[$data[1]]);
}
foreach($userFlags as $uname => $flag){
$userManager->setGroups($uname, $flag);
}
header('Location: .');
?>
<a href=".">Om du ikke ble automatisk omdirigert tilbake klikk her</a>

View File

@ -73,7 +73,7 @@ if($new == 0){
<div class="allgrids" style="margin-top: 2em;">
<hr class="ruler">
<input type="submit" class="btn" value="Lagre"></a>
<input type="submit" class="btn" value="Lagre">
</div>
</form>
<p>

View File

@ -121,3 +121,18 @@ header.admin {
background: #084;
color: white;
}
.userlist {
table-layout: fixed;
width: 100%;
margin: 1em 0;
}
.userlist tr th {
text-align: left;
}
.userlist tr {
border-bottom: 1px solid gray;
min-width: 100%;
}