From 1ce3490ff0aaefeb998b0a7374844cd430618d85 Mon Sep 17 00:00:00 2001 From: halworsen Date: Sat, 11 Nov 2017 17:00:08 +0100 Subject: [PATCH] Usergroup system --- composer.lock | 20 ++--- dist/pvv.sql | 5 ++ lib/OAuth2-Client | 2 +- pvv.sql | 5 ++ src/pvv/admin/usermanager.php | 139 ++++++++++++++++++++++++++++++++++ www/admin/brukere/index.php | 88 +++++++++++++++++++++ www/admin/brukere/update.php | 41 ++++++++++ www/admin/prosjekter/edit.php | 2 +- www/css/admin.css | 15 ++++ 9 files changed, 305 insertions(+), 12 deletions(-) create mode 100644 src/pvv/admin/usermanager.php create mode 100644 www/admin/brukere/index.php create mode 100644 www/admin/brukere/update.php diff --git a/composer.lock b/composer.lock index ff8e00e..240420e 100644 --- a/composer.lock +++ b/composer.lock @@ -4,6 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], + "hash": "bb9526f4307712d731a88758f3903639", "content-hash": "eff76bfaa958c3f30a87781731812450", "packages": [ { @@ -51,7 +52,7 @@ "psr", "psr-3" ], - "time": "2016-10-10T12:19:37+00:00" + "time": "2016-10-10 12:19:37" }, { "name": "robrichards/xmlseclibs", @@ -92,7 +93,7 @@ "xml", "xmldsig" ], - "time": "2016-09-08T13:31:44+00:00" + "time": "2016-09-08 13:31:44" }, { "name": "simplesamlphp/saml2", @@ -141,20 +142,20 @@ } ], "description": "SAML2 PHP library from SimpleSAMLphp", - "time": "2016-12-02T12:45:13+00:00" + "time": "2016-12-02 12:45:13" }, { "name": "simplesamlphp/simplesamlphp", - "version": "v1.14.16", + "version": "v1.14.12", "source": { "type": "git", "url": "https://github.com/simplesamlphp/simplesamlphp.git", - "reference": "9ebbbbc7fa334d55526c2a5e230d9941002cdcb8" + "reference": "353a77be570b29f42812a44245947b4fb030a5da" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/simplesamlphp/simplesamlphp/zipball/9ebbbbc7fa334d55526c2a5e230d9941002cdcb8", - "reference": "9ebbbbc7fa334d55526c2a5e230d9941002cdcb8", + "url": "https://api.github.com/repos/simplesamlphp/simplesamlphp/zipball/353a77be570b29f42812a44245947b4fb030a5da", + "reference": "353a77be570b29f42812a44245947b4fb030a5da", "shasum": "" }, "require": { @@ -162,7 +163,6 @@ "ext-dom": "*", "ext-hash": "*", "ext-json": "*", - "ext-mbstring": "*", "ext-openssl": "*", "ext-pcre": "*", "ext-spl": "*", @@ -212,7 +212,7 @@ "sp", "ws-federation" ], - "time": "2017-09-04T12:11:47+00:00" + "time": "2017-03-30 12:11:17" }, { "name": "whitehat101/apr1-md5", @@ -256,7 +256,7 @@ "MD5", "apr1" ], - "time": "2015-02-11T11:06:42+00:00" + "time": "2015-02-11 11:06:42" } ], "packages-dev": [], diff --git a/dist/pvv.sql b/dist/pvv.sql index 684cbfd..4325a96 100644 --- a/dist/pvv.sql +++ b/dist/pvv.sql @@ -15,4 +15,9 @@ CREATE TABLE "projects" ( "owneruname" TEXT, "description" TEXT, "active" BOOLEAN +); + +CREATE TABLE "users" ( +"uname" TEXT, +"groups" INT DEFAULT 0 ); \ No newline at end of file diff --git a/lib/OAuth2-Client b/lib/OAuth2-Client index 3913773..7b2dc91 160000 --- a/lib/OAuth2-Client +++ b/lib/OAuth2-Client @@ -1 +1 @@ -Subproject commit 391377324c10e6249dc31fc2bede7c58880c8951 +Subproject commit 7b2dc91100becd0c3d15de8764ad279ded0d3a58 diff --git a/pvv.sql b/pvv.sql index 684cbfd..4325a96 100644 --- a/pvv.sql +++ b/pvv.sql @@ -15,4 +15,9 @@ CREATE TABLE "projects" ( "owneruname" TEXT, "description" TEXT, "active" BOOLEAN +); + +CREATE TABLE "users" ( +"uname" TEXT, +"groups" INT DEFAULT 0 ); \ No newline at end of file diff --git a/src/pvv/admin/usermanager.php b/src/pvv/admin/usermanager.php new file mode 100644 index 0000000..0c2c858 --- /dev/null +++ b/src/pvv/admin/usermanager.php @@ -0,0 +1,139 @@ + 1, + 'prosjekt' => 2, + 'hendelser' => 4 + ]; + + public function __construct($pdo){ + $this->pdo = $pdo; + } + + public function setupUser($uname, $groups){ + $query = 'INSERT INTO users (uname, groups) VALUES (:uname, :groups)'; + $statement = $this->pdo->prepare($query); + $statement->bindParam(':uname', $uname, PDO::PARAM_STR); + $statement->bindParam(':groups', $groups, PDO::PARAM_INT); + $statement->execute(); + } + + public function updateFlags($uname, $flags){ + $query = 'UPDATE users set groups=:groups WHERE uname=:uname'; + $statement = $this->pdo->prepare($query); + $statement->bindParam(':groups', $flags, PDO::PARAM_INT); + $statement->bindParam(':uname', $uname, PDO::PARAM_STR); + } + + public function addGroup($uname, $group){ + $userFlags = $this->getUsergroups(); + + if($userFlags){ + $newFlags = ($group | $userFlags); + $this->updateFlags($uname, $newFlags); + }else{ + $this->setupUser($uname, $group); + } + } + + public function removeGroup($uname, $group){ + $userFlags = $this->getUsergroups(); + + if($userFlags){ + $newFlags = ($userFlags & (~ $group)); + $this->updateFlags($uname, $newFlags); + } + } + + public function setGroups($uname, $groups){ + $query = 'SELECT * FROM users WHERE uname=:uname LIMIT 1'; + $statement = $this->pdo->prepare($query); + $statement->bindParam(':uname', $uname, PDO::PARAM_STR); + $statement->execute(); + + if($statement->fetch()){ + $query = 'UPDATE users set groups=:groups WHERE uname=:uname'; + $statement = $this->pdo->prepare($query); + $statement->bindParam(':groups', $groups, PDO::PARAM_INT); + $statement->bindParam(':uname', $uname, PDO::PARAM_STR); + $statement->execute(); + }else{ + $this->setupUser($uname, $groups); + } + } + + public function hasGroup($uname, $groupName){ + $userFlags = $this->getUsergroups($uname); + if(!$userFlags){ + $this->setupUser($uname); + } + + return ($userFlags & $this->usergroups[$groupName]); + } + + // for convenience + public function isAdmin($uname){ + return $this->hasGroup($uname, 'admin'); + } + + public function getFlagfromNames($names){ + $resultFlag = 0; + + foreach($this->usergroups as $name => $flag){ + if(in_array($name, $names)){ + $resultFlag = ($resultFlag | $flag); + } + } + + return $resultFlag; + } + + public function getUsergroups($uname){ + $query = 'SELECT groups FROM users WHERE uname=:uname LIMIT 1'; + $statement = $this->pdo->prepare($query); + $statement->bindParam(':uname', $uname, PDO::PARAM_STR); + $statement->execute(); + + return $statement->fetch()[0]; + } + + public function getUsergroupNames($uname){ + $usersGroups = []; + + $userFlags = $this->getUsergroups($uname); + if(!$userFlags){ + $this->setupUser($uname); + } + + foreach($this->usergroups as $name => $flag){ + if($userFlags & $flag){ + $usersGroups[] = $name; + } + } + + return $usersGroups; + } + + public function getAllUserData(){ + $query = 'SELECT uname FROM users ORDER BY uname ASC'; + $statement = $this->pdo->prepare($query); + $statement->execute(); + + $users = []; + foreach($statement->fetchAll() as $userData){ + $uname = $userData['uname']; + $users[] = [ + 'name' => $uname, + 'groups' => $this->getUsergroupNames($uname) + ]; + } + + return $users; + } +} \ No newline at end of file diff --git a/www/admin/brukere/index.php b/www/admin/brukere/index.php new file mode 100644 index 0000000..04d96c7 --- /dev/null +++ b/www/admin/brukere/index.php @@ -0,0 +1,88 @@ +getAttributes(); + +$pdo = new \PDO($dbDsn, $dbUser, $dbPass); +$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); +$userManager = new \pvv\admin\UserManager($pdo); + +require_once(__DIR__ . '/../../../vendor/simplesamlphp/simplesamlphp/lib/_autoload.php'); +$as = new SimpleSAML_Auth_Simple('default-sp'); +$as->requireAuth(); +$attrs = $as->getAttributes(); +$uname = $attrs['uid'][0]; + +if(!$userManager->isAdmin($uname)){ + echo 'Ingen tilgang'; + exit(); +} + +$users = $userManager->getAllUserData(); +?> + + + + + + + + + +
Bruker­administrasjon
+ +
+
+ +
+ + + + $data){ + $uname = $data['name']; + $groupFlag = $userManager->getUsergroups($uname); + ?> + + + + usergroups as $name => $group){ + echo ''; + } + ?> + + + +
BrukernavnBrukergrupper
' . $name . '
+ +
+ +
+
\ No newline at end of file diff --git a/www/admin/brukere/update.php b/www/admin/brukere/update.php new file mode 100644 index 0000000..5c1d352 --- /dev/null +++ b/www/admin/brukere/update.php @@ -0,0 +1,41 @@ +setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); +$userManager = new \pvv\admin\UserManager($pdo); + +require_once(__DIR__ . '/../../../vendor/simplesamlphp/simplesamlphp/lib/_autoload.php'); +$as = new SimpleSAML_Auth_Simple('default-sp'); +$as->requireAuth(); +$attrs = $as->getAttributes(); +$uname = $attrs['uid'][0]; + +if(!$userManager->isAdmin($uname)){ + echo 'Ingen tilgang'; + exit(); +} + +// 2d array of usernames and their corresponding group flags +$userFlags = []; +foreach($_POST as $namegroup => $check){ + $data = explode('_', $namegroup); + if(!isset($userFlags[$data[0]])){ + $userFlags[$data[0]] = 0; + } + + $userFlags[$data[0]] = ($userFlags[$data[0]] | $userManager->usergroups[$data[1]]); +} + +foreach($userFlags as $uname => $flag){ + $userManager->setGroups($uname, $flag); +} + +header('Location: .'); +?> + +Om du ikke ble automatisk omdirigert tilbake klikk her \ No newline at end of file diff --git a/www/admin/prosjekter/edit.php b/www/admin/prosjekter/edit.php index 16ef6de..9f2ac7d 100644 --- a/www/admin/prosjekter/edit.php +++ b/www/admin/prosjekter/edit.php @@ -73,7 +73,7 @@ if($new == 0){

- +

diff --git a/www/css/admin.css b/www/css/admin.css index 2e3a533..16e241d 100644 --- a/www/css/admin.css +++ b/www/css/admin.css @@ -121,3 +121,18 @@ header.admin { background: #084; color: white; } + +.userlist { + table-layout: fixed; + width: 100%; + margin: 1em 0; +} + +.userlist tr th { + text-align: left; +} + +.userlist tr { + border-bottom: 1px solid gray; + min-width: 100%; +}