Admins can add new users to usergroup system

new users meaning users who aren't in the usergroup system for the website yet.

also spicier no access messages
This commit is contained in:
Markus Wang Halvorsen 2017-11-11 20:37:04 +01:00
parent bb965aadd2
commit 689975f262
12 changed files with 37 additions and 27 deletions

View File

@ -16,7 +16,7 @@ class UserManager{
$this->pdo = $pdo;
}
public function setupUser($uname, $groups){
public function setupUser($uname, $groups=0){
$query = 'INSERT INTO users (uname, groups) VALUES (:uname, :groups)';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
@ -37,8 +37,6 @@ class UserManager{
if($userFlags){
$newFlags = ($group | $userFlags);
$this->updateFlags($uname, $newFlags);
}else{
$this->setupUser($uname, $group);
}
}
@ -56,8 +54,9 @@ class UserManager{
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
$statement->execute();
$row = $statement->fetch();
if($statement->fetch()){
if($row){
$query = 'UPDATE users set groups=:groups WHERE uname=:uname';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':groups', $groups, PDO::PARAM_INT);
@ -70,9 +69,6 @@ class UserManager{
public function hasGroup($uname, $groupName){
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
return ($userFlags & $this->usergroups[$groupName]);
}
@ -107,9 +103,6 @@ class UserManager{
$usersGroups = [];
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
foreach($this->usergroups as $name => $flag){
if($userFlags & $flag){

View File

@ -12,7 +12,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

View File

@ -14,7 +14,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

View File

@ -20,7 +20,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
@ -63,9 +63,16 @@ $users = $userManager->getAllUserData();
<tr><th>Brukernavn</th><th>Brukergrupper</th></tr>
<?php
$users_value = '';
foreach($users as $i => $data){
$uname = $data['name'];
$groupFlag = $userManager->getUsergroups($uname);
if(!$users_value){
$users_value = $uname;
}else{
$users_value = $users_value . '_' . $uname;
}
?>
<tr>
@ -79,6 +86,7 @@ $users = $userManager->getAllUserData();
<?php
}
echo '<input type="hidden" name="users" value="' . $users_value . '" />';
?>
<tr class="newuserrow">

View File

@ -16,23 +16,26 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
$newUser;
if(isset($_POST['newuser'])){
$newUser = $_POST['newuser'];
$newUser = $_POST['newuser'];
unset($_POST['newuser']);
}
$updatingUsers = explode('_', $_POST['users']);
unset($_POST['users']);
// 2d array of usernames and their corresponding group flags
$userFlags = [];
foreach($_POST as $namegroup => $check){
// new user field, don't use that
if($namegroup == 'newuser'){
continue;
}
if($newUser){
$userFlags[$newUser] = 0;
}
foreach($_POST as $namegroup => $info){
$data = explode('_', $namegroup);
if($data[0] == 'newuser'){
if(!$newUser){
@ -49,6 +52,12 @@ foreach($_POST as $namegroup => $check){
$userFlags[$data[0]] = ($userFlags[$data[0]] | $userManager->usergroups[$data[1]]);
}
foreach($updatingUsers as $uname){
if(!array_key_exists($uname, $userFlags)){
$userFlags[$uname] = 0;
}
}
foreach($userFlags as $uname => $flag){
$userManager->setGroups($uname, $flag);
}

View File

@ -18,7 +18,7 @@ $projectGroup = $userManager->hasGroup($uname, 'prosjekt');
$activityGroup = $userManager->hasGroup($uname, 'aktiviteter');
if(!($isAdmin | $projectGroup | $activityGroup)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
?>

View File

@ -12,7 +12,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

View File

@ -14,7 +14,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}