Projects/nettsiden-old
Projects/nettsiden-old
Archived
8
0
Fork 0
Code Issues Pull Requests Activity

Admins can add new users to usergroup system

Browse Source 
new users meaning users who aren't in the usergroup system for the website yet.

also spicier no access messages
This commit is contained in:
Markus Wang Halvorsen 2017-11-11 20:37:04 +01:00
parent bb965aadd2
commit 689975f262
12 changed files with 37 additions and 27 deletions

13
src/pvv/admin/usermanager.php

@ -16,7 +16,7 @@ class UserManager{
$this->pdo = $pdo;
}
public function setupUser($uname, $groups){
public function setupUser($uname, $groups=0){
$query = 'INSERT INTO users (uname, groups) VALUES (:uname, :groups)';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
@ -37,8 +37,6 @@ class UserManager{
if($userFlags){
$newFlags = ($group | $userFlags);
$this->updateFlags($uname, $newFlags);
}else{
$this->setupUser($uname, $group);
}
}
@ -56,8 +54,9 @@ class UserManager{
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
$statement->execute();
$row = $statement->fetch();
if($statement->fetch()){
if($row){
$query = 'UPDATE users set groups=:groups WHERE uname=:uname';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':groups', $groups, PDO::PARAM_INT);
@ -70,9 +69,6 @@ class UserManager{
public function hasGroup($uname, $groupName){
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
return ($userFlags & $this->usergroups[$groupName]);
}
@ -107,9 +103,6 @@ class UserManager{
$usersGroups = [];
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
foreach($this->usergroups as $name => $flag){
if($userFlags & $flag){

2
www/admin/aktiviteter/delete.php

@ -12,7 +12,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/aktiviteter/edit.php

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/aktiviteter/index.php

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/aktiviteter/update.php

@ -14,7 +14,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

10
www/admin/brukere/index.php

@ -20,7 +20,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
@ -63,9 +63,16 @@ $users = $userManager->getAllUserData();
<tr><th>Brukernavn</th><th>Brukergrupper</th></tr>
<?php
$users_value = '';
foreach($users as $i => $data){
$uname = $data['name'];
$groupFlag = $userManager->getUsergroups($uname);
if(!$users_value){
$users_value = $uname;
}else{
$users_value = $users_value . '_' . $uname;
}
?>
<tr>
@ -79,6 +86,7 @@ $users = $userManager->getAllUserData();
<?php
}
echo '<input type="hidden" name="users" value="' . $users_value . '" />';
?>
<tr class="newuserrow">

23
www/admin/brukere/update.php

@ -16,23 +16,26 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
$newUser;
if(isset($_POST['newuser'])){
$newUser = $_POST['newuser'];
$newUser = $_POST['newuser'];
unset($_POST['newuser']);
}
$updatingUsers = explode('_', $_POST['users']);
unset($_POST['users']);
// 2d array of usernames and their corresponding group flags
$userFlags = [];
foreach($_POST as $namegroup => $check){
// new user field, don't use that
if($namegroup == 'newuser'){
continue;
}
if($newUser){
$userFlags[$newUser] = 0;
}
foreach($_POST as $namegroup => $info){
$data = explode('_', $namegroup);
if($data[0] == 'newuser'){
if(!$newUser){
@ -49,6 +52,12 @@ foreach($_POST as $namegroup => $check){
$userFlags[$data[0]] = ($userFlags[$data[0]] | $userManager->usergroups[$data[1]]);
}
foreach($updatingUsers as $uname){
if(!array_key_exists($uname, $userFlags)){
$userFlags[$uname] = 0;
}
}
foreach($userFlags as $uname => $flag){
$userManager->setGroups($uname, $flag);
}

2
www/admin/index.php

@ -18,7 +18,7 @@ $projectGroup = $userManager->hasGroup($uname, 'prosjekt');
$activityGroup = $userManager->hasGroup($uname, 'aktiviteter');
if(!($isAdmin | $projectGroup | $activityGroup)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
?>

2
www/admin/prosjekter/delete.php

@ -12,7 +12,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/prosjekter/edit.php

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/prosjekter/index.php

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/prosjekter/update.php

@ -14,7 +14,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}