Projects/nettsiden
Projects
/
nettsiden
7
0
Fork 0
Code Issues 5 Pull Requests 2 Activity

Admins can add new users to usergroup system 

new users meaning users who aren't in the usergroup system for the website yet.

also spicier no access messages
This commit is contained in:
halworsen 2017-11-11 20:37:04 +01:00
parent bb965aadd2
commit 689975f262
12 changed files with 37 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/pvv/admin/usermanager.php
View File

@ -16,7 +16,7 @@ class UserManager{
$this->pdo = $pdo;
}
public function setupUser($uname, $groups){
public function setupUser($uname, $groups=0){
$query = 'INSERT INTO users (uname, groups) VALUES (:uname, :groups)';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
@ -37,8 +37,6 @@ class UserManager{
if($userFlags){
$newFlags = ($group | $userFlags);
$this->updateFlags($uname, $newFlags);
}else{
$this->setupUser($uname, $group);
}
}
@ -56,8 +54,9 @@ class UserManager{
$statement = $this->pdo->prepare($query);
$statement->bindParam(':uname', $uname, PDO::PARAM_STR);
$statement->execute();
$row = $statement->fetch();
if($statement->fetch()){
if($row){
$query = 'UPDATE users set groups=:groups WHERE uname=:uname';
$statement = $this->pdo->prepare($query);
$statement->bindParam(':groups', $groups, PDO::PARAM_INT);
@ -70,9 +69,6 @@ class UserManager{
public function hasGroup($uname, $groupName){
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
return ($userFlags & $this->usergroups[$groupName]);
}
@ -107,9 +103,6 @@ class UserManager{
$usersGroups = [];
$userFlags = $this->getUsergroups($uname);
if(!$userFlags){
$this->setupUser($uname);
}
foreach($this->usergroups as $name => $flag){
if($userFlags & $flag){

2
www/admin/aktiviteter/delete.php
View File

@ -12,7 +12,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/aktiviteter/edit.php
View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/aktiviteter/index.php
View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/aktiviteter/update.php
View File

@ -14,7 +14,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'aktiviteter')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

10
www/admin/brukere/index.php
View File

@ -20,7 +20,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
@ -63,9 +63,16 @@ $users = $userManager->getAllUserData();
<tr><th>Brukernavn</th><th>Brukergrupper</th></tr>
<?php
$users_value = '';
foreach($users as $i => $data){
$uname = $data['name'];
$groupFlag = $userManager->getUsergroups($uname);
if(!$users_value){
$users_value = $uname;
}else{
$users_value = $users_value . '_' . $uname;
}
?>
<tr>
@ -79,6 +86,7 @@ $users = $userManager->getAllUserData();
<?php
}
echo '<input type="hidden" name="users" value="' . $users_value . '" />';
?>
<tr class="newuserrow">

23
www/admin/brukere/update.php
View File

@ -16,23 +16,26 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->isAdmin($uname)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
$newUser;
if(isset($_POST['newuser'])){
$newUser = $_POST['newuser'];
$newUser = $_POST['newuser'];
unset($_POST['newuser']);
}
$updatingUsers = explode('_', $_POST['users']);
unset($_POST['users']);
// 2d array of usernames and their corresponding group flags
$userFlags = [];
foreach($_POST as $namegroup => $check){
// new user field, don't use that
if($namegroup == 'newuser'){
continue;
}
if($newUser){
$userFlags[$newUser] = 0;
}
foreach($_POST as $namegroup => $info){
$data = explode('_', $namegroup);
if($data[0] == 'newuser'){
if(!$newUser){
@ -49,6 +52,12 @@ foreach($_POST as $namegroup => $check){
$userFlags[$data[0]] = ($userFlags[$data[0]] | $userManager->usergroups[$data[1]]);
}
foreach($updatingUsers as $uname){
if(!array_key_exists($uname, $userFlags)){
$userFlags[$uname] = 0;
}
}
foreach($userFlags as $uname => $flag){
$userManager->setGroups($uname, $flag);
}

2
www/admin/index.php
View File

@ -18,7 +18,7 @@ $projectGroup = $userManager->hasGroup($uname, 'prosjekt');
$activityGroup = $userManager->hasGroup($uname, 'aktiviteter');
if(!($isAdmin | $projectGroup | $activityGroup)){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}
?>

2
www/admin/prosjekter/delete.php
View File

@ -12,7 +12,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/prosjekter/edit.php
View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/prosjekter/index.php
View File

@ -16,7 +16,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}

2
www/admin/prosjekter/update.php
View File

@ -14,7 +14,7 @@ $attrs = $as->getAttributes();
$uname = $attrs['uid'][0];
if(!$userManager->hasGroup($uname, 'prosjekt')){
echo 'Ingen tilgang';
echo 'Her har du ikke lov\'t\'å\'værra!!!';
exit();
}