2019-10-29 14:57:13 +01:00
< ? php
2019-10-29 18:36:25 +01:00
2019-10-30 00:30:39 +01:00
/*
2019-11-10 17:48:54 +01:00
* This file is part of RaspiSMS .
2019-10-30 00:30:39 +01:00
*
2019-11-10 17:48:54 +01:00
* ( c ) Pierre - Lin Bonnemaison < plebwebsas @ gmail . com >
2019-10-30 00:30:39 +01:00
*
2019-11-10 17:48:54 +01:00
* This source file is subject to the GPL - 3.0 license that is bundled
2019-10-30 00:30:39 +01:00
* with this source code in the file LICENSE .
*/
namespace controllers\publics ;
/**
* Page des users .
*/
2019-10-30 00:17:10 +01:00
class User extends \descartes\Controller
{
private $internal_user ;
2021-06-12 23:23:15 +02:00
private $internal_quota ;
2019-10-30 00:17:10 +01:00
/**
* Cette fonction est appelée avant toute les autres :
2019-10-30 00:30:39 +01:00
* Elle vérifie que l ' utilisateur est bien connecté .
*
2019-10-30 00:17:10 +01:00
* @ return void ;
*/
public function __construct ()
2019-10-29 18:36:25 +01:00
{
2019-10-30 00:17:10 +01:00
$bdd = \descartes\Model :: _connect ( DATABASE_HOST , DATABASE_NAME , DATABASE_USER , DATABASE_PASSWORD );
$this -> internal_user = new \controllers\internals\User ( $bdd );
2021-06-12 23:23:15 +02:00
$this -> internal_quota = new \controllers\internals\Quota ( $bdd );
2019-10-30 00:17:10 +01:00
\controllers\internals\Tool :: verifyconnect ();
2019-11-15 06:30:23 +01:00
if ( ! \controllers\internals\Tool :: is_admin ())
{
return $this -> redirect ( \descartes\Router :: url ( 'Dashboard' , 'show' ));
}
2019-10-30 00:17:10 +01:00
}
2019-10-29 14:57:13 +01:00
2019-10-30 00:17:10 +01:00
/**
2019-10-30 00:30:39 +01:00
* Cette fonction retourne tous les users , sous forme d 'un tableau permettant l' administration de ces users .
2019-10-30 00:17:10 +01:00
*/
2020-04-07 03:02:33 +02:00
public function list ()
2019-10-30 00:17:10 +01:00
{
2020-09-23 03:02:13 +02:00
$this -> render ( 'user/list' );
}
2021-01-14 03:32:17 +01:00
2020-09-23 03:02:13 +02:00
/**
2021-01-14 03:32:17 +01:00
* Return users as json .
2020-09-23 03:02:13 +02:00
*/
public function list_json ()
{
$entities = $this -> internal_user -> list ();
2021-06-13 00:14:54 +02:00
foreach ( $entities as & $entity )
{
$quota_percentage = $this -> internal_quota -> get_usage_percentage ( $entity [ 'id' ]);
$entity [ 'quota_percentage' ] = $quota_percentage * 100 ;
2021-06-17 00:51:33 +02:00
2021-06-14 19:48:42 +02:00
$quota = $this -> internal_quota -> get_user_quota ( $entity [ 'id' ]);
if ( ! $quota )
{
continue ;
}
if ( new \DateTime () > new \DateTime ( $quota [ 'expiration_date' ]))
{
$entity [ 'quota_expired_at' ] = $quota [ 'expiration_date' ];
}
2021-06-13 00:14:54 +02:00
}
2020-09-23 03:02:13 +02:00
header ( 'Content-Type: application/json' );
echo json_encode ([ 'data' => $entities ]);
2019-10-30 00:17:10 +01:00
}
2020-06-23 21:06:13 +02:00
2020-03-30 01:52:53 +02:00
/**
2020-06-23 21:06:13 +02:00
* Update status of users .
2020-03-30 01:52:53 +02:00
*
2021-06-12 23:23:15 +02:00
* @ param array int $_GET [ 'user_ids' ] : User ids
2020-03-30 01:52:53 +02:00
* @ param mixed $csrf
2021-06-17 00:51:33 +02:00
* @ param int $status : 1 -> active , 0 -> suspended
2020-03-30 01:52:53 +02:00
*
* @ return boolean ;
*/
2020-06-23 21:06:13 +02:00
public function update_status ( $csrf , int $status )
2020-03-30 01:52:53 +02:00
{
if ( ! $this -> verify_csrf ( $csrf ))
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'Jeton CSRF invalid !' );
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
}
2020-06-23 21:06:13 +02:00
if ( 0 === $status )
2020-03-30 01:52:53 +02:00
{
$status = \models\User :: STATUS_SUSPENDED ;
}
else
{
$status = \models\User :: STATUS_ACTIVE ;
}
2021-06-12 23:23:15 +02:00
$ids = $_GET [ 'user_ids' ] ? ? [];
2020-03-30 01:52:53 +02:00
foreach ( $ids as $id )
{
$this -> internal_user -> update_status ( $id , $status );
}
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
}
2019-10-30 00:17:10 +01:00
/**
2019-10-30 00:30:39 +01:00
* Cette fonction va supprimer une liste de users .
*
2021-06-12 23:23:15 +02:00
* @ param array int $_GET [ 'user_ids' ] : Les id des useres à supprimer
2019-10-30 00:30:39 +01:00
* @ param mixed $csrf
*
2019-10-30 00:17:10 +01:00
* @ return boolean ;
*/
public function delete ( $csrf )
{
2019-10-30 00:30:39 +01:00
if ( ! $this -> verify_csrf ( $csrf ))
{
2019-11-09 03:35:12 +01:00
\FlashMessage\FlashMessage :: push ( 'danger' , 'Jeton CSRF invalid !' );
2019-10-30 00:30:39 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
2019-10-29 14:57:13 +01:00
}
2019-10-30 00:30:39 +01:00
if ( ! \controllers\internals\Tool :: is_admin ())
{
2019-11-09 03:35:12 +01:00
\FlashMessage\FlashMessage :: push ( 'danger' , 'Vous devez être administrateur pour supprimer un utilisateur !' );
2019-10-30 00:30:39 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
2019-10-29 18:36:25 +01:00
}
2019-10-29 14:57:13 +01:00
2021-06-12 23:23:15 +02:00
$ids = $_GET [ 'user_ids' ] ? ? [];
2019-10-30 00:30:39 +01:00
foreach ( $ids as $id )
{
2019-11-14 23:09:56 +01:00
$this -> internal_user -> delete ( $id );
2019-10-30 00:17:10 +01:00
}
2019-10-29 14:57:13 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
}
2019-10-29 14:57:13 +01:00
2019-10-30 00:17:10 +01:00
/**
2019-10-30 00:30:39 +01:00
* Cette fonction retourne la page d 'ajout d' un user .
2019-10-30 00:17:10 +01:00
*/
public function add ()
{
2021-06-11 02:16:41 +02:00
$now = new \DateTime ();
$now = $now -> format ( 'Y-m-d H:i:00' );
2021-06-12 23:23:15 +02:00
return $this -> render ( 'user/add' , [ 'now' => $now ]);
2019-10-30 00:17:10 +01:00
}
2019-10-29 14:57:13 +01:00
2019-10-30 00:17:10 +01:00
/**
2019-10-30 00:30:39 +01:00
* Cette fonction insert un nouveau user .
*
2019-10-30 00:17:10 +01:00
* @ param $csrf : Le jeton CSRF
2021-06-17 00:51:33 +02:00
* @ param string $_POST [ 'email' ] : User email
* @ param optional string $_POST [ 'password' ] : User password , ( if empty the password is randomly generated )
* @ param optional boolean $_POST [ 'admin' ] : If true user is admin
* @ param optional boolean $_POST [ 'quota_enable' ] : If true create a quota for the user
* @ param bool $_POST [ 'quota_enable' ] : If true create a quota for the user
* @ param optional int $_POST [ 'quota_credit' ] : credit for quota
* @ param optional int $_POST [ 'quota_additional' ] : additional credit
* @ param optional string $_POST [ 'quota_start_date' ] : quota beginning date
* @ param optional string $_POST [ 'quota_renewal_interval' ] : period to use on renewal to calculate new expiration date . Also use to calculate first expiration date .
* @ param optional boolean $_POST [ 'quota_auto_renew' ] : Should the quota be automatically renewed on expiration
* @ param optional boolean $_POST [ 'quota_report_unused' ] : Should unused credit be reported next month
2021-06-12 23:23:15 +02:00
* @ param optional boolean $_POST [ 'quota_report_unused_additional' ] : Should unused additional credit be transfered next month
2019-10-30 00:17:10 +01:00
*/
public function create ( $csrf )
{
2019-10-30 00:30:39 +01:00
if ( ! $this -> verify_csrf ( $csrf ))
{
2019-11-09 03:35:12 +01:00
\FlashMessage\FlashMessage :: push ( 'danger' , 'Jeton CSRF invalid !' );
2019-11-10 17:36:42 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
2019-10-29 18:36:25 +01:00
}
2019-10-30 00:30:39 +01:00
2019-10-30 00:17:10 +01:00
$email = $_POST [ 'email' ] ? ? false ;
2020-05-19 05:00:35 +02:00
$password = ! empty ( $_POST [ 'password' ]) ? $_POST [ 'password' ] : \controllers\internals\Tool :: generate_password ( rand ( 6 , 12 ));
2019-10-30 00:17:10 +01:00
$admin = $_POST [ 'admin' ] ? ? false ;
2020-03-30 01:52:53 +02:00
$status = 'active' ;
2021-06-12 23:23:15 +02:00
$quota_enable = $_POST [ 'quota_enable' ] ? ? false ;
$quota_credit = $_POST [ 'quota_credit' ] ? ? false ;
$quota_additional = $_POST [ 'quota_additional' ] ? ? false ;
$quota_start_date = $_POST [ 'quota_start_date' ] ? ? false ;
$quota_renew_interval = $_POST [ 'quota_renew_interval' ] ? ? false ;
$quota_auto_renew = $_POST [ 'quota_auto_renew' ] ? ? false ;
$quota_report_unused = $_POST [ 'quota_report_unused' ] ? ? false ;
$quota_report_unused_additional = $_POST [ 'quota_report_unused_additional' ] ? ? false ;
2019-10-30 00:30:39 +01:00
if ( ! $email )
{
2019-11-09 03:35:12 +01:00
\FlashMessage\FlashMessage :: push ( 'danger' , 'Vous devez au moins fournir une adresse e-mail pour l\'utilisateur.' );
2019-11-10 17:36:42 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
}
2019-10-29 14:57:13 +01:00
2019-10-30 00:30:39 +01:00
if ( ! filter_var ( $email , FILTER_VALIDATE_EMAIL ))
{
2019-11-09 03:35:12 +01:00
\FlashMessage\FlashMessage :: push ( 'danger' , 'L\'adresse e-mail n\'est pas valide.' );
2019-11-10 17:36:42 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
}
2019-10-29 14:57:13 +01:00
2021-06-12 23:23:15 +02:00
//Forge quota for user if needed
$quota = null ;
if ( $quota_enable )
{
$quota = [];
$quota [ 'credit' ] = ( int ) $quota_credit ;
$quota [ 'additional' ] = ( int ) $quota_additional ;
2021-06-17 00:51:33 +02:00
if ( false === $quota_start_date || ! \controllers\internals\Tool :: validate_date ( $quota_start_date , 'Y-m-d H:i:s' ))
2021-06-12 23:23:15 +02:00
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'Vous devez définir une date de début valide pour le quota.' );
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
}
$quota [ 'start_date' ] = new \DateTime ( $quota_start_date );
2021-06-17 00:51:33 +02:00
if ( false === $quota_renew_interval || ! \controllers\internals\Tool :: validate_period ( $quota_renew_interval ))
2021-06-12 23:23:15 +02:00
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'Vous devez définir une durée de quota parmis la liste proposée.' );
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
}
$quota [ 'renew_interval' ] = $quota_renew_interval ;
$quota [ 'expiration_date' ] = clone $quota [ 'start_date' ];
$quota [ 'expiration_date' ] -> add ( new \DateInterval ( $quota_renew_interval ));
$quota [ 'auto_renew' ] = ( bool ) $quota_auto_renew ;
$quota [ 'report_unused' ] = ( bool ) $quota_report_unused ;
$quota [ 'report_unused_additional' ] = ( bool ) $quota_report_unused_additional ;
}
$id_user = $this -> internal_user -> create ( $email , $password , $admin , null , \models\User :: STATUS_ACTIVE , true , $quota );
2020-04-02 19:10:54 +02:00
if ( ! $id_user )
2019-10-30 00:30:39 +01:00
{
2021-06-12 23:23:15 +02:00
\FlashMessage\FlashMessage :: push ( 'danger' , 'Impossible de créer cet utilisateur.' );
2019-11-10 17:36:42 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
2019-10-29 18:36:25 +01:00
}
2019-10-30 00:17:10 +01:00
2020-04-16 07:50:30 +02:00
$mailer = new \controllers\internals\Mailer ();
$email_send = $mailer -> enqueue ( $email , EMAIL_CREATE_USER , [ 'email' => $email , 'password' => $password ]);
2019-11-10 00:27:42 +01:00
if ( ! $email_send )
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'Impossible d\'envoyer l\'e-mail à l\'utilisateur.' );
}
2019-10-30 00:30:39 +01:00
2019-11-10 00:27:42 +01:00
\FlashMessage\FlashMessage :: push ( 'success' , 'L\'utilisateur a bien été créé.' );
2019-11-10 17:36:42 +01:00
2019-10-30 00:17:10 +01:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
2019-10-29 18:36:25 +01:00
}
2021-06-17 00:51:33 +02:00
2021-06-12 23:23:15 +02:00
/**
2021-06-17 00:51:33 +02:00
* Return the edition page for the users .
2021-06-12 23:23:15 +02:00
*
* @ param int ... $ids : users ids
*/
public function edit ()
{
$ids = $_GET [ 'user_ids' ] ? ? [];
$id_user = $_SESSION [ 'user' ][ 'id' ];
$users = $this -> internal_user -> gets_in_by_id ( $ids );
if ( ! $users )
{
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
}
foreach ( $users as & $user )
{
$user [ 'quota' ] = $this -> internal_quota -> get_user_quota ( $user [ 'id' ]);
}
2021-06-17 00:51:33 +02:00
2021-06-12 23:23:15 +02:00
$now = new \DateTime ();
$now = $now -> format ( 'Y-m-d H:i:00' );
$this -> render ( 'user/edit' , [
'users' => $users ,
'now' => $now ,
]);
}
2021-06-17 00:51:33 +02:00
2021-06-12 23:23:15 +02:00
/**
2021-06-17 00:51:33 +02:00
* Update a list of users .
2021-06-12 23:23:15 +02:00
*
* @ param $csrf : Le jeton CSRF
* @ param array $_POST [ 'users' ] : Array of the users and new values , id as key . Quota may also be defined .
*/
public function update ( $csrf )
{
if ( ! $this -> verify_csrf ( $csrf ))
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'Jeton CSRF invalid !' );
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
}
2021-06-17 00:51:33 +02:00
2021-06-14 19:48:42 +02:00
$nb_update = 0 ;
2021-06-12 23:23:15 +02:00
$users = $_POST [ 'users' ] ? ? [];
foreach ( $users as $id_user => $user )
{
$email = $user [ 'email' ] ? ? false ;
$password = ! empty ( $user [ 'password' ]) ? $user [ 'password' ] : null ;
$admin = $user [ 'admin' ] ? ? false ;
$quota_enable = $user [ 'quota_enable' ] ? ? false ;
$quota_consumed = $user [ 'quota_consumed' ] ? ? false ;
$quota_credit = $user [ 'quota_credit' ] ? ? false ;
$quota_additional = $user [ 'quota_additional' ] ? ? false ;
$quota_start_date = $user [ 'quota_start_date' ] ? ? false ;
$quota_renew_interval = $user [ 'quota_renew_interval' ] ? ? false ;
$quota_auto_renew = $user [ 'quota_auto_renew' ] ? ? false ;
$quota_report_unused = $user [ 'quota_report_unused' ] ? ? false ;
$quota_report_unused_additional = $user [ 'quota_report_unused_additional' ] ? ? false ;
if ( ! $email )
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'L\'utilisateur #' . ( int ) $id_user . ' n\'as pas pu être mis à jour car l\'adresse e-mail n\'as pas été fournie.' );
continue ;
}
if ( ! filter_var ( $email , FILTER_VALIDATE_EMAIL ))
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'L\'utilisateur #' . ( int ) $id_user . ' n\'as pas pu être mis à jour car l\'adresse e-mail fournie n\'est pas valide.' );
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'add' ));
}
//Forge quota for user if needed
$quota = false ;
if ( $quota_enable )
{
$quota = [];
$quota [ 'credit' ] = ( int ) $quota_credit ;
$quota [ 'consumed' ] = ( int ) $quota_consumed ;
$quota [ 'additional' ] = ( int ) $quota_additional ;
2021-06-17 00:51:33 +02:00
if ( false === $quota_start_date || ! \controllers\internals\Tool :: validate_date ( $quota_start_date , 'Y-m-d H:i:s' ))
2021-06-12 23:23:15 +02:00
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'L\'utilisateur #' . ( int ) $id_user . ' n\'as pas pu être mis à jour car la date de début du quota associé n\'est pas valide.' );
continue ;
}
$quota [ 'start_date' ] = new \DateTime ( $quota_start_date );
2021-06-17 00:51:33 +02:00
if ( false === $quota_renew_interval || ! \controllers\internals\Tool :: validate_period ( $quota_renew_interval ))
2021-06-12 23:23:15 +02:00
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'L\'utilisateur #' . ( int ) $id_user . ' n\'as pas pu être mis à jour car la durée du quota associé n\'est pas valide.' );
2021-06-17 00:51:33 +02:00
2021-06-12 23:23:15 +02:00
continue ;
}
$quota [ 'renew_interval' ] = $quota_renew_interval ;
$quota [ 'expiration_date' ] = clone $quota [ 'start_date' ];
$quota [ 'expiration_date' ] -> add ( new \DateInterval ( $quota_renew_interval ));
$quota [ 'auto_renew' ] = ( bool ) $quota_auto_renew ;
$quota [ 'report_unused' ] = ( bool ) $quota_report_unused ;
$quota [ 'report_unused_additional' ] = ( bool ) $quota_report_unused_additional ;
//Format dates
$quota [ 'start_date' ] = $quota [ 'start_date' ] -> format ( 'Y-m-d H:i:s' );
$quota [ 'expiration_date' ] = $quota [ 'expiration_date' ] -> format ( 'Y-m-d H:i:s' );
}
$updated_user = [
'email' => $email ,
'admin' => $admin ,
];
if ( $password )
{
2021-06-14 21:43:03 +02:00
$updated_user [ 'password' ] = password_hash ( $password , PASSWORD_DEFAULT );
2021-06-12 23:23:15 +02:00
}
$success = $this -> internal_user -> update ( $id_user , $updated_user , $quota );
if ( ! $success )
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'L\'utilisateur #' . ( int ) $id_user . ' n\'as pas pu être mis à jour.' );
2021-06-17 00:51:33 +02:00
2021-06-12 23:23:15 +02:00
continue ;
}
2021-06-17 00:51:33 +02:00
++ $nb_update ;
2021-06-12 23:23:15 +02:00
}
2021-06-14 19:48:42 +02:00
if ( $nb_update != count ( $users ))
{
\FlashMessage\FlashMessage :: push ( 'danger' , 'Certains utilisateurs n\'ont pas pu être mis à jour.' );
2021-06-17 00:51:33 +02:00
2021-06-14 19:48:42 +02:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
}
2021-06-17 00:51:33 +02:00
2021-06-14 19:48:42 +02:00
\FlashMessage\FlashMessage :: push ( 'success' , 'Tous les utilisateurs ont bien été mis à jour.' );
2021-06-17 00:51:33 +02:00
2021-06-14 19:48:42 +02:00
return $this -> redirect ( \descartes\Router :: url ( 'User' , 'list' ));
2021-06-12 23:23:15 +02:00
}
2019-10-30 00:17:10 +01:00
}