From 413c058ffcb0298c0fdf12bc44e0a6416cfc0c80 Mon Sep 17 00:00:00 2001 From: osaajani <> Date: Mon, 30 Mar 2020 01:52:53 +0200 Subject: [PATCH] add support status on users --- adapters/OvhSmsAdapter.php | 6 ++- controllers/internals/Console.php | 29 +++++++++++-- controllers/internals/User.php | 22 +++++++++- controllers/publics/Api.php | 13 ++++++ controllers/publics/Connect.php | 7 ++++ controllers/publics/User.php | 41 ++++++++++++++++++- .../20200329231620_add_user_status.php | 38 +++++++++++++++++ models/User.php | 3 ++ routes.php | 1 + templates/user/list.php | 4 ++ 10 files changed, 156 insertions(+), 8 deletions(-) create mode 100644 db/migrations/20200329231620_add_user_status.php diff --git a/adapters/OvhSmsAdapter.php b/adapters/OvhSmsAdapter.php index ec8461c..835ee77 100644 --- a/adapters/OvhSmsAdapter.php +++ b/adapters/OvhSmsAdapter.php @@ -85,9 +85,11 @@ namespace adapters; */ public static function meta_description(): string { - $callback = \descartes\Router::url('Callback', 'update_sended_status', ['adapter_name' => self::meta_name()], ['api_key' => $_SESSION['user']['api_key'] ?? '']); + $callback = \descartes\Router::url('Callback', 'update_sended_status', ['adapter_name' => self::meta_name()], ['api_key' => $_SESSION['user']['api_key'] ?? '']); + $generate_credentials_url = 'https://eu.api.ovh.com/createToken/index.cgi?GET=/sms&GET=/sms/*&POST=/sms/*&PUT=/sms/*&DELETE=/sms/*&'; + return ' - Solution de SMS proposé par le groupe OVH. Pour générer les clefs API OVH, cliquez ici. + Solution de SMS proposé par le groupe OVH. Pour générer les clefs API OVH, cliquez ici.

Adresse URL de callback de changement d\'état : ' . $callback . '
diff --git a/controllers/internals/Console.php b/controllers/internals/Console.php index 1e4eabe..782aaa9 100644 --- a/controllers/internals/Console.php +++ b/controllers/internals/Console.php @@ -66,8 +66,9 @@ namespace controllers\internals; * @param $password : User password * @param $admin : Is user admin * @param $api_key : User API key, if null random api key is generated + * @param $status : User status, default \models\User::STATUS_ACTIVE */ - public function create_update_user(string $email, string $password, bool $admin, ?string $api_key = null) + public function create_update_user(string $email, string $password, bool $admin, ?string $api_key = null, string $status = \models\User::STATUS_ACTIVE) { $bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD, 'UTF8'); $internal_user = new \controllers\internals\User($bdd); @@ -76,12 +77,34 @@ namespace controllers\internals; if ($user) { $api_key = $api_key ?? $internal_user->generate_random_api_key(); - $success = $internal_user->update($user['id'], $email, $password, $admin, $api_key); + $success = $internal_user->update($user['id'], $email, $password, $admin, $api_key, $status); exit($success ? 0 : 1); } - $success = $internal_user->create($email, $password, $admin, $api_key); + $success = $internal_user->create($email, $password, $admin, $api_key, $status); + exit($success ? 0 : 1); + } + + /** + * + * Update a user status + * + * @param string $email : User email + * @param string $status : User status, default \models\User::STATUS_ACTIVE + */ + public function update_user_status (string $email, string $status) + { + $bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD, 'UTF8'); + $internal_user = new \controllers\internals\User($bdd); + + $user = $internal_user->get_by_email($email); + if (!$user) + { + exit(1); + } + + $success = $internal_user->update_status($user['id'], $status); exit($success ? 0 : 1); } } diff --git a/controllers/internals/User.php b/controllers/internals/User.php index 55d01b4..cb1a8ea 100644 --- a/controllers/internals/User.php +++ b/controllers/internals/User.php @@ -104,6 +104,20 @@ namespace controllers\internals; { return (bool) $this->model_user->update_email($id, $email); } + + + /** + * Update user status. + * + * @param string $id : user id + * @param string $status : new status + * + * @return boolean; + */ + public function update_status($id, $status) + { + return (bool) $this->model_user->update($id, ['status' => $status]); + } /** * Update user api key. @@ -170,16 +184,18 @@ namespace controllers\internals; * @param mixed $password * @param mixed $admin * @param mixed $api_key + * @param string $status : User status * * @return int : Number of modified user */ - public function update($id, $email, $password, $admin, $api_key) + public function update($id, $email, $password, $admin, $api_key, $status) { $user = [ 'email' => $email, 'password' => password_hash($password, PASSWORD_DEFAULT), 'admin' => $admin, 'api_key' => $api_key, + 'status' => $status, ]; return $this->model_user->update($id, $user); @@ -192,16 +208,18 @@ namespace controllers\internals; * @param mixed $password * @param mixed $admin * @param ?string $api_key : The api key of the user, if null generate randomly + * @param string $status : User status, default \models\User::STATUS_ACTIVE * * @return mixed bool|int : false on error, id of the new user else */ - public function create($email, $password, $admin, ?string $api_key = null) + public function create($email, $password, $admin, ?string $api_key = null, string $status = \models\User::STATUS_ACTIVE) { $user = [ 'email' => $email, 'password' => password_hash($password, PASSWORD_DEFAULT), 'admin' => $admin, 'api_key' => $api_key ?? $this->generate_random_api_key(), + 'status' => $status, ]; $new_user_id = $this->model_user->insert($user); diff --git a/controllers/publics/Api.php b/controllers/publics/Api.php index 3e70d9c..e7a1ffd 100644 --- a/controllers/publics/Api.php +++ b/controllers/publics/Api.php @@ -30,6 +30,7 @@ namespace controllers\publics; 'INVALID_PARAMETER' => 2, 'MISSING_PARAMETER' => 4, 'CANNOT_CREATE' => 8, + 'SUSPENDED_USER' => 16, ]; const ERROR_MESSAGES = [ @@ -37,6 +38,7 @@ namespace controllers\publics; 'INVALID_PARAMETER' => 'You have specified an invalid parameter : ', 'MISSING_PARAMETER' => 'One require parameter is missing : ', 'CANNOT_CREATE' => 'Cannot create a new entry.', + 'SUSPENDED_USER' => 'This user account is currently suspended.', ]; private $internal_user; @@ -86,6 +88,17 @@ namespace controllers\publics; exit(self::ERROR_CODES['INVALID_CREDENTIALS']); } + + if ($this->user['status'] !== \models\User::STATUS_ACTIVE) + { + $return = self::DEFAULT_RETURN; + $return['error'] = self::ERROR_CODES['SUSPENDED_USER']; + $return['message'] = self::ERROR_MESSAGES['SUSPENDED_USER']; + $this->auto_http_code(false); + $this->json($return); + + exit(self::ERROR_CODES['SUSPENDED_USER']); + } } /** diff --git a/controllers/publics/Connect.php b/controllers/publics/Connect.php index 9948bb8..f2827b5 100644 --- a/controllers/publics/Connect.php +++ b/controllers/publics/Connect.php @@ -64,6 +64,13 @@ namespace controllers\publics; return $this->redirect(\descartes\Router::url('Connect', 'login')); } + if ($user['status'] !== \models\User::STATUS_ACTIVE) + { + \FlashMessage\FlashMessage::push('danger', 'Votre compte est actuellement suspendu.'); + + return $this->redirect(\descartes\Router::url('Connect', 'login')); + } + $settings = $this->internal_setting->gets_for_user($user['id']); $user['settings'] = $settings; diff --git a/controllers/publics/User.php b/controllers/publics/User.php index 9b47224..14ada1f 100644 --- a/controllers/publics/User.php +++ b/controllers/publics/User.php @@ -48,6 +48,44 @@ class User extends \descartes\Controller $users = $this->internal_user->list(25, $page); $this->render('user/list', ['users' => $users]); } + + + /** + * Update status of users + * + * @param array int $_GET['ids'] : User ids + * @param mixed $csrf + * @param int $status : 1 -> active, 0 -> suspended + * + * @return boolean; + */ + public function update_status ($csrf, int $status) + { + if (!$this->verify_csrf($csrf)) + { + \FlashMessage\FlashMessage::push('danger', 'Jeton CSRF invalid !'); + + return $this->redirect(\descartes\Router::url('User', 'list')); + } + + if ($status == 0) + { + $status = \models\User::STATUS_SUSPENDED; + } + else + { + $status = \models\User::STATUS_ACTIVE; + } + + $ids = $_GET['ids'] ?? []; + foreach ($ids as $id) + { + $this->internal_user->update_status($id, $status); + } + + return $this->redirect(\descartes\Router::url('User', 'list')); + } + /** * Cette fonction va supprimer une liste de users. @@ -112,6 +150,7 @@ class User extends \descartes\Controller $email = $_POST['email'] ?? false; $password = $_POST['password'] ?? \controllers\internals\Tool::generate_password(rand(6, 12)); $admin = $_POST['admin'] ?? false; + $status = 'active'; if (!$email) { @@ -127,7 +166,7 @@ class User extends \descartes\Controller return $this->redirect(\descartes\Router::url('User', 'add')); } - $user_id = $this->internal_user->create($email, $password, $admin); + $user_id = $this->internal_user->create($email, $password, $admin, $status); if (!$user_id) { \FlashMessage\FlashMessage::push('danger', 'Impossible de créer ce user.'); diff --git a/db/migrations/20200329231620_add_user_status.php b/db/migrations/20200329231620_add_user_status.php new file mode 100644 index 0000000..a3d7543 --- /dev/null +++ b/db/migrations/20200329231620_add_user_status.php @@ -0,0 +1,38 @@ +table('user'); + $table->addColumn('status', 'enum', ['values' => ['suspended', 'active']]); + $table->update(); + } +} diff --git a/models/User.php b/models/User.php index 6b554a6..eaca1ca 100644 --- a/models/User.php +++ b/models/User.php @@ -16,6 +16,9 @@ namespace models; */ class User extends \descartes\Model { + const STATUS_SUSPENDED = 'suspended'; + const STATUS_ACTIVE = 'active'; + /** * Find a user by his id. * diff --git a/routes.php b/routes.php index 7642380..add46db 100644 --- a/routes.php +++ b/routes.php @@ -156,6 +156,7 @@ 'add' => '/user/add/', 'create' => '/user/create/{csrf}/', 'delete' => '/user/delete/{csrf}/', + 'update_status' => '/user/delete/{status}/{csrf}/', ], 'Phone' => [ diff --git a/templates/user/list.php b/templates/user/list.php index 8fd0033..87baf69 100644 --- a/templates/user/list.php +++ b/templates/user/list.php @@ -42,6 +42,7 @@ # Email Admin + Status Sélectionner @@ -51,6 +52,7 @@ s($user['id']); ?> s($user['email']); ?> s($user['admin']); ?> + s($user['status']); ?> @@ -63,6 +65,8 @@
Action pour la séléction : + +