add support status on users

2025-04-20 16:37:48 +02:00 · 2020-03-30 01:52:53 +02:00 · 2020-03-30 01:52:53 +02:00 · 413c058ffc
commit 413c058ffc
parent e59631607b
10 changed files with 156 additions and 8 deletions
--- a/controllers/internals/Console.php
+++ b/controllers/internals/Console.php
@ -66,8 +66,9 @@ namespace controllers\internals;
         * @param $password : User password
         * @param $admin : Is user admin
         * @param $api_key : User API key, if null random api key is generated
+         * @param $status : User status, default \models\User::STATUS_ACTIVE
         */
-        public function create_update_user(string $email, string $password, bool $admin, ?string $api_key = null)
+        public function create_update_user(string $email, string $password, bool $admin, ?string $api_key = null, string $status = \models\User::STATUS_ACTIVE)
        {
            $bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD, 'UTF8');
            $internal_user = new \controllers\internals\User($bdd);
@ -76,12 +77,34 @@ namespace controllers\internals;
            if ($user)
            {
                $api_key = $api_key ?? $internal_user->generate_random_api_key();
-                $success = $internal_user->update($user['id'], $email, $password, $admin, $api_key);
+                $success = $internal_user->update($user['id'], $email, $password, $admin, $api_key, $status);

                exit($success ? 0 : 1);
            }

-            $success = $internal_user->create($email, $password, $admin, $api_key);
+            $success = $internal_user->create($email, $password, $admin, $api_key, $status);
+            exit($success ? 0 : 1);
+        }
+
+        /**
+         *
+         * Update a user status
+         *
+         * @param string $email : User email
+         * @param string $status : User status, default \models\User::STATUS_ACTIVE
+         */
+        public function update_user_status (string $email, string $status)
+        {
+            $bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD, 'UTF8');
+            $internal_user = new \controllers\internals\User($bdd);
+
+            $user = $internal_user->get_by_email($email);
+            if (!$user)
+            {
+                exit(1);
+            }
+
+            $success = $internal_user->update_status($user['id'], $status);
            exit($success ? 0 : 1);
        }
    }
--- a/controllers/internals/User.php
+++ b/controllers/internals/User.php
@ -104,6 +104,20 @@ namespace controllers\internals;
        {
            return (bool) $this->model_user->update_email($id, $email);
        }
+        
+        
+        /**
+         * Update user status.
+         *
+         * @param string $id    : user id
+         * @param string $status : new status
+         *
+         * @return boolean;
+         */
+        public function update_status($id, $status)
+        {
+            return (bool) $this->model_user->update($id, ['status' => $status]);
+        }

        /**
         * Update user api key.
@ -170,16 +184,18 @@ namespace controllers\internals;
         * @param mixed $password
         * @param mixed $admin
         * @param mixed $api_key
+         * @param string $status : User status
         *
         * @return int : Number of modified user
         */
-        public function update($id, $email, $password, $admin, $api_key)
+        public function update($id, $email, $password, $admin, $api_key, $status)
        {
            $user = [
                'email' => $email,
                'password' => password_hash($password, PASSWORD_DEFAULT),
                'admin' => $admin,
                'api_key' => $api_key,
+                'status' => $status,
            ];

            return $this->model_user->update($id, $user);
@ -192,16 +208,18 @@ namespace controllers\internals;
         * @param mixed   $password
         * @param mixed   $admin
         * @param ?string $api_key  : The api key of the user, if null generate randomly
+         * @param string $status : User status, default \models\User::STATUS_ACTIVE
         *
         * @return mixed bool|int : false on error, id of the new user else
         */
-        public function create($email, $password, $admin, ?string $api_key = null)
+        public function create($email, $password, $admin, ?string $api_key = null, string $status = \models\User::STATUS_ACTIVE)
        {
            $user = [
                'email' => $email,
                'password' => password_hash($password, PASSWORD_DEFAULT),
                'admin' => $admin,
                'api_key' => $api_key ?? $this->generate_random_api_key(),
+                'status' => $status,
            ];

            $new_user_id = $this->model_user->insert($user);
--- a/controllers/publics/Api.php
+++ b/controllers/publics/Api.php
@ -30,6 +30,7 @@ namespace controllers\publics;
            'INVALID_PARAMETER' => 2,
            'MISSING_PARAMETER' => 4,
            'CANNOT_CREATE' => 8,
+            'SUSPENDED_USER' => 16,
        ];

        const ERROR_MESSAGES = [
@ -37,6 +38,7 @@ namespace controllers\publics;
            'INVALID_PARAMETER' => 'You have specified an invalid parameter : ',
            'MISSING_PARAMETER' => 'One require parameter is missing : ',
            'CANNOT_CREATE' => 'Cannot create a new entry.',
+            'SUSPENDED_USER' => 'This user account is currently suspended.',
        ];

        private $internal_user;
@ -86,6 +88,17 @@ namespace controllers\publics;

                exit(self::ERROR_CODES['INVALID_CREDENTIALS']);
            }
+            
+            if ($this->user['status'] !== \models\User::STATUS_ACTIVE)
+            {
+                $return = self::DEFAULT_RETURN;
+                $return['error'] = self::ERROR_CODES['SUSPENDED_USER'];
+                $return['message'] = self::ERROR_MESSAGES['SUSPENDED_USER'];
+                $this->auto_http_code(false);
+                $this->json($return);
+
+                exit(self::ERROR_CODES['SUSPENDED_USER']);
+            }
        }

        /**
--- a/controllers/publics/Connect.php
+++ b/controllers/publics/Connect.php
@ -64,6 +64,13 @@ namespace controllers\publics;
                return $this->redirect(\descartes\Router::url('Connect', 'login'));
            }

+            if ($user['status'] !== \models\User::STATUS_ACTIVE)
+            {
+                \FlashMessage\FlashMessage::push('danger', 'Votre compte est actuellement suspendu.');
+
+                return $this->redirect(\descartes\Router::url('Connect', 'login'));
+            }
+
            $settings = $this->internal_setting->gets_for_user($user['id']);
            $user['settings'] = $settings;

--- a/controllers/publics/User.php
+++ b/controllers/publics/User.php
@ -48,6 +48,44 @@ class User extends \descartes\Controller
        $users = $this->internal_user->list(25, $page);
        $this->render('user/list', ['users' => $users]);
    }
+    
+    
+    /**
+     * Update status of users
+     *
+     * @param array int $_GET['ids'] : User ids
+     * @param mixed     $csrf
+     * @param int $status : 1 -> active, 0 -> suspended
+     *
+     * @return boolean;
+     */
+    public function update_status ($csrf, int $status)
+    {
+        if (!$this->verify_csrf($csrf))
+        {
+            \FlashMessage\FlashMessage::push('danger', 'Jeton CSRF invalid !');
+
+            return $this->redirect(\descartes\Router::url('User', 'list'));
+        }
+
+        if ($status == 0)
+        {
+            $status = \models\User::STATUS_SUSPENDED;
+        }
+        else
+        {
+            $status = \models\User::STATUS_ACTIVE;
+        }
+
+        $ids = $_GET['ids'] ?? [];
+        foreach ($ids as $id)
+        {
+            $this->internal_user->update_status($id, $status);
+        }
+
+        return $this->redirect(\descartes\Router::url('User', 'list'));
+    }
+

    /**
     * Cette fonction va supprimer une liste de users.
@ -112,6 +150,7 @@ class User extends \descartes\Controller
        $email = $_POST['email'] ?? false;
        $password = $_POST['password'] ?? \controllers\internals\Tool::generate_password(rand(6, 12));
        $admin = $_POST['admin'] ?? false;
+        $status = 'active';

        if (!$email)
        {
@ -127,7 +166,7 @@ class User extends \descartes\Controller
            return $this->redirect(\descartes\Router::url('User', 'add'));
        }

-        $user_id = $this->internal_user->create($email, $password, $admin);
+        $user_id = $this->internal_user->create($email, $password, $admin, $status);
        if (!$user_id)
        {
            \FlashMessage\FlashMessage::push('danger', 'Impossible de créer ce user.');