add support status on users

controllers/publics/Api.php

@@ -30,6 +30,7 @@ namespace controllers\publics;
             'INVALID_PARAMETER' => 2,
             'MISSING_PARAMETER' => 4,
             'CANNOT_CREATE' => 8,
+            'SUSPENDED_USER' => 16,
         ];
 
         const ERROR_MESSAGES = [
@@ -37,6 +38,7 @@ namespace controllers\publics;
             'INVALID_PARAMETER' => 'You have specified an invalid parameter : ',
             'MISSING_PARAMETER' => 'One require parameter is missing : ',
             'CANNOT_CREATE' => 'Cannot create a new entry.',
+            'SUSPENDED_USER' => 'This user account is currently suspended.',
         ];
 
         private $internal_user;
@@ -86,6 +88,17 @@ namespace controllers\publics;
 
                 exit(self::ERROR_CODES['INVALID_CREDENTIALS']);
             }
+            
+            if ($this->user['status'] !== \models\User::STATUS_ACTIVE)
+            {
+                $return = self::DEFAULT_RETURN;
+                $return['error'] = self::ERROR_CODES['SUSPENDED_USER'];
+                $return['message'] = self::ERROR_MESSAGES['SUSPENDED_USER'];
+                $this->auto_http_code(false);
+                $this->json($return);
+
+                exit(self::ERROR_CODES['SUSPENDED_USER']);
+            }
         }
 
         /**

controllers/publics/Connect.php

@@ -64,6 +64,13 @@ namespace controllers\publics;
                 return $this->redirect(\descartes\Router::url('Connect', 'login'));
             }
 
+            if ($user['status'] !== \models\User::STATUS_ACTIVE)
+            {
+                \FlashMessage\FlashMessage::push('danger', 'Votre compte est actuellement suspendu.');
+
+                return $this->redirect(\descartes\Router::url('Connect', 'login'));
+            }
+
             $settings = $this->internal_setting->gets_for_user($user['id']);
             $user['settings'] = $settings;
 

controllers/publics/User.php

@@ -48,6 +48,44 @@ class User extends \descartes\Controller
         $users = $this->internal_user->list(25, $page);
         $this->render('user/list', ['users' => $users]);
     }
+    
+    
+    /**
+     * Update status of users
+     *
+     * @param array int $_GET['ids'] : User ids
+     * @param mixed     $csrf
+     * @param int $status : 1 -> active, 0 -> suspended
+     *
+     * @return boolean;
+     */
+    public function update_status ($csrf, int $status)
+    {
+        if (!$this->verify_csrf($csrf))
+        {
+            \FlashMessage\FlashMessage::push('danger', 'Jeton CSRF invalid !');
+
+            return $this->redirect(\descartes\Router::url('User', 'list'));
+        }
+
+        if ($status == 0)
+        {
+            $status = \models\User::STATUS_SUSPENDED;
+        }
+        else
+        {
+            $status = \models\User::STATUS_ACTIVE;
+        }
+
+        $ids = $_GET['ids'] ?? [];
+        foreach ($ids as $id)
+        {
+            $this->internal_user->update_status($id, $status);
+        }
+
+        return $this->redirect(\descartes\Router::url('User', 'list'));
+    }
+
 
     /**
      * Cette fonction va supprimer une liste de users.
@@ -112,6 +150,7 @@ class User extends \descartes\Controller
         $email = $_POST['email'] ?? false;
         $password = $_POST['password'] ?? \controllers\internals\Tool::generate_password(rand(6, 12));
         $admin = $_POST['admin'] ?? false;
+        $status = 'active';
 
         if (!$email)
         {
@@ -127,7 +166,7 @@ class User extends \descartes\Controller
             return $this->redirect(\descartes\Router::url('User', 'add'));
         }
 
-        $user_id = $this->internal_user->create($email, $password, $admin);
+        $user_id = $this->internal_user->create($email, $password, $admin, $status);
         if (!$user_id)
         {
             \FlashMessage\FlashMessage::push('danger', 'Impossible de créer ce user.');