diff --git a/VERSION b/VERSION index ed530b3..e5e2ba2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v3.1.5 +v3.1.7 diff --git a/adapters/OctopushVirtualNumberAdapter.php b/adapters/OctopushVirtualNumberAdapter.php index 33473f9..1715937 100644 --- a/adapters/OctopushVirtualNumberAdapter.php +++ b/adapters/OctopushVirtualNumberAdapter.php @@ -44,6 +44,11 @@ class OctopushVirtualNumberAdapter implements AdapterInterface */ private $api_url = 'https://api.octopush.com/v1/public'; + /** + * Octopush phone number + */ + private $number; + /** * Adapter constructor, called when instanciated by RaspiSMS. diff --git a/controllers/internals/Received.php b/controllers/internals/Received.php index 60aefba..b9b6cfc 100644 --- a/controllers/internals/Received.php +++ b/controllers/internals/Received.php @@ -68,6 +68,14 @@ namespace controllers\internals; return false; } + //Check if the received message is a SMS STOP and we must register it + $internal_smsstop = new SmsStop($this->bdd); + $is_stop = $internal_smsstop->check_for_stop($received['text']); + if ($is_stop) + { + $internal_smsstop->create($id_user, $origin); + } + //Link medias $internal_media = new Media($this->bdd); foreach ($media_ids as $media_id) diff --git a/controllers/internals/Scheduled.php b/controllers/internals/Scheduled.php index 1a0c75c..9282aed 100644 --- a/controllers/internals/Scheduled.php +++ b/controllers/internals/Scheduled.php @@ -285,7 +285,9 @@ namespace controllers\internals; $internal_group = new \controllers\internals\Group($this->bdd); $internal_conditional_group = new \controllers\internals\ConditionalGroup($this->bdd); $internal_phone = new \controllers\internals\Phone($this->bdd); + $internal_smsstop = new \controllers\internals\SmsStop($this->bdd); + $users_smsstops = []; $users_settings = []; $users_phones = []; $users_mms_phones = []; @@ -306,6 +308,17 @@ namespace controllers\internals; } } + if (!isset($users_smsstops[$scheduled['id_user']]) && $users_settings[$scheduled['id_user']]['smsstop']) + { + $users_smsstops[$scheduled['id_user']] = []; + + $smsstops = $internal_smsstop->gets_for_user($scheduled['id_user']); + foreach ($smsstops as $smsstop) + { + $users_smsstops[$scheduled['id_user']][] = $smsstop['number']; + } + } + if (!isset($users_phones[$scheduled['id_user']])) { $phones = $internal_phone->gets_for_user($scheduled['id_user']); @@ -467,6 +480,12 @@ namespace controllers\internals; continue; } + //Remove messages to smsstops numbers + if (in_array($message['destination'], $users_smsstops[$scheduled['id_user']])) + { + continue; + } + $smss_to_send[] = $message; } } diff --git a/controllers/internals/SmsStop.php b/controllers/internals/SmsStop.php index 6ea87ae..1cfc649 100644 --- a/controllers/internals/SmsStop.php +++ b/controllers/internals/SmsStop.php @@ -73,4 +73,15 @@ namespace controllers\internals; return $this->model; } + + /** + * Parse a string to check if its a SMS stop + * + * @param string $str : The string to check + * @return bool : true if sms stop, false else + */ + public function check_for_stop (string $str) + { + return trim(mb_strtolower($str)) == 'stop'; + } } diff --git a/controllers/publics/Account.php b/controllers/publics/Account.php index 84e8d55..bcd4327 100644 --- a/controllers/publics/Account.php +++ b/controllers/publics/Account.php @@ -204,4 +204,25 @@ namespace controllers\publics; return $this->redirect(\descartes\Router::url('Connect', 'login')); } + + /** + * Allow to stop impersonating a user + * @param mixed $csrf + */ + public function stop_impersonate() + { + $old_session = $_SESSION['old_session'] ?? false; + if (!$old_session) + { + \FlashMessage\FlashMessage::push('danger', 'Impossible de récupérer l\'identité originale, vous avez été deconnecté à la place.'); + + return $this->redirect(\descartes\Router::url('Connect', 'logout')); + } + + $user_email = $_SESSION['user']['email']; + $_SESSION = $old_session; + + \FlashMessage\FlashMessage::push('success', 'Vous n\'incarnez plus l\'utilisateur ' . $user_email . '.'); + return $this->redirect(\descartes\Router::url('Dashboard', 'show')); + } } diff --git a/controllers/publics/Connect.php b/controllers/publics/Connect.php index d254b97..8c5faf2 100644 --- a/controllers/publics/Connect.php +++ b/controllers/publics/Connect.php @@ -164,4 +164,5 @@ namespace controllers\publics; return $this->redirect(\descartes\Router::url('Connect', 'login')); } + } diff --git a/controllers/publics/Sended.php b/controllers/publics/Sended.php index 8227e38..4079f19 100644 --- a/controllers/publics/Sended.php +++ b/controllers/publics/Sended.php @@ -53,7 +53,7 @@ namespace controllers\publics; */ public function list_json() { - $entities = $this->internal_sended->list_for_user($_SESSION['user']['id']); + $entities = $this->internal_sended->list_for_user($_SESSION['user']['id'], 10000); foreach ($entities as &$entity) { $entity['destination_formatted'] = \controllers\internals\Tool::phone_link($entity['destination']); diff --git a/controllers/publics/User.php b/controllers/publics/User.php index ab4df63..0581548 100644 --- a/controllers/publics/User.php +++ b/controllers/publics/User.php @@ -18,6 +18,7 @@ class User extends \descartes\Controller { private $internal_user; private $internal_quota; + private $internal_setting; /** * Cette fonction est appelée avant toute les autres : @@ -30,6 +31,7 @@ class User extends \descartes\Controller $bdd = \descartes\Model::_connect(DATABASE_HOST, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD); $this->internal_user = new \controllers\internals\User($bdd); $this->internal_quota = new \controllers\internals\Quota($bdd); + $this->internal_setting = new \controllers\internals\Setting($bdd); \controllers\internals\Tool::verifyconnect(); @@ -407,4 +409,68 @@ class User extends \descartes\Controller return $this->redirect(\descartes\Router::url('User', 'list')); } + + + /** + * Allow an admin to impersonate a user + * @param mixed $csrf + * @param array int $_GET['user_ids'] : Ids of users to impersonate, the array should actually contain one id only, we keep use of array for simpler compatibility in UI + */ + public function impersonate ($csrf) + { + if (!$this->verify_csrf($csrf)) + { + \FlashMessage\FlashMessage::push('danger', 'Jeton CSRF invalid !'); + + return $this->redirect(\descartes\Router::url('User', 'list')); + } + + if (count($_GET['user_ids']) != 1) + { + \FlashMessage\FlashMessage::push('danger', 'Vous devez séléctionner un et un seul utilisateur à incarner !'); + + return $this->redirect(\descartes\Router::url('User', 'list')); + } + + $id_user = (int) $_GET['user_ids'][0]; + + //Check if this user exists + $user = $this->internal_user->get($id_user); + if (!$user) + { + \FlashMessage\FlashMessage::push('danger', 'Cet utilisateur n\'existe pas !'); + + return $this->redirect(\descartes\Router::url('User', 'list')); + } + + $settings = $this->internal_setting->gets_for_user($id_user); + if (!$settings) + { + \FlashMessage\FlashMessage::push('danger', 'Impossible de charger les settings de cet utilisateur !'); + + return $this->redirect(\descartes\Router::url('User', 'list')); + } + + if (\models\User::STATUS_ACTIVE !== $user['status']) + { + \FlashMessage\FlashMessage::push('danger', 'Impossible d\'incarner cet utilisateur car il est actuellement suspendu'); + + return $this->redirect(\descartes\Router::url('User', 'list')); + } + + $user['settings'] = $settings; + + //Save old session to get it back later + $old_session = $_SESSION; + $_SESSION = [ + 'old_session' => $old_session, + 'impersonate' => true, + 'connect' => true, + 'user' => $user, + ]; + + \FlashMessage\FlashMessage::push('success', 'Vous incarnez désormais l\'utilisateur ' . $user['email'] . '.'); + return $this->redirect(\descartes\Router::url('Dashboard', 'show')); + } + } diff --git a/routes.php b/routes.php index a0fab1f..5ddf90b 100644 --- a/routes.php +++ b/routes.php @@ -21,6 +21,7 @@ 'update_api_key' => '/account/update_api_key/{csrf}/', 'delete' => '/account/delete/{csrf}/', 'logout' => '/logout/', + 'stop_impersonate' => '/stop_impersonate/{csrf}/', ], 'Command' => [ @@ -148,6 +149,7 @@ 'edit' => '/user/edit/', 'update' => '/user/update/{csrf}/', 'update_status' => '/user/delete/{status}/{csrf}/', + 'impersonate' => '/user/impersonate/{csrf}/', ], 'Phone' => [ diff --git a/templates/incs/nav.php b/templates/incs/nav.php index a40d176..91e2340 100644 --- a/templates/incs/nav.php +++ b/templates/incs/nav.php @@ -21,7 +21,13 @@
  • - Déconnexion + +
  • > + Ne plus incarner +
    • + + Déconnexion + diff --git a/templates/sended/list.php b/templates/sended/list.php index c7ce818..35d5f17 100644 --- a/templates/sended/list.php +++ b/templates/sended/list.php @@ -31,7 +31,7 @@
    -

    Liste des SMS envoyés

    +

    Liste des SMS envoyés (10 000 derniers SMS maximum)

    diff --git a/templates/user/list.php b/templates/user/list.php index e66c21d..c1d8db3 100644 --- a/templates/user/list.php +++ b/templates/user/list.php @@ -58,6 +58,7 @@ Action pour la séléction : +