Added secondary security.
This commit is contained in:
JT Smith
parent
b7512be833
commit
6f8972743e
6 changed files with 275 additions and 46 deletions
|
|
@ -38,6 +38,7 @@ This package provides an interface for managing WebGUI user and group groupings.
|
|||
$arrayRef = WebGUI::Grouping::getGroupsForUser($userId);
|
||||
$arrayRef = WebGUI::Grouping::getGroupsInGroup($groupId);
|
||||
$arrayRef = WebGUI::Grouping::getUsersInGroup($groupId);
|
||||
$yesNo = WebGUI::Grouping::userGroupAdmin($userId,$groupId);
|
||||
$epoch = WebGUI::Grouping::userGroupExpireDate($userId,$groupId);
|
||||
|
||||
=head1 METHODS
|
||||
|
|
@ -295,6 +296,40 @@ sub getUsersInGroup {
|
|||
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 userGroupAdmin ( userId, groupId [, value ] )
|
||||
|
||||
Returns a 1 or 0 depending upon whether the user is a sub-admin for this group.
|
||||
|
||||
=over
|
||||
|
||||
=item userId
|
||||
|
||||
An integer that is the unique identifier for a user.
|
||||
|
||||
=item groupId
|
||||
|
||||
An integer that is the unique identifier for a group.
|
||||
|
||||
=item value
|
||||
|
||||
If specified the admin flag will be set to this value.
|
||||
|
||||
=back
|
||||
|
||||
=cut
|
||||
|
||||
sub userGroupAdmin {
|
||||
if ($_[2]) {
|
||||
WebGUI::SQL->write("update groupings set groupAdmin=$_[2] where groupId=$_[1] and userId=$_[0]");
|
||||
return $_[2];
|
||||
} else {
|
||||
my ($admin) = WebGUI::SQL->quickArray("select groupAdmin from groupings where groupId=$_[1] and userId=$_[0]");
|
||||
return $admin;
|
||||
}
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 userGroupExpireDate ( userId, groupId [, epoch ] )
|
||||
|
|
|
|||
|
|
@ -105,12 +105,18 @@ sub process {
|
|||
WebGUI::URL::page('op=listGroups')=>WebGUI::International::get(5),
|
||||
WebGUI::URL::page('op=manageSettings')=>WebGUI::International::get(4),
|
||||
WebGUI::URL::page('op=listUsers')=>WebGUI::International::get(7),
|
||||
WebGUI::URL::page('op=listRoots')=>WebGUI::International::get(410),
|
||||
WebGUI::URL::page('op=viewStatistics')=>WebGUI::International::get(144)
|
||||
);
|
||||
}
|
||||
} elsif (WebGUI::Privilege::isInGroup(11)) {
|
||||
%hash = (
|
||||
WebGUI::URL::page('op=listGroupsSecondary')=>WebGUI::International::get(5),
|
||||
WebGUI::URL::page('op=addUserSecondary')=>WebGUI::International::get(169),
|
||||
%hash
|
||||
);
|
||||
}
|
||||
if (WebGUI::Privilege::isInGroup(4)) {
|
||||
%hash = (
|
||||
WebGUI::URL::page('op=listRoots')=>WebGUI::International::get(410),
|
||||
'http://validator.w3.org/check?uri=http%3A%2F%2F'.$session{env}{SERVER_NAME}.
|
||||
WebGUI::URL::page()=>WebGUI::International::get(399),
|
||||
WebGUI::URL::page('op=manageClipboard')=>WebGUI::International::get(949),
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ our @EXPORT = qw(&www_viewMessageLogMessage &www_viewThreadSubscriptions &www_vi
|
|||
sub _accountOptions {
|
||||
my ($output);
|
||||
$output = '<div class="accountOptions"><ul>';
|
||||
if (WebGUI::Privilege::isInGroup(4) || WebGUI::Privilege::isInGroup(5) || WebGUI::Privilege::isInGroup(6) || WebGUI::Privilege::isInGroup(8)) {
|
||||
if (WebGUI::Privilege::isInGroup(4) || WebGUI::Privilege::isInGroup(5) || WebGUI::Privilege::isInGroup(6) || WebGUI::Privilege::isInGroup(8) || WebGUI::Privilege::isInGroup(9) || WebGUI::Privilege::isInGroup(10) || WebGUI::Privilege::isInGroup(11)) {
|
||||
if ($session{var}{adminOn}) {
|
||||
$output .= '<li><a href="'.WebGUI::URL::page('op=switchOffAdmin').'">'.
|
||||
WebGUI::International::get(12).'</a>';
|
||||
|
|
@ -100,6 +100,7 @@ sub _validateProfileData {
|
|||
return (\%data, $error);
|
||||
}
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_createAccount {
|
||||
my ($output, %language, @array,
|
||||
|
|
|
|||
|
|
@ -32,35 +32,64 @@ use WebGUI::Utility;
|
|||
our @ISA = qw(Exporter);
|
||||
our @EXPORT = qw(&www_manageUsersInGroup &www_deleteGroup &www_deleteGroupConfirm &www_editGroup
|
||||
&www_editGroupSave &www_listGroups &www_emailGroup &www_emailGroupSend &www_manageGroupsInGroup
|
||||
&www_addGroupsToGroupSave &www_deleteGroupGrouping &www_autoAddToGroup &www_autoDeleteFromGroup);
|
||||
&www_addGroupsToGroupSave &www_deleteGroupGrouping &www_autoAddToGroup &www_autoDeleteFromGroup
|
||||
&www_listGroupsSecondary &www_manageUsersInGroupSecondary &www_addUsersToGroupSave &www_addUsersToGroupSecondarySave
|
||||
&www_deleteGroupingSecondary);
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub _hasSecondaryPrivilege {
|
||||
return 0 unless (WebGUI::Privilege::isInGroup(11));
|
||||
return WebGUI::Grouping::userGroupAdmin($session{user}{userId},$_[0]);
|
||||
}
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub _submenu {
|
||||
my ($output, %menu);
|
||||
tie %menu, 'Tie::IxHash';
|
||||
$menu{WebGUI::URL::page('op=editGroup&gid=new')} = WebGUI::International::get(90);
|
||||
unless ($session{form}{op} eq "listGroups"
|
||||
|| $session{form}{gid} eq "new"
|
||||
|| $session{form}{op} eq "deleteGroupConfirm") {
|
||||
$menu{WebGUI::URL::page("op=editGroup&gid=".$session{form}{gid})} = WebGUI::International::get(753);
|
||||
$menu{WebGUI::URL::page("op=manageUsersInGroup&gid=".$session{form}{gid})} = WebGUI::International::get(754);
|
||||
$menu{WebGUI::URL::page("op=manageGroupsInGroup&gid=".$session{form}{gid})} = WebGUI::International::get(807);
|
||||
$menu{WebGUI::URL::page("op=emailGroup&gid=".$session{form}{gid})} = WebGUI::International::get(808);
|
||||
$menu{WebGUI::URL::page("op=deleteGroup&gid=".$session{form}{gid})} = WebGUI::International::get(806);
|
||||
}
|
||||
$menu{WebGUI::URL::page("op=listGroups")} = WebGUI::International::get(756);
|
||||
if (WebGUI::Privilege::isInGroup(3)) {
|
||||
$menu{WebGUI::URL::page('op=editGroup&gid=new')} = WebGUI::International::get(90);
|
||||
unless ($session{form}{op} eq "listGroups"
|
||||
|| $session{form}{gid} eq "new"
|
||||
|| $session{form}{op} eq "deleteGroupConfirm") {
|
||||
$menu{WebGUI::URL::page("op=editGroup&gid=".$session{form}{gid})} = WebGUI::International::get(753);
|
||||
$menu{WebGUI::URL::page("op=manageUsersInGroup&gid=".$session{form}{gid})} = WebGUI::International::get(754);
|
||||
$menu{WebGUI::URL::page("op=manageGroupsInGroup&gid=".$session{form}{gid})} = WebGUI::International::get(807);
|
||||
$menu{WebGUI::URL::page("op=emailGroup&gid=".$session{form}{gid})} = WebGUI::International::get(808);
|
||||
$menu{WebGUI::URL::page("op=deleteGroup&gid=".$session{form}{gid})} = WebGUI::International::get(806);
|
||||
}
|
||||
$menu{WebGUI::URL::page("op=listGroups")} = WebGUI::International::get(756);
|
||||
} else {
|
||||
$menu{WebGUI::URL::page("op=listGroupsSecondary")} = WebGUI::International::get(756);
|
||||
}
|
||||
return menuWrapper($_[0],\%menu);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addGroupsToGroupSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
my (@groups, $group);
|
||||
@groups = $session{cgi}->param('groups');
|
||||
my @groups = $session{cgi}->param('groups');
|
||||
WebGUI::Grouping::addGroupsToGroups(\@groups,[$session{form}{gid}]);
|
||||
return www_manageGroupsInGroup();
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUsersToGroupSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
my @users = $session{cgi}->param('users');
|
||||
WebGUI::Grouping::addUsersToGroups(\@users,[$session{form}{gid}]);
|
||||
return www_manageUsersInGroup();
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUsersToGroupSecondarySave {
|
||||
return WebGUI::Privilege::adminOnly() unless _hasSecondaryPrivilege($session{form}{gid});
|
||||
my @users = $session{cgi}->param('users');
|
||||
WebGUI::Grouping::addUsersToGroups(\@users,[$session{form}{gid}]);
|
||||
return www_manageUsersInGroupSecondary();
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_autoAddToGroup {
|
||||
return WebGUI::Privilege::insufficient() unless ($session{user}{userId} != 1);
|
||||
|
|
@ -112,6 +141,16 @@ sub www_deleteGroupGrouping {
|
|||
return www_manageGroupsInGroup();
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_deleteGroupingSecondary {
|
||||
return WebGUI::Privilege::adminOnly() unless _hasSecondaryPrivilege($session{form}{gid});
|
||||
if ($session{user}{userId} == $session{form}{uid}) {
|
||||
return WebGUI::Privilege::vitalComponent();
|
||||
}
|
||||
WebGUI::Grouping::deleteUsersFromGroups([$session{form}{uid}],[$session{form}{gid}]);
|
||||
return www_manageUsersInGroupSecondary();
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_editGroup {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
|
|
@ -273,6 +312,37 @@ sub www_listGroups {
|
|||
return _submenu($output);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_listGroupsSecondary {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(11));
|
||||
my ($output, $p, $sth, @data, @row, $i, $userCount);
|
||||
$output .= '<h1>'.WebGUI::International::get(89).'</h1>';
|
||||
my @editableGroups = WebGUI::SQL->buildArray("select groupId from groupings where userId=$session{user}{userId} and groupAdmin=1");
|
||||
push (@editableGroups,0);
|
||||
$sth = WebGUI::SQL->read("select groupId,groupName,description from groups
|
||||
where groupId in (".join(",",@editableGroups).") order by groupName");
|
||||
while (@data = $sth->array) {
|
||||
$row[$i] = '<tr>';
|
||||
$row[$i] .= '<td valign="top" class="tableData"><a href="'
|
||||
.WebGUI::URL::page('op=manageUsersInGroupSecondary&gid='.$data[0]).'">'.$data[1].'</td>';
|
||||
$row[$i] .= '<td valign="top" class="tableData">'.$data[2].'</td>';
|
||||
($userCount) = WebGUI::SQL->quickArray("select count(*) from groupings where groupId=$data[0]");
|
||||
$row[$i] .= '<td valign="top" class="tableData">'.$userCount.'</td></tr>';
|
||||
$row[$i] .= '</tr>';
|
||||
$i++;
|
||||
}
|
||||
$sth->finish;
|
||||
$p = WebGUI::Paginator->new(WebGUI::URL::page('op=listGroupsSecondary'),\@row);
|
||||
$output .= '<table border=1 cellpadding=5 cellspacing=0 align="center">';
|
||||
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(84).'</td><td class="tableHeader">'
|
||||
.WebGUI::International::get(85).'</td><td class="tableHeader">'
|
||||
.WebGUI::International::get(748).'</td></tr>';
|
||||
$output .= $p->getPage($session{form}{pn});
|
||||
$output .= '</table>';
|
||||
$output .= $p->getBarTraditional($session{form}{pn});
|
||||
return _submenu($output);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_manageGroupsInGroup {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
|
|
@ -316,7 +386,22 @@ sub www_manageUsersInGroup {
|
|||
my ($output, $sth, %hash);
|
||||
tie %hash, 'Tie::CPHash';
|
||||
$output = '<h1>'.WebGUI::International::get(88).'</h1>';
|
||||
$output .= '<table align="center" border="1" cellpadding="2" cellspacing="0"><tr><td class="tableHeader"> </td>
|
||||
my $f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("gid",$session{form}{gid});
|
||||
$f->hidden("op","addUsersToGroupSave");
|
||||
my $existingUsers = WebGUI::Grouping::getUsersInGroup($session{form}{gid});
|
||||
push(@{$existingUsers},"1");
|
||||
my $users = WebGUI::SQL->buildHashRef("select userId,username from users where status='Active' and userId not in (".join(",",@{$existingUsers}).")");
|
||||
$f->selectList(
|
||||
-name=>"users",
|
||||
-label=>WebGUI::International::get(976),
|
||||
-options=>$users,
|
||||
-multiple=>1,
|
||||
-size=>7
|
||||
);
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
$output .= '<table border="1" cellpadding="2" cellspacing="0"><tr><td class="tableHeader"> </td>
|
||||
<td class="tableHeader">'.WebGUI::International::get(50).'</td>
|
||||
<td class="tableHeader">'.WebGUI::International::get(369).'</td></tr>';
|
||||
$sth = WebGUI::SQL->read("select users.username,users.userId,groupings.expireDate
|
||||
|
|
@ -324,7 +409,7 @@ sub www_manageUsersInGroup {
|
|||
order by users.username");
|
||||
while (%hash = $sth->hash) {
|
||||
$output .= '<tr><td>'
|
||||
.deleteIcon('op=deleteGrouping&uid='.$hash{userId}.'&gid='.$session{form}{gid})
|
||||
.deleteIcon('op=deleteGrouping&return=manageUsersInGroup&uid='.$hash{userId}.'&gid='.$session{form}{gid})
|
||||
.editIcon('op=editGrouping&uid='.$hash{userId}.'&gid='.$session{form}{gid})
|
||||
.'</td>';
|
||||
$output .= '<td class="tableData"><a href="'.WebGUI::URL::page('op=editUser&uid='.$hash{userId}).'">'
|
||||
|
|
@ -336,6 +421,47 @@ sub www_manageUsersInGroup {
|
|||
return _submenu($output);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_manageUsersInGroupSecondary {
|
||||
return WebGUI::Privilege::adminOnly() unless _hasSecondaryPrivilege($session{form}{gid});
|
||||
my ($output, $sth, %hash);
|
||||
tie %hash, 'Tie::CPHash';
|
||||
$output = '<h1>'.WebGUI::International::get(88).'</h1>';
|
||||
my $f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("gid",$session{form}{gid});
|
||||
$f->hidden("op","addUsersToGroupSecondarySave");
|
||||
my $existingUsers = WebGUI::Grouping::getUsersInGroup($session{form}{gid});
|
||||
push(@{$existingUsers},"1");
|
||||
push(@{$existingUsers},"3");
|
||||
my $users = WebGUI::SQL->buildHashRef("select userId,username from users where status='Active' and userId not in (".join(",",@{$existingUsers}).")");
|
||||
$f->selectList(
|
||||
-name=>"users",
|
||||
-label=>WebGUI::International::get(976),
|
||||
-options=>$users,
|
||||
-multiple=>1,
|
||||
-size=>7
|
||||
);
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
$output .= '<table border="1" cellpadding="2" cellspacing="0"><tr><td class="tableHeader"> </td>
|
||||
<td class="tableHeader">'.WebGUI::International::get(50).'</td>
|
||||
<td class="tableHeader">'.WebGUI::International::get(369).'</td></tr>';
|
||||
$sth = WebGUI::SQL->read("select users.username,users.userId,groupings.expireDate
|
||||
from groupings,users where groupings.groupId=$session{form}{gid} and groupings.userId=users.userId
|
||||
order by users.username");
|
||||
while (%hash = $sth->hash) {
|
||||
$output .= '<tr><td>'
|
||||
.deleteIcon('op=deleteGroupingSecondary&uid='.$hash{userId}.'&gid='.$session{form}{gid})
|
||||
.'</td>';
|
||||
$output .= '<td class="tableData"><a href="'.WebGUI::URL::page('op=editUser&uid='.$hash{userId}).'">'
|
||||
.$hash{username}.'</a></td>';
|
||||
$output .= '<td class="tableData">'.epochToHuman($hash{expireDate},"%z").'</td></tr>';
|
||||
}
|
||||
$sth->finish;
|
||||
$output .= '</table>';
|
||||
return _submenu($output);
|
||||
}
|
||||
|
||||
|
||||
|
||||
1;
|
||||
|
|
|
|||
|
|
@ -30,28 +30,32 @@ use WebGUI::User;
|
|||
use WebGUI::Utility;
|
||||
|
||||
our @ISA = qw(Exporter);
|
||||
our @EXPORT = qw(&www_editUserKarma &www_editUserKarmaSave &www_editUserGroup &www_editUserProfile &www_editUserProfileSave &www_addUserToGroupSave &www_deleteGrouping &www_editGrouping &www_editGroupingSave &www_becomeUser &www_addUser &www_addUserSave &www_deleteUser &www_deleteUserConfirm &www_editUser &www_editUserSave &www_listUsers);
|
||||
our @EXPORT = qw(&www_editUserKarma &www_editUserKarmaSave &www_editUserGroup &www_editUserProfile &www_editUserProfileSave &www_addUserToGroupSave &www_deleteGrouping &www_editGrouping &www_editGroupingSave &www_becomeUser &www_addUser &www_addUserSave &www_deleteUser &www_deleteUserConfirm &www_editUser &www_editUserSave &www_listUsers &www_addUserSecondary &www_addUserSecondarySave);
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub _submenu {
|
||||
my ($output, %menu);
|
||||
tie %menu, 'Tie::IxHash';
|
||||
$menu{WebGUI::URL::page("op=addUser")} = WebGUI::International::get(169);
|
||||
unless ($session{form}{op} eq "listUsers"
|
||||
|| $session{form}{op} eq "addUser"
|
||||
|| $session{form}{op} eq "deleteUserConfirm") {
|
||||
$menu{WebGUI::URL::page("op=editUser&uid=".$session{form}{uid})} = WebGUI::International::get(457);
|
||||
$menu{WebGUI::URL::page("op=editUserGroup&uid=".$session{form}{uid})} = WebGUI::International::get(458);
|
||||
$menu{WebGUI::URL::page("op=editUserProfile&uid=".$session{form}{uid})} = WebGUI::International::get(459);
|
||||
$menu{WebGUI::URL::page('op=viewProfile&uid='.$session{form}{uid})} = WebGUI::International::get(752);
|
||||
$menu{WebGUI::URL::page('op=becomeUser&uid='.$session{form}{uid})} = WebGUI::International::get(751);
|
||||
$menu{WebGUI::URL::page('op=deleteUser&uid='.$session{form}{uid})} = WebGUI::International::get(750);
|
||||
if ($session{setting}{useKarma}) {
|
||||
$menu{WebGUI::URL::page("op=editUserKarma&uid=".$session{form}{uid})} = WebGUI::International::get(555);
|
||||
if (WebGUI::Privilege::isInGroup(3)) {
|
||||
$menu{WebGUI::URL::page("op=addUser")} = WebGUI::International::get(169);
|
||||
unless ($session{form}{op} eq "listUsers"
|
||||
|| $session{form}{op} eq "addUser"
|
||||
|| $session{form}{op} eq "deleteUserConfirm") {
|
||||
$menu{WebGUI::URL::page("op=editUser&uid=".$session{form}{uid})} = WebGUI::International::get(457);
|
||||
$menu{WebGUI::URL::page("op=editUserGroup&uid=".$session{form}{uid})} = WebGUI::International::get(458);
|
||||
$menu{WebGUI::URL::page("op=editUserProfile&uid=".$session{form}{uid})} = WebGUI::International::get(459);
|
||||
$menu{WebGUI::URL::page('op=viewProfile&uid='.$session{form}{uid})} = WebGUI::International::get(752);
|
||||
$menu{WebGUI::URL::page('op=becomeUser&uid='.$session{form}{uid})} = WebGUI::International::get(751);
|
||||
$menu{WebGUI::URL::page('op=deleteUser&uid='.$session{form}{uid})} = WebGUI::International::get(750);
|
||||
if ($session{setting}{useKarma}) {
|
||||
$menu{WebGUI::URL::page("op=editUserKarma&uid=".$session{form}{uid})} = WebGUI::International::get(555);
|
||||
}
|
||||
}
|
||||
$menu{WebGUI::URL::page("op=listUsers")} = WebGUI::International::get(456);
|
||||
} else {
|
||||
$menu{WebGUI::URL::page("op=addUserSecondary")} = WebGUI::International::get(169);
|
||||
}
|
||||
$menu{WebGUI::URL::page("op=listUsers")} = WebGUI::International::get(456);
|
||||
return menuWrapper($_[0],\%menu);
|
||||
}
|
||||
|
||||
|
|
@ -97,11 +101,10 @@ sub www_addUser {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserSave {
|
||||
my (@groups, $uid, $u, $gid, $encryptedPassword, $cmd);
|
||||
my (@groups, $uid, $u);
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
|
||||
unless ($uid) {
|
||||
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier});
|
||||
$u = WebGUI::User->new("new");
|
||||
$session{form}{uid}=$u->userId;
|
||||
$u->username($session{form}{username});
|
||||
|
|
@ -120,6 +123,52 @@ sub www_addUserSave {
|
|||
}
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserSecondary {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(11));
|
||||
my $output .= '<h1>'.WebGUI::International::get(163).'</h1>';
|
||||
my $f = WebGUI::HTMLForm->new;
|
||||
if ($session{form}{op} eq "addUserSecondarySave") {
|
||||
$output .= '<ul><li>'.WebGUI::International::get(77).' '.$session{form}{username}.'Too or '.$session{form}{username}.'02</ul>';
|
||||
}
|
||||
$f->hidden("op","addUserSecondarySave");
|
||||
$f->text("username",WebGUI::International::get(50),$session{form}{username});
|
||||
$f->email("email",WebGUI::International::get(56));
|
||||
my $options;
|
||||
foreach (@{$session{config}{authMethods}}) {
|
||||
$options->{$_} = $_;
|
||||
}
|
||||
$f->select("authMethod",$options,WebGUI::International::get(164),[$session{setting}{authMethod}]);
|
||||
foreach (@{$session{config}{authMethods}}) {
|
||||
$f->raw(WebGUI::Authentication::adminForm(0,$_));
|
||||
}
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
return _submenu($output);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserSecondarySave {
|
||||
my (@groups, $uid, $u);
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(11));
|
||||
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
|
||||
unless ($uid) {
|
||||
$u = WebGUI::User->new("new");
|
||||
$session{form}{uid}=$u->userId;
|
||||
$u->username($session{form}{username});
|
||||
foreach (@{$session{config}{authMethods}}) {
|
||||
WebGUI::Authentication::adminFormSave($u->userId,$_);
|
||||
}
|
||||
$u->status('Active');
|
||||
$u->authMethod($session{form}{authMethod});
|
||||
$u->profileField("email",$session{form}{email});
|
||||
return _submenu(WebGUI::International::get(978));
|
||||
} else {
|
||||
$session{form}{op} = "addUserSecondary";
|
||||
return www_addUserSecondary();
|
||||
}
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserToGroupSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
|
|
@ -140,15 +189,16 @@ sub www_becomeUser {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_deleteGrouping {
|
||||
my ($u);
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
if (($session{user}{userId} == $session{form}{uid} || $session{form}{uid} == 3) && $session{form}{gid} == 3) {
|
||||
return WebGUI::Privilege::vitalComponent();
|
||||
} else {
|
||||
$u = WebGUI::User->new($session{form}{uid});
|
||||
$u->deleteFromGroups([$session{form}{gid}]);
|
||||
return www_editUserGroup();
|
||||
}
|
||||
my $u = WebGUI::User->new($session{form}{uid});
|
||||
$u->deleteFromGroups([$session{form}{gid}]);
|
||||
if ($session{form}{return} eq "manageUsersInGroup") {
|
||||
return WebGUI::Operation::Group::www_manageUsersInGroup();
|
||||
}
|
||||
return www_editUserGroup();
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -186,18 +236,21 @@ sub www_deleteUserConfirm {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_editGrouping {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
my ($output, $expireDate, $f);
|
||||
$output .= '<h1>'.WebGUI::International::get(370).'</h1>';
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
my $output .= '<h1>'.WebGUI::International::get(370).'</h1>';
|
||||
my $f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("op","editGroupingSave");
|
||||
$f->hidden("uid",$session{form}{uid});
|
||||
$f->hidden("gid",$session{form}{gid});
|
||||
my $u = WebGUI::User->new($session{form}{uid});
|
||||
my $g = WebGUI::Group->new($session{form}{gid});
|
||||
$expireDate = WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid});
|
||||
$f->readOnly($u->username,WebGUI::International::get(50));
|
||||
$f->readOnly($g->name,WebGUI::International::get(84));
|
||||
$f->date("expireDate",WebGUI::International::get(369),$expireDate);
|
||||
$f->date("expireDate",WebGUI::International::get(369),WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid}));
|
||||
$f->yesNo(
|
||||
-name=>"groupAdmin",
|
||||
-label=>WebGUI::International::get(977),
|
||||
-value=>WebGUI::Grouping::userGroupAdmin($session{form}{uid},$session{form}{gid})
|
||||
);
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
return _submenu($output);
|
||||
|
|
@ -207,6 +260,7 @@ sub www_editGrouping {
|
|||
sub www_editGroupingSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid},setToEpoch($session{form}{expireDate}));
|
||||
WebGUI::Grouping::userGroupAdmin($session{form}{uid},$session{form}{gid},setToEpoch($session{form}{groupAdmin}));
|
||||
return www_editUserGroup();
|
||||
}
|
||||
|
||||
|
|
@ -252,7 +306,7 @@ sub www_editUser {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_editUserSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
my ($error, $uid, $u, $encryptedPassword, $passwordStatement, $cmd);
|
||||
my ($error, $uid, $u);
|
||||
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
|
||||
if ($uid == $session{form}{uid} || $uid < 1) {
|
||||
$u = WebGUI::User->new($session{form}{uid});
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue