Added secondary security.
This commit is contained in:
JT Smith
parent
b7512be833
commit
6f8972743e
6 changed files with 275 additions and 46 deletions
|
|
@ -30,28 +30,32 @@ use WebGUI::User;
|
|||
use WebGUI::Utility;
|
||||
|
||||
our @ISA = qw(Exporter);
|
||||
our @EXPORT = qw(&www_editUserKarma &www_editUserKarmaSave &www_editUserGroup &www_editUserProfile &www_editUserProfileSave &www_addUserToGroupSave &www_deleteGrouping &www_editGrouping &www_editGroupingSave &www_becomeUser &www_addUser &www_addUserSave &www_deleteUser &www_deleteUserConfirm &www_editUser &www_editUserSave &www_listUsers);
|
||||
our @EXPORT = qw(&www_editUserKarma &www_editUserKarmaSave &www_editUserGroup &www_editUserProfile &www_editUserProfileSave &www_addUserToGroupSave &www_deleteGrouping &www_editGrouping &www_editGroupingSave &www_becomeUser &www_addUser &www_addUserSave &www_deleteUser &www_deleteUserConfirm &www_editUser &www_editUserSave &www_listUsers &www_addUserSecondary &www_addUserSecondarySave);
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub _submenu {
|
||||
my ($output, %menu);
|
||||
tie %menu, 'Tie::IxHash';
|
||||
$menu{WebGUI::URL::page("op=addUser")} = WebGUI::International::get(169);
|
||||
unless ($session{form}{op} eq "listUsers"
|
||||
|| $session{form}{op} eq "addUser"
|
||||
|| $session{form}{op} eq "deleteUserConfirm") {
|
||||
$menu{WebGUI::URL::page("op=editUser&uid=".$session{form}{uid})} = WebGUI::International::get(457);
|
||||
$menu{WebGUI::URL::page("op=editUserGroup&uid=".$session{form}{uid})} = WebGUI::International::get(458);
|
||||
$menu{WebGUI::URL::page("op=editUserProfile&uid=".$session{form}{uid})} = WebGUI::International::get(459);
|
||||
$menu{WebGUI::URL::page('op=viewProfile&uid='.$session{form}{uid})} = WebGUI::International::get(752);
|
||||
$menu{WebGUI::URL::page('op=becomeUser&uid='.$session{form}{uid})} = WebGUI::International::get(751);
|
||||
$menu{WebGUI::URL::page('op=deleteUser&uid='.$session{form}{uid})} = WebGUI::International::get(750);
|
||||
if ($session{setting}{useKarma}) {
|
||||
$menu{WebGUI::URL::page("op=editUserKarma&uid=".$session{form}{uid})} = WebGUI::International::get(555);
|
||||
if (WebGUI::Privilege::isInGroup(3)) {
|
||||
$menu{WebGUI::URL::page("op=addUser")} = WebGUI::International::get(169);
|
||||
unless ($session{form}{op} eq "listUsers"
|
||||
|| $session{form}{op} eq "addUser"
|
||||
|| $session{form}{op} eq "deleteUserConfirm") {
|
||||
$menu{WebGUI::URL::page("op=editUser&uid=".$session{form}{uid})} = WebGUI::International::get(457);
|
||||
$menu{WebGUI::URL::page("op=editUserGroup&uid=".$session{form}{uid})} = WebGUI::International::get(458);
|
||||
$menu{WebGUI::URL::page("op=editUserProfile&uid=".$session{form}{uid})} = WebGUI::International::get(459);
|
||||
$menu{WebGUI::URL::page('op=viewProfile&uid='.$session{form}{uid})} = WebGUI::International::get(752);
|
||||
$menu{WebGUI::URL::page('op=becomeUser&uid='.$session{form}{uid})} = WebGUI::International::get(751);
|
||||
$menu{WebGUI::URL::page('op=deleteUser&uid='.$session{form}{uid})} = WebGUI::International::get(750);
|
||||
if ($session{setting}{useKarma}) {
|
||||
$menu{WebGUI::URL::page("op=editUserKarma&uid=".$session{form}{uid})} = WebGUI::International::get(555);
|
||||
}
|
||||
}
|
||||
$menu{WebGUI::URL::page("op=listUsers")} = WebGUI::International::get(456);
|
||||
} else {
|
||||
$menu{WebGUI::URL::page("op=addUserSecondary")} = WebGUI::International::get(169);
|
||||
}
|
||||
$menu{WebGUI::URL::page("op=listUsers")} = WebGUI::International::get(456);
|
||||
return menuWrapper($_[0],\%menu);
|
||||
}
|
||||
|
||||
|
|
@ -97,11 +101,10 @@ sub www_addUser {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserSave {
|
||||
my (@groups, $uid, $u, $gid, $encryptedPassword, $cmd);
|
||||
my (@groups, $uid, $u);
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
|
||||
unless ($uid) {
|
||||
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier});
|
||||
$u = WebGUI::User->new("new");
|
||||
$session{form}{uid}=$u->userId;
|
||||
$u->username($session{form}{username});
|
||||
|
|
@ -120,6 +123,52 @@ sub www_addUserSave {
|
|||
}
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserSecondary {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(11));
|
||||
my $output .= '<h1>'.WebGUI::International::get(163).'</h1>';
|
||||
my $f = WebGUI::HTMLForm->new;
|
||||
if ($session{form}{op} eq "addUserSecondarySave") {
|
||||
$output .= '<ul><li>'.WebGUI::International::get(77).' '.$session{form}{username}.'Too or '.$session{form}{username}.'02</ul>';
|
||||
}
|
||||
$f->hidden("op","addUserSecondarySave");
|
||||
$f->text("username",WebGUI::International::get(50),$session{form}{username});
|
||||
$f->email("email",WebGUI::International::get(56));
|
||||
my $options;
|
||||
foreach (@{$session{config}{authMethods}}) {
|
||||
$options->{$_} = $_;
|
||||
}
|
||||
$f->select("authMethod",$options,WebGUI::International::get(164),[$session{setting}{authMethod}]);
|
||||
foreach (@{$session{config}{authMethods}}) {
|
||||
$f->raw(WebGUI::Authentication::adminForm(0,$_));
|
||||
}
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
return _submenu($output);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserSecondarySave {
|
||||
my (@groups, $uid, $u);
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(11));
|
||||
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
|
||||
unless ($uid) {
|
||||
$u = WebGUI::User->new("new");
|
||||
$session{form}{uid}=$u->userId;
|
||||
$u->username($session{form}{username});
|
||||
foreach (@{$session{config}{authMethods}}) {
|
||||
WebGUI::Authentication::adminFormSave($u->userId,$_);
|
||||
}
|
||||
$u->status('Active');
|
||||
$u->authMethod($session{form}{authMethod});
|
||||
$u->profileField("email",$session{form}{email});
|
||||
return _submenu(WebGUI::International::get(978));
|
||||
} else {
|
||||
$session{form}{op} = "addUserSecondary";
|
||||
return www_addUserSecondary();
|
||||
}
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_addUserToGroupSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
|
|
@ -140,15 +189,16 @@ sub www_becomeUser {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_deleteGrouping {
|
||||
my ($u);
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
if (($session{user}{userId} == $session{form}{uid} || $session{form}{uid} == 3) && $session{form}{gid} == 3) {
|
||||
return WebGUI::Privilege::vitalComponent();
|
||||
} else {
|
||||
$u = WebGUI::User->new($session{form}{uid});
|
||||
$u->deleteFromGroups([$session{form}{gid}]);
|
||||
return www_editUserGroup();
|
||||
}
|
||||
my $u = WebGUI::User->new($session{form}{uid});
|
||||
$u->deleteFromGroups([$session{form}{gid}]);
|
||||
if ($session{form}{return} eq "manageUsersInGroup") {
|
||||
return WebGUI::Operation::Group::www_manageUsersInGroup();
|
||||
}
|
||||
return www_editUserGroup();
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -186,18 +236,21 @@ sub www_deleteUserConfirm {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_editGrouping {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
my ($output, $expireDate, $f);
|
||||
$output .= '<h1>'.WebGUI::International::get(370).'</h1>';
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
my $output .= '<h1>'.WebGUI::International::get(370).'</h1>';
|
||||
my $f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("op","editGroupingSave");
|
||||
$f->hidden("uid",$session{form}{uid});
|
||||
$f->hidden("gid",$session{form}{gid});
|
||||
my $u = WebGUI::User->new($session{form}{uid});
|
||||
my $g = WebGUI::Group->new($session{form}{gid});
|
||||
$expireDate = WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid});
|
||||
$f->readOnly($u->username,WebGUI::International::get(50));
|
||||
$f->readOnly($g->name,WebGUI::International::get(84));
|
||||
$f->date("expireDate",WebGUI::International::get(369),$expireDate);
|
||||
$f->date("expireDate",WebGUI::International::get(369),WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid}));
|
||||
$f->yesNo(
|
||||
-name=>"groupAdmin",
|
||||
-label=>WebGUI::International::get(977),
|
||||
-value=>WebGUI::Grouping::userGroupAdmin($session{form}{uid},$session{form}{gid})
|
||||
);
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
return _submenu($output);
|
||||
|
|
@ -207,6 +260,7 @@ sub www_editGrouping {
|
|||
sub www_editGroupingSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
WebGUI::Grouping::userGroupExpireDate($session{form}{uid},$session{form}{gid},setToEpoch($session{form}{expireDate}));
|
||||
WebGUI::Grouping::userGroupAdmin($session{form}{uid},$session{form}{gid},setToEpoch($session{form}{groupAdmin}));
|
||||
return www_editUserGroup();
|
||||
}
|
||||
|
||||
|
|
@ -252,7 +306,7 @@ sub www_editUser {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_editUserSave {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Privilege::isInGroup(3));
|
||||
my ($error, $uid, $u, $encryptedPassword, $passwordStatement, $cmd);
|
||||
my ($error, $uid, $u);
|
||||
($uid) = WebGUI::SQL->quickArray("select userId from users where username=".quote($session{form}{username}));
|
||||
if ($uid == $session{form}{uid} || $uid < 1) {
|
||||
$u = WebGUI::User->new($session{form}{uid});
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue