Archived
1
0
This repository has been archived on 2020-12-10. You can view files and clone it, but cannot push or open issues or pull requests.
old/application/controllers/admin/Users.php

180 lines
5.9 KiB
PHP
Raw Permalink Normal View History

2018-10-16 16:28:42 +00:00
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Users extends MY_Controller
{
private $availablePermissions;
2018-10-16 16:28:42 +00:00
public function __construct()
{
parent::__construct();
$this->load->model('UserModel', '', TRUE);
$this->availablePermissions = [
'projects' => [
'view',
'create',
'editOwn',
'edit',
'deleteOwn',
'delete',
'deleteCategory',
],
'blog' => [
'view',
'create',
'editOwn',
'edit',
'deleteOwn',
'delete',
'deleteOwnFinally',
'deleteFinally',
'createCategory',
'publishNow',
'publish',
'publishSelf',
],
'file' => [
'view',
'upload',
'uploadManually',
'delete',
],
'redirect' => [
'view',
'create',
'edit',
'delete',
],
'user' => [
'disableAds',
'view',
'viewDetails',
'changeRank',
'editPermissions',
2018-12-30 17:35:04 +00:00
'editOwnRankMembers',
'ban',
2018-12-30 17:35:04 +00:00
'warn',
'deletePost',
],
'reports' => [
'receive',
],
'feedback' => [
'receive',
'reply',
],
'contact' => [
'view',
'answer',
],
'dashboard' => [
'view',
2018-12-30 17:35:04 +00:00
'detailView',
],
];
2018-10-16 16:28:42 +00:00
}
public function index()
{
$this->neededPermission('user.view');
2018-10-16 16:28:42 +00:00
$usersData = $this->UserModel->getUserList(50, 0);
$this->load->view('admin/sidebar', ['title' => 'Alle Nutzer']);
$this->load->view('admin/users', ['users' => $usersData]);
$this->load->view('admin/footer', ['additionalScripts' => ['admin_users.js']]);
2018-10-16 16:28:42 +00:00
}
public function details($userID = NULL)
{
$this->neededPermission('user.viewDetails');
2018-10-16 16:28:42 +00:00
if ($userID == NULL) redirect(base_url('admin/users'));
$userData = $this->UserModel->getUserByID($userID);
if ($userData == null) redirect(base_url('admin/users'));
$userData = $userData[0];
$this->load->view('admin/sidebar', ['title' => 'Details - ' . $userData['displayname']]);
$this->load->view('admin/user_details', ['user' => $userData]);
$this->load->view('admin/footer');
}
public function settings($userID = NULL)
{
$this->neededPermission('user.viewDetails');
2018-10-16 16:28:42 +00:00
if ($userID == NULL) redirect(base_url('admin/users'));
$userData = $this->UserModel->getUserByID($userID);
if ($userData == null) redirect(base_url('admin/users'));
$userData = $userData[0];
$reload = false;
if ($this->hasPermission('user.changeRank') && isset($_POST['rank'])) {
2018-10-16 16:28:42 +00:00
$rank = intval($_POST['rank']);
if (($rank < 1) || ($rank > 3 && $rank < 6) || $rank > 10) {
redirect(base_url(uri_string()));
}
// Add entry to history
$historyData = [
'ID' => $userID,
'username' => $userData['username'],
'displayname' => $userData['displayname'],
'email' => $userData['email'],
'rank' => $userData['rank'],
'profilePicture' => $userData['profilePicture'],
'headerImage' => $userData['headerImage'],
2018-10-16 16:28:42 +00:00
'social_networks' => $userData['social_networks'],
'showAds' => $userData['showAds'],
'about' => $userData['about'],
'language' => $userData['language'],
'country' => $userData['country'],
'gender' => $userData['gender'],
'receiveEmails' => $userData['receiveEmails'],
'receiveNewsletter' => $userData['receiveNewsletter']
];
$this->UserModel->insertIntoHistory($historyData);
// Update profile
$this->UserModel->updateProfile(['rank' => $rank], $userID);
$reload = true;
}
if($this->hasPermission('user.editPermissions') && isset($_POST['permissions'])) {
$perms = array_keys($_POST['permissions']);
foreach ($this->availablePermissions as $group => $permissions) {
foreach ($permissions as $permission) {
$userHasPermission = $this->UserModel->hasPermission($userID, $group, $permission);
if(in_array($group . $permission, $perms)) { // Permission was given by user
if(!$userHasPermission) { // Subject hasn't got the permission already
$this->UserModel->addPermission($userID, $group, $permission, $_SESSION['user']['ID']);
}
} else {
if($userHasPermission) {
$this->UserModel->revokePermission($userID, $group, $permission);
}
}
}
}
$reload = true;
}
if($reload) {
2018-10-16 16:28:42 +00:00
redirect(base_url(uri_string()));
}
$permissions = $this->UserModel->getPermissions($userID);
2018-10-16 16:28:42 +00:00
$this->load->view('admin/sidebar', ['title' => 'Nutzer-Einstellungen - ' . $userData['displayname']]);
$this->load->view('admin/user_settings', ['user' => $userData, 'permissions' => $permissions, 'availablePermissions' => $this->availablePermissions]);
$this->load->view('admin/footer', ['additionalScripts' => ['user-edit.js']]);
2018-10-16 16:28:42 +00:00
}
}