load->model('UserModel', '', TRUE); $this->availablePermissions = [ 'projects' => [ 'view', 'create', 'editOwn', 'edit', 'deleteOwn', 'delete', 'deleteCategory', ], 'blog' => [ 'view', 'create', 'editOwn', 'edit', 'deleteOwn', 'delete', 'deleteOwnFinally', 'deleteFinally', 'createCategory', 'publishNow', 'publish', 'publishSelf', ], 'file' => [ 'view', 'upload', 'uploadManually', 'delete', ], 'redirect' => [ 'view', 'create', 'edit', 'delete', ], 'user' => [ 'disableAds', 'view', 'viewDetails', 'changeRank', 'editPermissions', 'editOwnRankMembers', 'ban', 'warn', 'deletePost', ], 'reports' => [ 'receive', ], 'feedback' => [ 'receive', 'reply', ], 'contact' => [ 'view', 'answer', ], 'dashboard' => [ 'view', 'detailView', ], ]; } public function index() { $this->neededPermission('user.view'); $usersData = $this->UserModel->getUserList(50, 0); $this->load->view('admin/sidebar', ['title' => 'Alle Nutzer']); $this->load->view('admin/users', ['users' => $usersData]); $this->load->view('admin/footer', ['additionalScripts' => ['admin_users.js']]); } public function details($userID = NULL) { $this->neededPermission('user.viewDetails'); if ($userID == NULL) redirect(base_url('admin/users')); $userData = $this->UserModel->getUserByID($userID); if ($userData == null) redirect(base_url('admin/users')); $userData = $userData[0]; $this->load->view('admin/sidebar', ['title' => 'Details - ' . $userData['displayname']]); $this->load->view('admin/user_details', ['user' => $userData]); $this->load->view('admin/footer'); } public function settings($userID = NULL) { $this->neededPermission('user.viewDetails'); if ($userID == NULL) redirect(base_url('admin/users')); $userData = $this->UserModel->getUserByID($userID); if ($userData == null) redirect(base_url('admin/users')); $userData = $userData[0]; $reload = false; if ($this->hasPermission('user.changeRank') && isset($_POST['rank'])) { $rank = intval($_POST['rank']); if (($rank < 1) || ($rank > 3 && $rank < 6) || $rank > 10) { redirect(base_url(uri_string())); } // Add entry to history $historyData = [ 'ID' => $userID, 'username' => $userData['username'], 'displayname' => $userData['displayname'], 'email' => $userData['email'], 'rank' => $userData['rank'], 'profilePicture' => $userData['profilePicture'], 'headerImage' => $userData['headerImage'], 'social_networks' => $userData['social_networks'], 'showAds' => $userData['showAds'], 'about' => $userData['about'], 'language' => $userData['language'], 'country' => $userData['country'], 'gender' => $userData['gender'], 'receiveEmails' => $userData['receiveEmails'], 'receiveNewsletter' => $userData['receiveNewsletter'] ]; $this->UserModel->insertIntoHistory($historyData); // Update profile $this->UserModel->updateProfile(['rank' => $rank], $userID); $reload = true; } if($this->hasPermission('user.editPermissions') && isset($_POST['permissions'])) { $perms = array_keys($_POST['permissions']); foreach ($this->availablePermissions as $group => $permissions) { foreach ($permissions as $permission) { $userHasPermission = $this->UserModel->hasPermission($userID, $group, $permission); if(in_array($group . $permission, $perms)) { // Permission was given by user if(!$userHasPermission) { // Subject hasn't got the permission already $this->UserModel->addPermission($userID, $group, $permission, $_SESSION['user']['ID']); } } else { if($userHasPermission) { $this->UserModel->revokePermission($userID, $group, $permission); } } } } $reload = true; } if($reload) { redirect(base_url(uri_string())); } $permissions = $this->UserModel->getPermissions($userID); $this->load->view('admin/sidebar', ['title' => 'Nutzer-Einstellungen - ' . $userData['displayname']]); $this->load->view('admin/user_settings', ['user' => $userData, 'permissions' => $permissions, 'availablePermissions' => $this->availablePermissions]); $this->load->view('admin/footer', ['additionalScripts' => ['user-edit.js']]); } }