180 lines
5.9 KiB
PHP
180 lines
5.9 KiB
PHP
<?php
|
|
defined('BASEPATH') OR exit('No direct script access allowed');
|
|
|
|
class Users extends MY_Controller
|
|
{
|
|
private $availablePermissions;
|
|
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
$this->load->model('UserModel', '', TRUE);
|
|
|
|
$this->availablePermissions = [
|
|
'projects' => [
|
|
'view',
|
|
'create',
|
|
'editOwn',
|
|
'edit',
|
|
'deleteOwn',
|
|
'delete',
|
|
'deleteCategory',
|
|
],
|
|
'blog' => [
|
|
'view',
|
|
'create',
|
|
'editOwn',
|
|
'edit',
|
|
'deleteOwn',
|
|
'delete',
|
|
'deleteOwnFinally',
|
|
'deleteFinally',
|
|
'createCategory',
|
|
'publishNow',
|
|
'publish',
|
|
'publishSelf',
|
|
],
|
|
'file' => [
|
|
'view',
|
|
'upload',
|
|
'uploadManually',
|
|
'delete',
|
|
],
|
|
'redirect' => [
|
|
'view',
|
|
'create',
|
|
'edit',
|
|
'delete',
|
|
],
|
|
'user' => [
|
|
'disableAds',
|
|
'view',
|
|
'viewDetails',
|
|
'changeRank',
|
|
'editPermissions',
|
|
'editOwnRankMembers',
|
|
'ban',
|
|
'warn',
|
|
'deletePost',
|
|
],
|
|
'reports' => [
|
|
'receive',
|
|
],
|
|
'feedback' => [
|
|
'receive',
|
|
'reply',
|
|
],
|
|
'contact' => [
|
|
'view',
|
|
'answer',
|
|
],
|
|
'dashboard' => [
|
|
'view',
|
|
'detailView',
|
|
],
|
|
];
|
|
}
|
|
|
|
public function index()
|
|
{
|
|
$this->neededPermission('user.view');
|
|
|
|
$usersData = $this->UserModel->getUserList(50, 0);
|
|
|
|
$this->load->view('admin/sidebar', ['title' => 'Alle Nutzer']);
|
|
$this->load->view('admin/users', ['users' => $usersData]);
|
|
$this->load->view('admin/footer', ['additionalScripts' => ['admin_users.js']]);
|
|
}
|
|
|
|
public function details($userID = NULL)
|
|
{
|
|
$this->neededPermission('user.viewDetails');
|
|
|
|
if ($userID == NULL) redirect(base_url('admin/users'));
|
|
|
|
$userData = $this->UserModel->getUserByID($userID);
|
|
|
|
if ($userData == null) redirect(base_url('admin/users'));
|
|
$userData = $userData[0];
|
|
|
|
$this->load->view('admin/sidebar', ['title' => 'Details - ' . $userData['displayname']]);
|
|
$this->load->view('admin/user_details', ['user' => $userData]);
|
|
$this->load->view('admin/footer');
|
|
}
|
|
|
|
public function settings($userID = NULL)
|
|
{
|
|
$this->neededPermission('user.viewDetails');
|
|
|
|
if ($userID == NULL) redirect(base_url('admin/users'));
|
|
|
|
$userData = $this->UserModel->getUserByID($userID);
|
|
|
|
if ($userData == null) redirect(base_url('admin/users'));
|
|
$userData = $userData[0];
|
|
|
|
$reload = false;
|
|
|
|
if ($this->hasPermission('user.changeRank') && isset($_POST['rank'])) {
|
|
$rank = intval($_POST['rank']);
|
|
if (($rank < 1) || ($rank > 3 && $rank < 6) || $rank > 10) {
|
|
redirect(base_url(uri_string()));
|
|
}
|
|
// Add entry to history
|
|
$historyData = [
|
|
'ID' => $userID,
|
|
'username' => $userData['username'],
|
|
'displayname' => $userData['displayname'],
|
|
'email' => $userData['email'],
|
|
'rank' => $userData['rank'],
|
|
'profilePicture' => $userData['profilePicture'],
|
|
'headerImage' => $userData['headerImage'],
|
|
'social_networks' => $userData['social_networks'],
|
|
'showAds' => $userData['showAds'],
|
|
'about' => $userData['about'],
|
|
'language' => $userData['language'],
|
|
'country' => $userData['country'],
|
|
'gender' => $userData['gender'],
|
|
'receiveEmails' => $userData['receiveEmails'],
|
|
'receiveNewsletter' => $userData['receiveNewsletter']
|
|
];
|
|
$this->UserModel->insertIntoHistory($historyData);
|
|
// Update profile
|
|
$this->UserModel->updateProfile(['rank' => $rank], $userID);
|
|
|
|
$reload = true;
|
|
}
|
|
|
|
if($this->hasPermission('user.editPermissions') && isset($_POST['permissions'])) {
|
|
$perms = array_keys($_POST['permissions']);
|
|
|
|
foreach ($this->availablePermissions as $group => $permissions) {
|
|
foreach ($permissions as $permission) {
|
|
$userHasPermission = $this->UserModel->hasPermission($userID, $group, $permission);
|
|
|
|
if(in_array($group . $permission, $perms)) { // Permission was given by user
|
|
if(!$userHasPermission) { // Subject hasn't got the permission already
|
|
$this->UserModel->addPermission($userID, $group, $permission, $_SESSION['user']['ID']);
|
|
}
|
|
} else {
|
|
if($userHasPermission) {
|
|
$this->UserModel->revokePermission($userID, $group, $permission);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$reload = true;
|
|
}
|
|
|
|
if($reload) {
|
|
redirect(base_url(uri_string()));
|
|
}
|
|
|
|
$permissions = $this->UserModel->getPermissions($userID);
|
|
|
|
$this->load->view('admin/sidebar', ['title' => 'Nutzer-Einstellungen - ' . $userData['displayname']]);
|
|
$this->load->view('admin/user_settings', ['user' => $userData, 'permissions' => $permissions, 'availablePermissions' => $this->availablePermissions]);
|
|
$this->load->view('admin/footer', ['additionalScripts' => ['user-edit.js']]);
|
|
}
|
|
} |