X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttAdmin.class.php;h=f5323322e79704e85d954dac2ca2b3e2cd67c1d6;hb=75a1eedb8977b8f2db459128bab9aaf367e3b58b;hp=d0a1b8dc90de68baa45403880510ef6d0978b8f6;hpb=2d3de45e7035c94e64bf54d6e610ac613724b912;p=timetracker.git diff --git a/WEB-INF/lib/ttAdmin.class.php b/WEB-INF/lib/ttAdmin.class.php index d0a1b8dc..f5323322 100644 --- a/WEB-INF/lib/ttAdmin.class.php +++ b/WEB-INF/lib/ttAdmin.class.php @@ -26,20 +26,13 @@ // | https://www.anuko.com/time_tracker/credits.htm // +----------------------------------------------------------------------+ -import('ttUser'); import('ttRoleHelper'); // ttAdmin class is used to perform admin tasks. +// Used as namespace, as it is a collection of static functions that we call +// from admin pages to administer the site as a whole. class ttAdmin { - var $err = null; // Error object, passed to us as reference. - // We use it to communicate errors to caller. - - // Constructor. - function __construct(&$err = null) { - $this->err = $err; - } - // getSubgroups rerurns an array of subgroups for a group. static function getSubgroups($group_id) { $mdb2 = getConnection(); @@ -118,7 +111,7 @@ class ttAdmin { // Mark group deleted. global $user; - $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id; $sql = "update tt_groups set status = null $modified_part where id = $group_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; @@ -133,7 +126,7 @@ class ttAdmin { $mdb2 = getConnection(); global $user; - $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id; // Update group name if it changed. if ($fields['old_group_name'] != $fields['new_group_name']) { @@ -150,64 +143,16 @@ class ttAdmin { $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')'; $name_part = ', name = '.$mdb2->quote($fields['user_name']); $email_part = ', email = '.$mdb2->quote($fields['email']); - $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id; + $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.' where id = '.$user_id; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; return true; } - // validateUserInfo validates account information entered by user. - function validateUserInfo($fields) { - global $i18n; + // updateSelf updates admin account with new information. + static function updateSelf($fields) { global $user; - global $auth; - - $result = true; - - if (!ttValidString($fields['name'])) { - $this->err->add($i18n->get('error.field'), $i18n->get('label.person_name')); - $result = false; - } - if (!ttValidString($fields['login'])) { - $this->err->add($i18n->get('error.field'), $i18n->get('label.login')); - $result = false; - } - // If we change login, it must be unique. - if ($fields['login'] != $user->login) { - if (ttUserHelper::getUserByLogin($fields['login'])) { - $this->err->add($i18n->get('error.user_exists')); - $result = false; - } - } - if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) { - if (!ttValidString($fields['password1'])) { - $this->err->add($i18n->get('error.field'), $i18n->get('label.password')); - $result = false; - } - if (!ttValidString($fields['password2'])) { - $this->err->add($i18n->get('error.field'), $i18n->get('label.confirm_password')); - $result = false; - } - if ($fields['password1'] !== $fields['password2']) { - $this->err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password')); - $result = false; - } - } - if (!ttValidEmail($fields['email'], true)) { - $this->err->add($i18n->get('error.field'), $i18n->get('label.email')); - $result = false; - } - - return $result; - } - - // updateSelf validates user input and updates admin account with new information. - function updateSelf($fields) { - if (!$this->validateUserInfo($fields)) return false; // Can't continue as user input is invalid. - - global $user; - global $i18n; $mdb2 = getConnection(); // Update self. @@ -217,15 +162,10 @@ class ttAdmin { $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')'; $name_part = ', name = '.$mdb2->quote($fields['name']); $email_part = ', email = '.$mdb2->quote($fields['email']); - $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); - $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id; + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id; + $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.' where id = '.$user_id; $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) { - $this->err->add($i18n->get('error.db')); - return false; - } - - return true; + return (!is_a($affected, 'PEAR_Error')); } // getGroupName obtains group name. @@ -249,10 +189,19 @@ class ttAdmin { $result = array(); $mdb2 = getConnection(); + // Note: current code works with properly set top manager (rank 512). + // However, we now allow export and import of subgroups, which seems to work well. + // In this situation, imported role is no longer "Top manager", and this call fails. + // Setting role id manually in database for top user to Top manager resolves the issue. + // + // TODO: assess whether it is safe / reasonable to promote role during export or import. + // The problem is that user having 'export_data' right is not necessarily top user. + // And if we do it by rank, what to do for multiple managers situation? First found? + // Leaving to manual fixing for now. $sql = "select g.name as group_name, u.id as manager_id, u.name as manager_name, u.login as manager_login, u.email as manager_email". " from tt_groups g". " inner join tt_users u on (u.group_id = g.id)". - " inner join tt_roles r on (r.id = u.role_id and r.rank = 512)". + " inner join tt_roles r on (r.id = u.role_id and r.rank = 512)". // Fails for partially imported org. See comment above. " where g.id = $group_id"; $res = $mdb2->query($sql); @@ -282,7 +231,7 @@ class ttAdmin { // Add modified info to sql for some tables, depending on table name. if ($table_name == 'tt_users') { global $user; - $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id; } $sql = "update $table_name set status = null $modified_part where group_id = $group_id"; @@ -296,6 +245,7 @@ class ttAdmin { global $user; $mdb2 = getConnection(); + $group_key = $mdb2->quote(ttRandomString()); $name = $mdb2->quote($fields['group_name']); $currency = $mdb2->quote($fields['currency']); $lang = $mdb2->quote($fields['lang']); @@ -303,8 +253,8 @@ class ttAdmin { $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']); $created_by = $user->id; - $sql = "insert into tt_groups (name, currency, lang, created, created_ip, created_by)". - " values($name, $currency, $lang, $created, $created_ip, $created_by)"; + $sql = "insert into tt_groups (group_key, name, currency, lang, created, created_ip, created_by)". + " values($group_key, $name, $currency, $lang, $created, $created_ip, $created_by)"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false;