From afb1ca7aaa68c5b34da82ed58b7e06df1c1525ab Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Thu, 22 Mar 2018 18:21:35 +0000 Subject: [PATCH] A bit more refactoring for admin. --- WEB-INF/lib/ttAdmin.class.php | 34 ++++++++++++++-- WEB-INF/lib/ttRegistrator.class.php | 40 +++++++++++++------ WEB-INF/templates/footer.tpl | 2 +- admin_team_add.php | 61 ++++++++++++----------------- 4 files changed, 85 insertions(+), 52 deletions(-) diff --git a/WEB-INF/lib/ttAdmin.class.php b/WEB-INF/lib/ttAdmin.class.php index e054547d..d6b9696a 100644 --- a/WEB-INF/lib/ttAdmin.class.php +++ b/WEB-INF/lib/ttAdmin.class.php @@ -237,12 +237,14 @@ class ttAdmin { function updateTeam($team_id, $fields) { if (!$this->validateTeamInfo($fields)) return false; // Can't continue as user input is invalid. + global $user; $mdb2 = getConnection(); // Update group name if it changed. if ($fields['old_group_name'] != $fields['new_group_name']) { - $name = $mdb2->quote($fields['new_group_name']); - $sql = "update tt_teams set name = $name where id = $team_id"; + $name_part = 'name = '.$mdb2->quote($fields['new_group_name']); + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); + $sql = 'update tt_teams set '.$name_part.$modified_part.' where id = '.$team_id; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; } @@ -254,11 +256,35 @@ class ttAdmin { $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')'; $name_part = ', name = '.$mdb2->quote($fields['user_name']); $email_part = ', email = '.$mdb2->quote($fields['email']); - - $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.'where id = '.$user_id; + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); + $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; return true; } + + // setCreatedByAdmin sets created_by field for both group and its top manager to admin account. + function setCreatedByAdmin($team_id, $user_id) { + global $user; + $mdb2 = getConnection(); + + // Update created_by for group. + $sql = "update tt_teams set created_by = $user->id where id = $team_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) { + $this->err->add($i18n->getKey('error.db')); + return false; + } + + // Update created_by for top manager. + $sql = "update tt_users set created_by = $user->id where id = $user_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) { + $this->err->add($i18n->getKey('error.db')); + return false; + } + + return true; + } } diff --git a/WEB-INF/lib/ttRegistrator.class.php b/WEB-INF/lib/ttRegistrator.class.php index ea76f3a2..3ac6166d 100644 --- a/WEB-INF/lib/ttRegistrator.class.php +++ b/WEB-INF/lib/ttRegistrator.class.php @@ -81,10 +81,9 @@ class ttRegistrator { // The register function registers a user in Time Tracker. function register() { - global $i18n; + if ($this->err->yes()) return; // There are errors, do not proceed. - if ($this->err->yes()) - return; // There are errors, do not proceed. + global $i18n; import('ttUserHelper'); if (ttUserHelper::getUserByLogin($this->login)) { @@ -112,6 +111,8 @@ class ttRegistrator { $err->add($i18n->getKey('error.db')); return; } + + $this->setCreatedBy($this->user_id); } // The createGroup function creates a group in Time Tracker as part @@ -151,17 +152,34 @@ class ttRegistrator { $affected = $mdb2->exec($sql); if (!is_a($affected, 'PEAR_Error')) { $user_id = $mdb2->lastInsertID('tt_users', 'id'); + return $user_id; + } + return false; + } - // Update created_by field for the team with user id, now that we have it. - $sql = "update tt_teams set created_by = $user_id where id = $this->group_id and created_by is null"; - $affected = $mdb2->exec($sql); + // The setCreatedBy sets created_by field for both group and user to passed in user_id. + function setCreatedBy($user_id) { + if ($this->err->yes()) return false; // There are errors, do not proceed. + + global $i18n; + $mdb2 = getConnection(); - // Update created_by field for user by setting to self. - $sql = "update tt_users set created_by = $user_id where id = $user_id and team_id = $this->group_id and created_by is null"; - $affected = $mdb2->exec($sql); + // Update group. + $sql = "update tt_teams set created_by = $user_id where id = $this->group_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) { + $this->err->add($i18n->getKey('error.db')); + return false; + } - return $user_id; + // Update top manager. + $sql = "update tt_users set created_by = $user_id where id = $user_id and team_id = $this->group_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) { + $this->err->add($i18n->getKey('error.db')); + return false; } - return false; + + return true; } } diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 0bbfc034..f9d1e927 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.65.4132 | Copyright © Anuko | +  Anuko Time Tracker 1.17.65.4133 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/admin_team_add.php b/admin_team_add.php index 08a19311..b270de17 100644 --- a/admin_team_add.php +++ b/admin_team_add.php @@ -81,44 +81,33 @@ $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'manager_email', $form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->getKey('button.submit'))); if ($request->isPost()) { - // Validate user input. - if (!ttValidString($cl_team_name, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.team_name')); - if (!ttValidString($cl_manager_name)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_name')); - if (!ttValidString($cl_manager_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_login')); - if (!$auth->isPasswordExternal()) { - if (!ttValidString($cl_password1)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); - if (!ttValidString($cl_password2)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password')); - if ($cl_password1 !== $cl_password2) - $err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password')); - } - if (!ttValidEmail($cl_manager_email, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.email')); + /* + * Note: creating a group by admin is pretty much the same as self-registration, + * except that created_by gields for group and user must be set to admin account. + * Therefore, we'll reuse ttRegistrator instance to create a group here + * and override created_by fields using ttRegistrator::setCreatedBy() function. + */ - if ($err->no()) { - if (!ttUserHelper::getUserByLogin($cl_manager_login)) { - // Create a new team. - if (!defined('CURRENCY_DEFAULT')) define('CURRENCY_DEFAULT', '$'); - $team_id = ttTeamHelper::insert(array('name'=>$cl_team_name,'currency'=>CURRENCY_DEFAULT,'lang'=>$cl_lang)); - if ($team_id) { - if (!ttRoleHelper::createPredefinedRoles($team_id, $cl_lang)) - $err->add($i18n->getKey('error.db')); + // Create fields array for ttRegistrator instance. + if (!defined('CURRENCY_DEFAULT')) define('CURRENCY_DEFAULT', '$'); + $fields = array( + 'user_name' => $cl_manager_name, + 'login' => $cl_manager_login, + 'password1' => $cl_password1, + 'password2' => $cl_password2, + 'email' => $cl_manager_email, + 'group_name' => $cl_team_name, + 'currency' => CURRENCY_DEFAULT, + 'lang' => $cl_lang); - $role_id = ttRoleHelper::getTopManagerRoleID(); - - // Team created, now create a team manager. - $user_id = ttUserHelper::insert(array( - 'team_id' => $team_id, - 'role_id' => $role_id, - 'name' => $cl_manager_name, - 'login' => $cl_manager_login, - 'password' => $cl_password1, - 'email' => $cl_manager_email)); - } - if ($team_id && $user_id) { - header('Location: admin_teams.php'); - } else - $err->add($i18n->getKey('error.db')); - } else - $err->add($i18n->getKey('error.user_exists')); + // Create an instance of ttRegistrator class. + import('ttRegistrator'); + $registrator = new ttRegistrator($fields, $err); + $registrator->register(); + $registrator->setCreatedBy($user->id); // Override created_by to admin account. + if ($err->no()) { + header('Location: admin_teams.php'); + exit(); } } // isPost -- 2.20.1