user settings

src/Auth/Business/LuticateSettingsBusiness.php

@@ -96,8 +96,6 @@ class LuticateSettingsBusiness extends LuBusiness {
 
         $setting = LuStringUtils::convertJsonString($val->getSetting());
         $setting["Value"] = json_decode($setting["Value"]);
-        unset($setting["IsBlocked"]);
-        unset($setting["IsAdmin"]);
         return $setting;
     }
 
@@ -107,8 +105,6 @@ class LuticateSettingsBusiness extends LuBusiness {
         {
             $setting = $value["Settings"];
             $setting["Value"] = json_decode($setting["Value"]);
-            unset($setting["IsBlocked"]);
-            unset($setting["IsAdmin"]);
             return $setting;
         });
     }

src/Auth/Business/LuticateSettingsUsersBusiness.php

@@ -29,27 +29,38 @@ class LuticateSettingsUsersBusiness extends LuBusiness {
         return LuticateSettingsUsersDataAccess::getAllByUser($user_id, $page, $perPage);
     }
 
-    public static function edit($user_id, $setting_name, $setting_value)
+    /**
+     * @param $user_setting LuticateSettingsUsersDbo
+     * @param $admin_edit bool
+     * @return bool
+     */
+    public static function edit($user_setting, $admin_edit)
     {
-        $setting_value = json_decode($setting_value);
-        LuticateUsersBusiness::checkUserId($user_id);
-        $setting = LuticateSettingsBusiness::checkSettingName($setting_name);
-        if (is_null($setting_value)) {
-            LuticateSettingsUsersDataAccess::delete($user_id, $setting_name);
+        LuticateUsersBusiness::checkUserId($user_setting->getUserId());
+        $setting = LuticateSettingsBusiness::checkSettingName($user_setting->getName());
+        if ($setting->getIsBlocked() && !$admin_edit) {
+            self::unauthorized("Setting is blocked");
+        }
+        if (is_null($user_setting->getValue())) {
+            LuticateSettingsUsersDataAccess::delete($user_setting->getUserId(), $user_setting->getName());
         } else {
-            $setting->setValue($setting_value);
+            $setting->setValue($user_setting->getValue());
             LuticateSettingsBusiness::checkSetting($setting);
-            $setting_value = json_encode($setting_value);
-            $user_setting = LuticateSettingsUsersDataAccess::getByName($user_id, $setting_name);
-            if (is_null($user_setting)) {
-                $user_setting = new LuticateSettingsUsersDbo();
-                $user_setting->setName($setting_name);
-                $user_setting->setValue($setting_value);
-                $user_setting->setUserId($user_id);
+            $user_setting->setValue(json_encode($user_setting->getValue()));
+            $real_user_setting = LuticateSettingsUsersDataAccess::getByName($user_setting->getUserId(), $user_setting->getName());
+            if (is_null($real_user_setting)) {
+                if (is_null($user_setting->getIsBlocked())) {
+                    $user_setting->setIsBlocked(false);
+                }
                 LuticateSettingsUsersDataAccess::add($user_setting);
             }
             else {
-                $user_setting->setValue($setting_value);
+                if ($real_user_setting->getIsBlocked() && !$admin_edit) {
+                    self::unauthorized("User setting is blocked");
+                }
+                if (is_null($user_setting->getIsBlocked())) {
+                    $user_setting->setIsBlocked($real_user_setting->getIsBlocked());
+                }
                 LuticateSettingsUsersDataAccess::edit($user_setting);
             }
         }

src/Auth/Controller/LuticateSettingsUsersController.php

@@ -40,23 +40,30 @@ class LuticateSettingsUsersController extends LuController {
      * Edit a setting for a user
      * @param $user_id int The user id
      * @param $setting_name string The setting name
-     * @param $setting_value bool The setting value
+     * @param $setting LuticateSettingsUsersDbo The setting
      * @return bool
      */
-    public function edit($user_id, $setting_name, $setting_value = null)
+    public function edit($user_id, $setting_name, LuticateSettingsUsersDbo $setting)
     {
-        return LuticateSettingsUsersBusiness::edit($user_id, $setting_name, $setting_value);
+        $setting->setUserId($user_id);
+        $setting->setName($setting_name);
+        return LuticateSettingsUsersBusiness::edit($setting, true);
     }
 
     /**
      * Edit a setting for the logged user
      * @param $_user LuticateUsersDbo The logged user
      * @param $setting_name string The setting name
-     * @param $setting_value bool The setting value
+     * @param $setting_value string The setting value
      * @return bool
      */
-    public function editMe($_user, $setting_name, $setting_value = null)
+    public function editMe($_user, $setting_name, $setting_value)
     {
-        return LuticateSettingsUsersBusiness::edit($_user->getId(), $setting_name, $setting_value);
+        $setting = new LuticateSettingsUsersDbo();
+        $setting->setUserId($_user->getId());
+        $setting->setName($setting_name);
+        $setting->setIsBlocked(null);
+        $setting->setValue($setting_value);
+        return LuticateSettingsUsersBusiness::edit($setting, false);
     }
 }

src/Auth/DBO/LuticateSettingsUsersDbo.php

@@ -16,7 +16,8 @@ class LuticateSettingsUsersDbo extends LuDbo {
         return array(
             "Name" => $this->_name,
             "Value" => $this->_value,
-            "UserId" => $this->_userId
+            "UserId" => $this->_userId,
+            "IsBlocked" => $this->_isBlocked
         );
     }
 
@@ -32,6 +33,9 @@ class LuticateSettingsUsersDbo extends LuDbo {
         if (isset($json["UserId"])) {
             $dbo->setUserId($json["UserId"]);
         }
+        if (isset($json["IsBlocked"])) {
+            $dbo->setIsBlocked($json["IsBlocked"]);
+        }
         return $dbo;
     }
 
@@ -41,6 +45,7 @@ class LuticateSettingsUsersDbo extends LuDbo {
         $dbo->setName("sample string");
         $dbo->setValue("sample string");
         $dbo->setUserId(42);
+        $dbo->setIsBlocked(true);
         return $dbo;
     }
 
@@ -82,4 +87,17 @@ class LuticateSettingsUsersDbo extends LuDbo {
     {
         $this->_userId = $value;
     }
+
+    /**
+     * @var boolean
+     */
+    protected $_isBlocked;
+    public function getIsBlocked()
+    {
+        return $this->_isBlocked;
+    }
+    public function setIsBlocked($value)
+    {
+        $this->_isBlocked = $value;
+    }
 }

src/Auth/DataAccess/LuticateSettingsUsersDataAccess.php

@@ -51,6 +51,7 @@ class LuticateSettingsUsersDataAccess extends LuDataAccess {
         if (is_null($user_setting))
             return;
         $user_setting_model->value = $user_setting->getValue();
+        $user_setting_model->is_blocked = $user_setting->getIsBlocked();
         $user_setting_model->save();
     }
 }

src/Auth/DataAccess/Models/LuticateSettingsUsersModel.php

@@ -28,6 +28,7 @@ class LuticateSettingsUsersModel extends LuModel
         $dbo->setName($this->name);
         $dbo->setValue($this->value);
         $dbo->setUserId($this->user_id);
+        $dbo->setIsBlocked($this->is_blocked);
 
         return $dbo;
     }
@@ -45,6 +46,7 @@ class LuticateSettingsUsersModel extends LuModel
         $model->name = $dbo->getName();
         $model->value = $dbo->getValue();
         $model->user_id = $dbo->getUserId();
+        $model->is_blocked = $dbo->getIsBlocked();
 
         return $model;
     }