Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.

AdminHandler.php 9.5KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215
  1. <?php
  2. # $Id$
  3. class AdminHandler extends PFAHandler {
  4. protected $db_table = 'admin';
  5. protected $id_field = 'username';
  6. protected function validate_new_id() {
  7. $email_check = check_email($this->id);
  8. if ($email_check == '') {
  9. return true;
  10. } else {
  11. $this->errormsg[] = $email_check;
  12. $this->errormsg[$this->id_field] = Config::lang('pAdminCreate_admin_username_text_error1');
  13. return false;
  14. }
  15. }
  16. protected function no_domain_field() {
  17. # PFAHandler die()s if domain field is not set. Disable this behaviour for AdminHandler.
  18. }
  19. # init $this->struct, $this->db_table and $this->id_field
  20. protected function initStruct() {
  21. # NOTE: There are dependencies between domains and domain_count
  22. # NOTE: If you disable "display in list" for domain_count, the SQL query for domains might break.
  23. # NOTE: (Disabling both shouldn't be a problem.)
  24. # TODO: move to a db_group_concat() function?
  25. if (db_pgsql()) {
  26. $domains_grouped = "array_to_string(array_agg(domain), ',')";
  27. } else { # mysql
  28. $domains_grouped = 'group_concat(domain)';
  29. }
  30. $passwordReset = Config::read('forgotten_admin_password_reset');
  31. $reset_by_sms = 0;
  32. if ($passwordReset && Config::read('sms_send_function')) {
  33. $reset_by_sms = 1;
  34. }
  35. $this->struct=array(
  36. # field name allow display in... type $PALANG label $PALANG description default / options / ...
  37. # editing? form list
  38. 'username' => pacol($this->new, 1, 1, 'text', 'admin' , 'email_address' , '', '',
  39. array('linkto' => 'list.php?table=domain&username=%s') ),
  40. 'password' => pacol(1, 1, 0, 'pass', 'password' , '' ),
  41. 'password2' => pacol(1, 1, 0, 'pass', 'password_again' , '' , '', '',
  42. /*not_in_db*/ 0,
  43. /*dont_write_to_db*/ 1,
  44. /*select*/ 'password as password2'
  45. ),
  46. 'superadmin' => pacol(1, 1, 0, 'bool', 'super_admin' , 'super_admin_desc' , 0
  47. # TODO: (finally) replace the ALL domain with a column in the admin table
  48. # TODO: current status: 'superadmin' column exists and is written when storing an admin with AdminHandler,
  49. # TODO: but the superadmin status is still (additionally) stored in the domain_admins table ("ALL" dummy domain)
  50. # TODO: to keep the database backwards-compatible with 2.3.x.
  51. # TODO: Note: superadmins created with 2.3.x after running upgrade_1284() will not work until you re-run upgrade_1284()
  52. # TODO: Create them with the trunk version to avoid this problem.
  53. ),
  54. 'domains' => pacol(1, 1, 0, 'list', 'domain' , '' , array(), list_domains(),
  55. /*not_in_db*/ 0,
  56. /*dont_write_to_db*/ 1,
  57. /*select*/ "coalesce(domains,'') as domains"
  58. /*extrafrom set in domain_count*/
  59. ),
  60. 'domain_count' => pacol(0, 0, 1, 'vnum', 'pAdminList_admin_count', '' , '', '',
  61. /*not_in_db*/ 0,
  62. /*dont_write_to_db*/ 1,
  63. /*select*/ 'coalesce(__domain_count,0) as domain_count',
  64. /*extrafrom*/ 'LEFT JOIN ( ' .
  65. ' SELECT count(*) AS __domain_count, ' . $domains_grouped . ' AS domains, username AS __domain_username ' .
  66. ' FROM ' . table_by_key('domain_admins') .
  67. " WHERE domain != 'ALL' GROUP BY username " .
  68. ' ) AS __domain on username = __domain_username'),
  69. 'active' => pacol(1, 1, 1, 'bool', 'active' , '' , 1 ),
  70. 'phone' => pacol(1, $reset_by_sms, 0, 'text', 'pCreate_mailbox_phone', 'pCreate_mailbox_phone_desc', ''),
  71. 'email_other' => pacol(1, $passwordReset, 0, 'mail', 'pCreate_mailbox_email', 'pCreate_mailbox_email_desc', ''),
  72. 'token' => pacol(1, 0, 0, 'text', '' , '' ),
  73. 'token_validity' => pacol(1, 0, 0, 'ts', '' , '', date("Y-m-d H:i:s",time())),
  74. 'created' => pacol(0, 0, 0, 'ts', 'created' , '' ),
  75. 'modified' => pacol(0, 0, 1, 'ts', 'last_modified' , '' ),
  76. );
  77. }
  78. protected function initMsg() {
  79. $this->msg['error_already_exists'] = 'admin_already_exists';
  80. $this->msg['error_does_not_exist'] = 'admin_does_not_exist';
  81. $this->msg['confirm_delete'] = 'confirm_delete_admin';
  82. if ($this->new) {
  83. $this->msg['logname'] = 'create_admin';
  84. $this->msg['store_error'] = 'pAdminCreate_admin_result_error';
  85. $this->msg['successmessage'] = 'pAdminCreate_admin_result_success';
  86. } else {
  87. $this->msg['logname'] = 'edit_admin';
  88. $this->msg['store_error'] = 'pAdminEdit_admin_result_error';
  89. $this->msg['successmessage'] = 'pAdminEdit_admin_result_success';
  90. }
  91. }
  92. public function webformConfig() {
  93. return array(
  94. # $PALANG labels
  95. 'formtitle_create' => 'pAdminCreate_admin_welcome',
  96. 'formtitle_edit' => 'pAdminEdit_admin_welcome',
  97. 'create_button' => 'pAdminCreate_admin_button',
  98. # various settings
  99. 'required_role' => 'global-admin',
  100. 'listview' => 'list.php?table=admin',
  101. 'early_init' => 0,
  102. );
  103. }
  104. /**
  105. * called by $this->store() after storing $this->values in the database
  106. * can be used to update additional tables, call scripts etc.
  107. */
  108. protected function storemore() {
  109. # store list of allowed domains in the domain_admins table
  110. if (isset($this->values['domains'])) {
  111. if (is_array($this->values['domains'])) {
  112. $domains = $this->values['domains'];
  113. } elseif ($this->values['domains'] == '') {
  114. $domains = array();
  115. } else {
  116. $domains = explode(',', $this->values['domains']);
  117. }
  118. db_delete('domain_admins', 'username', $this->id, "AND domain != 'ALL'");
  119. foreach ($domains as $domain) {
  120. $values = array(
  121. 'username' => $this->id,
  122. 'domain' => $domain,
  123. );
  124. db_insert('domain_admins', $values, array('created'));
  125. # TODO: check for errors
  126. }
  127. }
  128. # Temporary workaround to keep the database compatible with 2.3.x
  129. if (isset($this->values['superadmin'])) {
  130. if ($this->values['superadmin'] == 1) {
  131. $values = array(
  132. 'username' => $this->id,
  133. 'domain' => 'ALL',
  134. );
  135. $where = db_where_clause(array('username' => $this->id, 'domain' => 'ALL'), $this->struct);
  136. $result = db_query("SELECT username from " . table_by_key('domain_admins') . " " . $where);
  137. if ($result['rows'] == 0) {
  138. db_insert('domain_admins', $values, array('created'));
  139. # TODO: check for errors
  140. }
  141. } else {
  142. db_delete('domain_admins', 'username', $this->id, "AND domain = 'ALL'");
  143. }
  144. }
  145. return true; # TODO: don't hardcode
  146. }
  147. protected function read_from_db_postprocess($db_result) {
  148. foreach ($db_result as $key => $row) {
  149. # convert 'domains' field to an array
  150. if ($row['domains'] == '') {
  151. $db_result[$key]['domains'] = array();
  152. } else {
  153. $db_result[$key]['domains'] = explode(',', $row['domains']);
  154. }
  155. if ($row['superadmin']) {
  156. $db_result[$key]['domain_count'] = Config::lang('super_admin');
  157. }
  158. }
  159. return $db_result;
  160. }
  161. /**
  162. * @return true on success false on failure
  163. */
  164. public function delete() {
  165. if (! $this->view()) {
  166. $this->errormsg[] = Config::Lang($this->msg['error_does_not_exist']);
  167. return false;
  168. }
  169. db_delete('domain_admins', $this->id_field, $this->id);
  170. db_delete($this->db_table, $this->id_field, $this->id);
  171. db_log('admin', 'delete_admin', $this->id); # TODO delete_admin is not a valid db_log keyword yet, and 'admin' is not displayed in viewlog.php
  172. $this->infomsg[] = Config::Lang_f('pDelete_delete_success', $this->id);
  173. return true;
  174. }
  175. # TODO: generate password if $new, no password specified and $CONF['generate_password'] is set
  176. # TODO: except if $this->admin_username == setup.php --- this exception should be handled directly in setup.php ("if $values['password'] == '' error_out")
  177. /**
  178. * compare password / password2 field
  179. * error message will be displayed at the password2 field
  180. */
  181. protected function _validate_password2($field, $val) {
  182. return $this->compare_password_fields('password', 'password2');
  183. }
  184. }
  185. /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */