Merge branch 'feature/edituser' into develop

12 years ago · eab62d5985
parent 2385ce3613 1ec52b4f4a
commit eab62d5985
5 changed files with 138 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,4 @@ installer/slave_sfx.py
 installer/master_sfx.py
 *.pyc
 testing
 .geanyprj
--- a/frontend/locales/english.lng
+++ b/frontend/locales/english.lng
@ -248,6 +248,13 @@ admin-level-nodeadmin;							Node administrator
 admin-level-masteradmin;						Master administrator
 header-admin-user-vpses;						VPSes owned by this user
 ## User editing
 title-admin-edituser;							Edit user
 edituser-username;							Username
 edituser-email;								Email address
 edituser-access;							Account type
 button-admin-edituser;							Apply changes
 ## VPS list
 title-admin-vpslist;							VPS overview
 list-column-hostname;							Hostname
--- a/frontend/modules/admin/user/edit.php
+++ b/frontend/modules/admin/user/edit.php
@ -0,0 +1,78 @@
 <?php
 /*
 * CVM is more free software. It is licensed under the WTFPL, which
 * allows you to do pretty much anything with it, without having to
 * ask permission. Commercial use is allowed, and no attribution is
 * required. We do politely request that you share your modifications
 * to benefit other developers, but you are under no enforced
 * obligation to do so :)
 * 
 * Please read the accompanying LICENSE document for the full WTFPL
 * licensing text.
 */
 if(!isset($_APP)) { die("Unauthorized."); }
 try
 {
 	$sUser = new User($router->uParameters[1]);
 }
 catch (NotFoundException $e)
 {
 	throw new RouterException("Specified user does not exist.");
 }
 $sErrors = array();
 if($router->uMethod == "post")
 {	
 	if(empty($_POST['username']) || preg_match("/^[a-z0-9_.-]+$/i", $_POST['username']) === 0)
 	{
 		$sErrors[] = "You did not enter a valid username.";
 	}
 	if(empty($_POST['email']) || filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false)
 	{
 		$sErrors[] = "You did not enter a valid e-mail address.";
 	}
 	if(empty($_POST['access']) || preg_match("/^[0-9]+$/", $_POST['access']) === 0)
 	{
 		$sErrors[] = "You did not specify a valid user type.";
 	}
 	else
 	{
 		if($sUser->sAccessLevel == 30 && $_POST['access'] < 30)
 		{
 			/* This user is a master admin, check if any other master admins exist before lowering
 			 * the permissions of this one, to prevent lock-outs. */
 			try
 			{
 				User::CreateFromQuery("SELECT * FROM users WHERE `AccessLevel` = 30 AND `Id` != :Id", array(":Id" => $sUser->sId), 0);
 			}
 			catch (NotFoundException $e)
 			{
 				$sErrors[] = "You can't remove your master administrator permissions if no other master administrators exist!";
 			}
 		}
 	}
 	if(empty($sErrors))
 	{
 		$sUser->uUsername = $_POST['username'];
 		$sUser->uEmailAddress = $_POST['email'];
 		$sUser->uAccessLevel = $_POST['access'];
 		$sUser->InsertIntoDatabase();
 		redirect("/admin/user/{$sUser->sId}/");
 	}
 }
 $sPageContents = NewTemplater::Render("{$sTheme}/admin/user/edit", $locale->strings, array(
 	"errors"	=> $sErrors,
 	"id"		=> $router->uParameters[1]
 ), array(
 	"username"	=> $sUser->sUsername,
 	"email"		=> $sUser->sEmailAddress,
 	"access"	=> $sUser->sAccessLevel
 ));
--- a/frontend/rewrite.php
+++ b/frontend/rewrite.php
@ -136,6 +136,13 @@ try
 				'auth_error'			=> "modules/error/access.php",
 				'_menu'				=> "admin"
 			),
 			/* Admin - Users - Edit */
 			'^/admin/user/([0-9]+)/edit/?$'	=> array(
 				'target'			=> "modules/admin/user/edit.php",
 				'authenticator'			=> "authenticators/admin.php",
 				'auth_error'			=> "modules/error/access.php",
 				'_menu'				=> "admin"
 			),
 			/* Admin - Users - Create VPS */
 			'^/admin/user/([0-9]+)/add/?$'	=> array(
 				'target'			=> "modules/admin/vps/create.php",
--- a/frontend/templates/default/admin/user/edit.tpl
+++ b/frontend/templates/default/admin/user/edit.tpl
@ -0,0 +1,45 @@
 <h2>{%!title-admin-edituser}</h2>
 {%if isempty|errors == false}
 	<div class="errorhandler error-error">
 		<div class="error-title">{%!error-form}</div>
 		<div class="error-message">
 			<ul>
 				{%foreach error in errors}
 					<li>{%?error}</li>
 				{%/foreach}
 			</ul>
 		</div>
 	</div>
 {%/if}
 <form method="post" action="/admin/user/{%?id}/edit/" class="add dark">
 	<div class="field">
 		<label for="form_edituser_username">{%!edituser-username}</label>
 		{%input type="text" group="edituser" name="username"}
 		<div class="clear"></div>
 	</div>
 	<div class="field">
 		<label for="form_edituser_email">{%!edituser-email}</label>
 		{%input type="text" group="edituser" name="email"}
 		<div class="clear"></div>
 	</div>
 	<div class="field">
 		<label for="form_edituser_access">{%!edituser-access}</label>
 		{%select type="text" group="edituser" name="access"}
 			{%option value="1" text="{%!admin-level-enduser}"}
 			<!-- {%option value="10" text="{%!admin-level-reseller}"} -->
 			{%option value="20" text="{%!admin-level-nodeadmin}"}
 			{%option value="30" text="{%!admin-level-masteradmin}"}
 		{%/select}
 		<div class="clear"></div>
 	</div>
 	<div class="field">
 		<div class="filler"></div>
 		<button type="submit" name="submit">{%!button-admin-edituser}</button>
 		<div class="clear"></div>
 	</div>
 </form>