#125 account change password, account rename, account delete
This commit is contained in:
parent
064a84d465
commit
3d87e004ee
@ -18,9 +18,9 @@ class api_login {
|
||||
return \SYSTEM\SECURITY\security::confirm($token);}
|
||||
|
||||
public static function call_account_action_reset_password($username){
|
||||
return \SYSTEM\SECURITY\security::resetpassword($username);}
|
||||
return \SYSTEM\SECURITY\security::reset_password($username);}
|
||||
public static function call_account_action_change_password($username,$old_password_sha1,$new_password_sha1){
|
||||
return \SYSTEM\SECURITY\security::changepassword($username,$old_password_sha1,$new_password_sha1);}
|
||||
return \SYSTEM\SECURITY\security::change_password($username,$old_password_sha1,$new_password_sha1);}
|
||||
public static function call_account_action_change_email($username,$new_email){
|
||||
return \SYSTEM\SECURITY\security::changeemail($username,$new_email);}
|
||||
return \SYSTEM\SECURITY\security::change_email($username,$new_email);}
|
||||
}
|
||||
@ -54,13 +54,18 @@ function init_saimod_sys_security_user() {
|
||||
});
|
||||
});
|
||||
$('#btn_change_password').click(function(){
|
||||
$.get( './sai.php?call=account&action=changepassword&username='+$(this).attr('user')+'&old_password_sha1='+'&new_password_sha1=',function(data){
|
||||
if(data==1){
|
||||
if($('#input_pw_new1').val() !== $('#input_pw_new2').val()){
|
||||
alert('Passwords dont match!');
|
||||
} else {
|
||||
system.account_change_password($(this).attr('user'),$('#input_pw_old').val(),$('#input_pw_new1').val(),
|
||||
function(data){
|
||||
if(data.status){
|
||||
alert('Password Changed');
|
||||
} else {
|
||||
alert('fail');
|
||||
alert('fail: '+data.result.message);
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
$('#btn_reset_password').click(function(){
|
||||
$.get( './sai.php?call=account&action=resetpassword&account='+$(this).attr('user'),function(data){
|
||||
@ -81,22 +86,27 @@ function init_saimod_sys_security_user() {
|
||||
});
|
||||
});
|
||||
$('#btn_rename_account').click(function(){
|
||||
$.get( './sai.php?saimod...&action=renameaccount&username='+$(this).attr('user')+'&new_username=',function(data){
|
||||
if(data==1){
|
||||
$.get( './sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_security&action=renameaccount&username='+$(this).attr('user')+'&new_username='+$('#input_new_user').val(),
|
||||
function(data){
|
||||
if(data.status){
|
||||
alert('Accountname changed');
|
||||
system.load('security(user);username.'+$('#input_new_user').val());
|
||||
} else {
|
||||
alert('fail');
|
||||
}
|
||||
});
|
||||
});
|
||||
$('#btn_delete_account').click(function(){
|
||||
$.get( './sai.php?saimod...',function(data){
|
||||
if(data==1){
|
||||
alert('Account deleted');
|
||||
} else {
|
||||
alert('fail');
|
||||
}
|
||||
});
|
||||
if (confirm('Are you sure you want to delete this user completely and have no option to restore it?')) {
|
||||
$.get( './sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_security&action=deleteaccount&id='+$(this).attr('user'),function(data){
|
||||
if(data.status){
|
||||
alert('Account deleted');
|
||||
system.load('security');
|
||||
} else {
|
||||
alert('fail');
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
namespace SYSTEM\SQL;
|
||||
class SYS_SAIMOD_SECURITY_DELETE_USER extends \SYSTEM\DB\QP {
|
||||
public static function get_class(){return \get_class();}
|
||||
public static function mysql(){return
|
||||
'DELETE FROM system_user WHERE id = ?;';
|
||||
}
|
||||
}
|
||||
|
||||
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
namespace SYSTEM\SQL;
|
||||
class SYS_SAIMOD_SECURITY_DELETE_USER_RIGHTS extends \SYSTEM\DB\QP {
|
||||
public static function get_class(){return \get_class();}
|
||||
public static function mysql(){return
|
||||
'DELETE FROM system_user_to_rights WHERE userID = ?;';
|
||||
}
|
||||
}
|
||||
|
||||
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
namespace SYSTEM\SQL;
|
||||
class SYS_SAIMOD_SECURITY_RENAME_USER extends \SYSTEM\DB\QP {
|
||||
public static function get_class(){return \get_class();}
|
||||
public static function mysql(){return
|
||||
'UPDATE system_user SET username = ? WHERE username = ?;';
|
||||
}
|
||||
}
|
||||
|
||||
@ -157,6 +157,17 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
|
||||
$vars['PICPATH'] = (new \SYSTEM\PSAI('modules/saimod_sys_log/img/'))->WEBPATH(false);
|
||||
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/saimod_sys_security.tpl'))->SERVERPATH(), $vars);}
|
||||
|
||||
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_renameaccount($username,$new_username){
|
||||
if(!\SYSTEM\SECURITY\security::available($new_username)){
|
||||
throw new \SYSTEM\LOG\ERROR("Username not available");}
|
||||
return \SYSTEM\SQL\SYS_SAIMOD_SECURITY_RENAME_USER::QI(array($new_username,$username)) ? \SYSTEM\LOG\JsonResult::ok() : \SYSTEM\LOG\JsonResult::fail();
|
||||
}
|
||||
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleteaccount($id){
|
||||
\SYSTEM\SQL\SYS_SAIMOD_SECURITY_DELETE_USER_RIGHTS::QI(array($id));
|
||||
\SYSTEM\SQL\SYS_SAIMOD_SECURITY_DELETE_USER::QI(array($id));
|
||||
return \SYSTEM\LOG\JsonResult::ok();
|
||||
}
|
||||
|
||||
private static function tablerow_class($last_active){
|
||||
$time = time() - $last_active;
|
||||
|
||||
|
||||
@ -38,23 +38,23 @@
|
||||
<tr>
|
||||
<td></td>
|
||||
<td>
|
||||
<button style="width: 100%;" type="submit" id="btn_confirm_email" class="btn-sm btn btn-success" user="${id}" email="${email}"><span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> ${basic_confirm_email}</button>
|
||||
<button style="width: 100%;" type="submit" id="btn_confirm_email" class="btn-sm btn btn-success" user="${username}" email="${email}"><span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> ${basic_confirm_email}</button>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<input class="input-medium" id="input_pw_old" type="text" placeholder="${basic_password_old}" size="20"/>
|
||||
<input class="input-medium" id="input_pw_new1" type="text" placeholder="${basic_password_new}" size="20"/>
|
||||
<input class="input-medium" id="input_pw_new2" type="text" placeholder="${basic_password_new}" size="20"/>
|
||||
<input class="input-medium" id="input_pw_old" type="password" placeholder="${basic_password_old}" size="20"/>
|
||||
<input class="input-medium" id="input_pw_new1" type="password" placeholder="${basic_password_new}" size="20"/>
|
||||
<input class="input-medium" id="input_pw_new2" type="password" placeholder="${basic_password_new}" size="20"/>
|
||||
</td>
|
||||
<td>
|
||||
<button style="width: 100%;" type="submit" id="btn_change_password" class="btn-sm btn btn-success" user="${id}" email="${email}"><span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> ${basic_change_password}</button>
|
||||
<button style="width: 100%;" type="submit" id="btn_change_password" class="btn-sm btn btn-success" user="${username}" email="${email}"><span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> ${basic_change_password}</button>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td></td>
|
||||
<td>
|
||||
<button style="width: 100%;" type="submit" id="btn_reset_password" class="btn-sm btn btn-warning" user="${id}" email="${email}"><span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> ${basic_reset_password}</button>
|
||||
<button style="width: 100%;" type="submit" id="btn_reset_password" class="btn-sm btn btn-warning" user="${username}" email="${email}"><span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> ${basic_reset_password}</button>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
@ -62,7 +62,7 @@
|
||||
<input class="input-medium" id="input_new_email" type="text" placeholder="${basic_email_new}" size="20"/>
|
||||
</td>
|
||||
<td>
|
||||
<button style="width: 100%;" type="submit" id="btn_change_email" class="btn-sm btn btn-warning" user="${id}" email="${email}"><span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> ${basic_change_email}</button>
|
||||
<button style="width: 100%;" type="submit" id="btn_change_email" class="btn-sm btn btn-warning" user="${username}" email="${email}"><span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> ${basic_change_email}</button>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
@ -70,7 +70,7 @@
|
||||
<input class="input-medium" id="input_new_user" type="text" placeholder="${basic_username_new}" size="20"/>
|
||||
</td>
|
||||
<td>
|
||||
<button style="width: 100%;" type="submit" id="btn_rename_account" class="btn-sm btn btn-danger" user="${id}" email="${email}"><span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> ${basic_rename}</button>
|
||||
<button style="width: 100%;" type="submit" id="btn_rename_account" class="btn-sm btn btn-danger" user="${username}" email="${email}"><span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> ${basic_rename}</button>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
||||
@ -9,7 +9,7 @@ class SYS_SECURITY_LOGIN_USER_SHA1 extends \SYSTEM\DB\QP {
|
||||
}
|
||||
public static function mysql(){return
|
||||
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_MYS.
|
||||
' WHERE (UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER(?)'.
|
||||
' WHERE UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER(?)'.
|
||||
' AND '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = ?;';
|
||||
}
|
||||
}
|
||||
@ -72,7 +72,7 @@ class security {
|
||||
}
|
||||
|
||||
public static function change_password($username,$old_password_sha1,$new_password_sha1){
|
||||
$row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_USER_EMAIL_SHA1::Q1(array($username, $username, $old_password_sha1));
|
||||
$row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_USER_SHA1::Q1(array($username, $old_password_sha1));
|
||||
if(!$row){
|
||||
throw new \SYSTEM\LOG\ERROR("No such User Password combination.");}
|
||||
$result = \SYSTEM\SQL\SYS_SECURITY_UPDATE_PW::QI(array($new_password_sha1, $row['id']));
|
||||
|
||||
@ -1,6 +1,10 @@
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (10, 0, 0, -1, NULL, 'call', NULL);
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (11, 0, 0, 10, NULL, 'action', NULL);
|
||||
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (13, 0, 2, 11, 'change_password', 'username', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (14, 0, 2, 11, 'change_password', 'old_password_sha1', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (15, 0, 3, 11, 'change_password', 'new_password_sha1', 'STRING');
|
||||
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (20, 0, 2, 11, 'login', 'username', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 0, 2, 11, 'login', 'password_sha1', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 0, 3, 11, 'login', 'locale', 'LANG');
|
||||
|
||||
@ -9,6 +9,9 @@ REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `na
|
||||
-- system_api
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (10, 42, 0, -1, NULL, 'call', NULL);
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (11, 42, 0, 10, NULL, 'action', NULL);
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (13, 42, 2, 11, 'change_password', 'username', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (14, 42, 2, 11, 'change_password', 'old_password_sha1', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (15, 42, 3, 11, 'change_password', 'new_password_sha1', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (20, 42, 2, 11, 'login', 'username', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 42, 2, 11, 'login', 'password_sha1', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 42, 3, 11, 'login', 'locale', 'LANG');
|
||||
@ -81,6 +84,10 @@ REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `na
|
||||
--
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (340, 42, 2, 300, 'deleterightuser', 'rightid', 'UINT');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (341, 42, 2, 300, 'deleterightuser', 'userid', 'UINT');
|
||||
--
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (350, 42, 2, 300, 'renameaccount', 'username', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (351, 42, 2, 300, 'renameaccount', 'new_username', 'STRING');
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (355, 42, 2, 300, 'deleteaccount', 'id', 'UINT');
|
||||
|
||||
|
||||
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (400, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_mod', 'action', NULL);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user