2011-11-26 01:50:44 +01:00
< ? php
# $Id$
class AdminHandler extends PFAHandler {
2013-06-23 17:04:05 +02:00
protected $db_table = 'admin' ;
protected $id_field = 'username' ;
2018-01-26 15:45:57 +01:00
protected function validate_new_id () {
$email_check = check_email ( $this -> id );
2011-11-26 01:50:44 +01:00
2018-01-26 15:45:57 +01:00
if ( $email_check == '' ) {
2011-11-26 01:50:44 +01:00
return true ;
2018-01-26 15:45:57 +01:00
} else {
2013-04-01 23:22:30 +02:00
$this -> errormsg [] = $email_check ;
2013-10-13 20:11:18 +02:00
$this -> errormsg [ $this -> id_field ] = Config :: lang ( 'pAdminCreate_admin_username_text_error1' );
2011-11-26 01:50:44 +01:00
return false ;
2018-01-26 15:45:57 +01:00
}
}
2011-11-26 01:50:44 +01:00
2011-11-28 01:36:12 +01:00
protected function no_domain_field () {
# PFAHandler die()s if domain field is not set. Disable this behaviour for AdminHandler.
}
2011-11-26 01:50:44 +01:00
# init $this->struct, $this->db_table and $this->id_field
protected function initStruct () {
# NOTE: There are dependencies between domains and domain_count
# NOTE: If you disable "display in list" for domain_count, the SQL query for domains might break.
# NOTE: (Disabling both shouldn't be a problem.)
2012-05-28 19:32:49 +02:00
# TODO: move to a db_group_concat() function?
2013-11-16 01:00:53 +01:00
if ( db_pgsql ()) {
2012-05-28 19:32:49 +02:00
$domains_grouped = " array_to_string(array_agg(domain), ',') " ;
} else { # mysql
$domains_grouped = 'group_concat(domain)' ;
}
2016-10-19 13:06:10 +02:00
$passwordReset = Config :: read ( 'forgotten_admin_password_reset' );
2018-04-27 23:23:57 +02:00
$reset_by_sms = 0 ;
if ( $passwordReset && Config :: read ( 'sms_send_function' )) {
$reset_by_sms = 1 ;
2018-04-22 22:52:13 +02:00
}
2011-11-26 01:50:44 +01:00
$this -> struct = array (
2013-11-14 23:33:56 +01:00
# field name allow display in... type $PALANG label $PALANG description default / options / ...
2011-11-26 01:50:44 +01:00
# editing? form list
2018-04-22 18:24:41 +02:00
'username' => pacol ( $this -> new , 1 , 1 , 'text' , 'admin' , 'email_address' , '' , '' ,
array ( 'linkto' => 'list.php?table=domain&username=%s' ) ),
'password' => pacol ( 1 , 1 , 0 , 'pass' , 'password' , '' ),
'password2' => pacol ( 1 , 1 , 0 , 'pass' , 'password_again' , '' , '' , '' ,
2011-11-26 01:50:44 +01:00
/*not_in_db*/ 0 ,
/*dont_write_to_db*/ 1 ,
2011-11-28 01:36:12 +01:00
/*select*/ 'password as password2'
),
2018-04-22 18:24:41 +02:00
'superadmin' => pacol ( 1 , 1 , 0 , 'bool' , 'super_admin' , 'super_admin_desc' , 0
2011-11-28 01:36:12 +01:00
# TODO: (finally) replace the ALL domain with a column in the admin table
# TODO: current status: 'superadmin' column exists and is written when storing an admin with AdminHandler,
# TODO: but the superadmin status is still (additionally) stored in the domain_admins table ("ALL" dummy domain)
2018-01-26 15:45:57 +01:00
# TODO: to keep the database backwards-compatible with 2.3.x.
2011-11-28 01:36:12 +01:00
# TODO: Note: superadmins created with 2.3.x after running upgrade_1284() will not work until you re-run upgrade_1284()
# TODO: Create them with the trunk version to avoid this problem.
2011-11-26 01:50:44 +01:00
),
2018-04-22 18:24:41 +02:00
'domains' => pacol ( 1 , 1 , 0 , 'list' , 'domain' , '' , array (), list_domains (),
2011-11-26 01:50:44 +01:00
/*not_in_db*/ 0 ,
/*dont_write_to_db*/ 1 ,
2012-05-28 19:32:49 +02:00
/*select*/ " coalesce(domains,'') as domains "
2011-11-26 01:50:44 +01:00
/*extrafrom set in domain_count*/
),
2018-04-22 18:24:41 +02:00
'domain_count' => pacol ( 0 , 0 , 1 , 'vnum' , 'pAdminList_admin_count' , '' , '' , '' ,
2011-11-26 01:50:44 +01:00
/*not_in_db*/ 0 ,
/*dont_write_to_db*/ 1 ,
/*select*/ 'coalesce(__domain_count,0) as domain_count' ,
/*extrafrom*/ 'LEFT JOIN ( ' .
2012-05-28 19:32:49 +02:00
' SELECT count(*) AS __domain_count, ' . $domains_grouped . ' AS domains, username AS __domain_username ' .
2011-11-26 01:50:44 +01:00
' FROM ' . table_by_key ( 'domain_admins' ) .
2012-05-28 19:32:49 +02:00
" WHERE domain != 'ALL' GROUP BY username " .
2018-04-22 18:24:41 +02:00
' ) AS __domain on username = __domain_username' ),
2018-01-26 15:45:57 +01:00
2018-04-22 18:24:41 +02:00
'active' => pacol ( 1 , 1 , 1 , 'bool' , 'active' , '' , 1 ),
2018-04-22 22:52:13 +02:00
'phone' => pacol ( 1 , $reset_by_sms , 0 , 'text' , 'pCreate_mailbox_phone' , 'pCreate_mailbox_phone_desc' , '' ),
2018-04-22 18:24:41 +02:00
'email_other' => pacol ( 1 , $passwordReset , 0 , 'mail' , 'pCreate_mailbox_email' , 'pCreate_mailbox_email_desc' , '' ),
'token' => pacol ( 1 , 0 , 0 , 'text' , '' , '' ),
'token_validity' => pacol ( 1 , 0 , 0 , 'ts' , '' , '' , date ( " Y-m-d H:i:s " , time ())),
'created' => pacol ( 0 , 0 , 0 , 'ts' , 'created' , '' ),
'modified' => pacol ( 0 , 0 , 1 , 'ts' , 'last_modified' , '' ),
2011-11-26 01:50:44 +01:00
);
}
protected function initMsg () {
2013-11-10 23:00:16 +01:00
$this -> msg [ 'error_already_exists' ] = 'admin_already_exists' ;
$this -> msg [ 'error_does_not_exist' ] = 'admin_does_not_exist' ;
2015-03-17 22:07:59 +01:00
$this -> msg [ 'confirm_delete' ] = 'confirm_delete_admin' ;
2011-11-26 01:50:44 +01:00
if ( $this -> new ) {
$this -> msg [ 'logname' ] = 'create_admin' ;
$this -> msg [ 'store_error' ] = 'pAdminCreate_admin_result_error' ;
2013-02-16 21:42:17 +01:00
$this -> msg [ 'successmessage' ] = 'pAdminCreate_admin_result_success' ;
2011-11-26 01:50:44 +01:00
} else {
$this -> msg [ 'logname' ] = 'edit_admin' ;
$this -> msg [ 'store_error' ] = 'pAdminEdit_admin_result_error' ;
2013-02-16 21:42:17 +01:00
$this -> msg [ 'successmessage' ] = 'pAdminEdit_admin_result_success' ;
2011-11-26 01:50:44 +01:00
}
}
public function webformConfig () {
return array (
# $PALANG labels
'formtitle_create' => 'pAdminCreate_admin_welcome' ,
'formtitle_edit' => 'pAdminEdit_admin_welcome' ,
'create_button' => 'pAdminCreate_admin_button' ,
# various settings
'required_role' => 'global-admin' ,
2015-03-17 23:37:34 +01:00
'listview' => 'list.php?table=admin' ,
2011-11-26 01:50:44 +01:00
'early_init' => 0 ,
);
}
/**
* called by $this -> store () after storing $this -> values in the database
* can be used to update additional tables , call scripts etc .
*/
protected function storemore () {
2012-04-29 22:52:30 +02:00
# store list of allowed domains in the domain_admins table
2011-11-28 01:36:12 +01:00
if ( isset ( $this -> values [ 'domains' ])) {
if ( is_array ( $this -> values [ 'domains' ])) {
$domains = $this -> values [ 'domains' ];
} elseif ( $this -> values [ 'domains' ] == '' ) {
$domains = array ();
} else {
$domains = explode ( ',' , $this -> values [ 'domains' ]);
}
db_delete ( 'domain_admins' , 'username' , $this -> id , " AND domain != 'ALL' " );
foreach ( $domains as $domain ) {
$values = array (
'username' => $this -> id ,
'domain' => $domain ,
);
db_insert ( 'domain_admins' , $values , array ( 'created' ));
# TODO: check for errors
}
}
# Temporary workaround to keep the database compatible with 2.3.x
if ( isset ( $this -> values [ 'superadmin' ])) {
if ( $this -> values [ 'superadmin' ] == 1 ) {
$values = array (
'username' => $this -> id ,
'domain' => 'ALL' ,
);
$where = db_where_clause ( array ( 'username' => $this -> id , 'domain' => 'ALL' ), $this -> struct );
$result = db_query ( " SELECT username from " . table_by_key ( 'domain_admins' ) . " " . $where );
if ( $result [ 'rows' ] == 0 ) {
db_insert ( 'domain_admins' , $values , array ( 'created' ));
# TODO: check for errors
2018-01-26 15:45:57 +01:00
}
2011-11-28 01:36:12 +01:00
} else {
db_delete ( 'domain_admins' , 'username' , $this -> id , " AND domain = 'ALL' " );
}
}
2011-11-26 01:50:44 +01:00
return true ; # TODO: don't hardcode
}
2011-11-28 01:36:12 +01:00
protected function read_from_db_postprocess ( $db_result ) {
foreach ( $db_result as $key => $row ) {
2012-04-29 22:52:30 +02:00
# convert 'domains' field to an array
2011-11-28 01:36:12 +01:00
if ( $row [ 'domains' ] == '' ) {
$db_result [ $key ][ 'domains' ] = array ();
} else {
$db_result [ $key ][ 'domains' ] = explode ( ',' , $row [ 'domains' ]);
}
2015-03-17 23:30:47 +01:00
if ( $row [ 'superadmin' ]) {
$db_result [ $key ][ 'domain_count' ] = Config :: lang ( 'super_admin' );
}
2011-11-28 01:36:12 +01:00
}
return $db_result ;
}
2011-11-26 01:50:44 +01:00
/**
* @ return true on success false on failure
*/
public function delete () {
2018-01-26 15:45:57 +01:00
if ( ! $this -> view ()) {
2013-11-16 20:02:44 +01:00
$this -> errormsg [] = Config :: Lang ( $this -> msg [ 'error_does_not_exist' ]);
2011-11-26 01:50:44 +01:00
return false ;
}
2013-11-10 18:26:47 +01:00
db_delete ( 'domain_admins' , $this -> id_field , $this -> id );
db_delete ( $this -> db_table , $this -> id_field , $this -> id );
2011-11-26 01:50:44 +01:00
2018-01-26 15:45:57 +01:00
db_log ( 'admin' , 'delete_admin' , $this -> id ); # TODO delete_admin is not a valid db_log keyword yet, and 'admin' is not displayed in viewlog.php
2013-11-10 18:26:47 +01:00
$this -> infomsg [] = Config :: Lang_f ( 'pDelete_delete_success' , $this -> id );
return true ;
2011-11-26 01:50:44 +01:00
}
2011-12-20 02:06:49 +01:00
2018-01-26 15:45:57 +01:00
# TODO: generate password if $new, no password specified and $CONF['generate_password'] is set
# TODO: except if $this->admin_username == setup.php --- this exception should be handled directly in setup.php ("if $values['password'] == '' error_out")
2011-12-20 02:06:49 +01:00
2011-12-19 23:50:12 +01:00
/**
* compare password / password2 field
* error message will be displayed at the password2 field
*/
2013-11-08 22:26:46 +01:00
protected function _validate_password2 ( $field , $val ) {
2012-04-09 17:41:39 +02:00
return $this -> compare_password_fields ( 'password' , 'password2' );
2011-12-19 23:50:12 +01:00
}
2011-11-26 01:50:44 +01:00
}
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */