2 /** Relating to Panel Access: Can add, delete and edit users. Big boss. */
3 define('PERMISSION_MANAGE_USERS', 'manage_users');
4 /** Relating to Users tab: Can ban users connected to IRC */
5 define('PERMISSION_BAN_USERS', 'ban_users');
6 /** Change properties of a user, i.e. vhost, modes and more */
7 define('PERMISSION_EDIT_USER', 'edit_user');
8 /** Change properties of a channel, i.e. topic, modes and more */
9 define('PERMISSION_EDIT_CHANNEL', 'edit_channel');
10 /** Change properties of a user on a channel i.e give/remove voice or ops and more */
11 define('PERMISSION_EDIT_CHANNEL_USER', 'edit_channel_user');
12 /** Can add manual bans, including G-Lines, Z-Lines and more */
13 define('PERMISSION_SERVER_BAN_ADD', 'tkl_add');
14 /** Can remove set bans, including G-Lines, Z-Lines and more */
15 define('PERMISSION_SERVER_BAN_DEL', 'tkl_del');
16 /** Can add Name Bans (Q-Lines) */
17 define('PERMISSION_NAME_BAN_ADD', 'nb_add');
18 /** Can delete Name Bans (Q-Lines) */
19 define('PERMISSION_NAME_BAN_DEL', 'nb_del');
20 /** Can add ban exceptions (E-Lines) */
21 define('PERMISSION_BAN_EXCEPTION_ADD', 'be_add');
22 /** Can delete ban exceptions (E-Lines) */
23 define('PERMISSION_BAN_EXCEPTION_DEL', 'be_del');
24 /** Can add spamfilter entries */
25 define('PERMISSION_SPAMFILTER_ADD', 'sf_add');
26 /** Can delete spamfilter entries */
27 define('PERMISSION_SPAMFILTER_DEL', 'sf_del');
30 * This is the User class for the SQL_Auth plugin
35 public $username = NULL;
36 private $passhash = NULL;
37 public $first_name = NULL;
38 public $last_name = NULL;
39 public $created = NULL;
40 public $user_meta = [];
45 * Find a user in the database by name or ID
49 function __construct(string $name = NULL, int $id = NULL)
51 $user["name"] = $name;
53 $user["object"] = NULL;
55 Hook
::run(HOOKTYPE_USER_LOOKUP
, $user);
56 foreach ($user['object'] as $key => $value)
61 * Verify a user's password
62 * @param string $input
65 function password_verify(string $input) : bool
67 if (password_verify($input, $this->passhash
))
75 * @param string $value
77 function add_meta(string $key, string $value)
89 $array['meta'] = $meta;
90 $array['user'] = $this;
91 Hook
::run(HOOKTYPE_USERMETA_ADD
, $array);
96 * Delete user meta data by key
99 function delete_meta(string $key)
108 Hook
::run(HOOKTYPE_USERMETA_DEL
, $meta);
114 function add_permission($permission)
116 $meta = (isset($this->user_meta
['permissions'])) ? unserialize($this->user_meta
['permissions']) : [];
117 if (!in_array($permission,$meta))
118 $meta[] = $permission;
119 $this->add_meta("permissions", serialize($meta)); // updet de dettabess
120 $this->user_meta
['permissions'] = serialize($meta); // put it back in our object in case it still needs to be used
122 function delete_permission($permission)
124 $meta = (isset($this->user_meta
['permissions'])) ? unserialize($this->user_meta
['permissions']) : [];
125 foreach($meta as $key => $value)
127 if (!strcmp($permission, $value))
130 $this->add_meta("permissions", serialize($meta));
131 $this->user_meta
['permissions'] = serialize($meta);
138 * This class looks up and returns any user meta.
139 * This is used by PanelUser, so you won't need to
140 * call it separately from PanelUser.
145 function __construct($id)
149 $arr['meta'] = &$array;
150 Hook
::run(HOOKTYPE_USERMETA_GET
, $arr);
152 $this->list = $arr['meta'];
172 function create_new_user(array &$user) : bool
174 if (!isset($user['user_name']) || !isset($user['user_pass']))
175 throw new Exception("Attempted to add user without specifying user_name or user_pass");
177 $user['user_name'] = htmlspecialchars($user['user_name']);
178 $user['user_pass'] = password_hash($user['user_pass'], PASSWORD_ARGON2ID
);
179 $user['fname'] = (isset($user['fname'])) ? htmlspecialchars($user['fname']) : NULL;
180 $last['lname'] = (isset($user['lname'])) ? htmlspecialchars($user['lname']) : NULL;
181 $user['user_bio'] = (isset($user['user_bio'])) ? htmlspecialchars($user['user_bio']) : NULL;
183 if (($u = new PanelUser($user['user_name']))->id
)
185 $user['err'] = "User already exists";
189 $user['success'] = false;
190 $user['errmsg'] = [];
192 Hook
::run(HOOKTYPE_USER_CREATE
, $user);
193 if (!$user['success'])
200 * Gets the user object for the current session
201 * @return PanelUser|bool
203 function unreal_get_current_user() : PanelUser
|bool
205 if (!isset($_SESSION))
207 session_set_cookie_params(3600);
210 if (isset($_SESSION['id']))
212 $user = new PanelUser(NULL, $_SESSION['id']);
220 * Checks if a user can do something
221 * @param string $permission
224 function current_user_can($permission) : bool
226 $user = unreal_get_current_user();
227 return user_can($user, $permission);
231 * Checks if a user can do something
232 * @param string $permission
235 function user_can(PanelUser
$user, $permission) : bool
240 if (isset($user->user_meta
['permissions']))
242 $perms = unserialize($user->user_meta
['permissions']);
243 if (in_array($permission, $perms))
250 * Delete a user and related meta
251 * @param int $id The ID of the user in the SQL database.
252 * @param array $info This will fill with a response.
256 * 1 The user was successfully deleted.
257 * 0 The user was not found
258 * -1 The admin does not have permission to delete users [TODO]
260 function delete_user(int $id, &$info = []) : int
262 $user = new PanelUser(NULL, $id);
264 $info[] = "Could not find user";
267 $arr = ["user" => $user, "info" => &$info, "boolint" => 0];
268 Hook
::run(HOOKTYPE_USER_DELETE
, $arr);
269 return $arr["boolint"];
272 function get_panel_user_permission_list()
275 "Can add/delete/edit Admin Panel users" => PERMISSION_MANAGE_USERS
,
276 "Can ban/kill IRC users" => PERMISSION_BAN_USERS
,
277 "Can hange properties of a user, i.e. vhost, modes and more" => PERMISSION_EDIT_USER
,
278 "Can change properties of a channel, i.e. topic, modes and more" => PERMISSION_EDIT_CHANNEL
,
279 "Change properties of a user on a channel i.e give/remove voice or ops and more" => PERMISSION_EDIT_CHANNEL_USER
,
280 "Can add manual bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_ADD
,
281 "Can remove set bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_DEL
,
282 "Can forbid usernames and channels" => PERMISSION_NAME_BAN_ADD
,
283 "Can unforbid usernames and channels" => PERMISSION_NAME_BAN_DEL
,
284 "Can add server ban exceptions" => PERMISSION_BAN_EXCEPTION_ADD
,
285 "Can remove server ban exceptions" => PERMISSION_BAN_EXCEPTION_DEL
,
286 "Can add Spamfilter entries" => PERMISSION_SPAMFILTER_ADD
,
287 "Can remove Spamfilter entries" => PERMISSION_SPAMFILTER_DEL
289 Hook
::run(HOOKTYPE_USER_PERMISSION_LIST
, $list); // so plugin writers can add their own permissions
293 function generate_panel_user_permission_table($user)
296 $list = get_panel_user_permission_list();
297 foreach($list as $desc => $slug)
300 $attributes .= (current_user_can(PERMISSION_MANAGE_USERS
)) ? "" : "disabled ";
302 <div
class="input-group">
303 <div
class="input-group-prepend">
304 <div
class="input-group-text">
306 $attributes .= (user_can($user, $slug)) ? "checked" : "";
308 ?> name
="permissions[]" value
="<?php echo $slug; ?>" type
="checkbox">
311 <input type
="text" readonly
class="form-control" value
="<?php echo "$desc ($slug)"; ?>">