]> jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blob - Classes/class-paneluser.php
projects / irc / unrealircd / unrealircd-webpanel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update PanelUser and Channel details pages some more
[irc/unrealircd/unrealircd-webpanel.git] / Classes / class-paneluser.php
1 <?php
2 /** Relating to Panel Access: Can add, delete and edit users. Big boss. */
3 define('PERMISSION_MANAGE_USERS', 'manage_users');
4 /** Relating to Users tab: Can ban users connected to IRC */
5 define('PERMISSION_BAN_USERS', 'ban_users');
6 /** Change properties of a user, i.e. vhost, modes and more */
7 define('PERMISSION_EDIT_USER', 'edit_user');
8 /** Change properties of a channel, i.e. topic, modes and more */
9 define('PERMISSION_EDIT_CHANNEL', 'edit_channel');
10 /** Change properties of a user on a channel i.e give/remove voice or ops and more */
11 define('PERMISSION_EDIT_CHANNEL_USER', 'edit_channel_user');
12 /** Can add manual bans, including G-Lines, Z-Lines and more */
13 define('PERMISSION_SERVER_BAN_ADD', 'tkl_add');
14 /** Can remove set bans, including G-Lines, Z-Lines and more */
15 define('PERMISSION_SERVER_BAN_DEL', 'tkl_del');
16 /** Can add Name Bans (Q-Lines) */
17 define('PERMISSION_NAME_BAN_ADD', 'nb_add');
18 /** Can delete Name Bans (Q-Lines) */
19 define('PERMISSION_NAME_BAN_DEL', 'nb_del');
20 /** Can add ban exceptions (E-Lines) */
21 define('PERMISSION_BAN_EXCEPTION_ADD', 'be_add');
22 /** Can delete ban exceptions (E-Lines) */
23 define('PERMISSION_BAN_EXCEPTION_DEL', 'be_del');
24 /** Can add spamfilter entries */
25 define('PERMISSION_SPAMFILTER_ADD', 'sf_add');
26 /** Can delete spamfilter entries */
27 define('PERMISSION_SPAMFILTER_DEL', 'sf_del');
28 /**
29 * PanelUser
30 * This is the User class for the SQL_Auth plugin
31 */
32 class PanelUser
33 {
34 public $id = NULL;
35 public $username = NULL;
36 private $passhash = NULL;
37 public $first_name = NULL;
38 public $last_name = NULL;
39 public $created = NULL;
40 public $user_meta = [];
41 public $bio = NULL;
42 public $email = NULL;
43
44 /**
45 * Find a user in the database by name or ID
46 * @param string $name
47 * @param mixed $id
48 */
49 function __construct(string $name = NULL, int $id = NULL)
50 {
51 $user["name"] = $name;
52 $user["id"] = $id;
53 $user["object"] = NULL;
54
55 Hook::run(HOOKTYPE_USER_LOOKUP, $user);
56 foreach ($user['object'] as $key => $value)
57 $this->$key = $value;
58 }
59
60 /**
61 * Verify a user's password
62 * @param string $input
63 * @return bool
64 */
65 function password_verify(string $input) : bool
66 {
67 if (password_verify($input, $this->passhash))
68 return true;
69 return false;
70 }
71
72 /**
73 * Add user meta data
74 * @param string $key
75 * @param string $value
76 */
77 function add_meta(string $key, string $value)
78 {
79
80 if (!$key || !$value)
81 return false;
82
83 $meta = [
84 "id" => $this->id,
85 "key" => $key,
86 "value" => $value
87 ];
88
89 $array['meta'] = $meta;
90 $array['user'] = $this;
91 Hook::run(HOOKTYPE_USERMETA_ADD, $array);
92
93 }
94
95 /**
96 * Delete user meta data by key
97 * @param string $key
98 */
99 function delete_meta(string $key)
100 {
101 if (!$key )
102 return false;
103
104 $meta = [
105 "id" => $this->id,
106 "key" => $key,
107 ];
108 Hook::run(HOOKTYPE_USERMETA_DEL, $meta);
109
110 }
111
112 /** PERMISSIONS */
113
114 function add_permission($permission)
115 {
116 $meta = (isset($this->user_meta['permissions'])) ? unserialize($this->user_meta['permissions']) : [];
117 if (!in_array($permission,$meta))
118 $meta[] = $permission;
119 $this->add_meta("permissions", serialize($meta)); // updet de dettabess
120 $this->user_meta['permissions'] = serialize($meta); // put it back in our object in case it still needs to be used
121 }
122 function delete_permission($permission)
123 {
124 $meta = (isset($this->user_meta['permissions'])) ? unserialize($this->user_meta['permissions']) : [];
125 foreach($meta as $key => $value)
126 {
127 if (!strcmp($permission, $value))
128 unset($meta[$key]);
129 }
130 $this->add_meta("permissions", serialize($meta));
131 $this->user_meta['permissions'] = serialize($meta);
132 }
133
134 }
135
136
137 /**
138 * This class looks up and returns any user meta.
139 * This is used by PanelUser, so you won't need to
140 * call it separately from PanelUser.
141 */
142 class PanelUser_Meta
143 {
144 public $list = [];
145 function __construct($id)
146 {
147 $array = [];
148 $arr["id"] = $id;
149 $arr['meta'] = &$array;
150 Hook::run(HOOKTYPE_USERMETA_GET, $arr);
151 do_log($array);
152 $this->list = $arr['meta'];
153
154 }
155 }
156
157 /**
158 * Array of user
159 *
160 * Required:
161 * user_name
162 * user_pass
163 *
164 * Optional:
165 * user_fname
166 * user_lname
167 *
168 * @param array $user
169 * @throws Exception
170 * @return bool
171 */
172 function create_new_user(array &$user) : bool
173 {
174 if (!isset($user['user_name']) || !isset($user['user_pass']))
175 throw new Exception("Attempted to add user without specifying user_name or user_pass");
176
177 $user['user_name'] = htmlspecialchars($user['user_name']);
178 $user['user_pass'] = password_hash($user['user_pass'], PASSWORD_ARGON2ID);
179 $user['fname'] = (isset($user['fname'])) ? htmlspecialchars($user['fname']) : NULL;
180 $last['lname'] = (isset($user['lname'])) ? htmlspecialchars($user['lname']) : NULL;
181 $user['user_bio'] = (isset($user['user_bio'])) ? htmlspecialchars($user['user_bio']) : NULL;
182
183 if (($u = new PanelUser($user['user_name']))->id)
184 {
185 $user['err'] = "User already exists";
186 return false;
187 }
188 // internal use
189 $user['success'] = false;
190 $user['errmsg'] = [];
191
192 Hook::run(HOOKTYPE_USER_CREATE, $user);
193 if (!$user['success'])
194 return false;
195
196 return true;
197 }
198
199 /**
200 * Gets the user object for the current session
201 * @return PanelUser|bool
202 */
203 function unreal_get_current_user() : PanelUser|bool
204 {
205 if (!isset($_SESSION))
206 {
207 session_set_cookie_params(3600);
208 session_start();
209 }
210 if (isset($_SESSION['id']))
211 {
212 $user = new PanelUser(NULL, $_SESSION['id']);
213 if ($user->id)
214 return $user;
215 }
216 return false;
217 }
218
219 /**
220 * Checks if a user can do something
221 * @param string $permission
222 * @return bool
223 */
224 function current_user_can($permission) : bool
225 {
226 $user = unreal_get_current_user();
227 return user_can($user, $permission);
228 }
229
230 /**
231 * Checks if a user can do something
232 * @param string $permission
233 * @return bool
234 */
235 function user_can(PanelUser $user, $permission) : bool
236 {
237 if (!$user)
238 return false;
239
240 if (isset($user->user_meta['permissions']))
241 {
242 $perms = unserialize($user->user_meta['permissions']);
243 if (in_array($permission, $perms))
244 return true;
245 }
246 return false;
247 }
248
249 /**
250 * Delete a user and related meta
251 * @param int $id The ID of the user in the SQL database.
252 * @param array $info This will fill with a response.
253 * @return int
254 *
255 * Return values:
256 * 1 The user was successfully deleted.
257 * 0 The user was not found
258 * -1 The admin does not have permission to delete users [TODO]
259 */
260 function delete_user(int $id, &$info = []) : int
261 {
262 $user = new PanelUser(NULL, $id);
263 if (!$user->id) {
264 $info[] = "Could not find user";
265 return 0;
266 }
267 $arr = ["user" => $user, "info" => &$info, "boolint" => 0];
268 Hook::run(HOOKTYPE_USER_DELETE, $arr);
269 return $arr["boolint"];
270 }
271
272 function get_panel_user_permission_list()
273 {
274 $list = [
275 "Can add/delete/edit Admin Panel users" => PERMISSION_MANAGE_USERS,
276 "Can ban/kill IRC users" => PERMISSION_BAN_USERS,
277 "Can hange properties of a user, i.e. vhost, modes and more" => PERMISSION_EDIT_USER,
278 "Can change properties of a channel, i.e. topic, modes and more" => PERMISSION_EDIT_CHANNEL,
279 "Change properties of a user on a channel i.e give/remove voice or ops and more" => PERMISSION_EDIT_CHANNEL_USER,
280 "Can add manual bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_ADD,
281 "Can remove set bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_DEL,
282 "Can forbid usernames and channels" => PERMISSION_NAME_BAN_ADD,
283 "Can unforbid usernames and channels" => PERMISSION_NAME_BAN_DEL,
284 "Can add server ban exceptions" => PERMISSION_BAN_EXCEPTION_ADD,
285 "Can remove server ban exceptions" => PERMISSION_BAN_EXCEPTION_DEL,
286 "Can add Spamfilter entries" => PERMISSION_SPAMFILTER_ADD,
287 "Can remove Spamfilter entries" => PERMISSION_SPAMFILTER_DEL
288 ];
289 Hook::run(HOOKTYPE_USER_PERMISSION_LIST, $list); // so plugin writers can add their own permissions
290 return $list;
291 }
292
293 function generate_panel_user_permission_table($user)
294 {
295
296 $list = get_panel_user_permission_list();
297 foreach($list as $desc => $slug)
298 {
299 $attributes = "";
300 $attributes .= (current_user_can(PERMISSION_MANAGE_USERS)) ? "" : "disabled ";
301 ?>
302 <div class="input-group">
303 <div class="input-group-prepend">
304 <div class="input-group-text">
305 <input <?php
306 $attributes .= (user_can($user, $slug)) ? "checked" : "";
307 echo $attributes;
308 ?> name="permissions[]" value="<?php echo $slug; ?>" type="checkbox">
309 </div>
310 </div>
311 <input type="text" readonly class="form-control" value="<?php echo "$desc ($slug)"; ?>">
312 </div>
313
314 <?php
315 }
316 }
Unnamed repository; edit this file 'description' to name the repository.