<?php
-
-define('PERMISSION_MANAGE_USERS', 'manage_users'); /** Relating to Panel Access: Can add, delete and edit users. Big boss. */
-define('PERMISSION_BAN_USERS', 'ban_users'); /** Relating to Users tab: Can ban users connected to IRC */
-define('PERMISSION_EDIT_USER', 'edit_user'); /** Change properties of a user, i.e. vhost, modes and more */
-define('PERMISSION_EDIT_CHANNEL', 'edit_channel'); /** Change properties of a channel, i.e. topic, modes and more */
-define('PERMISSION_EDIT_CHANNEL_USER', 'edit_channel_user'); /** Change properties of a user on a channel i.e give/remove voice or ops and more */
-define('PERMISSION_SERVER_BAN_ADD', 'tkl_add'); /** Can add manual bans, including G-Lines, Z-Lines and more */
-define('PERMISSION_SERVER_BAN_DEL', 'tkl_del'); /** Can remove set bans, including G-Lines, Z-Lines and more */
-define('PERMISSION_NAME_BAN_ADD', 'nb_add'); /** Can add Name Bans (Q-Lines) */
-define('PERMISSION_NAME_BAN_DEL', 'nb_del'); /** Can delete Name Bans (Q-Lines) */
-define('PERMISSION_BAN_EXCEPTION_ADD', 'be_add'); /** Can add ban exceptions (E-Lines) */
-define('PERMISSION_BAN_EXCEPTION_DEL', 'be_del'); /** Can delete ban exceptions (E-Lines) */
-define('PERMISSION_SPAMFILTER_ADD', 'sf_add'); /** Can add spamfilter entries */
-define('PERMISSION_SPAMFILTER_DEL', 'sf_del'); /** Can delete spamfilter entries */
+/** Relating to Panel Access: Can add, delete and edit users. Big boss. */
+define('PERMISSION_MANAGE_USERS', 'manage_users');
+/** Relating to Users tab: Can ban users connected to IRC */
+define('PERMISSION_BAN_USERS', 'ban_users');
+/** Change properties of a user, i.e. vhost, modes and more */
+define('PERMISSION_EDIT_USER', 'edit_user');
+/** Change properties of a channel, i.e. topic, modes and more */
+define('PERMISSION_EDIT_CHANNEL', 'edit_channel');
+/** Change properties of a user on a channel i.e give/remove voice or ops and more */
+define('PERMISSION_EDIT_CHANNEL_USER', 'edit_channel_user');
+/** Can add manual bans, including G-Lines, Z-Lines and more */
+define('PERMISSION_SERVER_BAN_ADD', 'tkl_add');
+/** Can remove set bans, including G-Lines, Z-Lines and more */
+define('PERMISSION_SERVER_BAN_DEL', 'tkl_del');
+/** Can add Name Bans (Q-Lines) */
+define('PERMISSION_NAME_BAN_ADD', 'nb_add');
+/** Can delete Name Bans (Q-Lines) */
+define('PERMISSION_NAME_BAN_DEL', 'nb_del');
+/** Can add ban exceptions (E-Lines) */
+define('PERMISSION_BAN_EXCEPTION_ADD', 'be_add');
+/** Can delete ban exceptions (E-Lines) */
+define('PERMISSION_BAN_EXCEPTION_DEL', 'be_del');
+/** Can add spamfilter entries */
+define('PERMISSION_SPAMFILTER_ADD', 'sf_add');
+/** Can delete spamfilter entries */
+define('PERMISSION_SPAMFILTER_DEL', 'sf_del');
/**
* PanelUser
* This is the User class for the SQL_Auth plugin
public $created = NULL;
public $user_meta = [];
public $bio = NULL;
+ public $email = NULL;
/**
* Find a user in the database by name or ID
* @throws Exception
* @return bool
*/
-function create_new_user(array $user) : bool
+function create_new_user(array &$user) : bool
{
if (!isset($user['user_name']) || !isset($user['user_pass']))
throw new Exception("Attempted to add user without specifying user_name or user_pass");
- $username = $user['user_name'];
- $password = password_hash($user['user_pass'], PASSWORD_ARGON2ID);
- $first_name = (isset($user['fname'])) ? $user['fname'] : NULL;
- $last_name = (isset($user['lname'])) ? $user['lname'] : NULL;
- $user_bio = (isset($user['user_bio'])) ? $user['user_bio'] : NULL;
-
+ $user['user_name'] = htmlspecialchars($user['user_name']);
+ $user['user_pass'] = password_hash($user['user_pass'], PASSWORD_ARGON2ID);
+ $user['fname'] = (isset($user['fname'])) ? htmlspecialchars($user['fname']) : NULL;
+ $last['lname'] = (isset($user['lname'])) ? htmlspecialchars($user['lname']) : NULL;
+ $user['user_bio'] = (isset($user['user_bio'])) ? htmlspecialchars($user['user_bio']) : NULL;
+ $user['email'] = (isset($user['user_email'])) ? htmlspecialchars($user['user_email']) : NULL;
- $conn = sqlnew();
- $prep = $conn->prepare("INSERT INTO " . SQL_PREFIX . "users (user_name, user_pass, user_fname, user_lname, user_bio, created) VALUES (:name, :pass, :fname, :lname, :user_bio, :created)");
- $prep->execute(["name" => $username, "pass" => $password, "fname" => $first_name, "lname" => $last_name, "user_bio" => $user_bio, "created" => date("Y-m-d H:i:s")]);
+ if (($u = new PanelUser($user['user_name']))->id)
+ {
+ $user['err'] = "User already exists";
+ return false;
+ }
+ // internal use
+ $user['success'] = false;
+ $user['errmsg'] = [];
+
+ Hook::run(HOOKTYPE_USER_CREATE, $user);
+ if (!$user['success'])
+ return false;
return true;
}
function current_user_can($permission) : bool
{
$user = unreal_get_current_user();
- do_log($user);
+ return user_can($user, $permission);
+}
+
+/**
+ * Checks if a user can do something
+ * @param string $permission
+ * @return bool
+ */
+function user_can(PanelUser $user, $permission) : bool
+{
if (!$user)
return false;
- do_log($user);
+
if (isset($user->user_meta['permissions']))
{
$perms = unserialize($user->user_meta['permissions']);
if (in_array($permission, $perms))
- {
return true;
- }
}
return false;
}
$info[] = "Could not find user";
return 0;
}
- $query = "DELETE FROM " . SQL_PREFIX . "users WHERE user_id = :id";
- $conn = sqlnew();
- $stmt = $conn->prepare($query);
- $stmt->execute(["id" => $user->id]);
- $deleted = $stmt->rowCount();
- if ($user->id)
+ $arr = ["user" => $user, "info" => &$info, "boolint" => 0];
+ Hook::run(HOOKTYPE_USER_DELETE, $arr);
+ return $arr["boolint"];
+}
+
+function get_panel_user_permission_list()
+{
+ $list = [
+ "Can add/delete/edit Admin Panel users" => PERMISSION_MANAGE_USERS,
+ "Can ban/kill IRC users" => PERMISSION_BAN_USERS,
+ "Can change properties of a user, i.e. vhost, modes and more" => PERMISSION_EDIT_USER,
+ "Can change properties of a channel, i.e. topic, modes and more" => PERMISSION_EDIT_CHANNEL,
+ "Change properties of a user on a channel i.e give/remove voice or ops and more" => PERMISSION_EDIT_CHANNEL_USER,
+ "Can add manual bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_ADD,
+ "Can remove set bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_DEL,
+ "Can forbid usernames and channels" => PERMISSION_NAME_BAN_ADD,
+ "Can unforbid usernames and channels" => PERMISSION_NAME_BAN_DEL,
+ "Can add server ban exceptions" => PERMISSION_BAN_EXCEPTION_ADD,
+ "Can remove server ban exceptions" => PERMISSION_BAN_EXCEPTION_DEL,
+ "Can add Spamfilter entries" => PERMISSION_SPAMFILTER_ADD,
+ "Can remove Spamfilter entries" => PERMISSION_SPAMFILTER_DEL
+ ];
+ Hook::run(HOOKTYPE_USER_PERMISSION_LIST, $list); // so plugin writers can add their own permissions
+ return $list;
+}
+
+function generate_panel_user_permission_table($user)
+{
+
+ $list = get_panel_user_permission_list();
+ foreach($list as $desc => $slug)
{
- $info[] = "Successfully deleted user \"$user->username\"";
- return 1;
+ $attributes = "";
+ $attributes .= (current_user_can(PERMISSION_MANAGE_USERS)) ? "" : "disabled ";
+ ?>
+ <div class="input-group">
+ <div class="input-group-prepend">
+ <div class="input-group-text">
+ <input <?php
+ $attributes .= (user_can($user, $slug)) ? "checked" : "";
+ echo $attributes;
+ ?> name="permissions[]" value="<?php echo $slug; ?>" type="checkbox">
+ </div>
+ </div>
+ <input type="text" readonly class="form-control" value="<?php echo "$desc ($slug)"; ?>">
+ </div>
+
+ <?php
}
- $info[] = "Unknown error";
- return 0;
}
-
projects / irc / unrealircd / unrealircd-webpanel.git / blobdiff