X-Git-Url: https://jfr.im/git/irc/unrealircd/unrealircd-webpanel.git/blobdiff_plain/cc9898ccb29a733a81db70a333b02514ed7fb638..cd1dee973ad0339479a7304a632dd0abc9ef1338:/Classes/class-paneluser.php?ds=sidebyside diff --git a/Classes/class-paneluser.php b/Classes/class-paneluser.php index 8d44bbc..51d3377 100644 --- a/Classes/class-paneluser.php +++ b/Classes/class-paneluser.php @@ -25,6 +25,8 @@ define('PERMISSION_BAN_EXCEPTION_DEL', 'be_del'); define('PERMISSION_SPAMFILTER_ADD', 'sf_add'); /** Can delete spamfilter entries */ define('PERMISSION_SPAMFILTER_DEL', 'sf_del'); +/** Can rehash servers */ +define('PERMISSION_REHASH', 'rhs'); /** * PanelUser * This is the User class for the SQL_Auth plugin @@ -51,8 +53,9 @@ class PanelUser $user["name"] = $name; $user["id"] = $id; $user["object"] = NULL; - Hook::run(HOOKTYPE_USER_LOOKUP, $user); + if ($user['object'] === null) + return; /* no auth module loaded? */ foreach ($user['object'] as $key => $value) $this->$key = $value; } @@ -131,6 +134,15 @@ class PanelUser $this->user_meta['permissions'] = serialize($meta); } + /** Updates core user info. + * CAUTION: Updating a non-existent column will crash + * your shit + */ + function update_core_info($array) + { + $arr = ['info' => $array, 'user' => $this]; + Hook::run(HOOKTYPE_EDIT_USER, $arr); + } } @@ -148,7 +160,6 @@ class PanelUser_Meta $arr["id"] = $id; $arr['meta'] = &$array; Hook::run(HOOKTYPE_USERMETA_GET, $arr); - do_log($array); $this->list = $arr['meta']; } @@ -179,6 +190,7 @@ function create_new_user(array &$user) : bool $user['fname'] = (isset($user['fname'])) ? htmlspecialchars($user['fname']) : NULL; $last['lname'] = (isset($user['lname'])) ? htmlspecialchars($user['lname']) : NULL; $user['user_bio'] = (isset($user['user_bio'])) ? htmlspecialchars($user['user_bio']) : NULL; + $user['email'] = (isset($user['user_email'])) ? htmlspecialchars($user['user_email']) : NULL; if (($u = new PanelUser($user['user_name']))->id) { @@ -202,12 +214,7 @@ function create_new_user(array &$user) : bool */ function unreal_get_current_user() : PanelUser|bool { - if (!isset($_SESSION)) - { - session_set_cookie_params(3600); - session_start(); - } - if (isset($_SESSION['id'])) + if (isset($_SESSION) && isset($_SESSION['id'])) { $user = new PanelUser(NULL, $_SESSION['id']); if ($user->id) @@ -223,18 +230,29 @@ function unreal_get_current_user() : PanelUser|bool */ function current_user_can($permission) : bool { + if (!is_auth_provided()) // if there is no auth plugin, assume the user handles logins themselves + return true; $user = unreal_get_current_user(); - do_log($user); if (!$user) return false; - do_log($user); + return user_can($user, $permission); +} + +/** + * Checks if a user can do something + * @param string $permission + * @return bool + */ +function user_can(PanelUser $user, $permission) : bool +{ + if (!$user) + return false; + if (isset($user->user_meta['permissions'])) { $perms = unserialize($user->user_meta['permissions']); if (in_array($permission, $perms)) - { return true; - } } return false; } @@ -262,3 +280,112 @@ function delete_user(int $id, &$info = []) : int return $arr["boolint"]; } +function get_panel_user_permission_list() +{ + $list = [ + "Can add/delete/edit Admin Panel users" => PERMISSION_MANAGE_USERS, + "Can ban/kill IRC users" => PERMISSION_BAN_USERS, + "Can change properties of a user, i.e. vhost, modes and more" => PERMISSION_EDIT_USER, + "Can change properties of a channel, i.e. topic, modes and more" => PERMISSION_EDIT_CHANNEL, + "Can change properties of a user on a channel i.e give/remove voice or ops and more" => PERMISSION_EDIT_CHANNEL_USER, + "Can add manual bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_ADD, + "Can remove set bans, including G-Lines, Z-Lines and more" => PERMISSION_SERVER_BAN_DEL, + "Can forbid usernames and channels" => PERMISSION_NAME_BAN_ADD, + "Can unforbid usernames and channels" => PERMISSION_NAME_BAN_DEL, + "Can add server ban exceptions" => PERMISSION_BAN_EXCEPTION_ADD, + "Can remove server ban exceptions" => PERMISSION_BAN_EXCEPTION_DEL, + "Can add Spamfilter entries" => PERMISSION_SPAMFILTER_ADD, + "Can remove Spamfilter entries" => PERMISSION_SPAMFILTER_DEL + ]; + Hook::run(HOOKTYPE_USER_PERMISSION_LIST, $list); // so plugin writers can add their own permissions + return $list; +} + +function generate_panel_user_permission_table($user) +{ + + $list = get_panel_user_permission_list(); + foreach($list as $desc => $slug) + { + $attributes = ""; + $attributes .= (current_user_can(PERMISSION_MANAGE_USERS)) ? "" : "disabled "; + ?> +
+
+
+ name="permissions[]" value="" type="checkbox"> +
+
+ "> +
+ + get_panel_user_permission_list(), // SuperAdmin can do everything + "Read Only" => [], // Read Only can do nothing + ]; + + Hook::run(HOOKTYPE_USER_ROLE_LIST, $list); + return $list; +} + +function generate_role_list($list) +{ + $list2 = get_panel_user_permission_list(); + ?> +
Roles List:
+
+
+
+ + $slug) {?> +
+
+ +
+ +
+
+ $slug) + { + $attributes = ""; + $attributes .= ($role == "Super Admin" || $role == "Read Only") ? "disabled " : ""; + + ?> +
+
+
+ name="_permissions[]" value="" type="checkbox"> +
+
+ "> +
+ + +
+
+
+ + +

+
+