bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2025-06-12 23:27:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

updated the group handling + revised admin permissions

Browse Source
This commit is contained in:
SJ
2012-06-25 22:14:30 +02:00
parent 9900f0aed2
commit 095f22c7b2
25 changed files with 323 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
webui/model/group/group.php
View File

@ -140,6 +140,41 @@ class ModelGroupGroup extends Model {
}
public function get_emails_by_string($s = '') {
if(strlen($s) < 2) { return array(); }
$query = $this->db->query("SELECT email FROM `" . TABLE_EMAIL . "` WHERE email LIKE ? ORDER BY email ASC", array($s . "%") );
if(isset($query->rows)) { return $query->rows; }
return array();
}
public function get_groups_by_string($s = '') {
if(strlen($s) < 2) { return array(); }
$query = $this->db->query("SELECT groupname FROM `" . TABLE_GROUP . "` WHERE groupname LIKE ? ORDER BY groupname ASC", array($s . "%") );
if(isset($query->rows)) { return $query->rows; }
return array();
}
public function get_groups_by_uid($uid = 0) {
$groups = '';
$query = $this->db->query("SELECT `" . TABLE_GROUP_USER . "`.id, groupname FROM `" . TABLE_GROUP_USER . "`, `" . TABLE_GROUP . "` WHERE `" . TABLE_GROUP_USER . "`.id=`" . TABLE_GROUP . "`.id AND uid=?", array($uid) );
if(isset($query->rows)) {
foreach ($query->rows as $q) { $groups .= "\n" . $q['groupname']; }
}
return preg_replace("/^\n/", "", $groups);
}
}
?>

7
webui/model/search/message.php
View File

@ -57,8 +57,6 @@ class ModelSearchMessage extends Model {
public function get_message_headers($id = '') {
$data = '';
//$f = $this->get_store_path($id);
//$msg = $this->decrypt_and_uncompress_file($f.".m");
$msg = $this->get_raw_message($id);
$pos = strpos($msg, "\n\r\n");
@ -95,8 +93,6 @@ class ModelSearchMessage extends Model {
$msg = $this->get_raw_message($id);
//print "a: $msg\n";
$a = explode("\n", $msg); $msg = "";
while(list($k, $l) = each($a)){
@ -166,7 +162,7 @@ class ModelSearchMessage extends Model {
if($this->check_boundary($boundary, $l) == 1){
if($text_plain == 1 || $has_text_plain == 0) {
$message .= $this->flush_body_chunk($body_chunk, $charset, $qp, $base64, $text_plain, $text_html);
$message .= $this->flush_body_chunk($body_chunk, $charset, $qp, $base64, $text_plain, $text_html);
}
$text_plain = $text_html = $qp = $base64 = 0;
@ -235,7 +231,6 @@ class ModelSearchMessage extends Model {
$chunk = preg_replace("/</", "&lt;", $chunk);
$chunk = preg_replace("/>/", "&gt;", $chunk);
//$chunk = "<pre>\n" . $this->print_nicely($chunk) . "</pre>\n";
$chunk = preg_replace("/\n/", "<br />\n", $chunk);
$chunk = "\n" . $this->print_nicely($chunk);
}

10
webui/model/search/search.php
View File

@ -104,7 +104,7 @@ class ModelSearchSearch extends Model {
$data['subject'] = $this->fixup_sphinx_operators($data['subject']);
if(Registry::get('admin_user') == 1 || Registry::get('auditor_user') == 1) {
if(Registry::get('auditor_user') == 1) {
if($data['f_from']) { $f1 .= "|" . $data['f_from']; $n_fc++; }
if($data['o_from']) { $f1 .= "|" . $data['o_from']; $n_fc++; }
if($data['from_domain']) { $fd .= "(@fromdomain " . substr($data['from_domain'], 1, strlen($data['from_domain'])) . ")"; $n_fc++; }
@ -174,7 +174,7 @@ class ModelSearchSearch extends Model {
private function assemble_simple_query_conditions($data = array(), $sort = 'sent', $order = 'DESC', $sortorder = '', $cache_key = '') {
$email = $match = "";
if(Registry::get('admin_user') == 0 && Registry::get('auditor_user') == 0) {
if(Registry::get('auditor_user') == 0) {
$all_your_addresses = $this->get_all_your_address();
@ -404,7 +404,7 @@ class ModelSearchSearch extends Model {
public function get_message_recipients($id = '') {
$rcpt = array();
if(Registry::get('admin_user') == 0 && Registry::get('auditor_user') == 0) { return $rcpt; }
if(Registry::get('auditor_user') == 0) { return $rcpt; }
$query = $this->db->query("SELECT `to` FROM " . VIEW_MESSAGES . " WHERE piler_id=?", array($id));
@ -434,7 +434,7 @@ class ModelSearchSearch extends Model {
if($id == '') { return 0; }
if(Registry::get('admin_user') == 1 || Registry::get('auditor_user') == 1) { return 1; }
if(Registry::get('auditor_user') == 1) { return 1; }
array_push($arr, $id);
@ -463,7 +463,7 @@ class ModelSearchSearch extends Model {
if(count($id) < 1) { return array(); }
if(Registry::get('admin_user') == 1 || Registry::get('auditor_user') == 1) { return $id; }
if(Registry::get('auditor_user') == 1) { return $id; }
$arr = $id;

3
webui/model/user/auth.php
View File

@ -4,7 +4,7 @@ class ModelUserAuth extends Model {
public function checkLogin($username = '', $password = '') {
$query = $this->db->query("SELECT " . TABLE_USER . ".username, " . TABLE_USER . ".uid, " . TABLE_USER . ".gid, " . TABLE_USER . ".realname, " . TABLE_USER . ".dn, " . TABLE_USER . ".password, " . TABLE_USER . ".isadmin, " . TABLE_USER . ".domain FROM " . TABLE_USER . ", " . TABLE_EMAIL . " WHERE " . TABLE_EMAIL . ".email=? AND " . TABLE_EMAIL . ".uid=" . TABLE_USER . ".uid", array($username));
$query = $this->db->query("SELECT " . TABLE_USER . ".username, " . TABLE_USER . ".uid, " . TABLE_USER . ".realname, " . TABLE_USER . ".dn, " . TABLE_USER . ".password, " . TABLE_USER . ".isadmin, " . TABLE_USER . ".domain FROM " . TABLE_USER . ", " . TABLE_EMAIL . " WHERE " . TABLE_EMAIL . ".email=? AND " . TABLE_EMAIL . ".uid=" . TABLE_USER . ".uid", array($username));
if(!isset($query->row['password'])) { return 0; }
@ -14,7 +14,6 @@ class ModelUserAuth extends Model {
$_SESSION['username'] = $query->row['username'];
$_SESSION['uid'] = $query->row['uid'];
$_SESSION['gid'] = $query->row['gid'];
$_SESSION['admin_user'] = $query->row['isadmin'];
$_SESSION['email'] = $username;
$_SESSION['domain'] = $query->row['domain'];

39
webui/model/user/user.php
View File

@ -68,7 +68,8 @@ class ModelUserUser extends Model {
}
$query = $this->db->query("SELECT email FROM `" . TABLE_GROUP_EMAIL . "` WHERE id=?", array($gid));
$query = $this->db->query("SELECT `" . TABLE_GROUP_EMAIL . "`.email FROM `" . TABLE_GROUP_EMAIL . "`, `" . TABLE_GROUP_USER . "` WHERE `" . TABLE_GROUP_EMAIL . "`.id=`" . TABLE_GROUP_USER . "`.id and `" . TABLE_GROUP_USER . "`.uid=?", array($uid) );
if(isset($query->rows)) {
foreach ($query->rows as $q) {
@ -181,14 +182,13 @@ class ModelUserUser extends Model {
if($page_len > 0) { $limit = " LIMIT " . (int)$from . ", " . (int)$page_len; }
$query = $this->db->query("SELECT " . TABLE_USER . ".uid, gid, isadmin, username, realname, domain, email FROM " . TABLE_USER . "," . TABLE_EMAIL . " $where_cond group by " . TABLE_USER . ".uid $_order $limit");
$query = $this->db->query("SELECT " . TABLE_USER . ".uid, isadmin, username, realname, domain, email FROM " . TABLE_USER . "," . TABLE_EMAIL . " $where_cond group by " . TABLE_USER . ".uid $_order $limit");
foreach ($query->rows as $q) {
if(Registry::get('admin_user') == 1 || (isset($q['domain']) && $q['domain'] == $my_domain[0]) ) {
$users[] = array(
'uid' => $q['uid'],
'gid' => $q['gid'],
'username' => $q['username'],
'realname' => $q['realname'],
'domain' => isset($q['domain']) ? $q['domain'] : "",
@ -286,7 +286,7 @@ class ModelUserUser extends Model {
$encrypted_password = crypt($user['password']);
$query = $this->db->query("INSERT INTO " . TABLE_USER . " (uid, gid, username, realname, password, domain, dn, isadmin) VALUES(?,?,?,?,?,?,?,?)", array((int)$user['uid'], (int)$user['gid'], $user['username'], $user['realname'], $encrypted_password, $user['domain'], @$user['dn'], (int)$user['isadmin']));
$query = $this->db->query("INSERT INTO " . TABLE_USER . " (uid, username, realname, password, domain, dn, isadmin) VALUES(?,?,?,?,?,?,?)", array((int)$user['uid'], $user['username'], $user['realname'], $encrypted_password, $user['domain'], @$user['dn'], (int)$user['isadmin']));
if($query->error == 1 || $this->db->countAffected() == 0){ return $user['username']; }
@ -297,6 +297,7 @@ class ModelUserUser extends Model {
if($ret == 0) { return -2; }
}
$this->update_group_settings((int)$user['uid'], $user['group']);
return 1;
}
@ -350,7 +351,7 @@ class ModelUserUser extends Model {
if($this->db->countAffected() != 1) { return 0; }
}
$query = $this->db->query("UPDATE " . TABLE_USER . " SET username=?, realname=?, domain=?, gid=?, dn=?, isadmin=? WHERE uid=?", array($user['username'], $user['realname'], $user['domain'], $user['gid'], @$user['dn'], $user['isadmin'], (int)$user['uid']));
$query = $this->db->query("UPDATE " . TABLE_USER . " SET username=?, realname=?, domain=?, dn=?, isadmin=? WHERE uid=?", array($user['username'], $user['realname'], $user['domain'], @$user['dn'], $user['isadmin'], (int)$user['uid']));
/* first, remove all his email addresses */
@ -372,6 +373,34 @@ class ModelUserUser extends Model {
}
$this->update_group_settings((int)$user['uid'], $user['group']);
return 1;
}
private function update_group_settings($uid = -1, $group = '') {
if($uid <= 0 || $group == '') { return 0; }
$query = $this->db->query("DELETE FROM `" . TABLE_GROUP_USER . "` WHERE uid=?", array($uid));
$query = $this->db->query("SELECT id, groupname FROM `" . TABLE_GROUP . "`");
$groups = array();
foreach ($query->rows as $q) {
$groups[$q['groupname']] = $q['id'];
}
$group = explode("\n", $group);
foreach($group as $g) {
$g = rtrim($g);
$query = $this->db->query("INSERT INTO `" . TABLE_GROUP_USER . "` (id, uid) VALUES(?,?)", array($groups[$g], (int)$uid));
}
return 1;
}