diff --git a/cp/app/Controllers/UsersController.php b/cp/app/Controllers/UsersController.php new file mode 100644 index 0000000..eeb8f4b --- /dev/null +++ b/cp/app/Controllers/UsersController.php @@ -0,0 +1,18 @@ +container->get('db')); + $users = $userModel->getAllUsers(); + return view($response,'admin/users/index.twig', compact('users')); + } +} \ No newline at end of file diff --git a/cp/resources/views/admin/users/index.twig b/cp/resources/views/admin/users/index.twig new file mode 100644 index 0000000..79abb83 --- /dev/null +++ b/cp/resources/views/admin/users/index.twig @@ -0,0 +1,77 @@ +{% extends "layouts/app.twig" %} + +{% block title %}{{ __('Users') }}{% endblock %} + +{% block content %} +
+ +
+
+
+
+ +
+ {{ __('Overview') }} +
+

+ {{ __('Users') }} +

+
+ +
+
+ + + Create User + + + + +
+
+
+
+
+ +
+
+
+
+
+
+
+ + + + +
+
+ Search: +
+ +
+
+
+
+
+
+
+
+
+
+
+
+ + +{% endblock %} \ No newline at end of file diff --git a/cp/resources/views/layouts/app.twig b/cp/resources/views/layouts/app.twig index bee06d4..3b9390b 100644 --- a/cp/resources/views/layouts/app.twig +++ b/cp/resources/views/layouts/app.twig @@ -6,7 +6,7 @@ {% block title %}{% endblock %} | Namingo - {% if route_is('domains') or route_is('contacts') or route_is('hosts') or route_is('epphistory') or route_is('registrars') or route_is('transactions') or route_is('overview') or route_is('reports') or route_is('transfers') %} + {% if route_is('domains') or route_is('contacts') or route_is('hosts') or route_is('epphistory') or route_is('registrars') or route_is('transactions') or route_is('overview') or route_is('reports') or route_is('transfers') or route_is('users') %} {% include 'partials/css-tables.twig' %} {% else %} {% include 'partials/css.twig' %} @@ -232,7 +232,7 @@ -
  • +
  • - + {{ __('List Users') }} @@ -495,6 +495,8 @@ {% include 'partials/js-reports.twig' %} {% elseif route_is('transfers') %} {% include 'partials/js-transfers.twig' %} +{% elseif route_is('users') %} + {% include 'partials/js-users.twig' %} {% else %} {% include 'partials/js.twig' %} {% endif %} diff --git a/cp/resources/views/partials/js-users.twig b/cp/resources/views/partials/js-users.twig new file mode 100644 index 0000000..26d982b --- /dev/null +++ b/cp/resources/views/partials/js-users.twig @@ -0,0 +1,107 @@ + + + + + + \ No newline at end of file diff --git a/cp/routes/web.php b/cp/routes/web.php index ce3b6ff..c02433c 100644 --- a/cp/routes/web.php +++ b/cp/routes/web.php @@ -7,6 +7,7 @@ use App\Controllers\ContactsController; use App\Controllers\HostsController; use App\Controllers\LogsController; use App\Controllers\RegistrarsController; +use App\Controllers\UsersController; use App\Controllers\FinancialsController; use App\Controllers\ReportsController; use App\Controllers\ProfileController; @@ -53,6 +54,9 @@ $app->group('', function ($route) { $route->map(['GET', 'POST'], '/host/create', HostsController::class . ':create')->setName('hostcreate'); $route->get('/registrars', RegistrarsController::class .':view')->setName('registrars'); + + $route->get('/users', UsersController::class .':view')->setName('users'); + $route->get('/epphistory', LogsController::class .':view')->setName('epphistory'); $route->get('/reports', ReportsController::class .':view')->setName('reports'); @@ -91,9 +95,9 @@ $app->any('/api[/{params:.*}]', function ( 'password' => $db['mysql']['password'], 'database' => $db['mysql']['database'], 'basePath' => '/api', - 'middlewares' => 'authorization,sanitation', + 'middlewares' => 'authorization,sanitation,multiTenancy', 'authorization.tableHandler' => function ($operation, $tableName) { - $restrictedTables = ['users', 'contact_authInfo', 'contact_postalInfo', 'domain_authInfo', 'secdns']; + $restrictedTables = ['contact_authInfo', 'contact_postalInfo', 'domain_authInfo', 'secdns']; return !in_array($tableName, $restrictedTables); }, 'authorization.columnHandler' => function ($operation, $tableName, $columnName) { @@ -102,6 +106,28 @@ $app->any('/api[/{params:.*}]', function ( 'sanitation.handler' => function ($operation, $tableName, $column, $value) { return is_string($value) ? strip_tags($value) : $value; }, + 'multiTenancy.handler' => function ($operation, $tableName) { + if (isset($_SESSION['auth_roles']) && $_SESSION['auth_roles'] === 0) { + return []; + } + $userId = $_SESSION['auth_user_id']; + $columnMap = [ + 'contact' => 'clid', + 'domain' => 'clid', + 'host' => 'clid', + 'poll' => 'registrar_id', + 'registrar' => 'id', + 'payment_history' => 'registrar_id', + 'statement' => 'registrar_id', + 'support_tickets' => 'user_id', + ]; + + if (array_key_exists($tableName, $columnMap)) { + return [$columnMap[$tableName] => $userId]; + } + + return ['1' => '0']; + }, ]); $api = new Api($config); $response = $api->handle($request);