zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-04 10:03:19 +02:00
Code Issues Projects Releases Packages Wiki Activity

Added ability to update user accounts

Browse source
This commit is contained in:
Pinga 2025-02-04 10:12:28 +02:00
parent 8e943ce1c8
commit 33068b1356
5 changed files with 294 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

155
cp/app/Controllers/UsersController.php
View file

@ -172,4 +172,159 @@ class UsersController extends Controller
'registrar' => $registrar, 'registrar' => $registrar,
]); ]);
} }
public function updateUser(Request $request, Response $response, $args)
{
$db = $this->container->get('db');
// Get the current URI
$uri = $request->getUri()->getPath();
$registrars = $db->select("SELECT id, clid, name FROM registrar");
if ($args) {
$args = trim($args);
if (!preg_match('/^[a-z0-9_-]+$/', $args)) {
$this->container->get('flash')->addMessage('error', 'Invalid user name');
return $response->withHeader('Location', '/users')->withStatus(302);
}
$user = $db->selectRow('SELECT id,email,username,status,verified,roles_mask,registered,last_login FROM users WHERE username = ?',
[ $args ]);
$user_asso = $db->selectValue('SELECT registrar_id FROM registrar_users WHERE user_id = ?',
[ $user['id'] ]);
$registrar_name = $db->selectValue('SELECT name FROM registrar WHERE id = ?',
[ $user_asso ]);
if ($user) {
// Check if the user is not an admin (assuming role 0 is admin)
if ($_SESSION["auth_roles"] != 0) {
return $response->withHeader('Location', '/dashboard')->withStatus(302);
}
$_SESSION['user_to_update'] = [$args];
return view($response,'admin/users/updateUser.twig', [
'user' => $user,
'currentUri' => $uri,
'registrars' => $registrars,
'user_asso' => $user_asso,
'registrar_name' => $registrar_name
]);
} else {
// User does not exist, redirect to the users view
return $response->withHeader('Location', '/users')->withStatus(302);
}
} else {
// Redirect to the users view
return $response->withHeader('Location', '/users')->withStatus(302);
}
}
public function updateUserProcess(Request $request, Response $response)
{
if ($_SESSION["auth_roles"] != 0) {
return $response->withHeader('Location', '/dashboard')->withStatus(302);
}
if ($request->getMethod() === 'POST') {
// Retrieve POST data
$data = $request->getParsedBody();
$db = $this->container->get('db');
$email = $data['email'] ?? null;
$old_username = $_SESSION['user_to_update'][0];
$username = $data['username'] ?? null;
$password = $data['password'] ?? null;
$password_confirmation = $data['password_confirmation'] ?? null;
$status = $data['status'] ?? null;
$verified = $data['verified'] ?? null;
// Define validation rules
$validators = [
'email' => v::email()->notEmpty()->setName('Email'),
'username' => v::regex('/^[a-zA-Z0-9_-]+$/')->length(3, 20)->setName('Username'),
'status' => v::in(['0', '1'])->setName('Status'),
'verified' => v::in(['0', '1'])->setName('Verified'), // Ensure verified is checked as 0 or 1
];
// Add password validation only if provided
if (!empty($password)) {
$validators['password'] = v::stringType()->notEmpty()->length(6, 255)->setName('Password');
// Add password confirmation check only if both fields are provided
if (!empty($password_confirmation)) {
$validators['password_confirmation'] = v::equals($password)->setName('Password Confirmation');
}
}
// Validate data
$errors = [];
foreach ($validators as $field => $validator) {
try {
$validator->assert($data[$field] ?? null);
} catch (\Respect\Validation\Exceptions\ValidationException $exception) {
$errors[$field] = $exception->getMessages(); // Collect all error messages
}
}
// If errors exist, return with errors
if (!empty($errors)) {
// Flatten the errors array into a string
$errorMessages = [];
foreach ($errors as $field => $fieldErrors) {
$fieldMessages = implode(', ', $fieldErrors); // Concatenate messages for the field
$errorMessages[] = ucfirst($field) . ': ' . $fieldMessages; // Prefix with field name
}
$errorString = implode('; ', $errorMessages); // Join all fields' errors
// Add the flattened error string as a flash message
$this->container->get('flash')->addMessage('error', 'Error: ' . $errorString);
return $response->withHeader('Location', '/user/update/'.$old_username)->withStatus(302);
}
if (empty($email)) {
$this->container->get('flash')->addMessage('error', 'No email specified for update');
return $response->withHeader('Location', '/user/update/'.$old_username)->withStatus(302);
}
$db->beginTransaction();
try {
$currentDateTime = new \DateTime();
$update = $currentDateTime->format('Y-m-d H:i:s.v');
// Prepare the data to update
$updateData = [
'email' => $email,
'username' => $username,
'verified' => $verified,
'status' => $status,
];
if (!empty($password)) {
$password_hashed = password_hash($password, PASSWORD_ARGON2ID, ['memory_cost' => 1024 * 128, 'time_cost' => 6, 'threads' => 4]);
$updateData['password'] = $password_hashed;
}
$db->update(
'users',
$updateData,
[
'username' => $old_username
]
);
$db->commit();
} catch (Exception $e) {
$db->rollBack();
$this->container->get('flash')->addMessage('error', 'Database failure during update: ' . $e->getMessage());
return $response->withHeader('Location', '/user/update/'.$old_username)->withStatus(302);
}
unset($_SESSION['user_to_update']);
$this->container->get('flash')->addMessage('success', 'User ' . $username . ' has been updated successfully on ' . $update);
return $response->withHeader('Location', '/user/update/'.$username)->withStatus(302);
}
}
} }

126
cp/resources/views/admin/users/updateUser.twig Normal file
View file

@ -0,0 +1,126 @@
{% extends "layouts/app.twig" %}
{% block title %}{{ __('Update User') }}{% endblock %}
{% block content %}
<div class="page-wrapper">
<!-- Page header -->
<div class="page-header d-print-none">
<div class="container-xl">
<div class="row g-2 align-items-center">
<div class="col">
<!-- Page pre-title -->
<div class="page-pretitle">
{{ __('Overview') }}
</div>
<h2 class="page-title">
{{ __('Update User') }}
</h2>
</div>
</div>
</div>
</div>
<!-- Page body -->
<div class="page-body">
<div class="container-xl">
<div class="col-12">
{% include 'partials/flash.twig' %}
<form method="post" action="/user/update" id="update-user-form">
{{ csrf.field | raw }}
<div class="card">
<div class="card-body">
<div class="row">
<!-- Email -->
<div class="col-md-6">
<div class="mb-3">
<label class="form-label required">{{ __('Email') }}</label>
<input type="email" class="form-control" name="email" value="{{ user.email }}" placeholder="{{ __('Enter email') }}" required>
</div>
</div>
<!-- Username -->
<div class="col-md-6">
<div class="mb-3">
<label class="form-label required">{{ __('Username') }}</label>
<input type="text" class="form-control" name="username" value="{{ user.username }}" placeholder="{{ __('Enter username') }}" required>
</div>
</div>
</div>
<div class="row">
<!-- Password -->
<div class="col-md-6">
<div class="mb-3">
<label class="form-label">{{ __('Password') }}</label>
<input type="password" class="form-control" name="password" placeholder="{{ __('Enter password') }}">
</div>
</div>
<!-- Confirm Password -->
<div class="col-md-6">
<div class="mb-3">
<label class="form-label">{{ __('Confirm Password') }}</label>
<input type="password" class="form-control" name="password_confirmation" placeholder="{{ __('Confirm password') }}">
</div>
</div>
</div>
<div class="row">
<!-- Status -->
<div class="col-md-6">
<div class="mb-3">
<label class="form-label required">{{ __('Status') }}</label>
<select class="form-select" name="status" required>
<option value="0" {{ user.status == 0 ? 'selected' : '' }}>{{ __('Active') }}</option>
<option value="1" {{ user.status == 1 ? 'selected' : '' }}>{{ __('Inactive') }}</option>
</select>
</div>
</div>
<!-- Verified -->
<div class="col-md-6">
<div class="mb-3">
<label class="form-label required">{{ __('Verified') }}</label>
<select class="form-select" name="verified" required>
<option value="1" {{ user.verified == 1 ? 'selected' : '' }}>{{ __('Yes') }}</option>
<option value="0" {{ user.verified == 0 ? 'selected' : '' }}>{{ __('No') }}</option>
</select>
</div>
</div>
</div>
<!-- Role -->
<div class="row">
<div class="col-md-12">
<div class="mb-3">
<label class="form-label">{{ __('Role') }}</label>
<div class="form-control-plaintext">
{% if user.roles_mask == 0 %}
{{ __('Admin') }}
{% elseif user.roles_mask == 4 %}
{{ __('Registrar') }}
{% if user_asso is defined and user_asso is not null %}
- {{ __('Associated with Registrar') }} {{ registrar_name }}
{% endif %}
{% else %}
{{ __('Unknown Role') }}
{% endif %}
</div>
</div>
</div>
</div>
</div>
<div class="card-footer text-end">
<div class="d-flex">
<button type="submit" class="btn btn-primary">{{ __('Update User') }}</button>
</div>
</div>
</div>
</form>
</div>
</div>
</div>
{% include 'partials/footer.twig' %}
</div>
{% endblock %}

2
cp/resources/views/layouts/app.twig
View file

@ -147,7 +147,7 @@
</a> </a>
</div> </div>
</li> </li>
{% if roles == 0 %}<li {{ is_current_url('registrars') or is_current_url('listUsers') or is_current_url('transferRegistrar') or is_current_url('createUser') or is_current_url('registrarcreate') or 'registrar/' in currentUri ? 'class="nav-item dropdown active"' : 'class="nav-item dropdown"' }}> {% if roles == 0 %}<li {{ is_current_url('registrars') or is_current_url('listUsers') or is_current_url('transferRegistrar') or is_current_url('createUser') or is_current_url('registrarcreate') or 'user/update/' in currentUri or 'registrar/' in currentUri ? 'class="nav-item dropdown active"' : 'class="nav-item dropdown"' }}>
<a class="nav-link dropdown-toggle" href="#" data-bs-toggle="dropdown" data-bs-auto-close="outside" role="button" aria-expanded="false"> <a class="nav-link dropdown-toggle" href="#" data-bs-toggle="dropdown" data-bs-auto-close="outside" role="button" aria-expanded="false">
<span class="nav-link-icon d-md-none d-lg-inline-block"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M12 13a3 3 0 1 0 0 -6a3 3 0 0 0 0 6z"></path><path d="M12 3c7.2 0 9 1.8 9 9s-1.8 9 -9 9s-9 -1.8 -9 -9s1.8 -9 9 -9z"></path><path d="M6 20.05v-.05a4 4 0 0 1 4 -4h4a4 4 0 0 1 4 4v.05"></path></svg> <span class="nav-link-icon d-md-none d-lg-inline-block"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M12 13a3 3 0 1 0 0 -6a3 3 0 0 0 0 6z"></path><path d="M12 3c7.2 0 9 1.8 9 9s-1.8 9 -9 9s-9 -1.8 -9 -9s1.8 -9 9 -9z"></path><path d="M6 20.05v-.05a4 4 0 0 1 4 -4h4a4 4 0 0 1 4 4v.05"></path></svg>
</span> </span>

13
cp/resources/views/partials/js-users.twig
View file

@ -11,7 +11,13 @@
var value = cell.getValue(); var value = cell.getValue();
return `<span style="font-weight:bold;">${value}</a>`; return `<span style="font-weight:bold;">${value}</a>`;
} }
function actionsFormatter(cell, formatterParams, onRendered) {
return `
<a class="btn btn-outline-primary btn-icon update-btn" href="/user/update/${cell.getRow().getData().username}" title="{{ __('Manage User') }}"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M7 7h-1a2 2 0 0 0 -2 2v9a2 2 0 0 0 2 2h9a2 2 0 0 0 2 -2v-1"></path><path d="M20.385 6.585a2.1 2.1 0 0 0 -2.97 -2.97l-8.415 8.385v3h3l8.385 -8.415z"></path><path d="M16 5l3 3"></path></svg></a>
`;
}
function statusFormatter(cell) { function statusFormatter(cell) {
var statusArray = cell.getValue(); var statusArray = cell.getValue();
if (statusArray && Array.isArray(statusArray)) { if (statusArray && Array.isArray(statusArray)) {
@ -116,8 +122,9 @@
{title:"{{ __('Name') }}", field:"username", width:200, resizable:false, headerSort:true, formatter: userLinkFormatter, responsive:0}, {title:"{{ __('Name') }}", field:"username", width:200, resizable:false, headerSort:true, formatter: userLinkFormatter, responsive:0},
{title:"{{ __('Email') }}", field:"email", width:300, resizable:false, headerSort:true, responsive:2}, {title:"{{ __('Email') }}", field:"email", width:300, resizable:false, headerSort:true, responsive:2},
{title:"{{ __('Roles') }}", field:"roles_mask", width:200, resizable:false, headerSort:true, formatter: roleLabelFormatter, responsive:2}, {title:"{{ __('Roles') }}", field:"roles_mask", width:200, resizable:false, headerSort:true, formatter: roleLabelFormatter, responsive:2},
{title:"{{ __('Verified') }}", field:"verified", width:200, resizable:false, headerSort:true, formatter: verifiedFormatter, responsive:2}, {title:"{{ __('Verified') }}", field:"verified", width:150, resizable:false, headerSort:true, formatter: verifiedFormatter, responsive:2},
{title:"{{ __('Status') }}", field:"status", width:200, resizable:false, headerSort:true, formatter: statusBadgeFormatter, responsive:2}, {title:"{{ __('Status') }}", field:"status", width:150, resizable:false, headerSort:true, formatter: statusBadgeFormatter, responsive:2},
{title: "{{ __('Actions') }}", formatter: actionsFormatter, responsive:0, headerSort: false, download:false, hozAlign: "center", cellClick:function(e, cell){ e.stopPropagation(); }},
] ]
}); });
var searchInput = document.getElementById("search-input"); var searchInput = document.getElementById("search-input");

2
cp/routes/web.php
View file

@ -103,6 +103,8 @@ $app->group('', function ($route) {
$route->get('/users', UsersController::class .':listUsers')->setName('listUsers'); $route->get('/users', UsersController::class .':listUsers')->setName('listUsers');
$route->map(['GET', 'POST'], '/user/create', UsersController::class . ':createUser')->setName('createUser'); $route->map(['GET', 'POST'], '/user/create', UsersController::class . ':createUser')->setName('createUser');
$route->get('/user/update/{user}', UsersController::class . ':updateUser')->setName('updateUser');
$route->post('/user/update', UsersController::class . ':updateUserProcess')->setName('updateUserProcess');
$route->get('/epphistory', LogsController::class .':view')->setName('epphistory'); $route->get('/epphistory', LogsController::class .':view')->setName('epphistory');
$route->get('/poll', LogsController::class .':poll')->setName('poll'); $route->get('/poll', LogsController::class .':poll')->setName('poll');