mirror of
https://github.com/getnamingo/registry.git
synced 2025-07-02 00:53:22 +02:00
Added ability to have different user roles
This commit is contained in:
parent
9504733dbf
commit
d07fa5481c
4 changed files with 157 additions and 22 deletions
|
@ -104,7 +104,7 @@ class UsersController extends Controller
|
|||
'password' => $password_hashed,
|
||||
'username' => $username,
|
||||
'verified' => $verified,
|
||||
'roles_mask' => 6,
|
||||
'roles_mask' => 4,
|
||||
'status' => $status,
|
||||
'registered' => \time()
|
||||
]
|
||||
|
@ -205,12 +205,21 @@ class UsersController extends Controller
|
|||
|
||||
$_SESSION['user_to_update'] = [$args];
|
||||
|
||||
$roles_new = [
|
||||
'4' => ($user['roles_mask'] & 4) ? true : false, // Registrar
|
||||
'8' => ($user['roles_mask'] & 8) ? true : false, // Accountant
|
||||
'16' => ($user['roles_mask'] & 16) ? true : false, // Support
|
||||
'32' => ($user['roles_mask'] & 32) ? true : false, // Auditor
|
||||
'64' => ($user['roles_mask'] & 64) ? true : false, // Sales
|
||||
];
|
||||
|
||||
return view($response,'admin/users/updateUser.twig', [
|
||||
'user' => $user,
|
||||
'currentUri' => $uri,
|
||||
'registrars' => $registrars,
|
||||
'user_asso' => $user_asso,
|
||||
'registrar_name' => $registrar_name
|
||||
'registrar_name' => $registrar_name,
|
||||
'roles_new' => $roles_new
|
||||
]);
|
||||
} else {
|
||||
// User does not exist, redirect to the users view
|
||||
|
@ -240,6 +249,10 @@ class UsersController extends Controller
|
|||
$password_confirmation = $data['password_confirmation'] ?? null;
|
||||
$status = $data['status'] ?? null;
|
||||
$verified = $data['verified'] ?? null;
|
||||
$roles_mask = $data['roles_mask'] ?? 0;
|
||||
|
||||
$allowedRoles = [0, 2, 4, 8, 16, 32, 64];
|
||||
$allowedRolesMask = array_sum($allowedRoles); // 124 (sum of allowed roles)
|
||||
|
||||
// Define validation rules
|
||||
$validators = [
|
||||
|
@ -249,6 +262,14 @@ class UsersController extends Controller
|
|||
'verified' => v::in(['0', '1'])->setName('Verified'), // Ensure verified is checked as 0 or 1
|
||||
];
|
||||
|
||||
// Add custom validation for roles_mask
|
||||
$validators['roles_mask'] = v::oneOf(
|
||||
v::intVal()->callback(function ($value) use ($allowedRolesMask) {
|
||||
return ($value & ~$allowedRolesMask) === 0; // Ensure only allowed roles are included
|
||||
}),
|
||||
v::nullType() // Allow null as a valid value
|
||||
)->setName('Roles Mask');
|
||||
|
||||
// Add password validation only if provided
|
||||
if (!empty($password)) {
|
||||
$validators['password'] = v::stringType()->notEmpty()->length(6, 255)->setName('Password');
|
||||
|
@ -289,6 +310,11 @@ class UsersController extends Controller
|
|||
return $response->withHeader('Location', '/user/update/'.$old_username)->withStatus(302);
|
||||
}
|
||||
|
||||
if (in_array($roles_mask, [0, '0'], true)) {
|
||||
$this->container->get('flash')->addMessage('error', 'No roles assigned. Please assign at least one role');
|
||||
return $response->withHeader('Location', '/user/update/' . $old_username)->withStatus(302);
|
||||
}
|
||||
|
||||
$db->beginTransaction();
|
||||
|
||||
try {
|
||||
|
@ -301,6 +327,7 @@ class UsersController extends Controller
|
|||
'username' => $username,
|
||||
'verified' => $verified,
|
||||
'status' => $status,
|
||||
'roles_mask' => $roles_mask,
|
||||
];
|
||||
|
||||
if (!empty($password)) {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue