function superuserEditUser($get)
{
/***
*
* $get is the $_REQUEST superglobal.
* Expects keys:
*
* @param string user -> The dblink/hardlink of the target user
* @param string change_type -> The type of change to
* enact. Available: delete | reset
*
***/
global $login_status, $default_user_database, $default_sql_user, $default_sql_password, $sql_url, $default_user_table, $db_cols;
$udb = new DBHelper($default_user_database, $default_sql_user, $default_sql_password, $sql_url, $default_user_table, $db_cols);
$uid = $login_status['detail']['uid'];
# is caller an SU or admin?
$suFlag = $login_status['detail']['userdata']['su_flag'];
$isSu = boolstr($suFlag);
$adminFlag = $login_status['detail']['userdata']['admin_flag'];
$isAdmin = boolstr($adminFlag);
if (!($isSu || $isAdmin)) {
return array("status" => false, "error" => "INVALID_USER_PERMISSIONS", "human_error" => "You do not have enough permission to perform this action");
}
# Check the target
$target = $get["user"];
if (empty($target)) {
return array("status" => false, "error" => "INVALID_TARGET_NO_USER_PROVIDED", "human_error" => "You must provide argument 'user'");
}
# Do they exist?
if (!$udb->isEntry($target, 'dblink')) {
return array("status" => false, "error" => "INVALID_TARGET_DOES_NOT_EXIST", "human_error" => "The requested user does not exist");
}
$uf = new UserFunctions($target, "dblink");
$userData = $uf->getUser($target);
try {
# Is the target an SU or admin?
$suFlag = $userData['userdata']['su_flag'];
$targetIsSu = boolstr($suFlag);
if ($targetIsSu) {
return array("status" => false, "error" => "INVALID_TARGET_IS_SU", "human_error" => "You can not edit Superusers through this interface. Please contact your system administrator");
}
$adminFlag = $userData['userdata']['admin_flag'];
$targetIsAdmin = boolstr($adminFlag);
if ($targetIsAdmin && !$isSu) {
return array("status" => false, "error" => "INVALID_TARGET_ADMIN_VS_ADMIN", "human_error" => "Sorry, only Superusers can edit adminstrators");
}
# Permission check complete.
$editAction = strtolower($get["change_type"]);
if (empty($editAction)) {
return array("status" => false, "error" => "INVALID_CHANGE_TYPE_EMPTY", "human_error" => "You must provide an argument 'change_type'");
}
switch ($editAction) {
case "delete":
$dryRun = $uf->forceDeleteCurrentUser();
$targetUid = $dryRun["target_user"];
if ($targetUid != $target) {
# Should never happen
return array("status" => false, "error" => "MISMATCHED_TARGETS", "human_error" => "The system encountered an error confirming target for deletion", "obj_target" => $targetUid, "post_target" => $target);
}
return $uf->forceDeleteCurrentUser(true);
break;
case "reset":
return array("status" => false, "error" => "Incomplete");
break;
default:
return array("status" => false, "error" => "INVALID_CHANGE_TYPE", "human_error" => "We didn't recognize this change type", "change_type_provided" => $editAction);
}
} catch (Exception $e) {
return array("status" => false, "error" => $e->getMessage(), "human_error" => "Application error", "args" => $get);
}
}
