public function install()
{
// check install status
$installed = false;
try {
$qres = $this->db->_db->query("SELECT 1 FROM `auth` LIMIT 1");
if ($qres !== false) {
$installed = true;
}
$qres->closeCursor();
} catch (Exception $ex) {
}
// Check docs template
$this->checkStorageTemplate();
if ($installed) {
return "Database detected, skipping full installation.";
}
// Install database
$schemapath = $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . "library/installer/schemas/install.sql";
if (!file_exists($schemapath)) {
return "Schema does not exist";
}
$sql = file_get_contents($schemapath);
try {
$result = $this->db->_db->exec($sql);
if ($result !== false) {
// use setup var provided in request
if (isset($_REQUEST['setupvars'])) {
$setupvars = json_decode($_REQUEST['setupvars']);
// set admin hash and disable staff user
$authMdl = new AuthModel();
$authMdl->setDisabled(2, true);
$authMdl->edit(1, null, $setupvars->adminhash);
// Setup general info
echo "Setup variables processed.\n";
}
// start node server (restart to be safe)
$socket = new WposSocketControl();
$socket->restartSocketServer(['error' => 'OK']);
}
} catch (Exception $e) {
return $e->getMessage();
}
return "Setup Completed Successfully!";
}
/**
* Update user
* @param $result
* @return mixed
*/
public function updateUser($result)
{
// prevent updating of master admin username
if ($this->data->id == 1 && !isset($this->data->pass)) {
$result['error'] = "Only the master admin password may be updated.";
return $result;
}
// validate input
$jsonval = new JsonValidate($this->data, '{"id":1, "username":"", "admin":1}');
if (($errors = $jsonval->validate()) !== true) {
$result['error'] = $errors;
return $result;
}
$authMdl = new AuthModel();
if ($this->data->id == 1) {
// Only rhe admin users password can be updated
$qresult = $authMdl->edit($this->data->id, $this->data->username, $this->data->pass);
unset($this->data->permissions);
unset($this->data->admin);
} else {
$dupitems = $authMdl->get(0, 0, null, $this->data->username);
if (sizeof($dupitems) > 0) {
$dupitem = $dupitems[0];
if ($dupitem['id'] != $this->data->id) {
$result['error'] = "The username specified is already taken";
return $result;
}
}
// generate permissions object
$permObj = ["sections" => $this->data->permissions, "apicalls" => []];
foreach ($this->data->permissions as $key => $value) {
switch ($key) {
case "access":
if ($value != "no") {
$permObj['apicalls'][] = "adminconfig/get";
}
break;
case "dashboard":
if ($value == "both" || $value == "standard") {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls']['dashboard']);
}
if ($value == "both" || $value == "realtime") {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls']['realtime']);
}
break;
default:
switch ($value) {
case 2:
// add write api calls
if (isset($this->permissionMap['editapicalls'][$key])) {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['editapicalls'][$key]);
}
case 1:
// add read api calls
if (isset($this->permissionMap['readapicalls'][$key])) {
$permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls'][$key]);
}
break;
}
}
}
if ($this->data->pass == "") {
$qresult = $authMdl->edit($this->data->id, $this->data->username, null, $this->data->admin, json_encode($permObj));
} else {
$qresult = $authMdl->edit($this->data->id, $this->data->username, $this->data->pass, $this->data->admin, json_encode($permObj));
}
}
if ($qresult === false) {
$result['error'] = "Could not update the user";
} else {
$result['data'] = true;
// log data
unset($this->data->pass);
Logger::write("User updated with id:" . $this->data->id, "USER", json_encode($this->data));
}
return $result;
}
