/**
* delete level group.
*
* @param integer $level_group_id
* @return boolean
*/
public static function deleteLevel($level_group_id = '')
{
if (in_array($level_group_id, static::forge()->disallowed_edit_delete)) {
return false;
}
// delete related tables.
\DB::delete(\Model_AccountLevel::getTableName())->where('level_group_id', $level_group_id)->execute();
\DB::delete(\Model_AccountLevelPermission::getTableName())->where('level_group_id', $level_group_id)->execute();
// delete level group
\DB::delete(static::$_table_name)->where('level_group_id', $level_group_id)->execute();
// @todo [fuelstart][levelgroup][plug] after deleted level group plug.
$plugin = new \Library\Plugins();
if ($plugin->hasAction('LevelGroupAfterDeleted') !== false) {
$plugin->doAction('LevelGroupAfterDeleted', $level_group_id);
}
unset($plugin);
return true;
}
/**
* edit account
*
* @param array $data
* @param array $data_fields
* @param array $data_level
* @return boolean
*/
public static function editAccount(array $data = array(), $data_fields = array(), $data_level = array())
{
if (empty($data) || empty($data_level)) {
return false;
}
// get config
$config = \Model_Config::getvalues(array('allow_avatar', 'member_email_change_need_confirm'));
// check things -------------------------------------------------------------------------------------------------
// check permission that can i add or edit this account
if (static::instance()->canIAddEditAccount($data_level['level_group_id']) == false) {
return \Lang::get('account_you_cannot_edit_account_that_contain_role_higher_than_yours');
}
// check for duplicate account (username)
$query = static::query()->where('account_id', '!=', $data['account_id'])->where('account_username', $data['account_username']);
if ($query->count() > 0) {
unset($query);
return \Lang::get('account_username_already_exists');
}
unset($query);
// if email changed
if (isset($data['account_old_email']) && $data['account_old_email'] != $data['account_email']) {
$email_change = true;
// check duplicate email
$query = static::query()->where('account_id', '!=', $data['account_id'])->where('account_email', $data['account_email']);
if ($query->count() > 0) {
unset($query);
return \Lang::get('account_email_already_exists');
}
unset($query);
} else {
$email_change = false;
}
// check password change and set new password data for update in db.
if (!empty($data['account_password'])) {
// there is current password input.
if ($data['account_new_password'] != null) {
// check current password match in db.
$query = static::query()->where('account_id', $data['account_id'])->where('account_username', $data['account_username']);
if ($query->count() > 0) {
$row = $query->get_one();
if (static::instance()->checkPassword($data['account_password'], $row->account_password, $row)) {
$data['account_password'] = static::instance()->hashPassword($data['account_new_password']);
unset($query, $row);
// @todo [fuelstart][account][plug] after changed password plug.
$plugin = new \Library\Plugins();
if ($plugin->hasAction('AccountAfterChangedPassword') !== false) {
$plugin->doAction('AccountAfterChangedPassword', $data['account_id'], ['input_data' => $data, 'input_data_fields' => $data_fields, 'input_data_level' => $data_level, 'inputs_post' => \Input::post(), 'email_change' => isset($email_change) ? $email_change : false, 'password_changed' => true]);
}
unset($plugin);
// flash message for changed password please login again.
\Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('account_your_password_changed_please_login_again')));
$password_changed = true;
} else {
unset($config, $query, $row);
return \Lang::get('account_wrong_password');
}
} else {
unset($config, $query);
return \Lang::get('account_not_found_account_in_db');
}
} else {
unset($config);
return \Lang::get('account_please_enter_your_new_password');
}
} else {
// no password change
// remove password data to prevent db update password field to null
unset($data['account_password']);
}
unset($data['account_new_password']);
// action things -------------------------------------------------------------------------------------------------
// check avatar upload and move if verified
if ($config['allow_avatar']['value'] == '1' && (isset($_FILES['account_avatar']['name']) && $_FILES['account_avatar']['name'] != null)) {
$result = static::instance()->uploadAvatar(array('account_id' => $data['account_id'], 'input_field' => 'account_avatar'));
if (isset($result['result']) && $result['result'] === true) {
$data['account_avatar'] = $result['account_avatar'];
} else {
unset($config);
return $result;
}
}
unset($result);
// if email changed, send confirm
if ($email_change === true) {
if ($config['member_email_change_need_confirm']['value'] == '1') {
// need to send email change confirmation.
$data['confirm_code'] = Extension\Str::random('alnum', 5);
$data['confirm_code_since'] = time();
$send_email_change_confirmation = static::instance()->sendEmailChangeConfirmation($data);
if ($send_email_change_confirmation === true) {
$data['account_confirm_code'] = $data['confirm_code'];
$data['account_confirm_code_since'] = $data['confirm_code_since'];
} else {
unset($config);
return $send_email_change_confirmation;
}
unset($data['confirm_code'], $data['confirm_code_since'], $data['account_email'], $send_email_change_confirmation);
}
}
unset($data['account_old_email']);
// update account to db. ----------------------------------------
$account_id = $data['account_id'];
unset($data['account_id']);
$accounts = static::find($account_id);
$accounts->set($data);
$accounts->save();
// update level to user. -----------------------------------------
if (isset($data_level['level_group_id']) && !empty($data_level['level_group_id'])) {
$al = new \Model_AccountLevel();
$al->updateLevels($account_id, $data_level['level_group_id']);
unset($al);
}
// update account fields if there is any value. -----------------
// if set data_field to null means not update account fields
if (is_array($data_fields) && !empty($data_fields)) {
$af = new \Model_AccountFields();
$af->updateAccountFields($account_id, $data_fields);
unset($af);
}
// @todo [fuelstart][account][plug] admin edit account plug.
$plugin = new \Library\Plugins();
if ($plugin->hasAction('AccountAdminEditAccount')) {
$plugin->doAction('AccountAdminEditAccount', $account_id, ['input_data' => $data, 'input_data_fields' => $data_fields, 'input_data_level' => $data_level, 'inputs_post' => \Input::post(), 'email_change' => isset($email_change) ? $email_change : false, 'password_changed' => isset($password_changed) ? $password_changed : false]);
}
unset($plugin);
// done
if (isset($password_changed) && $password_changed === true) {
static::logout();
}
unset($config, $email_change, $password_changed);
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $account_id);
\Extension\Cache::deleteCache('model.accountPermission-checkAccountPermission-' . \Model_Sites::getSiteId(false));
return true;
}
public function action_multiple()
{
$ids = \Input::post('id');
$act = trim(\Input::post('act'));
$redirect = $this->getAndSetSubmitRedirection();
if (\Extension\NoCsrf::check()) {
// if action is delete.
if ($act == 'del') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
// delete account.
\Model_Accounts::deleteAccount($id);
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
}
} elseif ($act == 'enable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '0') {
continue;
}
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
\DB::update(\Model_Accounts::getTableName())->where('account_id', $id)->set(['account_status' => '1', 'account_status_text' => null])->execute();
unset($entry);
}
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
} elseif ($act == 'disable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '0') {
continue;
}
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
\DB::update(\Model_Accounts::getTableName())->where('account_id', $id)->set(['account_status' => '0', 'account_status_text' => null])->execute();
}
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
}
}
// go back
\Response::redirect($redirect);
}
/**
* check level permission
* check permission based on user's level group id and page name and action.
*
* @param string $page_name
* @param string $action
* @param integer $account_id
* @return boolean
*/
private static function checkLevelPermission($page_name = '', $action = '', $account_id = '')
{
// check for required attribute
if (!is_numeric($account_id) || $page_name == null || $action == null) {
return false;
}
if ($account_id == '1') {
return true;
}
// permanent owner's account
$site_id = \Model_Sites::getSiteId(false);
$cache_name = 'model.accountLevelPermission-checkLevelPermission-' . $site_id . '-' . \Extension\Security::formatString($page_name, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($action, 'alphanum_dash_underscore') . '-' . $account_id;
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
// get current user levels from db.
$result = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $account_id)->execute();
if (count($result) > 0) {
// loop each level of this user.
foreach ($result as $row) {
if ($row->level_group_id == '1') {
// this user is in super admin group.
unset($result, $row);
\Cache::set($cache_name, true, 2592000);
return true;
}
// check this level group in permission db.
$result2 = \DB::select()->from(static::$_table_name)->where('level_group_id', $row->level_group_id)->where('permission_page', $page_name)->where('permission_action', $action)->execute();
if (count($result2) > 0) {
// found.
unset($result, $result2, $row);
\Cache::set($cache_name, true, 2592000);
return true;
}
unset($result2);
}
// endforeach;
// not found in permission db. did not given any permission.
unset($result, $row);
\Cache::set($cache_name, 'false', 2592000);
return false;
}
// not found this user role?
unset($result);
\Cache::set($cache_name, 'false', 2592000);
return false;
}
if ('false' === $cached) {
return false;
} else {
return $cached;
}
}
