static function addRoutes($app, $authenticateForRole)
{
//* /user/id - members can get their own profile
$app->map("/user/get/:userId/", $authenticateForRole('member'), function ($userId) use($app) {
UserController::selectUser($app, $userId);
})->via('GET', 'POST');
/*
* id, nameFirst, nameLast, email, phone
*/
$app->post("/user/update/:userId/", $authenticateForRole('member'), function ($userId) use($app) {
UserController::updateUser($app, $userId);
});
//* /user/ routes - admin users only
$app->group('/user', $authenticateForRole('admin'), function () use($app) {
/*
* nameFirst, nameLast, email, password
*/
$app->post("/insert/", function () use($app) {
UserController::insertUser($app);
});
/*
* id
*/
$app->map("/delete/:userId/", function ($userId) use($app) {
UserController::deleteUser($app, $userId);
})->via('DELETE', 'POST');
/*
* userId, groupId
*/
$app->post("/unassign-group/", function () use($app) {
UserController::unassignGroup($app);
});
/*
* userId, groupId
*/
$app->post("/assign-group/", function () use($app) {
UserController::assignGroup($app);
});
});
}
*/
// verifies that the action post variable is set and then choses
// which function to fire based on the POST['action'] value
if (isset($_POST['action'])) {
// instantiate classes to call functions from
$UserController = new UserController();
$ProjectController = new ProjectController();
$PageController = new PageController();
// handle which function to call
switch ($_POST['action']) {
// User Methods
case "createUser":
$UserController->createUser();
break;
case "deleteUser":
$UserController->deleteUser();
break;
case "getUser":
$UserController->getUser();
break;
case "checkLoggedIn":
$UserController->checkLoggedIn();
break;
case "isAdmin":
$UserController->isAdmin();
break;
case "login":
$UserController->login();
break;
case "logout":
$UserController->logout();
if ($feedback) {
echo JsonResponse::message(STATUS_OK, "Successfully created user!");
exit;
} else {
echo JsonResponse::error("Failed! User already exist");
exit;
}
} elseif ($intent == 'deleteStaff') {
// check that userid of staff to be deleted is specified
if (!isset($_POST['userid'])) {
echo JsonResponse::error("Incomplete parameters for delete user intent");
exit;
}
$userid = $_POST['userid'];
$userController = new UserController();
$feedback = $userController->deleteUser($userid);
if (is_array($feedback) && $feedback[JsonResponse::P_STATUS] == STATUS_ERROR) {
echo JsonResponse::error($feedback[JsonResponse::P_MESSAGE]);
exit;
}
if ($feedback) {
// log user out, if they delete themself
$loggedInUser = CxSessionHandler::getItem(UserAuthTable::userid);
if ($loggedInUser == $userid) {
CxSessionHandler::destroy();
header("Location: ../../index.php");
}
echo JsonResponse::message(STATUS_OK, "Successfully deleted user!");
exit;
} else {
echo JsonResponse::error("Could not delete this user. Try again!");
include "class/UserController.php";
include "class/UserControllerOfficial.php";
$conecta = new Conecta();
$daoUserRegister = new DaoUserRegister();
$modelUserRegister = new UserRegister();
$userService = new UserController($_POST, $conecta, $daoUserRegister, $modelUserRegister);
if ($_GET["action"] == "insert") {
$userService->processDataForm();
$userService->insertUser();
header("Location:../userRegister.php");
}
if ($_GET["action"] == "update") {
print "deveria cair aqui";
}
if ($_GET["action"] == "delete") {
$userService->deleteUser($_GET["id"]);
header("Location:../cadastrar.php");
}
if ($_GET["action"] == "view") {
}
} else {
include "model/Conecta.php";
include "model/dao/userDao/DaoUserRegister.php";
include "model/beans/UserRegister.php";
include "class/UserController.php";
include "class/UserControllerOfficial.php";
$conecta = new Conecta();
$daoUserRegister = new DaoUserRegister();
$modelUserRegister = new UserRegister();
$userService = new UserController($_POST, $conecta, $daoUserRegister, $modelUserRegister);
$dados = $userService->viewUsers();
public function deleteUser()
{
if (isset($_GET['idUser'])) {
$managerUser = new UserDAO();
$infos = $managerUser->getInfoUser($_SESSION['idUser']);
$userToDelete = $managerUser->getInfoUser($_GET['idUser']);
if ($infos['type'] == 'Admin') {
if ($userToDelete['type'] != 'Admin') {
$userController = new UserController();
$deleteUser = $userController->deleteUser($_GET['idUser']);
$_SESSION['success'] = 'L\'utilisateur a bien été supprimé';
$_SESSION['display_msg_success'] = true;
$this->user();
} else {
$_SESSION['error'] = 'Vous ne pouvez pas supprimer un administrateur';
$_SESSION['display_msg_error'] = true;
$this->profile();
}
} else {
$_SESSION['error'] = 'Vous n\'avez pas les droits requis pour accéder à cette page';
$_SESSION['display_msg_error'] = true;
$this->profile();
}
} else {
$_SESSION['error'] = '[5] La page n\'existe pas';
$_SESSION['display_msg_error'] = true;
$this->profile();
}
}
