/** * Edit a user * @param bool|int $user_id The id no. of the user * @param bool|string $saved */ function edit($user_id = false, $saved = false) { //make sure this current user is allowed to edit this user if ($user_id) { $user_to_edit = new User_Model($user_id); $users_group_id = groups::get_user_group($user_to_edit); if ($users_group_id != $this->group->id) { url::redirect(url::site() . 'admin/simplegroups/dashboard'); } } //check the group user's permissions for this $permissions = groups::get_permissions_for_user($this->user->id); if (!($permissions["add_users"] || $permissions["delete_users"])) { url::redirect(url::site() . 'admin/simplegroups/dashboard'); } $this->template->content = new View('simplegroups/users_edit'); if ($user_id) { $user_exists = ORM::factory('user')->find($user_id); if (!$user_exists->loaded) { // Redirect url::redirect(url::site() . 'admin/simplegroups/users/'); } } // setup and initialize form field names $form = array('username' => '', 'password' => '', 'password_again' => '', 'name' => '', 'email' => '', 'notify' => '', 'role' => ''); //copy the form as errors, so the errors will be stored with keys corresponding to the form field names $errors = $form; $form_error = FALSE; $form_saved = FALSE; $form_action = ""; $user = ""; // check, has the form been submitted, if so, setup validation if ($_POST) { $post = Validation::factory($_POST); //are we deleting this user if ($post->action == "delete") { //do you have permission to delete if (!$permissions["delete_users"]) { url::redirect(url::site() . 'admin/simplegroups/dashboard'); } //drop the group mapping ORM::factory("simplegroups_groups_users")->where("users_id", $user_id)->delete_all(); //drop the group roles mapping ORM::factory("simplegroups_users_roles")->where("users_id", $user_id)->delete_all(); //delete the user ORM::factory("user")->where("id", $user_id)->delete_all(); url::redirect(url::site() . 'admin/simplegroups/users'); } // Add some filters $post->pre_filter('trim', TRUE); $post->add_rules('username', 'required', 'length[3,16]', 'alpha'); //only validate password as required when user_id has value. $user_id == '' ? $post->add_rules('password', 'required', 'length[5,16]', 'alpha_numeric') : ''; $post->add_rules('name', 'required', 'length[3,100]'); $post->add_rules('email', 'required', 'email', 'length[4,64]'); $user_id == '' ? $post->add_callbacks('username', array($this, 'username_exists_chk')) : ''; $user_id == '' ? $post->add_callbacks('email', array($this, 'email_exists_chk')) : ''; // If Password field is not blank if (!empty($post->password)) { $post->add_rules('password', 'required', 'length[5,16]', 'alpha_numeric', 'matches[password_again]'); } $post->add_rules('role', 'required', 'length[3,30]', 'alpha_numeric'); $post->add_rules('notify', 'between[0,1]'); Event::run('ushahidi_action.user_submit_admin', $post); if ($post->validate()) { $user = ORM::factory('user', $user_id); $user->name = $post->name; $user->email = $post->email; $user->notify = $post->notify; // Existing User?? if ($user->loaded == true) { // Prevent modification of the main admin account username or role if ($user->id != 1) { $user->username = $post->username; // Remove Old Roles foreach ($user->roles as $role) { $user->remove($role); } // Add New Roles $user->add(ORM::factory('role', 'login')); $user->add(ORM::factory('role', 'simplegroups')); } $post->password != '' ? $user->password = $post->password : ''; } else { $user->username = $post->username; $user->password = $post->password; // Add New Roles $user->add(ORM::factory('role', 'login')); $user->add(ORM::factory('role', 'simplegroups')); } $user->save(); // Action::report_edit - Edited a Report Event::run('ushahidi_action.user_edit', $user); // Redirect url::redirect(url::site() . 'admin/simplegroups/users/'); } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any $errors = arr::overwrite($errors, $post->errors('auth')); $form_error = TRUE; } } else { if ($user_id) { // Retrieve Current Incident $user = ORM::factory('user', $user_id); if ($user->loaded == true) { foreach ($user->roles as $user_role) { $role = $user_role->name; } $form = array('user_id' => $user->id, 'username' => $user->username, 'password' => '', 'password_again' => '', 'name' => $user->name, 'email' => $user->email, 'notify' => $user->notify, 'role' => $role); } } } $roles = ORM::factory('role')->where('id != 1')->orderby('name', 'asc')->find_all(); //only one role for these guys $role_array = array("simplegroups" => "SIMPLEGROUPS"); $this->template->content->id = $user_id; $this->template->content->permissions = $permissions; $this->template->content->user = $user; $this->template->content->form = $form; $this->template->content->errors = $errors; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->yesno_array = array('1' => strtoupper(Kohana::lang('ui_main.yes')), '0' => strtoupper(Kohana::lang('ui_main.no'))); $this->template->content->role_array = $role_array; }
/** * Here we check and see if the user logged in is part of a group * If they are we re direct them to only the content they can see */ public function _check_for_group() { $user = new User_Model($_SESSION['auth_user']->id); $group_id = groups::get_user_group($user); $role = ORM::factory("role")->join("roles_users", "roles_users.role_id", "roles.id")->where("roles_users.user_id", $user->id)->where("name", "simplegroups")->find(); if (!$group_id) { //but do they have the role of a groupie and they're just not assigned to a group yet? if ($role->name == "simplegroups") { url::redirect(url::site() . 'admin/simplegroups/nogroup'); } return; } //the person is a member of a group so redirect them to the group dashboard url::redirect(url::site() . 'admin/simplegroups/dashboard'); }
public function __construct() { parent::__construct(); // Load cache $this->cache = new Cache(); // Load session $this->session = new Session(); // Load database $this->db = new Database(); $upgrade = new Upgrade(); $this->auth = new Auth(); $this->session = Session::instance(); $this->auth->auto_login(); if (!$this->auth->logged_in('login')) { url::redirect('login'); } // Set Table Prefix $this->table_prefix = Kohana::config('database.default.table_prefix'); //fetch latest release of ushahidi $this->release = $upgrade->_fetch_core_release(); if (!empty($this->release)) { $this->template->version = $this->_get_release_version(); $this->template->critical = $this->release->critical; } // Get Session Information $this->user = new User_Model($_SESSION['auth_user']->id); $this->template->admin_name = $this->user->name; //make sure the user is supposed to be here: $group_id = groups::get_user_group($this->user); if (!$group_id) { url::redirect(url::site() . 'admin/simplegroups/nogroup'); } //Get Group Info $groups = ORM::factory("simplegroups_groups")->join("simplegroups_groups_users", "simplegroups_groups.id", "simplegroups_groups_users.simplegroups_groups_id")->where("simplegroups_groups_users.users_id", $this->user->id)->find_all(); foreach ($groups as $group) { $this->group = $group; $this->template->group_name = $group->name; $this->template->group_logo = $group->logo; } // Retrieve Default Settings $this->template->site_name = Kohana::config('settings.site_name'); $this->template->mapstraction = Kohana::config('settings.mapstraction'); $this->template->api_url = Kohana::config('settings.api_url'); // Javascript Header $this->template->map_enabled = FALSE; $this->template->flot_enabled = FALSE; $this->template->treeview_enabled = FALSE; $this->template->protochart_enabled = FALSE; $this->template->colorpicker_enabled = FALSE; $this->template->editor_enabled = FALSE; $this->template->js = ''; $this->template->form_error = FALSE; // Initialize some variables for raphael impact charts $this->template->raphael_enabled = FALSE; $this->template->impact_json = ''; // Generate main tab navigation list. $this->template->main_tabs = admin::main_tabs(); // Generate sub navigation list (in default layout, sits on right side). $this->template->main_right_tabs = admin::main_right_tabs($this->user); $this->template->this_page = ""; // Load profiler // $profiler = new Profiler; }