public function createMany($data)
{
$current_user = User::current();
if (!$current_user->isAdmin()) {
http_response_code(403);
echo 'Not allowed';
return;
}
$results = array();
foreach ($data as $data) {
$result = array('user' => $data->user, 'host' => $data->host);
if ($this->validate_key($data, $result)) {
$user = User::instance()->get($data->user);
$result['user_id'] = $user->id;
$key = $this->keys->getByUserHost($user, $data->host);
if ($key != NULL) {
$result['status'] = 409;
$result['message'] = 'Host already exists for that user';
$result['key_id'] = $key->id;
} else {
$key = $this->keys->create($user, $data->host, $data->hash);
Audit::log($current_user, 'create key ' . $key->id . ' for ' . $user, $key);
$result['key_id'] = $key->id;
$result['status'] = 200;
$result['message'] = 'Ok';
}
}
$results[] = $result;
}
echo json_encode($results, JSON_PRETTY_PRINT);
}
public function index()
{
$current_user = User::current();
if (!$current_user->isAdmin()) {
http_response_code(403);
echo "Access denied";
return;
}
$since = $_GET['start'];
$until = $_GET['end'];
if ($since == NULL) {
$since = strtotime("midnight");
} else {
$since = $this->validate_date($since);
if (!$since) {
http_response_code(409);
echo 'Invalid start date';
return;
}
$since = strtotime("midnight", $since);
}
if ($until == NULL) {
$until = strtotime("tomorrow");
} else {
$until = $this->validate_date($until);
if (!$until) {
http_response_code(409);
echo 'Invalid end date';
return;
}
$until = strtotime("midnight", $until);
}
Breadcrumbs::add(DIR, 'Credentials');
Breadcrumbs::add('', 'Audit');
$data['breadcrumbs'] = Breadcrumbs::get();
$data['title'] = 'Audit';
$data['current_user'] = $current_user;
$data['footer-logic'] = 'credentials/audit-footer';
$data['logs'] = $this->audit->get($since, $until);
$data['since'] = $since;
$data['until'] = $until;
$data['span'] = $until - $since;
View::renderTemplate('header', $data);
View::render('credentials/audit', $data);
View::renderTemplate('footer', $data);
}
public function index($id = NULL)
{
$current_user = User::current();
if ($id == NULL) {
if ($current_user->isAdmin()) {
// User is admin, show index of users
Breadcrumbs::add(DIR, 'Credentials');
Breadcrumbs::add('', 'Users');
$data['breadcrumbs'] = Breadcrumbs::get();
$data['title'] = 'User overview';
$data['current_user'] = $current_user;
$data['users'] = $this->users->getAll();
$data['footer-logic'] = 'credentials/users-footer';
View::renderTemplate('header', $data);
View::render('credentials/users', $data);
View::renderTemplate('footer', $data);
} else {
// User is not admin, redirect to their page
$this->index($current_user->id);
}
} else {
$user = $this->users->getById($id);
if ($user == NULL) {
http_response_code(404);
echo "Not found";
return;
}
if ($current_user->id != $user->id && !$current_user->isAdmin()) {
http_response_code(403);
echo "Not allowed";
return;
}
Breadcrumbs::add(DIR, 'Credentials');
Breadcrumbs::add(DIR . 'users', 'Users');
Breadcrumbs::add('', $user->login);
$data['breadcrumbs'] = Breadcrumbs::get();
$data['title'] = 'User ' . $user->login;
$data['current_user'] = $current_user;
$data['user'] = $user;
$data['keys'] = $this->keys->getAllByUser($user);
$data['footer-logic'] = 'credentials/user-footer';
View::renderTemplate('header', $data);
View::render('credentials/user', $data);
View::renderTemplate('footer', $data);
}
}
<?php
/**
* Routes - all standard routes are defined here.
*
* @author David Carr - dave@daveismyname.com
* @version 2.2
* @date updated Sept 19, 2015
*/
/** Create alias for Router. */
use Core\Router;
use Helpers\Hooks;
use Helpers\User;
/** Define routes. */
if (User::current()->isAdmin()) {
Router::any('', 'Controllers\\Index@index');
} else {
Router::any('', 'Controllers\\Users@index');
}
Router::post('users', 'Controllers\\Users@create');
Router::get('users', 'Controllers\\Users@index');
Router::post('users/(:num)', 'Controllers\\Users@update');
Router::get('users/(:num)', 'Controllers\\Users@index');
Router::delete('users/(:num)', 'Controllers\\Users@delete');
Router::post('keys', 'Controllers\\Keys@create');
Router::post('keys/(:num)', 'Controllers\\Keys@update');
Router::get('keys/(:num)', 'Controllers\\Keys@index');
Router::delete('keys/(:num)', 'Controllers\\Keys@delete');
Router::get('audit', 'Controllers\\Audit@index');
/** Module routes. */
$hooks = Hooks::get();
