public function createMany($data) { $current_user = User::current(); if (!$current_user->isAdmin()) { http_response_code(403); echo 'Not allowed'; return; } $results = array(); foreach ($data as $data) { $result = array('user' => $data->user, 'host' => $data->host); if ($this->validate_key($data, $result)) { $user = User::instance()->get($data->user); $result['user_id'] = $user->id; $key = $this->keys->getByUserHost($user, $data->host); if ($key != NULL) { $result['status'] = 409; $result['message'] = 'Host already exists for that user'; $result['key_id'] = $key->id; } else { $key = $this->keys->create($user, $data->host, $data->hash); Audit::log($current_user, 'create key ' . $key->id . ' for ' . $user, $key); $result['key_id'] = $key->id; $result['status'] = 200; $result['message'] = 'Ok'; } } $results[] = $result; } echo json_encode($results, JSON_PRETTY_PRINT); }
public function index() { $current_user = User::current(); if (!$current_user->isAdmin()) { http_response_code(403); echo "Access denied"; return; } $since = $_GET['start']; $until = $_GET['end']; if ($since == NULL) { $since = strtotime("midnight"); } else { $since = $this->validate_date($since); if (!$since) { http_response_code(409); echo 'Invalid start date'; return; } $since = strtotime("midnight", $since); } if ($until == NULL) { $until = strtotime("tomorrow"); } else { $until = $this->validate_date($until); if (!$until) { http_response_code(409); echo 'Invalid end date'; return; } $until = strtotime("midnight", $until); } Breadcrumbs::add(DIR, 'Credentials'); Breadcrumbs::add('', 'Audit'); $data['breadcrumbs'] = Breadcrumbs::get(); $data['title'] = 'Audit'; $data['current_user'] = $current_user; $data['footer-logic'] = 'credentials/audit-footer'; $data['logs'] = $this->audit->get($since, $until); $data['since'] = $since; $data['until'] = $until; $data['span'] = $until - $since; View::renderTemplate('header', $data); View::render('credentials/audit', $data); View::renderTemplate('footer', $data); }
public function index($id = NULL) { $current_user = User::current(); if ($id == NULL) { if ($current_user->isAdmin()) { // User is admin, show index of users Breadcrumbs::add(DIR, 'Credentials'); Breadcrumbs::add('', 'Users'); $data['breadcrumbs'] = Breadcrumbs::get(); $data['title'] = 'User overview'; $data['current_user'] = $current_user; $data['users'] = $this->users->getAll(); $data['footer-logic'] = 'credentials/users-footer'; View::renderTemplate('header', $data); View::render('credentials/users', $data); View::renderTemplate('footer', $data); } else { // User is not admin, redirect to their page $this->index($current_user->id); } } else { $user = $this->users->getById($id); if ($user == NULL) { http_response_code(404); echo "Not found"; return; } if ($current_user->id != $user->id && !$current_user->isAdmin()) { http_response_code(403); echo "Not allowed"; return; } Breadcrumbs::add(DIR, 'Credentials'); Breadcrumbs::add(DIR . 'users', 'Users'); Breadcrumbs::add('', $user->login); $data['breadcrumbs'] = Breadcrumbs::get(); $data['title'] = 'User ' . $user->login; $data['current_user'] = $current_user; $data['user'] = $user; $data['keys'] = $this->keys->getAllByUser($user); $data['footer-logic'] = 'credentials/user-footer'; View::renderTemplate('header', $data); View::render('credentials/user', $data); View::renderTemplate('footer', $data); } }
<?php /** * Routes - all standard routes are defined here. * * @author David Carr - dave@daveismyname.com * @version 2.2 * @date updated Sept 19, 2015 */ /** Create alias for Router. */ use Core\Router; use Helpers\Hooks; use Helpers\User; /** Define routes. */ if (User::current()->isAdmin()) { Router::any('', 'Controllers\\Index@index'); } else { Router::any('', 'Controllers\\Users@index'); } Router::post('users', 'Controllers\\Users@create'); Router::get('users', 'Controllers\\Users@index'); Router::post('users/(:num)', 'Controllers\\Users@update'); Router::get('users/(:num)', 'Controllers\\Users@index'); Router::delete('users/(:num)', 'Controllers\\Users@delete'); Router::post('keys', 'Controllers\\Keys@create'); Router::post('keys/(:num)', 'Controllers\\Keys@update'); Router::get('keys/(:num)', 'Controllers\\Keys@index'); Router::delete('keys/(:num)', 'Controllers\\Keys@delete'); Router::get('audit', 'Controllers\\Audit@index'); /** Module routes. */ $hooks = Hooks::get();