[skip-ci] Support for adding user using API
This commit is contained in:
parent
643a1d6f37
commit
07f6de3c96
|
|
@ -80,6 +80,33 @@ $dispatcher = FastRoute\simpleDispatcher(function(FastRoute\RouteCollector $r) {
|
|||
$users_profiles["email"] = $users["email"];
|
||||
return $users_profiles;
|
||||
});
|
||||
$r->addRoute('POST', '/user', function($vars)
|
||||
{
|
||||
requireToken();
|
||||
global $user, $user_info;
|
||||
$capo = isset($_POST["capo"]) ? $_POST["capo"]==1 : false;
|
||||
$autista = isset($_POST["autista"]) ? $_POST["autista"]==1 : false;
|
||||
$hidden = isset($_POST["hidden"]) ? $_POST["hidden"]==1 : false;
|
||||
$disabled = isset($_POST["disabled"]) ? $_POST["disabled"]==1 : false;
|
||||
if(isset($_POST["mail"], $_POST["name"], $_POST["username"], $_POST["password"], $_POST["birthday"])){
|
||||
try{
|
||||
$userId = $user->add_user($_POST["mail"], $_POST["name"], $_POST["username"], $_POST["password"], $_POST["birthday"], $capo, $autista, $hidden, $disabled, $user_info["id"]);
|
||||
} catch (\Delight\Auth\InvalidEmailException $e) {
|
||||
return ["status" => "error", "message" => "Invalid email address"];
|
||||
} catch (\Delight\Auth\InvalidPasswordException $e) {
|
||||
return ["status" => "error", "message" => "Invalid password"];
|
||||
} catch (\Delight\Auth\UserAlreadyExistsException $e) {
|
||||
return ["status" => "error", "message" => "User already exists"];
|
||||
}
|
||||
if($userId){
|
||||
return ["userId" => $userId];
|
||||
} else {
|
||||
return ["status" => "error", "message" => "Unknown error"];
|
||||
}
|
||||
} else {
|
||||
return ["status" => "error", "message" => "User info required"];
|
||||
}
|
||||
});
|
||||
$r->addRoute('GET', '/availability', function($vars)
|
||||
{
|
||||
requireToken();
|
||||
|
|
@ -169,7 +196,7 @@ function responseApi($content, $status_code=200){
|
|||
|
||||
function validToken(){
|
||||
global $database, $user_info;
|
||||
$token = isset($_SERVER['HTTP_TOKEN']) ? $_SERVER['HTTP_TOKEN'] : (isset($_SERVER['HTTP_token']) ? $_SERVER['HTTP_token'] : (isset($_SERVER['HTTP_Token']) ? $_SERVER['HTTP_Token'] : (isset($_POST['TOKEN']) ? $_POST['TOKEN'] : false)));
|
||||
$token = isset($_POST['apiKey']) ? $_POST['apiKey'] : (isset($_GET['apiKey']) ? $_GET['apiKey'] : (isset($_SERVER['apiKey']) ? $_SERVER['apiKey'] : false));
|
||||
if($token == false){
|
||||
return false;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -504,15 +504,22 @@ class user{
|
|||
|
||||
public function add_user($email, $name, $username, $password, $birthday, $capo, $autista, $hidden, $disabled, $inseritoda){
|
||||
$userId = $this->auth->admin()->createUserWithUniqueUsername($email, $password, $username);
|
||||
$sql = "INSERT INTO `%PREFIX%_profiles` (`hidden`, `disabled`, `name`, `caposquadra`, `autista`) VALUES (:hidden, :disabled, :name, :caposquadra, :autista)";
|
||||
$this->database->exec($sql, false, [":hidden" => $hidden, ":disabled" => $disabled, ":name" => $name, ":caposquadra" => $capo, ":autista" => $autista]);
|
||||
if($capo == 1){
|
||||
$this->auth->admin()->addRoleForUserById($userId, Role::FULL_VIEWER);
|
||||
if($userId){
|
||||
$sql = "INSERT INTO `%PREFIX%_profiles` (`hidden`, `disabled`, `name`, `caposquadra`, `autista`) VALUES (:hidden, :disabled, :name, :caposquadra, :autista)";
|
||||
$this->database->exec($sql, false, [":hidden" => $hidden, ":disabled" => $disabled, ":name" => $name, ":caposquadra" => $capo, ":autista" => $autista]);
|
||||
if($capo == 1){
|
||||
$this->auth->admin()->addRoleForUserById($userId, Role::FULL_VIEWER);
|
||||
}
|
||||
$this->log("User created", $userId, $inseritoda, date("d/m/Y"), date("H:i.s"));
|
||||
return $userId;
|
||||
} else {
|
||||
return $false;
|
||||
}
|
||||
}
|
||||
|
||||
public function remove_user($id){
|
||||
$this->exec("DELETE FROM `%PREFIX%_users` WHERE `id` = :id; DELETE FROM `%PREFIX%_profiles` WHERE `id` = :id;", true, [":id" => $id]);
|
||||
public function remove_user($id, $rimossoda){
|
||||
$this->database->exec("DELETE FROM `%PREFIX%_users` WHERE `id` = :id", true, [":id" => $id], "DELETE FROM `%PREFIX%_profiles` WHERE `id` = :id");
|
||||
$this->log("User removed", null, $rimossoda, date("d/m/Y"), date("H:i.s"));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -282,8 +282,8 @@ PRIMARY KEY (`id`)
|
|||
CREATE TABLE IF NOT EXISTS `".$prefix."_log` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`action` varchar(100) NOT NULL,
|
||||
`changed` varchar(100) NOT NULL,
|
||||
`editor` varchar(100) NOT NULL,
|
||||
`changed` varchar(100),
|
||||
`editor` varchar(100),
|
||||
`date` varchar(100) NOT NULL,
|
||||
`time` varchar(100) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
|
|
|
|||
|
|
@ -81,7 +81,17 @@ select::-ms-expand {
|
|||
<?php
|
||||
foreach($risultato as $row){
|
||||
if(!in_array($row['changed'], $hidden) OR in_array($user->name(), $hidden)){
|
||||
echo "<tr><td>" . $row["action"] . "</td><td>" . $user->nameById($row["changed"]) . "</td><td>" . $user->nameById($row["editor"]) ."</td><td>" . $row['date'] . " - ore " . $row['time'] . "</tr>";
|
||||
if(!is_null($row["changed"])){
|
||||
$changedName = $user->nameById($row["changed"]);
|
||||
} else {
|
||||
$changedName = "N/A";
|
||||
}
|
||||
if(!is_null($row["editor"])){
|
||||
$editorName = $user->nameById($row["editor"]);
|
||||
} else {
|
||||
$editorName = "N/A";
|
||||
}
|
||||
echo "<tr><td>" . $row["action"] . "</td><td>" . $changedName . "</td><td>" . $editorName ."</td><td>" . $row['date'] . " - ore " . $row['time'] . "</tr>";
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue