Fix #765

2025-01-23 20:30:51 +01:00 · 2020-02-23 14:21:49 +01:00 · 2020-02-23 14:21:49 +01:00 · 7d00a67d1a
commit 7d00a67d1a
parent 168d35a869
3 changed files with 35 additions and 21 deletions
--- a/modules/utenti/actions.php
+++ b/modules/utenti/actions.php
@ -112,16 +112,26 @@ switch (filter('op')) {

    // Abilita API utente
    case 'token_enable':
-         if ($dbo->query('UPDATE zz_tokens SET enabled = 1 WHERE id_utente = '.prepare($id_utente))) {
-             flash()->info(tr('Token abilitato!'));
-         }
+        $utente = User::find($id_utente);
+        $tokens = $utente->getApiTokens();
+
+        foreach ($tokens as $token){
+            $dbo->query('UPDATE zz_tokens SET enabled = 1 WHERE id = '.prepare($token['id']));
+        }
+
+        flash()->info(tr('Token abilitato!'));
        break;

    // Disabilita API utente
    case 'token_disable':
-        if ($dbo->query('UPDATE zz_tokens SET enabled = 0 WHERE id_utente = '.prepare($id_utente))) {
-            flash()->info(tr('Token disabilitato!'));
+        $utente = User::find($id_utente);
+        $tokens = $utente->getApiTokens();
+
+        foreach ($tokens as $token){
+            $dbo->query('UPDATE zz_tokens SET enabled = 0 WHERE id = '.prepare($token['id']));
        }
+
+        flash()->info(tr('Token abilitato!'));
        break;

    // Elimina gruppo
--- a/src/Auth.php
+++ b/src/Auth.php
@ -200,22 +200,8 @@ class Auth extends \Util\Singleton
        if ($this->isAuthenticated()) {
            $user = self::user();

-            $database = database();
-            $tokens = $database->fetchArray('SELECT `token` FROM `zz_tokens` WHERE `enabled` = 1 AND `id_utente` = :user_id', [
-                ':user_id' => $user->id,
-            ]);
-
-            // Generazione del token per l'utente
-            if (empty($tokens)) {
-                $token = secure_random_string();
-
-                $database->insert('zz_tokens', [
-                    'id_utente' => $user->id,
-                    'token' => $token,
-                ]);
-            } else {
-                $token = $tokens[0]['token'];
-            }
+            $tokens = $user->getApiTokens();
+            $token = $tokens[0]['token'];
        }

        return $token;
--- a/src/Models/User.php
+++ b/src/Models/User.php
@ -172,6 +172,24 @@ class User extends Model
        return $anagrafica->ragione_sociale.' ('.$this->username.')';
    }

+    public function getApiTokens(){
+        $query = 'SELECT * FROM `zz_tokens` WHERE `enabled` = 1 AND `id_utente` = '.prepare($this->id);
+        $database = database();
+
+        // Generazione del token per l'utente
+        $tokens = $database->fetchArray($query);
+        if (empty($tokens)) {
+            $token = secure_random_string();
+
+            $database->insert('zz_tokens', [
+                'id_utente' => $this->id,
+                'token' => $token,
+            ]);
+        }
+
+        return $database->fetchArray($query);
+    }
+
    /* Relazioni Eloquent */

    public function group()