forked from ZwiiCMS-Team/ZwiiCMS
Protection des profils utlisés
This commit is contained in:
parent
a0dca415b5
commit
b61d78dbaa
@ -289,8 +289,8 @@ class user extends common
|
||||
}
|
||||
} else {
|
||||
if (
|
||||
!empty($this->getInput('userEditNewPassword'))
|
||||
&& $this->getInput('userEditNewPassword') === $this->getInput('userEditConfirmPassword')
|
||||
!empty($this->getInput('userEditNewPassword'))
|
||||
&& $this->getInput('userEditNewPassword') === $this->getInput('userEditConfirmPassword')
|
||||
) {
|
||||
$newPassword = $this->getInput('userEditNewPassword', helper::FILTER_PASSWORD);
|
||||
// Déconnexion de l'utilisateur si il change le mot de passe de son propre compte
|
||||
@ -564,8 +564,19 @@ class user extends common
|
||||
*/
|
||||
public function profil()
|
||||
{
|
||||
foreach ($this->getData(['profil']) as $groupId => $groupData) {
|
||||
|
||||
// Ne pas supprimer un profil utililsé
|
||||
// recherche les membres du groupe
|
||||
$groups = helper::arrayColumn($this->getData(['user']), 'group');
|
||||
$groups = array_keys($groups, $this->getUrl(2));
|
||||
$profilUsed = true;
|
||||
// Stoppe si le profil est affecté
|
||||
foreach ($groups as $userId) {
|
||||
if ((string) $this->getData(['user', $userId, 'profil']) === $this->getUrl(3)) {
|
||||
$profilUsed= false;
|
||||
}
|
||||
}
|
||||
foreach ($this->getData(['profil']) as $groupId => $groupData) {
|
||||
// Membres sans permissions spécifiques
|
||||
if (
|
||||
$groupId == self::GROUP_BANNED ||
|
||||
@ -608,7 +619,7 @@ class user extends common
|
||||
'href' => helper::baseUrl() . 'user/profilDelete/' . $groupId . '/' . $profilId,
|
||||
'value' => template::ico('trash'),
|
||||
'help' => 'Supprimer',
|
||||
'disabled' => $profilData['permanent'],
|
||||
'disabled' => $profilData['permanent'] && $profilUsed,
|
||||
])
|
||||
];
|
||||
}
|
||||
@ -931,6 +942,17 @@ class user extends common
|
||||
|
||||
public function profilDelete()
|
||||
{
|
||||
// Ne pas supprimer un profil utililsé
|
||||
// recherche les membres du groupe
|
||||
$groups = helper::arrayColumn($this->getData(['user']), 'group');
|
||||
$groups = array_keys($groups, $this->getUrl(2));
|
||||
$flag= true;
|
||||
// Stoppe si le profil est affecté
|
||||
foreach ($groups as $userId) {
|
||||
if ((string) $this->getData(['user', $userId, 'profil']) === $this->getUrl(3)) {
|
||||
$flag= false;
|
||||
}
|
||||
}
|
||||
if (
|
||||
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||
$this->getData(['profil', $this->getUrl(2), $this->getUrl(3)]) === null ||
|
||||
@ -942,12 +964,15 @@ class user extends common
|
||||
]);
|
||||
// Suppression
|
||||
} else {
|
||||
$this->deleteData(['profil', $this->getUrl(2), $this->getUrl(3)]);
|
||||
if ($flag) {
|
||||
$this->deleteData(['profil', $this->getUrl(2), $this->getUrl(3)]);
|
||||
}
|
||||
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/profil',
|
||||
'notification' => helper::translate('Profil supprimé'),
|
||||
'state' => true
|
||||
'notification' => $flag ? helper::translate('Profil supprimé') : helper::translate('Action interdite'),
|
||||
'state' => $flag
|
||||
]);
|
||||
}
|
||||
}
|
||||
@ -1049,7 +1074,7 @@ class user extends common
|
||||
]);
|
||||
} else {
|
||||
$logStatus = 'Connexion réussie';
|
||||
$redirect = ($this->getUrl(2) && strpos($this->getUrl(2), 'user_reset') !== 0) ? helper::baseUrl() . str_replace('_', '/', str_replace('__', '#', $this->getUrl(2))) : helper::baseUrl();
|
||||
$redirect = ($this->getUrl(2) && strpos($this->getUrl(2), 'user_reset') !== 0) ? helper::baseUrl() . str_replace('_', '/', str_replace('__', '#', $this->getUrl(2))) : helper::baseUrl();
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'notification' => sprintf(helper::translate('Bienvenue %s %s'), $this->getData(['user', $userId, 'firstname']), $this->getData(['user', $userId, 'lastname'])),
|
||||
@ -1133,7 +1158,7 @@ class user extends common
|
||||
|
||||
// Valeurs en sortie
|
||||
$this->addOutput([
|
||||
'redirect' => helper::baseurl(),
|
||||
'redirect' => helper::baseurl(),
|
||||
'notification' => helper::translate('Impossible de réinitialiser le mot de passe de ce compte !'),
|
||||
'state' => false
|
||||
//'access' => false
|
||||
|
Loading…
Reference in New Issue
Block a user