diff options
author | Malf Furious <m@lfurio.us> | 2016-05-22 16:59:43 -0400 |
---|---|---|
committer | Malf Furious <m@lfurio.us> | 2016-05-22 16:59:43 -0400 |
commit | abd11313d0a9f2b28d7b709fcbd98befd95db15c (patch) | |
tree | 152db15fb227134a48fa54d4696f0069bf651d62 /app/model | |
parent | d431ef2954455ad38454d27f5be866061794b4bf (diff) | |
parent | 2d1e4242a87b54578e24546dabe1525a014da24e (diff) | |
download | scrott-abd11313d0a9f2b28d7b709fcbd98befd95db15c.tar.gz scrott-abd11313d0a9f2b28d7b709fcbd98befd95db15c.zip |
Merge branch 'feature/user-removal' into dev
Diffstat (limited to '')
-rw-r--r-- | app/model/common.mod.php | 56 | ||||
-rw-r--r-- | app/model/deleteacct.mod.php | 49 |
2 files changed, 105 insertions, 0 deletions
diff --git a/app/model/common.mod.php b/app/model/common.mod.php index 7630dfa..5e6373c 100644 --- a/app/model/common.mod.php +++ b/app/model/common.mod.php @@ -14,6 +14,16 @@ class CommonModel extends MasterModel ); /* + * Constructor + */ + function __construct() + { + parent::__construct(); + $this->common_handleFormSubmissions($_REQUEST['input'], $_FILES['attachment']); + $this->common_deflt(); + } + + /* * Default action */ function common_deflt() @@ -48,6 +58,7 @@ class CommonModel extends MasterModel case "common-setting-admin": $this->saveSettingAdmin($input); break; case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input, $attachment); break; + case "common-setting-allusers-deluser": $this->saveSettingAllusersDeluser($input); break; } } @@ -273,6 +284,51 @@ class CommonModel extends MasterModel else $this->logFormErrors($form); } + + /* + * Allow admin to remove user accounts + */ + function saveSettingAllusersDeluser($input) + { + $form = new Form(); + $form->field_text("guid"); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + $user = new User($form->guid); + + if ($user->type != "user") + { + $this->logError("Invalid user GUID"); + return; + } + + if ($user->admin && $user->getNumAdmins() == 1) + { + $this->logError("Account not deleted - Cannot remove the last admin account"); + return; + } + + $user->delObj(); + + if (!$this->getCurrentUser()) + { + /* did user delete their own account? */ + $this->redirectTo($this->ar() . "/"); + } + } } ?> diff --git a/app/model/deleteacct.mod.php b/app/model/deleteacct.mod.php new file mode 100644 index 0000000..89aca14 --- /dev/null +++ b/app/model/deleteacct.mod.php @@ -0,0 +1,49 @@ +<?php + +require_once "model/common.mod.php"; +require_once "class/form.class.php"; +require_once "class/user.class.php"; + +class DeleteacctModel extends CommonModel +{ + /* + * Default action + */ + function deflt() + { + } + + /* + * Delete current user's account + */ + function del($input) + { + $form = new Form(); + $form->field_text("password", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user->validatePassword($form->password)) + { + $this->logError("Account not deleted - Password was incorrect"); + return; + } + + if ($user->admin && $user->getNumAdmins() == 1) + { + $this->logError("Account not deleted - Cannot remove the last admin account"); + return; + } + + $user->delObj(); + $this->redirectTo($this->ar() . "/"); + } +} + +?> |