Updated ReadMe, Updated is admin check, Added initial change user access ability, Started updating update script for new sql methods, Reformatted user init.js indentation, Reformatted indentation on user dialog.

This commit is contained in:
xevidos 2019-02-10 00:35:15 -05:00
parent a9dc1e2815
commit 3d122eb296
7 changed files with 486 additions and 462 deletions

View file

@ -27,7 +27,7 @@ Task List:
* Add ability to login with LDAP
* Add custom market
* Add in new admin interface
* Add in new admin interface ( Check admin-portal branch for progress )
- Group Management
- Permissions Management
- Plugin Management
@ -37,6 +37,7 @@ Task List:
* Add if file could not be saved 5 times close the open file
* Add multi level users. ( Projects for only certain groups, Permission levels )
* Add mobile compatibility
* Add support for more database systems and test ( MSSQL, Oracle, Postgre SQL, SQLite, etc )
* Clean up update script
* Re Add the language recognition system after recode
@ -47,6 +48,10 @@ Completed:
* Add ability to center bottom of code
* Add updating script
* Add site renaming
* Database Update
- Added Mysql Support.
- Project Updated to use PDO so future support for more database systems can be added.
- Updated to store program data ( Not project data ) in databases.
* Fix JS errors already showing
* Remove Codiad autocomplete in favor of Ace's
* Updated for PHP 7.2

View file

@ -201,15 +201,9 @@ class Common {
global $sql;
$query = "SELECT COUNT( * ) FROM users WHERE username=? AND access=?;";
$bind_variables = array( $_SESSION["user"], "admin" );
$return = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error checking user acess." ), 'fetchColumn' );
if( $return > 0 ) {
return( true );
} else {
return( false );
}
$return = $sql->query( $query, $bind_variables, -1, 'fetchColumn' );
$admin = ( $return > 0 );
return $admin;
}
public static function logout() {
@ -644,7 +638,7 @@ class Common {
// Wrapper for old method names
//////////////////////////////////////////////////////////////////
function is_admin() { Common::is_admin(); }
function is_admin() { return Common::is_admin(); }
function debug($message) { Common::debug($message); }
function i18n($key, $args = array()) { echo Common::i18n($key, $args); }
function get_i18n($key, $args = array()) { return Common::get_i18n($key, $args); }

View file

@ -57,69 +57,6 @@ class updater {
* Constants
*/
const DEFAULT_OPTIONS = array(
array(
"name" => "codiad.editor.autocomplete",
"value" => "false",
),
array(
"name" => "codiad.editor.fileManagerTrigger",
"value" => "false",
),
array(
"name" => "codiad.editor.fontSize",
"value" => "14px",
),
array(
"name" => "codiad.editor.highlightLine",
"value" => "true",
),
array(
"name" => "codiad.editor.indentGuides",
"value" => "true",
),
array(
"name" => "codiad.editor.overScroll",
"value" => "0.5",
),
array(
"name" => "codiad.editor.persistentModal",
"value" => "true",
),
array(
"name" => "codiad.editor.printMargin",
"value" => "true",
),
array(
"name" => "codiad.editor.printMarginColumn",
"value" => "80",
),
array(
"name" => "codiad.editor.rightSidebarTrigger",
"value" => "false",
),
array(
"name" => "codiad.editor.softTabs",
"value" => "false",
),
array(
"name" => "codiad.editor.tabSize",
"value" => "4",
),
array(
"name" => "codiad.editor.theme",
"value" => "twilight",
),
array(
"name" => "codiad.editor.wrapMode",
"value" => "false",
),
array(
"name" => "codiad.settings.autosave",
"value" => "true",
),
);
/**
* Properties
*/
@ -253,12 +190,12 @@ class updater {
require_once('../../common.php');
require_once('../sql/class.sql.php');
require_once('../settings/class.settings.php');
$user_settings_file = DATA . "/settings.php";
$projects_file = DATA . "/projects.php";
$users_file = DATA . "/users.php";
$sql = new sql();
global $sql;
$connection = $sql->connect();
$query = "
@ -485,7 +422,7 @@ DELETE FROM user_options;
public function set_default_options() {
foreach( self::DEFAULT_OPTIONS as $id => $option ) {
foreach( Settings::DEFAULT_OPTIONS as $id => $option ) {
$this->update_option( $option["name"], $option["value"], true );
}
@ -571,25 +508,32 @@ DELETE FROM user_options;
public function update_option( $option, $value, $user_setting = null ) {
$sql = new sql();
$query = "INSERT INTO user_options ( name, username, value ) VALUES ( ?, ?, ? );";
$bind = "sss";
$bind_variables = array(
$option,
$this->username,
$value,
);
$result = sql::sql( $query, $bind, $bind_variables, formatJSEND( "error", "Error, Could not add user's settings." ) );
$result = $sql->query( $query, $bind_variables, 0, "rowCount" );
if( $result !== true ) {
if( $result == 0 ) {
$query = "UPDATE user_options SET value=? WHERE name=? AND username=?;";
$bind = "sss";
$bind_variables = array(
$value,
$option,
$this->username,
);
$result = sql::sql( $query, $bind, $bind_variables, formatJSEND( "error", "Error, Could not update user's settings." ) );
$result = $sql->query( $query, $bind_variables, 0, "rowCount" );
}
if( $result > 0 ) {
echo formatJSEND( "success", null );
} else {
echo formatJSEND( "error", "Error, Could not update option $option" );
}
}
@ -606,8 +550,10 @@ DELETE FROM user_options;
if( isset( $_GET["action"] ) && $_GET["action"] !== '' ) {
global $sql;
$updater = new updater();
$action = $_GET["action"];
$sql = new sql();
switch( $action ) {

View file

@ -10,6 +10,11 @@ require_once( "../settings/class.settings.php" );
class User {
const ACCESS = array(
"admin",
"user"
);
//////////////////////////////////////////////////////////////////
// PROPERTIES
//////////////////////////////////////////////////////////////////

View file

@ -142,3 +142,10 @@ if ($_GET['action']=='verify') {
//$User->Verify();
checkSession();
}
if ( $_GET['action'] == 'update_access' ) {
checkSession();
echo json_encode( array( $_GET["username"], $_GET["access"] ) );
}

View file

@ -1,20 +1,20 @@
<?php
/*
* Copyright (c) Codiad & Kent Safranski (codiad.com), distributed
* as-is and without warranty under the MIT License. See
* [root]/license.txt for more. This information must remain intact.
*/
require_once('../../common.php');
require_once('./class.user.php');
$User = new User();
//////////////////////////////////////////////////////////////////
// Verify Session or Key
//////////////////////////////////////////////////////////////////
/*
* Copyright (c) Codiad & Kent Safranski (codiad.com), distributed
* as-is and without warranty under the MIT License. See
* [root]/license.txt for more. This information must remain intact.
*/
require_once('../../common.php');
require_once('./class.user.php');
$User = new User();
//////////////////////////////////////////////////////////////////
// Verify Session or Key
//////////////////////////////////////////////////////////////////
checkSession();
checkSession();
switch($_GET['action']){
switch($_GET['action']){
//////////////////////////////////////////////////////////////
// List Projects
@ -23,18 +23,33 @@
case 'list':
$projects_assigned = false;
if( ! checkAccess() ){
if( ! checkAccess() ) {
?>
<label><?php i18n("Restricted"); ?></label>
<pre><?php i18n("You can not edit the user list"); ?></pre>
<button onclick="codiad.modal.unload();return false;"><?php i18n("Close"); ?></button>
<?php } else { ?>
<?php
} else {
$admin = is_admin();
?>
<label><?php i18n("User List"); ?></label>
<div id="user-list">
<table width="100%">
<tr>
<th width="150"><?php i18n("Username"); ?></th>
<th width="85"><?php i18n("Password"); ?></th>
<?php
if( $admin ) {
?>
<th width="70"><?php i18n("Access"); ?></th>
<?php
}
?>
<th width="70"><?php i18n("Delete"); ?></th>
</tr>
</table>
@ -50,11 +65,32 @@
<td width="150"><?php echo($data['username']); ?></td>
<td width="85"><a onclick="codiad.user.password('<?php echo($data['username']); ?>');" class="icon-flashlight bigger-icon"></a></td>
<?php
if($_SESSION['user'] == $data['username']){
if( $admin ) {
?>
<td width="75">
<select onchange="codiad.user.update_access( event, '<?php echo( $data['username'] ); ?>' )">
<?php
foreach( User::ACCESS as $role ) {
?>
<option value="<?php echo $role;?>" <?php if( $data["access"] == $role ) { echo 'selected="selected"'; }?>><?php echo i18n( $role );?></option>
<?php
}
?>
</select>
</td>
<?php
}
if( $_SESSION['user'] == $data['username'] ) {
?>
<td width="75"><a onclick="codiad.message.error('You Cannot Delete Your Own Account');" class="icon-block bigger-icon"></a></td>
<?php
}else{
} else {
?>
<td width="70"><a onclick="codiad.user.delete('<?php echo($data['username']); ?>');" class="icon-cancel-circled bigger-icon"></a></td>
<?php
@ -71,7 +107,6 @@
<button class="btn-right" onclick="codiad.modal.unload();return false;"><?php i18n("Close"); ?></button>
<?php
}
break;
//////////////////////////////////////////////////////////////////////
@ -117,9 +152,10 @@
case 'password':
if($_GET['username']=='undefined'){
if( $_GET['username'] == 'undefined' ) {
$username = $_SESSION['user'];
}else{
} else {
$username = $_GET['username'];
}
@ -135,6 +171,6 @@
<?php
break;
}
}
?>

View file

@ -3,8 +3,7 @@
* as-is and without warranty under the MIT License. See
* [root]/license.txt for more. This information must remain intact.
*/
(function(global, $){
(function(global, $) {
var codiad = global.codiad;
@ -30,22 +29,21 @@
});
// Get Theme
if( codiad.settings !== undefined ) {
if(codiad.settings !== undefined) {
var theme = await codiad.settings.get_option( 'codiad.theme' );
var theme = await codiad.settings.get_option('codiad.theme');
} else {
var theme = 'default';
}
$("#theme option").each(function()
{
$("#theme option").each(function() {
if($(this).val() == theme) {
$(this).attr("selected","selected");
$(this).attr("selected", "selected");
}
});
// Get Language
if( codiad.settings !== undefined ) {
if(codiad.settings !== undefined) {
var language = await codiad.settings.get_option('codiad.language');
} else {
@ -53,17 +51,18 @@
var language = 'en';
}
$("#language option").each(function()
{
$("#language option").each(function() {
if($(this).val() == language) {
$(this).attr("selected","selected");
$(this).attr("selected", "selected");
}
});
// More Selector
$('.show-language-selector').click(function(){
$('.show-language-selector').click(function() {
$(this).hide();
$('.language-selector').animate({height:'toggle'}, "fast");
$('.language-selector').animate({
height: 'toggle'
}, "fast");
});
},
@ -74,7 +73,7 @@
authenticate: function() {
$.post(this.controller + '?action=authenticate', this.loginForm.serialize(), function(data) {
parsed = codiad.jsend.parse(data);
if (parsed != 'error') {
if(parsed != 'error') {
// Session set, reload
window.location.reload();
}
@ -87,11 +86,13 @@
logout: function() {
var forcelogout = true;
if ($('#list-active-files li.changed').length > 0) {
if($('#list-active-files li.changed').length > 0) {
forcelogout = confirm(i18n('You have unsaved files.'));
}
if(forcelogout) {
$('#list-active-files li.changed').each(function () { $(this).removeClass('changed')});
$('#list-active-files li.changed').each(function() {
$(this).removeClass('changed')
});
amplify.publish('user.logout', {});
codiad.settings.save();
$.get(this.controller + '?action=logout', function() {
@ -107,7 +108,7 @@
list: function() {
$('#modal-content form')
.die('submit'); // Prevent form bubbling
codiad.modal.load(400, this.dialog + '?action=list');
codiad.modal.load(600, this.dialog + '?action=list');
},
//////////////////////////////////////////////////////////////////
@ -129,21 +130,24 @@
.val();
// Check matching passwords
if (password1 != password2) {
if(password1 != password2) {
codiad.message.error(i18n('Passwords Do Not Match'));
pass = false;
}
// Check no spaces in username
if (!/^[a-z0-9]+$/i.test(username) || username.length===0) {
if(!/^[a-z0-9]+$/i.test(username) || username.length === 0) {
codiad.message.error(i18n('Username Must Be Alphanumeric String'));
pass = false;
}
if (pass) {
$.post(_this.controller + '?action=create', {'username' : username , 'password' : password1 }, function(data) {
if(pass) {
$.post(_this.controller + '?action=create', {
'username': username,
'password': password1
}, function(data) {
var createResponse = codiad.jsend.parse(data);
if (createResponse != 'error') {
if(createResponse != 'error') {
codiad.message.success(i18n('User Account Created'))
_this.list();
}
@ -167,7 +171,7 @@
codiad.modal.show_loading();
$.get(_this.controller + '?action=delete&username=' + username, function(data) {
var deleteResponse = codiad.jsend.parse(data);
if (deleteResponse != 'error') {
if(deleteResponse != 'error') {
codiad.message.success(i18n('Account Deleted'))
_this.list();
}
@ -190,17 +194,21 @@
var accessLevel = $('#modal-content form select[name="access_level"]')
.val();
var projects = new Array();
$('input:checkbox[name="project"]:checked').each(function(){
$('input:checkbox[name="project"]:checked').each(function() {
projects.push($(this).val());
});
if(accessLevel==0){ projects = 0; }
if(accessLevel == 0) {
projects = 0;
}
// Check and make sure if access level not full that at least on project is selected
if (accessLevel==1 && !projects) {
if(accessLevel == 1 && !projects) {
codiad.message.error(i18n('At Least One Project Must Be Selected'));
} else {
$.post(_this.controller + '?action=project_access&username=' + username,{projects: projects}, function(data) {
$.post(_this.controller + '?action=project_access&username=' + username, {
projects: projects
}, function(data) {
var projectsResponse = codiad.jsend.parse(data);
if (projectsResponse != 'error') {
if(projectsResponse != 'error') {
codiad.message.success(i18n('Account Modified'));
}
});
@ -224,12 +232,15 @@
.val();
var password2 = $('#modal-content form input[name="password2"]')
.val();
if (password1 != password2) {
if(password1 != password2) {
codiad.message.error(i18n('Passwords Do Not Match'));
} else {
$.post(_this.controller + '?action=password', {'username' : username , 'password' : password1 }, function(data) {
$.post(_this.controller + '?action=password', {
'username': username,
'password': password1
}, function(data) {
var passwordResponse = codiad.jsend.parse(data);
if (passwordResponse != 'error') {
if(passwordResponse != 'error') {
codiad.message.success(i18n('Password Changed'));
codiad.modal.unload();
}
@ -244,8 +255,28 @@
project: function(project) {
$.get(this.controller + '?action=project&project=' + project);
},
update_access: function( e, username=null ) {
let access = "";
if( ( typeof e ) == "string" ) {
access = e;
} else {
access = e.target.value;
}
};
$.get( this.controller + `?action=update_access&username=${username}&access=${access}`, function( data ) {
let response = codiad.jsend.parse( data );
if( response != 'error' ) {
codiad.message.success( i18n( 'Access Updated' ) );
}
});
},
};
})(this, jQuery);