X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fadmin.php;h=73ae5844cf725afb20224cf26d99d2116675508a;hb=1605f171418842df3135d9331d607203e5899c99;hp=8b16500be65471389fcfd4b42e77a02b8b9a3b3d;hpb=7c5200a5e48db42ef10efc2d985fb02b88da822d;p=platal.git diff --git a/modules/admin.php b/modules/admin.php index 8b16500..73ae584 100644 --- a/modules/admin.php +++ b/modules/admin.php @@ -1,6 +1,6 @@ $this->make_hook('phpinfo', AUTH_MDP, 'admin'), - 'admin' => $this->make_hook('default', AUTH_MDP, 'admin'), - 'admin/ax-xorg' => $this->make_hook('ax_xorg', AUTH_MDP, 'admin'), - 'admin/dead-but-active' => $this->make_hook('dead_but_active', AUTH_MDP, 'admin'), - 'admin/deaths' => $this->make_hook('deaths', AUTH_MDP, 'admin'), - 'admin/downtime' => $this->make_hook('downtime', AUTH_MDP, 'admin'), - 'admin/homonyms' => $this->make_hook('homonyms', AUTH_MDP, 'admin'), - 'admin/logger' => $this->make_hook('logger', AUTH_MDP, 'admin'), - 'admin/logger/actions' => $this->make_hook('logger_actions', AUTH_MDP, 'admin'), - 'admin/postfix/blacklist' => $this->make_hook('postfix_blacklist', AUTH_MDP, 'admin'), - 'admin/postfix/delayed' => $this->make_hook('postfix_delayed', AUTH_MDP, 'admin'), + 'phpinfo' => $this->make_hook('phpinfo', AUTH_MDP, 'admin'), + 'admin' => $this->make_hook('default', AUTH_MDP, 'admin'), + 'admin/ax-xorg' => $this->make_hook('ax_xorg', AUTH_MDP, 'admin'), + 'admin/dead-but-active' => $this->make_hook('dead_but_active', AUTH_MDP, 'admin'), + 'admin/deaths' => $this->make_hook('deaths', AUTH_MDP, 'admin'), + 'admin/downtime' => $this->make_hook('downtime', AUTH_MDP, 'admin'), + 'admin/homonyms' => $this->make_hook('homonyms', AUTH_MDP, 'admin'), + 'admin/logger' => $this->make_hook('logger', AUTH_MDP, 'admin'), + 'admin/logger/actions' => $this->make_hook('logger_actions', AUTH_MDP, 'admin'), + 'admin/postfix/blacklist' => $this->make_hook('postfix_blacklist', AUTH_MDP, 'admin'), + 'admin/postfix/delayed' => $this->make_hook('postfix_delayed', AUTH_MDP, 'admin'), 'admin/postfix/regexp_bounces' => $this->make_hook('postfix_regexpsbounces', AUTH_MDP, 'admin'), - 'admin/postfix/whitelist' => $this->make_hook('postfix_whitelist', AUTH_MDP, 'admin'), - 'admin/mx/broken' => $this->make_hook('mx_broken', AUTH_MDP, 'admin'), - 'admin/skins' => $this->make_hook('skins', AUTH_MDP, 'admin'), - 'admin/synchro_ax' => $this->make_hook('synchro_ax', AUTH_MDP, 'admin'), - 'admin/user' => $this->make_hook('user', AUTH_MDP, 'admin'), - 'admin/promo' => $this->make_hook('promo', AUTH_MDP, 'admin'), - 'admin/validate' => $this->make_hook('validate', AUTH_MDP, 'admin'), - 'admin/validate/answers' => $this->make_hook('validate_answers', AUTH_MDP, 'admin'), - 'admin/wiki' => $this->make_hook('wiki', AUTH_MDP, 'admin'), - 'admin/ipwatch' => $this->make_hook('ipwatch', AUTH_MDP, 'admin'), - 'admin/icons' => $this->make_hook('icons', AUTH_MDP, 'admin'), + 'admin/postfix/whitelist' => $this->make_hook('postfix_whitelist', AUTH_MDP, 'admin'), + 'admin/mx/broken' => $this->make_hook('mx_broken', AUTH_MDP, 'admin'), + 'admin/skins' => $this->make_hook('skins', AUTH_MDP, 'admin'), + 'admin/synchro_ax' => $this->make_hook('synchro_ax', AUTH_MDP, 'admin'), + 'admin/user' => $this->make_hook('user', AUTH_MDP, 'admin'), + 'admin/promo' => $this->make_hook('promo', AUTH_MDP, 'admin'), + 'admin/validate' => $this->make_hook('validate', AUTH_MDP, 'admin'), + 'admin/validate/answers' => $this->make_hook('validate_answers', AUTH_MDP, 'admin'), + 'admin/wiki' => $this->make_hook('wiki', AUTH_MDP, 'admin'), + 'admin/ipwatch' => $this->make_hook('ipwatch', AUTH_MDP, 'admin'), + 'admin/icons' => $this->make_hook('icons', AUTH_MDP, 'admin'), + 'admin/accounts' => $this->make_hook('accounts', AUTH_MDP, 'admin'), ); } @@ -79,11 +80,11 @@ class AdminModule extends PLModule $sql = XDB::iterator( "SELECT crc, nb, update_time, create_time, - FIND_IN_SET('del', release) AS del, - FIND_IN_SET('ok', release) AS ok - FROM postfix_mailseen + FIND_IN_SET('del', p.release) AS del, + FIND_IN_SET('ok', p.release) AS ok + FROM postfix_mailseen AS p WHERE nb >= 30 - ORDER BY release != ''"); + ORDER BY p.release != ''"); $page->assign_by_ref('mails', $sql); } @@ -362,6 +363,7 @@ class AdminModule extends PLModule } // Loads the user identity using the environment. + $user = null; if ($login) { $user = User::get($login); } else if (Env::has('user_id')) { @@ -401,7 +403,7 @@ class AdminModule extends PLModule FROM auth_user_md5 WHERE user_id = {?}"; $mr = XDB::query($userinfo_query, $user->id())->fetchOneAssoc(); - $redirect = ($registered ? new Redirect($user->id()) : null); + $redirect = ($registered ? new Redirect($user) : null); // Processes admin requests, if any. foreach($_POST as $key => $val) { @@ -466,7 +468,7 @@ class AdminModule extends PLModule // Eventually adds the alias to the right domain. if ($domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2) { - $req = new AliasReq($user->id(), $alias, 'Admin request', false); + $req = new AliasReq($user, $alias, 'Admin request', false); if ($req->commit()) { $page->trigSuccess("Nouvel alias '$alias@$domain' attribué"); } else { @@ -495,7 +497,7 @@ class AdminModule extends PLModule SET rewrite = '' WHERE uid = {?} AND rewrite LIKE CONCAT({?}, '@%')", $user->id(), $val); - fix_bestalias($user->id()); + fix_bestalias($user); $page->trigSuccess("L'alias '$val' a été supprimé"); } break; @@ -511,7 +513,7 @@ class AdminModule extends PLModule // As having a non-null bestalias value is critical in // plat/al's code, we do an a posteriori check on the // validity of the bestalias. - fix_bestalias($user->id()); + fix_bestalias($user); break; // Profile edition. @@ -551,6 +553,10 @@ class AdminModule extends PLModule // however suits our needs. if ($perms == 'disabled' && $old_fields['perms'] != 'disabled') { kill_sessions(); + + // Also serve a reminder to the admin: disabling an account + // does not deactivate email forwarding. + $page->trigWarning("N'oubliez pas, le cas échéant, de désactiver les redirections et le compte GoogleApps de l'utilisateur."); } // Updates the user profile with the new values. @@ -567,6 +573,12 @@ class AdminModule extends PLModule user_reindex($user->id()); $new_fields = XDB::query($watch_query, $user->id())->fetchOneAssoc(); + // Redacts the password in the notification, to avoid transmitting + // sensitive information by email. + $new_fields['password'] = ($old_fields['password'] != $new_fields['password'] ? 'new' : 'old'); + $old_fields['password'] = 'old'; + + // Notifies the admins of the profile update. $mailer = new PlMailer("admin/useredit.mail.tpl"); $mailer->assign("admin", S::user()->login()); $mailer->assign("user", $user->login()); @@ -602,14 +614,6 @@ class AdminModule extends PLModule $account->set_password($pass_encrypted); } } - - // If the update did disable the user account, disables - // the Google Apps account as well. - if ($new_fields['perms'] == 'disabled' && $new_fields['perms'] != $old_fields['perms']) { - require_once 'googleapps.inc.php'; - $account = new GoogleAppsAccount($user); - $account->suspend(); - } } @@ -621,6 +625,7 @@ class AdminModule extends PLModule // User re-registration. case "u_kill": + require_once('user.func.inc.php'); user_clear_all_subs($user->id()); $globals->updateNbIns(); $page->trigSuccess("'" . $user->id() . "' a été désinscrit !"); @@ -661,7 +666,11 @@ class AdminModule extends PLModule "SELECT alias FROM virtual INNER JOIN virtual_redirect USING (vid) - WHERE type = 'user' AND redirect LIKE CONCAT({?}, '@%')", $user->id())); + WHERE type = 'user' AND (redirect = {?} OR redirect = {?})", + $user->forlifeEmail(), + // TODO: remove this über-ugly hack. The issue is that you need + // to remove all @m4x.org addresses in virtual_redirect first. + $user->login() . '@' . $globals->mail->domain2)); $page->assign('aliases', XDB::iterator( "SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire @@ -685,16 +694,19 @@ class AdminModule extends PLModule $page->assign('bans', $bans); } - function getHruid($line, $key) + function getHruid($line, $key, $relation) { - var_dump($line); - if (!isset($line['nom']) || !isset($line['prenom']) || !isset($line['promo'])) { - return null; + $prenom = CSVImporter::getValue($line, 'prenom', $relation['prenom']); + $nom = CSVImporter::getValue($line, 'nom', $relation['nom']); + $promo = CSVImporter::getValue($line, 'promo', $relation['promo']); + + if ($prenom != 'NULL' && $nom != 'NULL' && $promo != 'NULL') { + return make_forlife($prenom, $nom, $promo); } - return make_forlife($line['prenom'], $line['nom'], $line['promo']); + return null; } - function getMatricule($line, $key) + function getMatricule($line, $key, $relation) { $mat = $line['matricule']; $year = intval(substr($mat, 0, 3)); @@ -773,6 +785,7 @@ class AdminModule extends PLModule send_warning_homonyme($prenom, $nom, $forlife, $loginbis); switch_bestalias($target, $loginbis); $op = 'list'; + $page->trigSuccess('Email envoyé à ' . $forlife . '.'); break; case 'correct': @@ -783,6 +796,7 @@ class AdminModule extends PLModule XDB::execute("REPLACE INTO homonymes (homonyme_id,user_id) VALUES({?},{?})", $target, $target); send_robot_homonyme($prenom, $nom, $forlife, $loginbis); $op = 'list'; + $page->trigSuccess('Email envoyé à ' . $forlife . ', alias supprimé.'); break; } } @@ -851,7 +865,6 @@ class AdminModule extends PLModule if ($validate) { S::assert_xsrf_token(); - $new_deces = array(); $res = XDB::iterRow("SELECT user_id,matricule,nom,prenom,deces FROM auth_user_md5 WHERE promo = {?}", $promo); while (list($uid,$mat,$nom,$prenom,$deces) = $res->next()) { $val = Env::v($mat); @@ -860,7 +873,7 @@ class AdminModule extends PLModule } XDB::execute('UPDATE auth_user_md5 SET deces={?} WHERE matricule = {?}', $val, $mat); - $new_deces[] = array('name' => "$prenom $nom", 'date' => "$val"); + $page->trigSuccess('Ajout du décès de ' . $prenom . " " . $nom . ' le ' . $val . '.'); if($deces == '0000-00-00' || empty($deces)) { require_once('notifs.inc.php'); register_watch_op($uid, WATCH_DEATH, $val); @@ -868,7 +881,6 @@ class AdminModule extends PLModule user_clear_all_subs($uid, false); // by default, dead ppl do not loose their email } } - $page->assign('new_deces',$new_deces); } $res = XDB::iterator('SELECT matricule, nom, prenom, deces FROM auth_user_md5 WHERE promo = {?} ORDER BY nom,prenom', $promo); @@ -880,9 +892,8 @@ class AdminModule extends PLModule $page->setTitle('Administration - Décédés'); $res = XDB::iterator( - "SELECT u.promo, u.nom, u.prenom, u.deces, u.matricule_ax, a.alias, DATE(MAX(s.start)) AS last + "SELECT u.promo, u.nom, u.prenom, u.deces, u.matricule_ax, u.hruid, DATE(MAX(s.start)) AS last FROM auth_user_md5 AS u - LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie') LEFT JOIN logger.sessions AS s ON (s.uid = u.user_id AND suid = 0) WHERE perms IN ('admin', 'user') AND deces <> 0 GROUP BY u.user_id @@ -944,7 +955,11 @@ class AdminModule extends PLModule S::assert_xsrf_token(); $req = Validate::get_typed_request(Env::v('uid'), Env::v('type'), Env::v('stamp')); - $req->handle_formu(); + if ($req) { + $req->handle_formu(); + } else { + $page->trigWarning('La validation a déjà été effectuée.'); + } } $r = XDB::iterator('SHOW COLUMNS FROM requests_answers'); @@ -1047,7 +1062,7 @@ class AdminModule extends PLModule { if (S::v('core_rss_hash')) { $page->setRssLink('Changement Récents', - '/Site/AllRecentChanges?action=rss&user=' . S::v('forlife') . '&hash=' . S::v('core_rss_hash')); + '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('core_rss_hash')); } // update wiki perms @@ -1156,18 +1171,18 @@ class AdminModule extends PLModule $sql = "SELECT w.ip, IF(s.ip IS NULL, IF(w.ip = s2.ip, s2.host, s2.forward_host), IF(w.ip = s.ip, s.host, s.forward_host)), - w.mask, w.detection, w.state, a.alias AS forlife + w.mask, w.detection, w.state, u.hruid FROM ip_watch AS w LEFT JOIN logger.sessions AS s ON (s.ip = w.ip) LEFT JOIN logger.sessions AS s2 ON (s2.forward_ip = w.ip) - LEFT JOIN aliases AS a ON (a.id = s.uid AND a.type = 'a_vie') - GROUP BY w.ip, a.alias - ORDER BY w.state, w.ip, a.alias"; + LEFT JOIN auth_user_md5 AS u ON (u.user_id = s.uid) + GROUP BY w.ip, u.hruid + ORDER BY w.state, w.ip, u.hruid"; $it = Xdb::iterRow($sql); $table = array(); $props = array(); - while (list($ip, $host, $mask, $date, $state, $forlife) = $it->next()) { + while (list($ip, $host, $mask, $date, $state, $hruid) = $it->next()) { $ip = uint_to_ip($ip); $mask = uint_to_ip($mask); if (count($props) == 0 || $props['ip'] != $ip) { @@ -1179,9 +1194,9 @@ class AdminModule extends PLModule 'host' => $host, 'detection' => $date, 'state' => $state, - 'users' => array($forlife)); + 'users' => array($hruid)); } else { - $props['users'][] = $forlife; + $props['users'][] = $hruid; } } if (count($props) > 0) { @@ -1190,18 +1205,18 @@ class AdminModule extends PLModule $page->assign('table', $table); } elseif ($action == 'edit') { $sql = "SELECT w.detection, w.state, w.last, w.description, w.mask, - a1.alias AS edit, a2.alias AS forlife, s.host + u1.hruid AS edit, u2.hruid AS hruid, s.host FROM ip_watch AS w - LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie') + LEFT JOIN auth_user_md5 AS u1 ON (u1.user_id = w.uid) LEFT JOIN logger.sessions AS s ON (w.ip = s.ip) - LEFT JOIN aliases AS a2 ON (a2.id = s.uid AND a2.type = 'a_vie') + LEFT JOIN auth_user_md5 AS u2 ON (u2.user_id = s.uid) WHERE w.ip = {?} - GROUP BY a2.alias - ORDER BY a2.alias"; + GROUP BY u2.hruid + ORDER BY u2.hruid"; $it = Xdb::iterRow($sql, ip_to_uint($ip)); $props = array(); - while (list($detection, $state, $last, $description, $mask, $edit, $forlife, $host) = $it->next()) { + while (list($detection, $state, $last, $description, $mask, $edit, $hruid, $host) = $it->next()) { if (count($props) == 0) { $props = array('ip' => $ip, 'mask' => uint_to_ip($mask), @@ -1211,9 +1226,9 @@ class AdminModule extends PLModule 'last' => $last, 'description' => $description, 'edit' => $edit, - 'users' => array($forlife)); + 'users' => array($hruid)); } else { - $props['users'][] = $forlife; + $props['users'][] = $hruid; } } $page->assign('ip', $props); @@ -1236,6 +1251,19 @@ class AdminModule extends PLModule sort($icons); $page->assign('icons', $icons); } + + function handler_accounts(&$page) + { + $page->changeTpl('admin/accounts.tpl'); + $page->assign('disabled', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.comment, u.hruid + FROM auth_user_md5 AS u + WHERE perms = \'disabled\' + ORDER BY nom, prenom')); + $page->assign('admins', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.hruid + FROM auth_user_md5 AS u + WHERE perms = \'admin\' + ORDER BY nom, prenom')); + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: