X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fadmin.php;h=9b4e436f523f813e15baaad055b330a4fd43e113;hb=4f494e74bb1310de55ce335324a966e31b6c72cb;hp=3e63e39c869cd345384bd5c39d03a4bb973ceb57;hpb=de14933c384281bfc5571b8b3d7d7ac94b04bc48;p=platal.git diff --git a/modules/admin.php b/modules/admin.php index 3e63e39..9b4e436 100644 --- a/modules/admin.php +++ b/modules/admin.php @@ -1,6 +1,6 @@ $this->make_hook('wiki', AUTH_MDP, 'admin'), 'admin/ipwatch' => $this->make_hook('ipwatch', AUTH_MDP, 'admin'), 'admin/icons' => $this->make_hook('icons', AUTH_MDP, 'admin'), + 'admin/accounts' => $this->make_hook('accounts', AUTH_MDP, 'admin'), ); } @@ -551,6 +552,10 @@ class AdminModule extends PLModule // however suits our needs. if ($perms == 'disabled' && $old_fields['perms'] != 'disabled') { kill_sessions(); + + // Also serve a reminder to the admin: disabling an account + // does not deactivate email forwarding. + $page->trigWarning("N'oubliez pas, le cas échéant, de désactiver les redirections et le compte GoogleApps de l'utilisateur."); } // Updates the user profile with the new values. @@ -567,6 +572,12 @@ class AdminModule extends PLModule user_reindex($user->id()); $new_fields = XDB::query($watch_query, $user->id())->fetchOneAssoc(); + // Redacts the password in the notification, to avoid transmitting + // sensitive information by email. + $new_fields['password'] = ($old_fields['password'] != $new_fields['password'] ? 'new' : 'old'); + $old_fields['password'] = 'old'; + + // Notifies the admins of the profile update. $mailer = new PlMailer("admin/useredit.mail.tpl"); $mailer->assign("admin", S::user()->login()); $mailer->assign("user", $user->login()); @@ -602,14 +613,6 @@ class AdminModule extends PLModule $account->set_password($pass_encrypted); } } - - // If the update did disable the user account, disables - // the Google Apps account as well. - if ($new_fields['perms'] == 'disabled' && $new_fields['perms'] != $old_fields['perms']) { - require_once 'googleapps.inc.php'; - $account = new GoogleAppsAccount($user); - $account->suspend(); - } } @@ -621,6 +624,7 @@ class AdminModule extends PLModule // User re-registration. case "u_kill": + require_once('user.func.inc.php'); user_clear_all_subs($user->id()); $globals->updateNbIns(); $page->trigSuccess("'" . $user->id() . "' a été désinscrit !"); @@ -661,7 +665,11 @@ class AdminModule extends PLModule "SELECT alias FROM virtual INNER JOIN virtual_redirect USING (vid) - WHERE type = 'user' AND redirect LIKE CONCAT({?}, '@%')", $user->id())); + WHERE type = 'user' AND (redirect = {?} OR redirect = {?})", + $user->forlifeEmail(), + // TODO: remove this über-ugly hack. The issue is that you need + // to remove all @m4x.org addresses in virtual_redirect first. + $user->login() . '@' . $globals->mail->domain2)); $page->assign('aliases', XDB::iterator( "SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire @@ -685,13 +693,14 @@ class AdminModule extends PLModule $page->assign('bans', $bans); } - function getHruid($line, $key) + function getHruid($line, $partial_result, $key) { - var_dump($line); - if (!isset($line['nom']) || !isset($line['prenom']) || !isset($line['promo'])) { + if (!isset($partial_result['nom']) || + !isset($partial_result['prenom']) || + !isset($partial_result['promo'])) { return null; } - return make_forlife($line['prenom'], $line['nom'], $line['promo']); + return make_forlife($partial_result['prenom'], $partial_result['nom'], $partial_result['promo']); } function getMatricule($line, $key) @@ -732,9 +741,11 @@ class AdminModule extends PLModule $fields = array('hruid', 'nom', 'nom_ini', 'prenom', 'naissance_ini', 'prenom_ini', 'promo', 'promo_sortie', 'flags', 'matricule', 'matricule_ax', 'perms'); - $importer->forceValue('hruid', array($this, 'getHruid')); $importer->forceValue('promo', $promo); $importer->forceValue('promo_sortie', $promo + 3); + // The hruid generation callback is set last, so that it is called once 'promo' + // has already been computed for that line. + $importer->forceValue('hruid', array($this, 'getHruid')); break; case 'ax': $fields = array('matricule', 'matricule_ax'); @@ -773,6 +784,7 @@ class AdminModule extends PLModule send_warning_homonyme($prenom, $nom, $forlife, $loginbis); switch_bestalias($target, $loginbis); $op = 'list'; + $page->trigSuccess('Email envoyé à ' . $forlife . '.'); break; case 'correct': @@ -783,6 +795,7 @@ class AdminModule extends PLModule XDB::execute("REPLACE INTO homonymes (homonyme_id,user_id) VALUES({?},{?})", $target, $target); send_robot_homonyme($prenom, $nom, $forlife, $loginbis); $op = 'list'; + $page->trigSuccess('Email envoyé à ' . $forlife . ', alias supprimé.'); break; } } @@ -851,7 +864,6 @@ class AdminModule extends PLModule if ($validate) { S::assert_xsrf_token(); - $new_deces = array(); $res = XDB::iterRow("SELECT user_id,matricule,nom,prenom,deces FROM auth_user_md5 WHERE promo = {?}", $promo); while (list($uid,$mat,$nom,$prenom,$deces) = $res->next()) { $val = Env::v($mat); @@ -860,7 +872,7 @@ class AdminModule extends PLModule } XDB::execute('UPDATE auth_user_md5 SET deces={?} WHERE matricule = {?}', $val, $mat); - $new_deces[] = array('name' => "$prenom $nom", 'date' => "$val"); + $page->trigSuccess('Ajout du décès de ' . $prenom . " " . $nom . ' le ' . $val . '.'); if($deces == '0000-00-00' || empty($deces)) { require_once('notifs.inc.php'); register_watch_op($uid, WATCH_DEATH, $val); @@ -868,7 +880,6 @@ class AdminModule extends PLModule user_clear_all_subs($uid, false); // by default, dead ppl do not loose their email } } - $page->assign('new_deces',$new_deces); } $res = XDB::iterator('SELECT matricule, nom, prenom, deces FROM auth_user_md5 WHERE promo = {?} ORDER BY nom,prenom', $promo); @@ -880,9 +891,8 @@ class AdminModule extends PLModule $page->setTitle('Administration - Décédés'); $res = XDB::iterator( - "SELECT u.promo, u.nom, u.prenom, u.deces, u.matricule_ax, a.alias, DATE(MAX(s.start)) AS last + "SELECT u.promo, u.nom, u.prenom, u.deces, u.matricule_ax, u.hruid, DATE(MAX(s.start)) AS last FROM auth_user_md5 AS u - LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie') LEFT JOIN logger.sessions AS s ON (s.uid = u.user_id AND suid = 0) WHERE perms IN ('admin', 'user') AND deces <> 0 GROUP BY u.user_id @@ -944,7 +954,11 @@ class AdminModule extends PLModule S::assert_xsrf_token(); $req = Validate::get_typed_request(Env::v('uid'), Env::v('type'), Env::v('stamp')); - $req->handle_formu(); + if ($req) { + $req->handle_formu(); + } else { + $page->trigWarning('La validation a déjà été effectuée.'); + } } $r = XDB::iterator('SHOW COLUMNS FROM requests_answers'); @@ -1047,7 +1061,7 @@ class AdminModule extends PLModule { if (S::v('core_rss_hash')) { $page->setRssLink('Changement Récents', - '/Site/AllRecentChanges?action=rss&user=' . S::v('forlife') . '&hash=' . S::v('core_rss_hash')); + '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('core_rss_hash')); } // update wiki perms @@ -1156,18 +1170,18 @@ class AdminModule extends PLModule $sql = "SELECT w.ip, IF(s.ip IS NULL, IF(w.ip = s2.ip, s2.host, s2.forward_host), IF(w.ip = s.ip, s.host, s.forward_host)), - w.mask, w.detection, w.state, a.alias AS forlife + w.mask, w.detection, w.state, u.hruid FROM ip_watch AS w LEFT JOIN logger.sessions AS s ON (s.ip = w.ip) LEFT JOIN logger.sessions AS s2 ON (s2.forward_ip = w.ip) - LEFT JOIN aliases AS a ON (a.id = s.uid AND a.type = 'a_vie') - GROUP BY w.ip, a.alias - ORDER BY w.state, w.ip, a.alias"; + LEFT JOIN auth_user_md5 AS u ON (u.user_id = s.uid) + GROUP BY w.ip, u.hruid + ORDER BY w.state, w.ip, u.hruid"; $it = Xdb::iterRow($sql); $table = array(); $props = array(); - while (list($ip, $host, $mask, $date, $state, $forlife) = $it->next()) { + while (list($ip, $host, $mask, $date, $state, $hruid) = $it->next()) { $ip = uint_to_ip($ip); $mask = uint_to_ip($mask); if (count($props) == 0 || $props['ip'] != $ip) { @@ -1179,9 +1193,9 @@ class AdminModule extends PLModule 'host' => $host, 'detection' => $date, 'state' => $state, - 'users' => array($forlife)); + 'users' => array($hruid)); } else { - $props['users'][] = $forlife; + $props['users'][] = $hruid; } } if (count($props) > 0) { @@ -1190,18 +1204,18 @@ class AdminModule extends PLModule $page->assign('table', $table); } elseif ($action == 'edit') { $sql = "SELECT w.detection, w.state, w.last, w.description, w.mask, - a1.alias AS edit, a2.alias AS forlife, s.host + u1.hruid AS edit, u2.hruid AS hruid, s.host FROM ip_watch AS w - LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie') + LEFT JOIN auth_user_md5 AS u1 ON (u1.user_id = w.uid) LEFT JOIN logger.sessions AS s ON (w.ip = s.ip) - LEFT JOIN aliases AS a2 ON (a2.id = s.uid AND a2.type = 'a_vie') + LEFT JOIN auth_user_md5 AS u2 ON (u2.user_id = s.uid) WHERE w.ip = {?} - GROUP BY a2.alias - ORDER BY a2.alias"; + GROUP BY u2.hruid + ORDER BY u2.hruid"; $it = Xdb::iterRow($sql, ip_to_uint($ip)); $props = array(); - while (list($detection, $state, $last, $description, $mask, $edit, $forlife, $host) = $it->next()) { + while (list($detection, $state, $last, $description, $mask, $edit, $hruid, $host) = $it->next()) { if (count($props) == 0) { $props = array('ip' => $ip, 'mask' => uint_to_ip($mask), @@ -1211,9 +1225,9 @@ class AdminModule extends PLModule 'last' => $last, 'description' => $description, 'edit' => $edit, - 'users' => array($forlife)); + 'users' => array($hruid)); } else { - $props['users'][] = $forlife; + $props['users'][] = $hruid; } } $page->assign('ip', $props); @@ -1236,6 +1250,19 @@ class AdminModule extends PLModule sort($icons); $page->assign('icons', $icons); } + + function handler_accounts(&$page) + { + $page->changeTpl('admin/accounts.tpl'); + $page->assign('disabled', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.comment, u.hruid + FROM auth_user_md5 AS u + WHERE perms = \'disabled\' + ORDER BY nom, prenom')); + $page->assign('admins', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.hruid + FROM auth_user_md5 AS u + WHERE perms = \'admin\' + ORDER BY nom, prenom')); + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: