X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fadmin.php;h=cb96fed47b758b8c1d6fdeca7f70aff528480f7c;hb=e97df22eacc433a9982aad507f980b303d5fa2c1;hp=59173b971388f2012355c73f5e57f5c5b5bb11c3;hpb=0c8cd507ad27b70c20e9f056b77fc286ee88e04f;p=platal.git diff --git a/modules/admin.php b/modules/admin.php index 59173b9..cb96fed 100644 --- a/modules/admin.php +++ b/modules/admin.php @@ -1,6 +1,6 @@ $this->make_hook('phpinfo', AUTH_MDP, 'admin'), - 'admin' => $this->make_hook('default', AUTH_MDP, 'admin'), - 'admin/ax-xorg' => $this->make_hook('ax_xorg', AUTH_MDP, 'admin'), - 'admin/dead-but-active' => $this->make_hook('dead_but_active', AUTH_MDP, 'admin'), - 'admin/deaths' => $this->make_hook('deaths', AUTH_MDP, 'admin'), - 'admin/downtime' => $this->make_hook('downtime', AUTH_MDP, 'admin'), - 'admin/homonyms' => $this->make_hook('homonyms', AUTH_MDP, 'admin'), - 'admin/logger' => $this->make_hook('logger', AUTH_MDP, 'admin'), - 'admin/logger/actions' => $this->make_hook('logger_actions', AUTH_MDP, 'admin'), - 'admin/postfix/blacklist' => $this->make_hook('postfix_blacklist', AUTH_MDP, 'admin'), - 'admin/postfix/delayed' => $this->make_hook('postfix_delayed', AUTH_MDP, 'admin'), + 'phpinfo' => $this->make_hook('phpinfo', AUTH_MDP, 'admin'), + 'admin' => $this->make_hook('default', AUTH_MDP, 'admin'), + 'admin/ax-xorg' => $this->make_hook('ax_xorg', AUTH_MDP, 'admin'), + 'admin/dead-but-active' => $this->make_hook('dead_but_active', AUTH_MDP, 'admin'), + 'admin/deaths' => $this->make_hook('deaths', AUTH_MDP, 'admin'), + 'admin/downtime' => $this->make_hook('downtime', AUTH_MDP, 'admin'), + 'admin/homonyms' => $this->make_hook('homonyms', AUTH_MDP, 'admin'), + 'admin/logger' => $this->make_hook('logger', AUTH_MDP, 'admin'), + 'admin/logger/actions' => $this->make_hook('logger_actions', AUTH_MDP, 'admin'), + 'admin/postfix/blacklist' => $this->make_hook('postfix_blacklist', AUTH_MDP, 'admin'), + 'admin/postfix/delayed' => $this->make_hook('postfix_delayed', AUTH_MDP, 'admin'), 'admin/postfix/regexp_bounces' => $this->make_hook('postfix_regexpsbounces', AUTH_MDP, 'admin'), - 'admin/postfix/whitelist' => $this->make_hook('postfix_whitelist', AUTH_MDP, 'admin'), - 'admin/mx/broken' => $this->make_hook('mx_broken', AUTH_MDP, 'admin'), - 'admin/skins' => $this->make_hook('skins', AUTH_MDP, 'admin'), - 'admin/synchro_ax' => $this->make_hook('synchro_ax', AUTH_MDP, 'admin'), - 'admin/user' => $this->make_hook('user', AUTH_MDP, 'admin'), - 'admin/promo' => $this->make_hook('promo', AUTH_MDP, 'admin'), - 'admin/validate' => $this->make_hook('validate', AUTH_MDP, 'admin'), - 'admin/validate/answers' => $this->make_hook('validate_answers', AUTH_MDP, 'admin'), - 'admin/wiki' => $this->make_hook('wiki', AUTH_MDP, 'admin'), - 'admin/ipwatch' => $this->make_hook('ipwatch', AUTH_MDP, 'admin'), - 'admin/icons' => $this->make_hook('icons', AUTH_MDP, 'admin'), + 'admin/postfix/whitelist' => $this->make_hook('postfix_whitelist', AUTH_MDP, 'admin'), + 'admin/mx/broken' => $this->make_hook('mx_broken', AUTH_MDP, 'admin'), + 'admin/skins' => $this->make_hook('skins', AUTH_MDP, 'admin'), + 'admin/synchro_ax' => $this->make_hook('synchro_ax', AUTH_MDP, 'admin'), + 'admin/user' => $this->make_hook('user', AUTH_MDP, 'admin'), + 'admin/promo' => $this->make_hook('promo', AUTH_MDP, 'admin'), + 'admin/validate' => $this->make_hook('validate', AUTH_MDP, 'admin'), + 'admin/validate/answers' => $this->make_hook('validate_answers', AUTH_MDP, 'admin'), + 'admin/wiki' => $this->make_hook('wiki', AUTH_MDP, 'admin'), + 'admin/ipwatch' => $this->make_hook('ipwatch', AUTH_MDP, 'admin'), + 'admin/icons' => $this->make_hook('icons', AUTH_MDP, 'admin'), + 'admin/accounts' => $this->make_hook('accounts', AUTH_MDP, 'admin'), ); } @@ -70,20 +71,20 @@ class AdminModule extends PLModule if (Env::has('del')) { $crc = Env::v('crc'); XDB::execute("UPDATE postfix_mailseen SET release = 'del' WHERE crc = {?}", $crc); - $page->trigSuccess($crc." verra tous ses emails supprimés !"); + $page->trigSuccess($crc . " verra tous ses emails supprimés !"); } elseif (Env::has('ok')) { $crc = Env::v('crc'); XDB::execute("UPDATE postfix_mailseen SET release = 'ok' WHERE crc = {?}", $crc); - $page->trigSuccess($crc." a le droit de passer !"); + $page->trigSuccess($crc . " a le droit de passer !"); } $sql = XDB::iterator( "SELECT crc, nb, update_time, create_time, - FIND_IN_SET('del', release) AS del, - FIND_IN_SET('ok', release) AS ok - FROM postfix_mailseen + FIND_IN_SET('del', p.release) AS del, + FIND_IN_SET('ok', p.release) AS ok + FROM postfix_mailseen AS p WHERE nb >= 30 - ORDER BY release != ''"); + ORDER BY p.release != ''"); $page->assign_by_ref('mails', $sql); } @@ -358,10 +359,11 @@ class AdminModule extends PLModule require_once("emails.inc.php"); if (S::has('suid')) { - $page->kill("Déjà en SUID !!!"); + $page->kill("Déjà en SUID !!!"); } // Loads the user identity using the environment. + $user = null; if ($login) { $user = User::get($login); } else if (Env::has('user_id')) { @@ -377,7 +379,7 @@ class AdminModule extends PLModule return; } - // Handles specific requests (AX sync, su, ...). + // Handles specific requests (AX sync, su...). if(Env::has('logs_button') && $registered) { pl_redirect("admin/logger?loguser=$login&year=".date('Y')."&month=".date('m')); } @@ -462,6 +464,7 @@ class AdminModule extends PLModule // Checks for alias' user validity. if (!preg_match('/[-a-z0-9\.]+/s', $alias)) { $page->trigError("'$alias' n'est pas un alias valide"); + break; } // Eventually adds the alias to the right domain. @@ -551,6 +554,10 @@ class AdminModule extends PLModule // however suits our needs. if ($perms == 'disabled' && $old_fields['perms'] != 'disabled') { kill_sessions(); + + // Also serve a reminder to the admin: disabling an account + // does not deactivate email forwarding. + $page->trigWarning("N'oubliez pas, le cas échéant, de désactiver les redirections et le compte GoogleApps de l'utilisateur."); } // Updates the user profile with the new values. @@ -567,6 +574,12 @@ class AdminModule extends PLModule user_reindex($user->id()); $new_fields = XDB::query($watch_query, $user->id())->fetchOneAssoc(); + // Redacts the password in the notification, to avoid transmitting + // sensitive information by email. + $new_fields['password'] = ($old_fields['password'] != $new_fields['password'] ? 'new' : 'old'); + $old_fields['password'] = 'old'; + + // Notifies the admins of the profile update. $mailer = new PlMailer("admin/useredit.mail.tpl"); $mailer->assign("admin", S::user()->login()); $mailer->assign("user", $user->login()); @@ -575,9 +588,9 @@ class AdminModule extends PLModule $mailer->send(); $globals->updateNbIns(); - $page->trigSuccess("Update was successful."); + $page->trigSuccess("La mise à jour a été faite avec succès."); } else { - $page->trigError("Update failed, please double check your values."); + $page->trigError("La mise à jour a échoué. S'il te plaît, vérifie les valeurs."); } // Checks for changes, and updates other tables of plat/al. @@ -602,14 +615,6 @@ class AdminModule extends PLModule $account->set_password($pass_encrypted); } } - - // If the update did disable the user account, disables - // the Google Apps account as well. - if ($new_fields['perms'] == 'disabled' && $new_fields['perms'] != $old_fields['perms']) { - require_once 'googleapps.inc.php'; - $account = new GoogleAppsAccount($user); - $account->suspend(); - } } @@ -621,9 +626,10 @@ class AdminModule extends PLModule // User re-registration. case "u_kill": + require_once('user.func.inc.php'); user_clear_all_subs($user->id()); $globals->updateNbIns(); - $page->trigSuccess("'" . $user->id() . "' a été désinscrit !"); + $page->trigSuccess($user->login() . ' a été désinscrit !'); $mailer = new PlMailer("admin/useredit.mail.tpl"); $mailer->assign("admin", S::user()->login()); @@ -661,7 +667,11 @@ class AdminModule extends PLModule "SELECT alias FROM virtual INNER JOIN virtual_redirect USING (vid) - WHERE type = 'user' AND redirect LIKE CONCAT({?}, '@%')", $user->id())); + WHERE type = 'user' AND (redirect = {?} OR redirect = {?})", + $user->forlifeEmail(), + // TODO: remove this über-ugly hack. The issue is that you need + // to remove all @m4x.org addresses in virtual_redirect first. + $user->login() . '@' . $globals->mail->domain2)); $page->assign('aliases', XDB::iterator( "SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire @@ -685,16 +695,19 @@ class AdminModule extends PLModule $page->assign('bans', $bans); } - function getHruid($line, $key) + function getHruid($line, $key, $relation) { - var_dump($line); - if (!isset($line['nom']) || !isset($line['prenom']) || !isset($line['promo'])) { - return null; + $prenom = CSVImporter::getValue($line, 'prenom', $relation['prenom']); + $nom = CSVImporter::getValue($line, 'nom', $relation['nom']); + $promo = CSVImporter::getValue($line, 'promo', $relation['promo']); + + if ($prenom != 'NULL' && $nom != 'NULL' && $promo != 'NULL') { + return make_forlife($prenom, $nom, $promo); } - return make_forlife($line['prenom'], $line['nom'], $line['promo']); + return null; } - function getMatricule($line, $key) + function getMatricule($line, $key, $relation) { $mat = $line['matricule']; $year = intval(substr($mat, 0, 3)); @@ -773,6 +786,7 @@ class AdminModule extends PLModule send_warning_homonyme($prenom, $nom, $forlife, $loginbis); switch_bestalias($target, $loginbis); $op = 'list'; + $page->trigSuccess('Email envoyé à ' . $forlife . '.'); break; case 'correct': @@ -783,6 +797,7 @@ class AdminModule extends PLModule XDB::execute("REPLACE INTO homonymes (homonyme_id,user_id) VALUES({?},{?})", $target, $target); send_robot_homonyme($prenom, $nom, $forlife, $loginbis); $op = 'list'; + $page->trigSuccess('Email envoyé à ' . $forlife . ', alias supprimé.'); break; } } @@ -851,7 +866,6 @@ class AdminModule extends PLModule if ($validate) { S::assert_xsrf_token(); - $new_deces = array(); $res = XDB::iterRow("SELECT user_id,matricule,nom,prenom,deces FROM auth_user_md5 WHERE promo = {?}", $promo); while (list($uid,$mat,$nom,$prenom,$deces) = $res->next()) { $val = Env::v($mat); @@ -860,7 +874,7 @@ class AdminModule extends PLModule } XDB::execute('UPDATE auth_user_md5 SET deces={?} WHERE matricule = {?}', $val, $mat); - $new_deces[] = array('name' => "$prenom $nom", 'date' => "$val"); + $page->trigSuccess('Ajout du décès de ' . $prenom . " " . $nom . ' le ' . $val . '.'); if($deces == '0000-00-00' || empty($deces)) { require_once('notifs.inc.php'); register_watch_op($uid, WATCH_DEATH, $val); @@ -868,7 +882,6 @@ class AdminModule extends PLModule user_clear_all_subs($uid, false); // by default, dead ppl do not loose their email } } - $page->assign('new_deces',$new_deces); } $res = XDB::iterator('SELECT matricule, nom, prenom, deces FROM auth_user_md5 WHERE promo = {?} ORDER BY nom,prenom', $promo); @@ -880,9 +893,8 @@ class AdminModule extends PLModule $page->setTitle('Administration - Décédés'); $res = XDB::iterator( - "SELECT u.promo, u.nom, u.prenom, u.deces, u.matricule_ax, a.alias, DATE(MAX(s.start)) AS last + "SELECT u.promo, u.nom, u.prenom, u.deces, u.hruid, DATE(MAX(s.start)) AS last FROM auth_user_md5 AS u - LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie') LEFT JOIN logger.sessions AS s ON (s.uid = u.user_id AND suid = 0) WHERE perms IN ('admin', 'user') AND deces <> 0 GROUP BY u.user_id @@ -1051,7 +1063,7 @@ class AdminModule extends PLModule { if (S::v('core_rss_hash')) { $page->setRssLink('Changement Récents', - '/Site/AllRecentChanges?action=rss&user=' . S::v('forlife') . '&hash=' . S::v('core_rss_hash')); + '/Site/AllRecentChanges?action=rss&user=' . S::v('hruid') . '&hash=' . S::v('core_rss_hash')); } // update wiki perms @@ -1111,7 +1123,6 @@ class AdminModule extends PLModule } $page->changeTpl('admin/wiki.tpl'); - $page->addJsLink('jquery.js'); $page->assign('wiki_pages', $wiki_tree); $page->assign('perms_opts', $perms); } @@ -1160,18 +1171,18 @@ class AdminModule extends PLModule $sql = "SELECT w.ip, IF(s.ip IS NULL, IF(w.ip = s2.ip, s2.host, s2.forward_host), IF(w.ip = s.ip, s.host, s.forward_host)), - w.mask, w.detection, w.state, a.alias AS forlife + w.mask, w.detection, w.state, u.hruid FROM ip_watch AS w LEFT JOIN logger.sessions AS s ON (s.ip = w.ip) LEFT JOIN logger.sessions AS s2 ON (s2.forward_ip = w.ip) - LEFT JOIN aliases AS a ON (a.id = s.uid AND a.type = 'a_vie') - GROUP BY w.ip, a.alias - ORDER BY w.state, w.ip, a.alias"; + LEFT JOIN auth_user_md5 AS u ON (u.user_id = s.uid) + GROUP BY w.ip, u.hruid + ORDER BY w.state, w.ip, u.hruid"; $it = Xdb::iterRow($sql); $table = array(); $props = array(); - while (list($ip, $host, $mask, $date, $state, $forlife) = $it->next()) { + while (list($ip, $host, $mask, $date, $state, $hruid) = $it->next()) { $ip = uint_to_ip($ip); $mask = uint_to_ip($mask); if (count($props) == 0 || $props['ip'] != $ip) { @@ -1183,9 +1194,9 @@ class AdminModule extends PLModule 'host' => $host, 'detection' => $date, 'state' => $state, - 'users' => array($forlife)); + 'users' => array($hruid)); } else { - $props['users'][] = $forlife; + $props['users'][] = $hruid; } } if (count($props) > 0) { @@ -1194,18 +1205,18 @@ class AdminModule extends PLModule $page->assign('table', $table); } elseif ($action == 'edit') { $sql = "SELECT w.detection, w.state, w.last, w.description, w.mask, - a1.alias AS edit, a2.alias AS forlife, s.host + u1.hruid AS edit, u2.hruid AS hruid, s.host FROM ip_watch AS w - LEFT JOIN aliases AS a1 ON (a1.id = w.uid AND a1.type = 'a_vie') + LEFT JOIN auth_user_md5 AS u1 ON (u1.user_id = w.uid) LEFT JOIN logger.sessions AS s ON (w.ip = s.ip) - LEFT JOIN aliases AS a2 ON (a2.id = s.uid AND a2.type = 'a_vie') + LEFT JOIN auth_user_md5 AS u2 ON (u2.user_id = s.uid) WHERE w.ip = {?} - GROUP BY a2.alias - ORDER BY a2.alias"; + GROUP BY u2.hruid + ORDER BY u2.hruid"; $it = Xdb::iterRow($sql, ip_to_uint($ip)); $props = array(); - while (list($detection, $state, $last, $description, $mask, $edit, $forlife, $host) = $it->next()) { + while (list($detection, $state, $last, $description, $mask, $edit, $hruid, $host) = $it->next()) { if (count($props) == 0) { $props = array('ip' => $ip, 'mask' => uint_to_ip($mask), @@ -1215,9 +1226,9 @@ class AdminModule extends PLModule 'last' => $last, 'description' => $description, 'edit' => $edit, - 'users' => array($forlife)); + 'users' => array($hruid)); } else { - $props['users'][] = $forlife; + $props['users'][] = $hruid; } } $page->assign('ip', $props); @@ -1240,6 +1251,19 @@ class AdminModule extends PLModule sort($icons); $page->assign('icons', $icons); } + + function handler_accounts(&$page) + { + $page->changeTpl('admin/accounts.tpl'); + $page->assign('disabled', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.comment, u.hruid + FROM auth_user_md5 AS u + WHERE perms = \'disabled\' + ORDER BY nom, prenom')); + $page->assign('admins', XDB::iterator('SELECT u.nom, u.prenom, u.promo, u.hruid + FROM auth_user_md5 AS u + WHERE perms = \'admin\' + ORDER BY nom, prenom')); + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: