Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-19 06:46:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

- Closes #26. Enable users password reset by email and forced by an admin.

Browse Source 
- Improved email handling by using phpmailer class. All emails are sent in HTML format and security and authentication are available.
- Improved javascript code by code refactoring.
- Client IP address is logged in event log.
- Translation fixes.
- Minor bugfixes.
- Needs database upgrade (read wiki if unsure).
This commit is contained in:
nuxsmin
2014-02-24 01:51:23 +01:00
parent b4f937e01b
commit 0f172ed1d8
72 changed files with 11589 additions and 5205 deletions
Download Patch File Download Diff File Expand all files Collapse all files

268
inc/groups.class.php
View File

@@ -2,11 +2,11 @@
/**
* sysPass
*
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012 Rubén Domínguez nuxsmin@syspass.org
*
* @copyright 2012-2014 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
@@ -23,13 +23,14 @@
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Esta clase es la encargada de realizar las operaciones sobre los grupos de usuarios.
*/
class SP_Groups {
class SP_Groups
{
static $queryRes;
static $groupId;
static $groupName;
@@ -41,7 +42,8 @@ class SP_Groups {
* @param int $id con el Id del grupo a consultar
* @return array con el nombre de la columna como clave y los datos como valor
*/
public static function getGroupData($id = 0) {
public static function getGroupData($id = 0)
{
$group = array('usergroup_id' => 0,
'usergroup_name' => '',
'usergroup_description' => '',
@@ -67,33 +69,34 @@ class SP_Groups {
* @param bool $returnArray opcional, si se debe de devolver un array asociativo
* @return array con la lista de grupos
*/
public static function getGroups($groupId = NULL, $returnArray = FALSE) {
public static function getGroups($groupId = NULL, $returnArray = false)
{
$query = "SELECT usergroup_id,"
. "usergroup_name,"
. "usergroup_description "
. "FROM usrGroups ";
. "usergroup_name,"
. "usergroup_description "
. "FROM usrGroups ";
if (!is_null($groupId)) {
$query .= "WHERE usergroup_id = " . (int) $groupId . " LIMIT 1";
$query .= "WHERE usergroup_id = " . (int)$groupId . " LIMIT 1";
} else {
$query .= "ORDER BY usergroup_name";
}
$queryRes = DB::getResults($query, __FUNCTION__, TRUE);
$queryRes = DB::getResults($query, __FUNCTION__, true);
if ($queryRes === FALSE) {
return FALSE;
if ($queryRes === false) {
return false;
}
if ( $returnArray === TRUE ){
if ($returnArray === true) {
foreach ($queryRes as $group) {
$groups[$group->usergroup_name] = $group->usergroup_id;
}
return $groups;
}
return $queryRes;
}
@@ -101,93 +104,120 @@ class SP_Groups {
* @brief Comprobar si un grupo existe en la BBDD
* @return bool
*/
public static function checkGroupExist() {
$groupId = (int) self::$groupId;
public static function checkGroupExist()
{
$groupId = (int)self::$groupId;
$groupName = strtoupper(self::$groupName);
if ($groupId) {
$query = "SELECT usergroup_name
FROM usrGroups
WHERE UPPER(usergroup_name) = '" . DB::escape($groupName) . "'
AND usergroup_id != " . (int) $groupId;
AND usergroup_id != " . (int)$groupId;
} else {
$query = "SELECT usergroup_name
FROM usrGroups
WHERE UPPER(usergroup_name) = '" . DB::escape($groupName) . "'";
}
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
if (DB::doQuery($query, __FUNCTION__) === false) {
return false;
}
if (count(DB::$last_result) >= 1) {
return FALSE;
return false;
}
return TRUE;
return true;
}
/**
* @brief Añadir un nuevo grupo
* @return bool
*/
public static function addGroup() {
public static function addGroup()
{
$query = "INSERT INTO usrGroups SET
usergroup_name = '" . DB::escape(self::$groupName) . "',
usergroup_description = '" . DB::escape(self::$groupDescription) . "'";
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
if (DB::doQuery($query, __FUNCTION__) === false) {
return false;
}
self::$queryLastId = DB::$lastId;
return TRUE;
$message['action'] = _('Nuevo Grupo');
$message['text'][] = SP_Html::strongText(_('Grupo') . ': ') . self::$groupName;
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
return true;
}
/**
* @brief Modificar un grupo
* @return bool
*/
public static function updateGroup() {
public static function updateGroup()
{
$groupName = self::getGroupNameById(self::$groupId);
$query = "UPDATE usrGroups SET
usergroup_name = '" . DB::escape(self::$groupName) . "',
usergroup_description = '" . DB::escape(self::$groupDescription) . "'
WHERE usergroup_id = " . (int) self::$groupId;
WHERE usergroup_id = " . (int)self::$groupId;
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
if (DB::doQuery($query, __FUNCTION__) === false) {
return false;
}
self::$queryLastId = DB::$lastId;
return TRUE;
$message['action'] = _('Modificar Grupo');
$message['text'][] = SP_Html::strongText(_('Grupo') . ': ') . $groupName . ' > ' . self::$groupName;
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
return true;
}
/**
* @brief Eliminar un grupo
* @return bool
*/
public static function deleteGroup() {
$query = "DELETE FROM usrGroups "
. "WHERE usergroup_id = " . (int) self::$groupId . " LIMIT 1";
public static function deleteGroup()
{
$groupName = self::getGroupNameById(self::$groupId);
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
$query = "DELETE FROM usrGroups "
. "WHERE usergroup_id = " . (int)self::$groupId . " LIMIT 1";
if (DB::doQuery($query, __FUNCTION__) === false) {
return false;
}
self::$queryLastId = DB::$lastId;
// return TRUE;
$message['action'] = _('Eliminar Grupo');
$message['text'][] = SP_Html::strongText(_('Grupo') . ': ') . $groupName;
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
return true;
}
/**
* @brief Comprobar si un grupo está en uso
* @return array con el número de usuarios/cuentas que usan el grupo
*
*
* Esta función comprueba si un grupo está en uso por usuarios o cuentas.
*/
public static function checkGroupInUse() {
public static function checkGroupInUse()
{
$count['users'] = self::getGroupInUsers();
$count['accounts'] = self::getGroupInAccounts() + self::getGroupInAccountsSec();
return $count;
@@ -197,15 +227,16 @@ class SP_Groups {
* @brief Obtener el número de usuarios que usan un grupo
* @return int con el número total de cuentas
*/
private static function getGroupInUsers() {
private static function getGroupInUsers()
{
$query = "SELECT COUNT(*) as uses "
. "FROM usrData "
. "WHERE user_groupId = " . (int) self::$groupId;
. "FROM usrData "
. "WHERE user_groupId = " . (int)self::$groupId;
$queryRes = DB::getResults($query, __FUNCTION__);
if ($queryRes === FALSE) {
return FALSE;
if ($queryRes === false) {
return false;
}
return $queryRes->uses;
@@ -215,15 +246,16 @@ class SP_Groups {
* @brief Obtener el número de cuentas que usan un grupo como primario
* @return integer con el número total de cuentas
*/
private static function getGroupInAccounts() {
private static function getGroupInAccounts()
{
$query = "SELECT COUNT(*) as uses "
. "FROM accounts "
. "WHERE account_userGroupId = " . (int) self::$groupId;
. "FROM accounts "
. "WHERE account_userGroupId = " . (int)self::$groupId;
$queryRes = DB::getResults($query, __FUNCTION__);
if ($queryRes === FALSE) {
return FALSE;
if ($queryRes === false) {
return false;
}
return $queryRes->uses;
@@ -233,15 +265,16 @@ class SP_Groups {
* @brief Obtener el número de cuentas que usan un grupo como secundario
* @return integer con el número total de cuentas
*/
private static function getGroupInAccountsSec() {
private static function getGroupInAccountsSec()
{
$query = "SELECT COUNT(*) as uses "
. "FROM accGroups "
. "WHERE accgroup_groupId = " . (int) self::$groupId;
. "FROM accGroups "
. "WHERE accgroup_groupId = " . (int)self::$groupId;
$queryRes = DB::getResults($query, __FUNCTION__);
if ($queryRes === FALSE) {
return FALSE;
if ($queryRes === false) {
return false;
}
return $queryRes->uses;
@@ -249,55 +282,41 @@ class SP_Groups {
/**
* @brief Obtener el nombre de un grupo por a partir del Id
* @param int $id con el Id del grupo
* @return string con el nombre del grupo
*/
public static function getGroupNameById($id) {
public static function getGroupNameById($id)
{
$query = "SELECT usergroup_name "
. "FROM usrGroups "
. "WHERE usergroup_id = " . (int) $id . " LIMIT 1";
. "FROM usrGroups "
. "WHERE usergroup_id = " . (int)$id . " LIMIT 1";
$queryRes = DB::getResults($query, __FUNCTION__);
if ($queryRes === FALSE) {
return FALSE;
if ($queryRes === false) {
return false;
}
return $queryRes->usergroup_name;
}
/**
* @brief Obtiene el listado de grupos de una cuenta
* @return array con el Id de grupo
*/
public static function getGroupsForAccount($accountId) {
$query = "SELECT accgroup_groupId "
. "FROM accGroups "
. "WHERE accgroup_accountId = " . (int) $accountId;
$queryRes = DB::getResults($query, __FUNCTION__, TRUE);
if ($queryRes === FALSE) {
return FALSE;
}
return $queryRes;
}
/**
* @brief Obtiene el listado con el nombre de los grupos de una cuenta
* @param int $accountId con el Id de la cuenta
* @return array con los nombres de los grupos ordenados
*/
public static function getGroupsNameForAccount($accountId) {
public static function getGroupsNameForAccount($accountId)
{
$query = "SELECT usergroup_id,"
. "usergroup_name "
. "FROM accGroups "
. "JOIN usrGroups ON accgroup_groupId = usergroup_id "
. "WHERE accgroup_accountId = " . (int) $accountId;
. "usergroup_name "
. "FROM accGroups "
. "JOIN usrGroups ON accgroup_groupId = usergroup_id "
. "WHERE accgroup_accountId = " . (int)$accountId;
$queryRes = DB::getResults($query, __FUNCTION__, TRUE);
$queryRes = DB::getResults($query, __FUNCTION__, true);
if ($queryRes === FALSE) {
return FALSE;
if ($queryRes === false) {
return false;
}
foreach ($queryRes as $groups) {
@@ -312,15 +331,16 @@ class SP_Groups {
/**
* @brief Actualizar la asociación de grupos con cuentas
* @param int $accountId con el Id de la cuenta
* @param array $newGroups con los grupos de la cuenta
* @param array $groupsId con los grupos de la cuenta
* @return bool
*/
public static function updateGroupsForAccount($accountId, $groupsId) {
public static function updateGroupsForAccount($accountId, $groupsId)
{
if (self::deleteGroupsForAccount($accountId, $groupsId)) {
return self::addGroupsForAccount($accountId, $groupsId);
}
return FALSE;
return false;
}
/**
@@ -329,24 +349,25 @@ class SP_Groups {
* @param array $groupsId opcional con los grupos de la cuenta
* @return bool
*/
public static function deleteGroupsForAccount($accountId, $groupsId = NULL) {
public static function deleteGroupsForAccount($accountId, $groupsId = NULL)
{
$queryExcluded = '';
// Excluimos los grupos actuales
if (is_array($groupsId)) {
$queryExcluded = ' AND accgroup_groupId NOT IN ('. implode(',', $groupsId).')';
$queryExcluded = ' AND accgroup_groupId NOT IN (' . implode(',', $groupsId) . ')';
}
$query = 'DELETE FROM accGroups '
. 'WHERE accgroup_accountId = ' . (int) $accountId . $queryExcluded;
. 'WHERE accgroup_accountId = ' . (int)$accountId . $queryExcluded;
error_log($query);
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
//error_log($query);
if (DB::doQuery($query, __FUNCTION__) === false) {
return false;
}
return TRUE;
return true;
}
/**
@@ -355,39 +376,60 @@ class SP_Groups {
* @param array $groupsId con los grupos de la cuenta
* @return bool
*/
public static function addGroupsForAccount($accountId, $groupsId) {
public static function addGroupsForAccount($accountId, $groupsId)
{
$values = '';
// Obtenemos los grupos actuales
$currentGroups = self::getGroupsForAccount($accountId);
if (is_array($currentGroups) ){
foreach ( $currentGroups as $group ){
if (is_array($currentGroups)) {
foreach ($currentGroups as $group) {
$groupsExcluded[] = $group->accgroup_groupId;
}
}
foreach ($groupsId as $groupId) {
// Excluimos los grupos actuales
if ( is_array($groupsExcluded) && in_array($groupId, $groupsExcluded)){
if (is_array($groupsExcluded) && in_array($groupId, $groupsExcluded)) {
continue;
}
$values[] = '(' . $accountId . ',' . $groupId . ')';
}
if ( ! is_array($values) ){
return TRUE;
if (!is_array($values)) {
return true;
}
$query = 'INSERT INTO accGroups (accgroup_accountId, accgroup_groupId) '
. 'VALUES ' . implode(',', $values);
. 'VALUES ' . implode(',', $values);
if (DB::doQuery($query, __FUNCTION__) === FALSE) {
return FALSE;
if (DB::doQuery($query, __FUNCTION__) === false) {
return false;
}
return TRUE;
return true;
}
/**
* @brief Obtiene el listado de grupos de una cuenta
* @param int $accountId con el Id de la cuenta
* @return array con el Id de grupo
*/
public static function getGroupsForAccount($accountId)
{
$query = "SELECT accgroup_groupId "
. "FROM accGroups "
. "WHERE accgroup_accountId = " . (int)$accountId;
$queryRes = DB::getResults($query, __FUNCTION__, true);
if ($queryRes === false) {
return false;
}
return $queryRes;
}
}