From 4675b2fc5f502f74adf73301ad8df62b8914df33 Mon Sep 17 00:00:00 2001 From: REJack Date: Wed, 13 Apr 2016 22:48:37 +0200 Subject: [PATCH 1/5] Sub-Groups added - added function add_subgroup($group_par, $subgroup_par) - added function remove_subgroup($group_par, $subgroup_par) - added function get_subgroups($group_par) - modified is_group_allowed() to check subgroups - modified delete_group() to remove subgroups --- application/config/aauth.php | 1 + application/language/english/aauth_lang.php | 2 + application/libraries/Aauth.php | 101 ++++++++++++++++++-- sql/Aauth_v2.sql | 15 +++ 4 files changed, 112 insertions(+), 7 deletions(-) diff --git a/application/config/aauth.php b/application/config/aauth.php index ef1cb27..523f026 100644 --- a/application/config/aauth.php +++ b/application/config/aauth.php @@ -81,6 +81,7 @@ $config_aauth["default"] = array( 'users' => 'aauth_users', 'groups' => 'aauth_groups', + 'group_to_group' => 'aauth_group_to_group', 'user_to_group' => 'aauth_user_to_group', 'perms' => 'aauth_perms', 'perm_to_group' => 'aauth_perm_to_group', diff --git a/application/language/english/aauth_lang.php b/application/language/english/aauth_lang.php index ced329e..6086fc9 100644 --- a/application/language/english/aauth_lang.php +++ b/application/language/english/aauth_lang.php @@ -46,11 +46,13 @@ $lang['aauth_error_recaptcha_not_correct'] = 'Sorry, the reCAPTCHA text entered $lang['aauth_error_no_user'] = 'User does not exist'; $lang['aauth_error_account_not_verified'] = 'Your account has not been verified. Please check your e-mail and verify your account.'; $lang['aauth_error_no_group'] = 'Group does not exist'; +$lang['aauth_error_no_subgroup'] = 'Subgroup does not exist'; $lang['aauth_error_self_pm'] = 'It is not possible to send a Message to yourself.'; $lang['aauth_error_no_pm'] = 'Private Message not found'; /* Info messages */ $lang['aauth_info_already_member'] = 'User is already member of group'; +$lang['aauth_info_already_subgroup'] = 'Subgroup is already member of group'; $lang['aauth_info_group_exists'] = 'Group name already exists'; $lang['aauth_info_perm_exists'] = 'Permission name already exists'; diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php index 1c56944..8223964 100644 --- a/application/libraries/Aauth.php +++ b/application/libraries/Aauth.php @@ -13,7 +13,7 @@ * * @copyright 2014-2015 Emre Akay * - * @version 2.4.6 + * @version 2.4.7 * * @license LGPL * @license http://opensource.org/licenses/LGPL-3.0 Lesser GNU Public License @@ -1237,6 +1237,12 @@ class Aauth { $this->aauth_db->where('group_id', $group_id); $this->aauth_db->delete($this->config_vars['perm_to_group']); + + $this->aauth_db->where('group_id', $group_id); + $this->aauth_db->delete($this->config_vars['group_to_group']); + + $this->aauth_db->where('subgroup_id', $group_id); + $this->aauth_db->delete($this->config_vars['group_to_group']); $this->aauth_db->where('id', $group_id); return $this->aauth_db->delete($this->config_vars['groups']); @@ -1292,6 +1298,60 @@ class Aauth { return $this->aauth_db->delete($this->config_vars['user_to_group']); } + /** + * Add subgroup + * Add a subgroup to a group + * @param int $user_id User id to add to group + * @param int|string $group_par Group id or name to add user to + * @return bool Add success/failure + */ + public function add_subgroup($group_par, $subgroup_par) { + + $group_id = $this->get_group_id($group_par); + $subgroup_id = $this->get_group_id($subgroup_par); + + if( ! $group_id ) { + $this->error( $this->CI->lang->line('aauth_error_no_group') ); + return FALSE; + } + + if( ! $subgroup_id ) { + $this->error( $this->CI->lang->line('aauth_error_no_subgroup') ); + return FALSE; + } + + $query = $this->aauth_db->where('group_id',$group_id); + $query = $this->aauth_db->where('subgroup_id',$subgroup_id); + $query = $this->aauth_db->get($this->config_vars['group_to_group']); + + if ($query->num_rows() < 1) { + $data = array( + 'group_id' => $group_id, + 'subgroup_id' => $subgroup_id, + ); + + return $this->aauth_db->insert($this->config_vars['group_to_group'], $data); + } + $this->info($this->CI->lang->line('aauth_info_already_subgroup')); + return TRUE; + } + + /** + * Remove subgroup + * Remove a subgroup from a group + * @param int|string $group_par Group id or name to remove + * @param int|string $subgroup_par Sub-Group id or name to remove + * @return bool Remove success/failure + */ + public function remove_subgroup($group_par, $subgroup_par) { + + $group_par = $this->get_group_id($group_par); + $subgroup_par = $this->get_group_id($subgroup_par); + $this->aauth_db->where('group_id', $group_par); + $this->aauth_db->where('subgroup_id', $subgroup_par); + return $this->aauth_db->delete($this->config_vars['group_to_group']); + } + //tested /** * Remove member @@ -1399,6 +1459,26 @@ class Aauth { return $row->id; } + /** + * Get subgroups + * Get subgroups from group name or id ( ! Case sensitive) + * @param int|string $group_par Group id or name to get + * @return object Array of subgroup_id's + */ + public function get_subgroups ( $group_par ) { + + $group_id = $this->get_group_id($group_par); + + $query = $this->aauth_db->where('group_id', $group_id); + $query = $this->aauth_db->select('subgroup_id'); + $query = $this->aauth_db->get($this->config_vars['group_to_group']); + + if ($query->num_rows() == 0) + return FALSE; + + return $query->result(); + } + ######################## # Permission Functions ######################## @@ -1531,17 +1611,25 @@ class Aauth { // if group par is given if($group_par != FALSE){ + $subgroup_ids = $this->get_subgroups($group_par); $group_par = $this->get_group_id($group_par); - $query = $this->aauth_db->where('perm_id', $perm_id); $query = $this->aauth_db->where('group_id', $group_par); $query = $this->aauth_db->get( $this->config_vars['perm_to_group'] ); + + $g_allowed=FALSE; + if(is_array($subgroup_ids)){ + foreach ($subgroup_ids as $g ){ + if($this->is_group_allowed($perm_id, $g->subgroup_id)){ + $g_allowed=TRUE; + } + } + } if( $query->num_rows() > 0){ - return TRUE; - } else { - return FALSE; + $g_allowed=TRUE; } + return $g_allowed; } // if group par is not given // checks current user's all groups @@ -1555,9 +1643,8 @@ class Aauth { if (!$this->is_loggedin()){return FALSE;} $group_pars = $this->get_user_groups(); - foreach ($group_pars as $g ){ - if($this->is_group_allowed($perm_id, $g -> id)){ + if($this->is_group_allowed($perm_id, $g->id)){ return TRUE; } } diff --git a/sql/Aauth_v2.sql b/sql/Aauth_v2.sql index e5f20d3..4a260cd 100644 --- a/sql/Aauth_v2.sql +++ b/sql/Aauth_v2.sql @@ -160,3 +160,18 @@ CREATE TABLE `aauth_user_variables` ( -- ---------------------------- -- Records of aauth_user_variables -- ---------------------------- + +-- ---------------------------- +-- Table structure for `aauth_perm_to_group` +-- ---------------------------- +DROP TABLE IF EXISTS `aauth_group_to_group`; +CREATE TABLE `aauth_group_to_group` ( + `group_id` int(11) unsigned DEFAULT NULL, + `subgroup_id` int(11) unsigned DEFAULT NULL, + PRIMARY KEY (`group_id`,`subgroup_id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + +-- ---------------------------- +-- Records of aauth_perm_to_group +-- ---------------------------- + From 0ba3a8ea5e95c616a1821ae50370160bbc90f04e Mon Sep 17 00:00:00 2001 From: REJack Date: Sun, 1 May 2016 14:54:52 +0200 Subject: [PATCH 2/5] verification email sending disabled if a admin is creating a user --- application/libraries/Aauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php index 8223964..63ffbd3 100644 --- a/application/libraries/Aauth.php +++ b/application/libraries/Aauth.php @@ -745,7 +745,7 @@ class Aauth { $this->add_member($user_id, $this->config_vars['default_group']); // if verification activated - if($this->config_vars['verification']){ + if($this->config_vars['verification'] && !$this->is_admin()){ $data = null; $data['banned'] = 1; From 58b08f9e267a5ac4a56ca3647b1f5c160a19a561 Mon Sep 17 00:00:00 2001 From: REJack Date: Sun, 1 May 2016 15:16:59 +0200 Subject: [PATCH 3/5] fixed `Quick Start`-Section (changed `deny` to `deny_group`) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d065772..f569407 100644 --- a/README.md +++ b/README.md @@ -86,10 +86,10 @@ $this->aauth->allow_group('elves','immortality'); $this->aauth->allow_group('hobbits','immortality'); ``` -Wait a minute! Hobbits should not have `immortality`. We need to fix this, we can use `deny()` to remove the permission. +Wait a minute! Hobbits should not have `immortality`. We need to fix this, we can use `deny_group()` to remove the permission. ```php -$this->aauth->deny('hobbits','immortality'); +$this->aauth->deny_group('hobbits','immortality'); ``` Gandalf can also live forever. From 3887dd46ad1c01f25e63de0c27765dd7c106d69f Mon Sep 17 00:00:00 2001 From: REJack Date: Fri, 6 May 2016 15:52:08 +0200 Subject: [PATCH 4/5] renamed `valid_chars` to `additional_valid_chars` #125 --- application/config/aauth.php | 4 ++-- application/libraries/Aauth.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/application/config/aauth.php b/application/config/aauth.php index 523f026..b2a7080 100644 --- a/application/config/aauth.php +++ b/application/config/aauth.php @@ -38,7 +38,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | ['max'] Maximum char long for Password | ['min'] Minimum char long for Password | -| ['valid_chars'] Valid chars for username. Non alphanumeric characters that are allowed by default +| ['additional_valid_chars'] Additional valid chars for username. Non alphanumeric characters that are allowed by default | | ['ddos_protection'] If it is true, the user will be banned temporary when he exceed the login 'try' | @@ -95,7 +95,7 @@ $config_aauth["default"] = array( 'max' => 13, 'min' => 5, - 'valid_chars' => array(), + 'additional_valid_chars' => array(), 'ddos_protection' => true, diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php index 63ffbd3..fb48800 100644 --- a/application/libraries/Aauth.php +++ b/application/libraries/Aauth.php @@ -723,7 +723,7 @@ class Aauth { $this->error($this->CI->lang->line('aauth_error_password_invalid')); $valid = FALSE; } - if ($name != FALSE && !ctype_alnum(str_replace($this->config_vars['valid_chars'], '', $name))){ + if ($name != FALSE && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $name))){ $this->error($this->CI->lang->line('aauth_error_username_invalid')); $valid = FALSE; } @@ -819,7 +819,7 @@ class Aauth { $this->error($this->CI->lang->line('aauth_error_update_username_exists')); $valid = FALSE; } - if ($name !='' && !ctype_alnum(str_replace($this->config_vars['valid_chars'], '', $name))){ + if ($name !='' && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $name))){ $this->error($this->CI->lang->line('aauth_error_username_invalid')); $valid = FALSE; } From 0ae258d8892b428f930d49cf935192dc2d141666 Mon Sep 17 00:00:00 2001 From: REJack Date: Wed, 11 May 2016 11:33:38 +0200 Subject: [PATCH 5/5] added function `get_user_vars($user_id)` --- application/libraries/Aauth.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php index fb48800..2544a57 100644 --- a/application/libraries/Aauth.php +++ b/application/libraries/Aauth.php @@ -2236,6 +2236,33 @@ class Aauth { } + /** + * Get User Variables by user id + * Return array with all user keys & variables + * @param int $user_id ; if not given current user + * @return bool|array , FALSE if var is not set, the value of var if set + */ + public function get_user_vars( $user_id = FALSE){ + + if ( ! $user_id ){ + $user_id = $this->CI->session->userdata('id'); + } + + // if specified user is not found + if ( ! $this->get_user($user_id)){ + return FALSE; + } + + $query = $this->aauth_db->select('data_key, value'); + + $query = $this->aauth_db->where('user_id', $user_id); + + $query = $this->aauth_db->get( $this->config_vars['user_variables'] ); + + return $query->result(); + + } + /** * List User Variable Keys by UserID * Return array of variable keys or FALSE