Browse code

Erlaube Änderung von Name und Shell auch bei einem Nicht-Kunden

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1722 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on13/04/2010 10:34:13
Showing5 changed files
... ...
@@ -4,13 +4,22 @@ require_once('inc/base.php');
4 4
 
5 5
 require_once('useraccounts.php');
6 6
 
7
-require_role(ROLE_CUSTOMER);
7
+require_role(array(ROLE_CUSTOMER, ROLE_SYSTEMUSER));
8 8
 
9 9
 
10 10
 $title = "System-Benutzeraccounts";
11 11
 $section = "systemuser_accounts";
12 12
 
13
-$account = get_account_details($_GET['uid']);
13
+$account = NULL;
14
+$role = $_SESSION['role'];
15
+if ($role & ROLE_CUSTOMER)
16
+{
17
+  $account = get_account_details($_GET['uid']);
18
+}
19
+else
20
+{
21
+  $account = get_account_details($_SESSION['userinfo']['uid'], $_SESSION['userinfo']['customerno']);
22
+}
14 23
 
15 24
 
16 25
 output("<h3>Bearbeiten von Benutzer »{$account['username']}«</h3>");
... ...
@@ -27,20 +36,27 @@ $customerquota = get_customer_quota();
27 36
 $maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
28 37
 
29 38
 
30
-output(html_form('systemuser_edit', 'save', 'action=edit&uid='.$account['uid'], '
39
+$form = '
31 40
 
32 41
 <h5>Name (E-Mail-Absender, ...)</h5>
33 42
 <div style="margin-left: 2em;"> 
34 43
   <p><input type="radio" name="defaultname" id="defaultname" value="1" '.$defaultname.'/> <label for="defaultname">Kundenname: <strong>'.$_SESSION['customerinfo']['name'].'</strong></label></p>
35 44
   <p><input type="radio" name="defaultname" id="nondefaultname" value="0" '.$nondefaultname.'/> <label for="nondefaultname">Abweichend:</label> <input type="text" name="fullname" id="fullname" value="'.$account['name'].'" /></p>
36 45
 </div>
46
+';
37 47
 
48
+if ($role & ROLE_CUSTOMER)
49
+{
50
+  $form .= '
38 51
 <h5>Speicherplatz</h5>
39 52
 <div style="margin-left: 2em;">
40 53
   <p>Wenn Sie mehrere Benutzeraccounts haben, können Sie den verfügbaren Speicherplatz selbst auf diese Accounts verteilen, bis diese zusammen das Limit erreichen, das für Ihr Kundenkonto vereinbart wurde (aktuell insgesamt '.$customerquota['max'].' MB).</p>
41 54
   <p><label for="quota">Speicherplatz für »<strong>'.$account['username'].'</strong>«:</label> <input style="text-align: right; width: 5em;" type="text" name="quota" id="quota" value="'.$account['quota'].'" /> MB (Maximal '.$maxquota.' MB möglich.)</p>
42 55
 </div>
56
+';
57
+}
43 58
 
59
+$form .= '
44 60
 <h5>Shell</h5>
45 61
 <div style="margin-left: 2em;">
46 62
   <p>Hier können Sie eine andere Kommandozeile einstellen. Tun Sie das bitte nur, wenn Sie wissen was Sie tun. Möchten Sie gerne eine Shell benutzen, die hier nicht aufgeführt ist, wenden Sie sich bitte an den Support.</p>
... ...
@@ -50,8 +66,9 @@ output(html_form('systemuser_edit', 'save', 'action=edit&uid='.$account['uid'],
50 66
 <p>
51 67
 <input type="submit" name="submit" value="Speichern" />
52 68
 </p>
53
-'));
69
+';
54 70
 
71
+output(html_form('systemuser_edit', 'save', 'action=edit&uid='.$account['uid'], $form));
55 72
 
56 73
 
57 74
 ?>
... ...
@@ -3,7 +3,6 @@
3 3
 require_once("inc/debug.php");
4 4
 require_once("inc/db_connect.php");
5 5
 
6
-require_role(ROLE_CUSTOMER);
7 6
 
8 7
 
9 8
 function customer_may_have_useraccounts()
... ...
@@ -59,11 +58,13 @@ function list_useraccounts()
59 58
 }
60 59
 
61 60
 
62
-function get_account_details($uid)
61
+function get_account_details($uid, $customerno=0)
63 62
 {
64 63
   $uid = (int) $uid;
65
-  $customerno = (int) $_SESSION['customerinfo']['customerno'];
66
-  $result = db_query("SELECT uid,username,name,shell,quota FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
64
+  $customerno = (int) $customerno;
65
+  if ($customerno == 0)
66
+    $customerno = $_SESSION['customerinfo']['customerno'];
67
+  $result = db_query("SELECT uid,username,name,shell,quota,erstellungsdatum FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
67 68
   if (mysql_num_rows($result) == 0)
68 69
     system_failure("Cannot find the requestes useraccount (for this customer).");
69 70
   return mysql_fetch_assoc($result);
... ...
@@ -84,7 +85,12 @@ function get_used_quota($uid)
84 85
 function set_account_details($account)
85 86
 {
86 87
   $uid = (int) $account['uid'];
87
-  $customerno = (int) $_SESSION['customerinfo']['customerno'];
88
+  $customerno = NULL;
89
+  if ($_SESSION['role'] & ROLE_CUSTOMER)
90
+    $customerno = (int) $_SESSION['customerinfo']['customerno'];
91
+  else
92
+    $customerno = (int) $_SESSION['userinfo']['customerno'];
93
+
88 94
   $fullname = maybe_null(mysql_real_escape_string(filter_input_general($account['name'])));
89 95
   $shell = mysql_real_escape_string(filter_input_general($account['shell']));
90 96
   $quota = (int) $account['quota'];
... ...
@@ -6,5 +6,9 @@ if ($role & ROLE_CUSTOMER)
6 6
 {
7 7
   $menu["systemuser_accounts"] = array("label" => "Benutzeraccounts", "file" => "accounts", "weight" => 30);
8 8
 }
9
+elseif ($role & ROLE_SYSTEMUSER)
10
+{
11
+  $menu["systemuser_account"] = array("label" => "Benutzeraccount", "file" => "myaccount", "weight" => 30);
12
+}
9 13
 
10 14
 ?>
11 15
new file mode 100644
... ...
@@ -0,0 +1,38 @@
1
+<?php
2
+require_once('inc/base.php');
3
+require_once('inc/icons.php');
4
+
5
+require_once('useraccounts.php');
6
+
7
+require_role(ROLE_SYSTEMUSER);
8
+
9
+$title = "Benutzeraccount";
10
+
11
+
12
+output("<h3>System-Benutzeraccount</h3>");
13
+
14
+$shells = available_shells();
15
+output("<p>Daten zu Ihrem Benutzeraccount:</p>");
16
+$acc = get_account_details($_SESSION['userinfo']['uid'], $_SESSION['userinfo']['customerno']);
17
+$shell = $shells[$acc['shell']];
18
+$usedquota = get_used_quota($acc['uid']);
19
+$quota = array();
20
+foreach ($usedquota as $q)
21
+{
22
+  $percent = round(( $q["used"] / $q["quota"] ) * 100 );
23
+  $color = ( $percent > 99 ? 'red' : ($percent > 80 ? "yellow" : "green" ));
24
+  $width = 2 * min($percent, 100);
25
+  $quota[] = "<p>Server <strong>{$q['server']}</strong><br />{$percent}%: {$q['used']} MB von {$q['quota']} MB belegt.</p> 
26
+  <div style=\"margin: 0; padding: 0; width: 200px; border: 1px solid black;\"><div style=\"font-size: 1px; background-color: {$color}; height: 10px; width: {$width}px; margin: 0; padding: 0;\">&#160;</div></div>";
27
+}
28
+$realname = $acc['name'] ? $acc['name'] : $_SESSION['customerinfo']['name'];
29
+$quotastring = implode('', $quota);
30
+output("<h5>Stammdaten</h5><div style=\"margin-left: 2em;\"><p>Benutzername: <strong>{$acc['username']}</strong></p><p>Name: {$realname}</p><p>Existiert seit {$acc['erstellungsdatum']}</p><p>Verwendete Shell: {$shell}</p>");
31
+output("<p>".internal_link('edit', other_icon('user_edit.png', 'Bearbeiten').' Daten bearbeiten').'</p>');
32
+output("</div>\n");
33
+output("<h5>Speicherplatz</h5><div style=\"margin-left: 2em;\">{$quotastring}</div>");
34
+    
35
+output("<p><sup>*</sup>) Die Werte für den verbrauchten Speicherplatz werden periodisch eingelesen und hier erst verspätet angezeigt!</p>");
36
+
37
+
38
+?>
... ...
@@ -7,7 +7,9 @@ require_once('useraccounts.php');
7 7
 require_once('inc/security.php');
8 8
 
9 9
 
10
-require_role(ROLE_CUSTOMER);
10
+require_role(array(ROLE_CUSTOMER, ROLE_SYSTEMUSER));
11
+
12
+$role = $_SESSION['role'];
11 13
 
12 14
 require_once("inc/debug.php");
13 15
 global $debugmode;
... ...
@@ -32,6 +34,8 @@ if ($_GET['action'] == 'new')
32 34
 }
33 35
 elseif ($_GET['action'] == 'pwchange')
34 36
 {
37
+  if (! $role & ROLE_CUSTOMER)
38
+    system_failure("Zum Ändern Ihres Passworts verwenden Sie bitte die Funktion im Hauptmenü!");
35 39
   $error = false;
36 40
   check_form_token('systemuser_pwchange');
37 41
   if (customer_useraccount($_REQUEST['uid']))
... ...
@@ -58,15 +62,22 @@ elseif ($_GET['action'] == 'pwchange')
58 62
 elseif ($_GET['action'] == 'edit')
59 63
 {
60 64
   check_form_token('systemuser_edit');
61
-  $account = get_account_details($_REQUEST['uid']);
65
+  $account = NULL;
66
+  if ($role & ROLE_CUSTOMER)
67
+    $account = get_account_details($_REQUEST['uid']);
68
+  else
69
+    $account = get_account_details($_SESSION['userinfo']['uid'], $_SESSION['userinfo']['customerno']);
62 70
 
63
-  $customerquota = get_customer_quota();
64
-  $maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
65
- 
66
-  $quota = (int) $_POST['quota'];
67
-  if ($quota > $maxquota) 
68
-    system_failure("Sie können diesem Account maximal {$maxquota} MB Speicherplatz zuweisen.");
69
-  $account['quota'] = $quota;
71
+  if ($role & ROLE_CUSTOMER)
72
+  {
73
+    $customerquota = get_customer_quota();
74
+    $maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
75
+   
76
+    $quota = (int) $_POST['quota'];
77
+    if ($quota > $maxquota) 
78
+      system_failure("Sie können diesem Account maximal {$maxquota} MB Speicherplatz zuweisen.");
79
+    $account['quota'] = $quota;
80
+  }
70 81
 
71 82
   if ($_POST['defaultname'] == 1)
72 83
     $account['name'] = NULL;
... ...
@@ -78,8 +89,11 @@ elseif ($_GET['action'] == 'edit')
78 89
     $account['shell'] = $_POST['shell'];
79 90
 
80 91
   set_account_details($account);
92
+  $target = 'accounts';
93
+  if (! ($role & ROLE_CUSTOMER))
94
+    $target = 'myaccount';
81 95
   if (! ($debugmode || $error))
82
-    header('Location: accounts');
96
+    header('Location: '.$target);
83 97
   
84 98
 }
85 99
 elseif ($_GET['action'] == 'delete')