Merge pull request #4424 from annando/manage-admin
We can now delegate again like before
This commit is contained in:
commit
164f4f7cdf
4 changed files with 58 additions and 12 deletions
2
boot.php
2
boot.php
|
@ -39,7 +39,7 @@ define('FRIENDICA_PLATFORM', 'Friendica');
|
|||
define('FRIENDICA_CODENAME', 'Asparagus');
|
||||
define('FRIENDICA_VERSION', '3.6-dev');
|
||||
define('DFRN_PROTOCOL_VERSION', '2.23');
|
||||
define('DB_UPDATE_VERSION', 1251);
|
||||
define('DB_UPDATE_VERSION', 1252);
|
||||
define('NEW_UPDATE_ROUTINE_VERSION', 1170);
|
||||
|
||||
/**
|
||||
|
|
|
@ -107,12 +107,35 @@ function authenticate_success($user_record, $login_initial = false, $interactive
|
|||
}
|
||||
}
|
||||
|
||||
$r = dba::select('user', ['uid', 'username', 'nickname'],
|
||||
['password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false]);
|
||||
if (DBM::is_result($r)) {
|
||||
$a->identities = dba::inArray($r);
|
||||
if ($master_record['parent-uid'] == 0) {
|
||||
// First add our own entry
|
||||
$a->identities = [['uid' => $master_record['uid'],
|
||||
'username' => $master_record['username'],
|
||||
'nickname' => $master_record['nickname']]];
|
||||
|
||||
// Then add all the children
|
||||
$r = dba::select('user', ['uid', 'username', 'nickname'],
|
||||
['parent-uid' => $master_record['uid'], 'account_removed' => false]);
|
||||
if (DBM::is_result($r)) {
|
||||
$a->identities = array_merge($a->identities, dba::inArray($r));
|
||||
}
|
||||
} else {
|
||||
// Just ensure that the array is always defined
|
||||
$a->identities = [];
|
||||
|
||||
// First entry is our parent
|
||||
$r = dba::select('user', ['uid', 'username', 'nickname'],
|
||||
['uid' => $master_record['parent-uid'], 'account_removed' => false]);
|
||||
if (DBM::is_result($r)) {
|
||||
$a->identities = dba::inArray($r);
|
||||
}
|
||||
|
||||
// Then add all siblings
|
||||
$r = dba::select('user', ['uid', 'username', 'nickname'],
|
||||
['parent-uid' => $master_record['parent-uid'], 'account_removed' => false]);
|
||||
if (DBM::is_result($r)) {
|
||||
$a->identities = array_merge($a->identities, dba::inArray($r));
|
||||
}
|
||||
}
|
||||
|
||||
$r = dba::p("SELECT `user`.`uid`, `user`.`username`, `user`.`nickname`
|
||||
|
@ -146,7 +169,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
|
|||
|
||||
// Set the login date for all identities of the user
|
||||
dba::update('user', ['login_date' => DateTimeFormat::utcNow()],
|
||||
['password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false]);
|
||||
['parent-uid' => $master_record['uid'], 'account_removed' => false]);
|
||||
}
|
||||
|
||||
if ($login_initial) {
|
||||
|
|
|
@ -35,8 +35,8 @@ function manage_post(App $a) {
|
|||
|
||||
$submanage = $r;
|
||||
|
||||
$identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
|
||||
if (! $identity) {
|
||||
$identity = (x($_POST['identity']) ? intval($_POST['identity']) : 0);
|
||||
if (!$identity) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -57,14 +57,36 @@ function manage_post(App $a) {
|
|||
intval($limited_id)
|
||||
);
|
||||
} else {
|
||||
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
|
||||
// Check if the target user is one of our children
|
||||
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1",
|
||||
intval($identity),
|
||||
dbesc($orig_record['email']),
|
||||
dbesc($orig_record['password'])
|
||||
dbesc($orig_record['uid'])
|
||||
);
|
||||
|
||||
// Check if the target user is one of our siblings
|
||||
if (!DBM::is_result($r) && ($orig_record['parent-uid'] != 0)) {
|
||||
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1",
|
||||
intval($identity),
|
||||
dbesc($orig_record['parent-uid'])
|
||||
);
|
||||
}
|
||||
|
||||
// Check if it's our parent
|
||||
if (!DBM::is_result($r) && ($orig_record['parent-uid'] != 0) && ($orig_record['parent-uid'] == $identity)) {
|
||||
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
|
||||
intval($identity)
|
||||
);
|
||||
}
|
||||
|
||||
// Finally check if it's out own user
|
||||
if (!DBM::is_result($r) && ($orig_record['uid'] != 0) && ($orig_record['uid'] == $identity)) {
|
||||
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
|
||||
intval($identity)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
if (! DBM::is_result($r)) {
|
||||
if (!DBM::is_result($r)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
@ -1707,6 +1707,7 @@ class DBStructure
|
|||
"comment" => "The local users",
|
||||
"fields" => [
|
||||
"uid" => ["type" => "mediumint", "not null" => "1", "extra" => "auto_increment", "primary" => "1", "comment" => ""],
|
||||
"parent-uid" => ["type" => "mediumint", "not null" => "1", "default" => "0", "relation" => ["user" => "uid"], "comment" => "The parent user that has full control about this user"],
|
||||
"guid" => ["type" => "varchar(64)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
"username" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
"password" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
|
|
Loading…
Reference in a new issue