From 6c6b603fd754c844c5c158515fe50c8e4a58755e Mon Sep 17 00:00:00 2001 From: Jaime Jimenez Date: Tue, 9 May 2023 07:39:50 +0200 Subject: [PATCH] falta lenguaje de user y usermodel. Repasar funcionalidades --- ci4/app/Config/Validation.php | 2 + ci4/app/Controllers/Login.php | 56 +++++----- ci4/app/Controllers/Usuarios/Users.php | 100 ++++++++++++++---- ci4/app/Models/Usuarios/UserModel.php | 42 ++------ .../_form_validation_errors.php | 16 --- .../focus2/form/user/_userFormItems.php | 28 +++-- .../backend/focus2/form/user/viewUserList.php | 2 +- 7 files changed, 143 insertions(+), 103 deletions(-) diff --git a/ci4/app/Config/Validation.php b/ci4/app/Config/Validation.php index ed1b65ca..b8692412 100644 --- a/ci4/app/Config/Validation.php +++ b/ci4/app/Config/Validation.php @@ -36,6 +36,8 @@ class Validation public $templates = [ 'list' => 'CodeIgniter\Validation\Views\list', 'single' => 'CodeIgniter\Validation\Views\single', + 'bootstrap_style' => 'themes/_commonPartialsBs/_form_validation_errors', + ]; //-------------------------------------------------------------------- diff --git a/ci4/app/Controllers/Login.php b/ci4/app/Controllers/Login.php index e6d9c098..4a94f0db 100644 --- a/ci4/app/Controllers/Login.php +++ b/ci4/app/Controllers/Login.php @@ -10,8 +10,8 @@ use App\Models\PasswordRecoveryModel; use App\Models\SettingsModel; use App\Models\TemplateModel; use App\Models\Usuarios\UserModel; -use App\Models\UserGroupModel; -use App\Models\GroupUserModel; +use App\Models\Usuarios\UserGroupModel; +use App\Models\Usuarios\GroupUserModel; class login extends BaseController { @@ -127,15 +127,15 @@ class login extends BaseController if(!empty($login)) { // Blocked Validation - if($login['blocked']!=null){ - $dateBlocked = date($login['blocked']); + if($login->blocked!=null){ + $dateBlocked = date($login->blocked); $dateNow = date('Y-m-d H:i:s'); if($dateBlocked > $dateNow){ $session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_user_blocked").$settings['throttle_auth_lockour_time'].' '.lang("App.global_hours")]); return redirect()->to('login'); }else{ $this->user_model->save([ - 'id_user' => $login['id_user'], + 'id_user' => $login->id_user, 'blocked' => null ]); } @@ -148,23 +148,23 @@ class login extends BaseController if(empty($session->get('oauth'))){ // Check user password $phpass = new PasswordHash(8, true); - if(!$phpass->CheckPassword($getVar['password']??'', $login['password'])){ + if(!$phpass->CheckPassword($getVar['password']??'', $login->password)){ // Throttling Validation if($settings['throttle_auth']??false){ $initialDate = date('Y-m-d H:i:s', strtotime('-12 hour', time())); $finalDate = date('Y-m-d H:i:s'); - $amount = $this->activity_model->where('user',$login['token'])->where('level','throttling')->where('created_at between \''.$initialDate.'\' and \''.$finalDate.'\'')->countAllResults(); + $amount = $this->activity_model->where('user',$login->token)->where('level','throttling')->where('created_at between \''.$initialDate.'\' and \''.$finalDate.'\'')->countAllResults(); if($amount >= intval($settings['throttle_auth_max_attempts']??'')){ $session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_user_blocked").$settings['throttle_auth_lockour_time'].' '.lang("App.global_hours")]); $blocked = date('Y-m-d H:i:s', strtotime('+'.$settings['throttle_auth_lockour_time'].' hour', time())); $this->user_model->save([ - 'id_user' => $login['id_user'], + 'id_user' => $login->id_user, 'blocked' => $blocked ]); return redirect()->to('login'); }else{ // Register Throttling Log - $this->integration->setLog('throttling','login-authenticate',$login['token']); + $this->integration->setLog('throttling','login-authenticate',$login->token); $session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_pass_invalid_2"). ($amount+1) .lang("App.login_alert_pass_attempt"). $settings['throttle_auth_max_attempts']??0]); return redirect()->to('login'); } @@ -174,7 +174,7 @@ class login extends BaseController } // Check email confirmed if($settings['email_confirmation']??false){ - if(!$login['email_confirmed']){ + if(!$login->email_confirmed){ $session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.user_alert_email_confirmed")]); return redirect()->to('login'); } @@ -182,23 +182,23 @@ class login extends BaseController } // Check user status - if(!$login['status']){ + if(!$login->status){ $session->setFlashdata('toast', ['error',lang("App.login_alert"),lang("App.login_alert_disabled_access")]); return redirect()->to('/login'); } // Get access rules - #$rules = $this->group_model->where('token', $login['group'])->first(); + #$rules = $this->group_model->where('token', $login->'group'])->first(); $groups = $this->group_user_model ->select('token_group') - ->where('token_user',$login['token'])->findAll(); + ->where('token_user',$login->token)->findAll(); if (sizeof($groups)>1){ - $rules = $this->group_model->select('rules')->where('token',$groups[0])->first()['rules']; + $rules = $this->group_model->select('rules')->where('token',$groups[0])->first()->rules; $rules = json_decode(html_entity_decode($rules), true); for ($i=1; $igroup_model->select('rules')->where('token',$groups[$i])->first()['rules']; + $temp_rules = $this->group_model->select('rules')->where('token',$groups[$i])->first()->rules; foreach ($rules as $key => $value){ if (array_key_exists($key, json_decode(html_entity_decode($temp_rules), true))){ $value2 = json_decode(html_entity_decode($temp_rules), true)[$key]; @@ -223,26 +223,26 @@ class login extends BaseController // Save data in session - $session->set('id_user', $login['id_user']); - //$session->set('group', $login['group']); - $session->set('first_name', $login['first_name']); - $session->set('last_name', $login['last_name']); - $session->set('email', $login['email']); - $session->set('token', $login['token']); + $session->set('id_user', $login->id_user); + //$session->set('group', $login->'group']); + $session->set('first_name', $login->first_name); + $session->set('last_name', $login->last_name); + $session->set('email', $login->email); + $session->set('token', $login->token); // JJO $dashboard = 'user'; foreach ($groups as $group){ - if($this->group_model->select('dashboard')->where('token',$group)->first()['dashboard'] == 'admin') + if($this->group_model->select('dashboard')->where('token',$group)->first()->dashboard == 'admin') $dashboard = 'admin'; } $session->set('dashboard', $dashboard); $session->set('rules', html_entity_decode(json_encode($rules))); - $session->set('picture', $login['picture']); - $session->set('tfa', $login['tfa']); - $session->set('tfa_secret', $login['tfa_secret']); - $session->set('tfa_code', $login['tfa_code']); - $session->set('lang', $login['language'] ?? 'en'); + $session->set('picture', $login->picture); + $session->set('tfa', $login->tfa); + $session->set('tfa_secret', $login->tfa_secret); + $session->set('tfa_code', $login->tfa_code); + $session->set('lang', $login->language ?? 'en'); // Update last access $last_access = date('Y-m-d H:i:s'); $this->user_model->set('last_access', $last_access)->set('last_ip', $last_ip)->where('id_user', $session->get('id_user'))->update(); @@ -252,7 +252,7 @@ class login extends BaseController $integration->setLog('information','login-authenticate'); // Check if it has two factors - if($login['tfa']??false){ + if($login->tfa??false){ return redirect()->to('/login/authentication'); }else{ return redirect()->to('home'); diff --git a/ci4/app/Controllers/Usuarios/Users.php b/ci4/app/Controllers/Usuarios/Users.php index 8dc30ac2..496792b5 100644 --- a/ci4/app/Controllers/Usuarios/Users.php +++ b/ci4/app/Controllers/Usuarios/Users.php @@ -5,12 +5,15 @@ use App\Entities\Usuarios\UserEntity; use App\Models\Usuarios\UserGroupModel; use App\Models\Usuarios\GroupUserModel; +use App\Models\Usuarios\UserModel; +use App\Libraries\PasswordHash; class Users extends \App\Controllers\GoBaseController { private $group_model; private $group_user_model; + private $user_model; use \CodeIgniter\API\ResponseTrait; @@ -32,6 +35,7 @@ class Users extends \App\Controllers\GoBaseController { $this->group_model = new UserGroupModel(); $this->group_user_model = new GroupUserModel(); + $this->user_model = new UserModel(); $this->viewData['pageTitle'] = lang('Users.moduleTitle'); parent::initController($request, $response, $logger); @@ -43,6 +47,8 @@ class Users extends \App\Controllers\GoBaseController { $this->viewData['usingClientSideDataTable'] = true; $this->viewData['pageSubTitle'] = lang('Basic.global.ManageAllRecords', [lang('Users.user')]); + + $this->viewData['groupsPerUser'] = $this->getGroupsPerUser(); parent::index(); } @@ -58,8 +64,21 @@ class Users extends \App\Controllers\GoBaseController { $nullIfEmpty = true; // !(phpversion() >= '8.1'); $postData = $this->request->getPost(); - $sanitizedData = $this->sanitized($postData, $nullIfEmpty); + + if(!empty($postData['password'])){ + $phpass = new PasswordHash(8, true); + $postData['password'] = $phpass->HashPassword($this->request->getPost('password')); + } + $currentGroups = $postData['group']; + unset($postData['group']); + $sanitizedData = $this->sanitized($postData, $nullIfEmpty); + + if ($this->request->getPost('last_ip') == null ) { + $sanitizedData['last_ip'] = '::1'; + } + + $sanitizedData['token'] = md5(uniqid(rand(), true)); $noException = true; if ($successfulResult = $this->canValidate()) : // if ($successfulResult = $this->validate($this->formValidationRules) ) : @@ -74,7 +93,7 @@ class Users extends \App\Controllers\GoBaseController { } else: $this->viewData['errorMessage'] = lang('Basic.global.formErr1', [mb_strtolower(lang('Users.user'))]); - $this->session->setFlashdata('formErrors', $this->model->errors()); + $this->session->setFlashdata('formErrors', $this->model->errors()); endif; $thenRedirect = true; // Change this to false if you want your user to stay on the form after submission @@ -82,6 +101,13 @@ class Users extends \App\Controllers\GoBaseController { if ($noException && $successfulResult) : $id = $this->model->db->insertID(); + foreach($currentGroups as $group){ + $group_user_data = [ + 'token_user' => $sanitizedData['token'], + 'token_group' => $group + ]; + $this->group_user_model->insert($group_user_data); + } $message = lang('Basic.global.saveSuccess', [mb_strtolower(lang('Users.user'))]).'.'; $message .= anchor(route_to('editUser', $id), lang('Basic.global.continueEditing').'?'); @@ -102,8 +128,8 @@ class Users extends \App\Controllers\GoBaseController { endif; // ($requestMethod === 'post') $this->viewData['user'] = isset($sanitizedData) ? new UserEntity($sanitizedData) : new UserEntity(); - $this->viewData['userGroupList'] = $this->getUserGroupListItems($user->group ?? null); - + $this->viewData['paisList'] = $this->getPaisListItems(); + $this->viewData['formAction'] = route_to('createUser'); $this->viewData['groups'] = $this->group_model->select('token,title')->findAll(); @@ -133,16 +159,20 @@ class Users extends \App\Controllers\GoBaseController { $nullIfEmpty = true; // !(phpversion() >= '8.1'); $postData = $this->request->getPost(); - $sanitizedData = $this->sanitized($postData, $nullIfEmpty); + $currentGroups = $postData['group']; + unset($postData['group']); + + $sanitizedData = $this->sanitized($postData, $nullIfEmpty); if ($this->request->getPost('tfa') == null ) { $sanitizedData['tfa'] = false; } - if ($this->request->getPost('status') == null ) { - $sanitizedData['status'] = false; + if ($this->request->getPost('blocked') == null ) { + $sanitizedData['blocked'] = false; + } + if ($this->request->getPost('last_ip') == null ) { + $sanitizedData['last_ip'] = '::1'; } - - $noException = true; if ($successfulResult = $this->canValidate()) : // if ($successfulResult = $this->validate($this->formValidationRules) ) : @@ -161,11 +191,25 @@ class Users extends \App\Controllers\GoBaseController { endif; + $user->fill($sanitizedData); + + $thenRedirect = true; endif; if ($noException && $successfulResult) : + $postData = $this->request->getPost(); + + $this->group_user_model->where('token_user', $user->token)->delete(); + foreach($currentGroups as $group){ + $group_user_data = [ + 'token_user' => $user->token, + 'token_group' => $group + ]; + $this->group_user_model->insert($group_user_data); + } + $id = $user->id_user ?? $id; $message = lang('Basic.global.updateSuccess', [mb_strtolower(lang('Users.user'))]).'.'; $message .= anchor(route_to('editUser', $id), lang('Basic.global.continueEditing').'?'); @@ -185,9 +229,11 @@ class Users extends \App\Controllers\GoBaseController { endif; // ($requestMethod === 'post') $this->viewData['user'] = $user; - $this->viewData['userGroupList'] = $this->getUserGroupListItems($user->group ?? null); - + $this->viewData['paisList'] = $this->getPaisListItems(); + $this->viewData['formAction'] = route_to('updateUser', $id); + + $this->viewData['selectedGroups'] = $this->group_user_model->select('token_group')->where('token_user', $user->token)->findAll(); $this->viewData['groups'] = $this->group_model->select('token,title')->findAll(); $this->viewData['boxTitle'] = lang('Basic.global.edit2').' '.lang('Users.user').' '.lang('Basic.global.edit3'); @@ -246,17 +292,29 @@ class Users extends \App\Controllers\GoBaseController { } } - protected function getUserGroupListItems($selId = null) { - $data = [''=>lang('Basic.global.pleaseSelectA', [mb_strtolower(lang('UserGroups.userGroup'))])]; - if (!empty($selId)) : - $userGroupModel = model('App\Models\Usuarios\UserGroupModel'); + + protected function getPaisListItems() { + $data = [''=>lang('Basic.global.pleaseSelectA', [mb_strtolower(lang('Pais.pais'))])]; + $paisModel = model('App\Models\Configuracion\PaisModel'); - $selOption = $userGroupModel->where('token', $selId)->findColumn('title'); - if (!empty($selOption)) : - $data[$selId] = $selOption[0]; - endif; - endif; - return $data; + $registers = $paisModel->findAll(); + + return $registers; + } + + protected function getGroupsPerUser() { + $tokens = $this->user_model->select('token')->findAll(); + $data = []; + foreach($tokens as $token){ + $groups = $this->group_user_model->select('token_group')->where('token_user', $token->token)->findAll(); + $groups_title = []; + foreach($groups as $group_token){ + array_push($groups_title, $this->group_model->select('title')->where('token', $group_token)->first()->title); + } + + $data[$token->token] = implode(',',$groups_title); + } + return $data; } } diff --git a/ci4/app/Models/Usuarios/UserModel.php b/ci4/app/Models/Usuarios/UserModel.php index 5770ae6c..bdf48715 100644 --- a/ci4/app/Models/Usuarios/UserModel.php +++ b/ci4/app/Models/Usuarios/UserModel.php @@ -38,11 +38,13 @@ class UserModel extends \App\Models\GoBaseModel "blocked", "email_confirmed", "status", + "token", ]; protected $returnType = "App\Entities\Usuarios\UserEntity"; public static $labelField = "first_name"; + protected $validationRules = [ "address" => [ "label" => "Users.address", @@ -50,7 +52,7 @@ class UserModel extends \App\Models\GoBaseModel ], "blocked" => [ "label" => "Users.blocked", - "rules" => "valid_date|permit_empty", + "rules" => "required|permit_empty", ], "city" => [ "label" => "Users.city", @@ -76,21 +78,17 @@ class UserModel extends \App\Models\GoBaseModel "label" => "Users.firstName", "rules" => "trim|required|max_length[150]", ], - "group" => [ - "label" => "Users.group", - "rules" => "trim|required|max_length[35]", - ], "language" => [ "label" => "Users.language", "rules" => "trim|required|max_length[10]", - ], + ],/* "last_access" => [ "label" => "Users.lastAccess", - "rules" => "required|valid_date", - ], + "rules" => "valid_date", + ],*/ "last_ip" => [ "label" => "Users.lastIp", - "rules" => "trim|required|max_length[50]", + "rules" => "max_length[50]", ], "last_name" => [ "label" => "Users.lastName", @@ -110,15 +108,7 @@ class UserModel extends \App\Models\GoBaseModel ], "state" => [ "label" => "Users.state", - "rules" => "trim|required|max_length[255]", - ], - "tfa_code" => [ - "label" => "Users.tfaCode", - "rules" => "trim|required|max_length[60]", - ], - "tfa_secret" => [ - "label" => "Users.tfaSecret", - "rules" => "trim|required|max_length[20]", + "rules" => "trim|max_length[255]", ], "zip_code" => [ "label" => "Users.zipCode", @@ -130,8 +120,9 @@ class UserModel extends \App\Models\GoBaseModel "address" => [ "max_length" => "Users.validation.address.max_length", ], + "blocked" => [ - "valid_date" => "Users.validation.blocked.valid_date", + "required" => "Users.validation.email_confirmed.required", ], "city" => [ "max_length" => "Users.validation.city.max_length", @@ -156,10 +147,7 @@ class UserModel extends \App\Models\GoBaseModel "max_length" => "Users.validation.first_name.max_length", "required" => "Users.validation.first_name.required", ], - "group" => [ - "max_length" => "Users.validation.group.max_length", - "required" => "Users.validation.group.required", - ], + "language" => [ "max_length" => "Users.validation.language.max_length", "required" => "Users.validation.language.required", @@ -192,14 +180,6 @@ class UserModel extends \App\Models\GoBaseModel "max_length" => "Users.validation.state.max_length", "required" => "Users.validation.state.required", ], - "tfa_code" => [ - "max_length" => "Users.validation.tfa_code.max_length", - "required" => "Users.validation.tfa_code.required", - ], - "tfa_secret" => [ - "max_length" => "Users.validation.tfa_secret.max_length", - "required" => "Users.validation.tfa_secret.required", - ], "zip_code" => [ "max_length" => "Users.validation.zip_code.max_length", ], diff --git a/ci4/app/Views/themes/_commonPartialsBs/_form_validation_errors.php b/ci4/app/Views/themes/_commonPartialsBs/_form_validation_errors.php index 4984d699..e34fc5d7 100644 --- a/ci4/app/Views/themes/_commonPartialsBs/_form_validation_errors.php +++ b/ci4/app/Views/themes/_commonPartialsBs/_form_validation_errors.php @@ -1,4 +1,3 @@ -theme['name'] == 'Bootstrap5') { ?> @@ -18,18 +17,3 @@ - -
-
-
- -

Please correct the errors below:

-
    - -
    • - -
-
-
-
- diff --git a/ci4/app/Views/themes/backend/focus2/form/user/_userFormItems.php b/ci4/app/Views/themes/backend/focus2/form/user/_userFormItems.php index 95190068..acfb00c9 100644 --- a/ci4/app/Views/themes/backend/focus2/form/user/_userFormItems.php +++ b/ci4/app/Views/themes/backend/focus2/form/user/_userFormItems.php @@ -19,14 +19,23 @@ - +
- + +
@@ -41,7 +50,7 @@ - +
@@ -64,8 +73,15 @@
@@ -99,7 +115,7 @@
- + language);?>