mirror of
https://github.com/Mibew/java.git
synced 2025-01-23 01:50:34 +03:00
Added ability to disable operator's account
This commit is contained in:
Dmitriy Simushev
parent
7bd3e21ca8
commit
fbeba2a54f
@ -74,6 +74,7 @@ $dbtables = array(
|
||||
"vcemail" => "varchar(64)",
|
||||
"dtmlastvisited" => "datetime DEFAULT 0",
|
||||
"istatus" => "int DEFAULT 0", /* 0 - online, 1 - away */
|
||||
"idisabled" => "int DEFAULT 0",
|
||||
"vcavatar" => "varchar(255)",
|
||||
"vcjabbername" => "varchar(255)",
|
||||
"iperm" => "int DEFAULT 65535",
|
||||
@ -153,7 +154,7 @@ $memtables = array();
|
||||
$dbtables_can_update = array(
|
||||
"${mysqlprefix}chatthread" => array("agentId", "userTyping", "agentTyping", "messageCount", "nextagent", "shownmessageid", "userid", "userAgent", "groupid", "dtmchatstarted"),
|
||||
"${mysqlprefix}chatmessage" => array("agentId"),
|
||||
"${mysqlprefix}chatoperator" => array("vcavatar", "vcjabbername", "iperm", "istatus", "vcemail", "dtmrestore", "vcrestoretoken"),
|
||||
"${mysqlprefix}chatoperator" => array("vcavatar", "vcjabbername", "iperm", "istatus", "idisabled", "vcemail", "dtmrestore", "vcrestoretoken"),
|
||||
"${mysqlprefix}chatban" => array(),
|
||||
"${mysqlprefix}chatgroup" => array("vcemail"),
|
||||
"${mysqlprefix}chatgroupoperator" => array(),
|
||||
|
||||
@ -127,6 +127,10 @@ if ($act == "silentcreateall") {
|
||||
runsql("ALTER TABLE ${mysqlprefix}chatoperator ADD istatus int DEFAULT 0", $link);
|
||||
}
|
||||
|
||||
if (in_array("${mysqlprefix}chatoperator.idisabled", $absent)) {
|
||||
runsql("ALTER TABLE ${mysqlprefix}chatoperator ADD idisabled int DEFAULT 0 AFTER istatus", $link);
|
||||
}
|
||||
|
||||
if (in_array("${mysqlprefix}chatoperator.vcavatar", $absent)) {
|
||||
runsql("ALTER TABLE ${mysqlprefix}chatoperator ADD vcavatar varchar(255)", $link);
|
||||
}
|
||||
|
||||
@ -73,7 +73,7 @@ function operator_get_all()
|
||||
global $mysqlprefix;
|
||||
$link = connect();
|
||||
|
||||
$query = "select operatorid, vclogin, vclocalename, vccommonname, istatus, (unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time " .
|
||||
$query = "select operatorid, vclogin, vclocalename, vccommonname, istatus, idisabled, (unix_timestamp(CURRENT_TIMESTAMP)-unix_timestamp(dtmlastvisited)) as time " .
|
||||
"from ${mysqlprefix}chatoperator order by vclogin";
|
||||
$operators = select_multi_assoc($query, $link);
|
||||
close_connection($link);
|
||||
@ -98,6 +98,11 @@ function operator_is_away($operator)
|
||||
return $operator['istatus'] != 0 && $operator['time'] < $settings['online_timeout'] ? "1" : "";
|
||||
}
|
||||
|
||||
function operator_is_disabled($operator)
|
||||
{
|
||||
return $operator['idisabled'] == '1';
|
||||
}
|
||||
|
||||
function update_operator($operatorid, $login, $email, $password, $localename, $commonname)
|
||||
{
|
||||
global $mysqlprefix;
|
||||
@ -221,7 +226,7 @@ function check_login($redirect = true)
|
||||
if (isset($_COOKIE['webim_lite'])) {
|
||||
list($login, $pwd) = preg_split("/,/", $_COOKIE['webim_lite'], 2);
|
||||
$op = operator_by_login($login);
|
||||
if ($op && isset($pwd) && isset($op['vcpassword']) && md5($op['vcpassword']) == $pwd) {
|
||||
if ($op && isset($pwd) && isset($op['vcpassword']) && md5($op['vcpassword']) == $pwd && !operator_is_disabled($op)) {
|
||||
$_SESSION["${mysqlprefix}operator"] = $op;
|
||||
return $op;
|
||||
}
|
||||
|
||||
@ -328,6 +328,12 @@ page_agent.title=Operator details
|
||||
page_agents.agent_name=Name
|
||||
page_agents.agents=Full list of operators:
|
||||
page_agents.confirm=Are you sure that you want to delete operator "{0}"?
|
||||
page_agents.cannot.disable.admin=Cannot disable "admin".
|
||||
page_agents.cannot.disable.self=Cannot disable self.
|
||||
page_agents.disable.agent=disable
|
||||
page_agents.disable.not.allowed=You are not allowed to disable operators.
|
||||
page_agents.enable.agent=enable
|
||||
page_agents.enable.not.allowed=You are not allowed to enable operators.
|
||||
page_agents.intro=This page displays a list of company operators.
|
||||
page_agents.isaway=Away
|
||||
page_agents.isonline=Online
|
||||
@ -352,6 +358,7 @@ page_client.pending_users=You can find awaiting visitors.
|
||||
page_group.tab.main=General
|
||||
page_group.tab.members=Members
|
||||
page_login.error=Entered login/password is incorrect
|
||||
page_login.operator.disabled=Your account is temporarily blocked. Please contact system administrator.
|
||||
page_login.intro=Please enter your username and password to access administrative tools. See your visitors and browse the history.
|
||||
page_login.login=Login:
|
||||
page_login.password=Password:
|
||||
|
||||
@ -326,6 +326,12 @@ page_agent.title=
|
||||
page_agents.agent_name=Имя
|
||||
page_agents.agents=Полный список операторов:
|
||||
page_agents.confirm=Вы уверены что хотите удалить оператора "{0}"?
|
||||
page_agents.cannot.disable.admin=Невозможно заблокировать оператора "admin".
|
||||
page_agents.cannot.disable.self=Невозможно заблокировать себя.
|
||||
page_agents.disable.agent=заблокировать
|
||||
page_agents.disable.not.allowed=Вы не можете блокировать операторов.
|
||||
page_agents.enable.agent=разблокировать
|
||||
page_agents.enable.not.allowed=Вы не можете разблокировать операторов.
|
||||
page_agents.intro=На этой странице можно просмотреть список операторов компании и добавить нового при наличии соответствующих прав доступа.
|
||||
page_agents.isaway=Отошел
|
||||
page_agents.isonline=Доступен
|
||||
@ -352,6 +358,7 @@ page_group.tab.members=
|
||||
page_login.error=Введен неправильный логин или пароль
|
||||
page_login.intro=Пожалуйста, введите ваши имя и пароль для получения операторского доступа к системе.
|
||||
page_login.login=Логин:
|
||||
page_login.operator.disabled=Ваша учетная запись временно заблокированна. Пожалуйста, свяжитесь с администратором системы.
|
||||
page_login.password=Пароль:
|
||||
page_login.remember=Запомнить
|
||||
page_login.title=Вход в систему
|
||||
|
||||
@ -31,7 +31,7 @@ if (isset($_POST['login']) && isset($_POST['password'])) {
|
||||
$remember = isset($_POST['isRemember']) && $_POST['isRemember'] == "on";
|
||||
|
||||
$operator = operator_by_login($login);
|
||||
if ($operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password)) {
|
||||
if ($operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password) && !operator_is_disabled($operator)) {
|
||||
|
||||
$target = $password == ''
|
||||
? "$webimroot/operator/operator.php?op=" . $operator['operatorid']
|
||||
@ -42,8 +42,12 @@ if (isset($_POST['login']) && isset($_POST['password'])) {
|
||||
login_operator($operator, $remember);
|
||||
header("Location: $target");
|
||||
exit;
|
||||
} else {
|
||||
if (operator_is_disabled($operator)) {
|
||||
$errors[] = getlocal('page_login.operator.disabled');
|
||||
} else {
|
||||
$errors[] = getlocal("page_login.error");
|
||||
}
|
||||
$page['formlogin'] = $login;
|
||||
}
|
||||
}
|
||||
|
||||
@ -26,13 +26,14 @@ $operator = check_login();
|
||||
force_password($operator);
|
||||
|
||||
|
||||
if (isset($_GET['act']) && $_GET['act'] == 'del') {
|
||||
$operatorid = isset($_GET['id']) ? $_GET['id'] : "";
|
||||
if (isset($_GET['act'])) {
|
||||
|
||||
$operatorid = isset($_GET['id']) ? $_GET['id'] : "";
|
||||
if (!preg_match("/^\d+$/", $operatorid)) {
|
||||
$errors[] = "Cannot delete: wrong argument";
|
||||
$errors[] = getlocal("no_such_operator");
|
||||
}
|
||||
|
||||
if ($_GET['act'] == 'del') {
|
||||
if (!is_capable($can_administrate, $operator)) {
|
||||
$errors[] = "You are not allowed to remove operators";
|
||||
}
|
||||
@ -60,6 +61,35 @@ if (isset($_GET['act']) && $_GET['act'] == 'del') {
|
||||
exit;
|
||||
}
|
||||
}
|
||||
if ($_GET['act'] == 'disable' || $_GET['act'] == 'enable') {
|
||||
$act_disable = ($_GET['act'] == 'disable');
|
||||
if (!is_capable($can_administrate, $operator)) {
|
||||
$errors[] = $act_disable?getlocal('page_agents.disable.not.allowed'):getlocal('page_agents.enable.not.allowed');
|
||||
}
|
||||
|
||||
if ($operatorid == $operator['operatorid'] && $act_disable) {
|
||||
$errors[] = getlocal('page_agents.cannot.disable.self');
|
||||
}
|
||||
|
||||
if (count($errors) == 0) {
|
||||
$op = operator_by_id($operatorid);
|
||||
if (!$op) {
|
||||
$errors[] = getlocal("no_such_operator");
|
||||
} else if ($op['vclogin'] == 'admin' && $act_disable) {
|
||||
$errors[] = getlocal('page_agents.cannot.disable.admin');
|
||||
}
|
||||
}
|
||||
|
||||
if (count($errors) == 0) {
|
||||
$link = connect();
|
||||
perform_query("update ${mysqlprefix}chatoperator set idisabled = ".($act_disable?'1':'0')." where operatorid = $operatorid", $link);
|
||||
close_connection($link);
|
||||
|
||||
header("Location: $webimroot/operator/operators.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$page = array();
|
||||
$page['allowedAgents'] = operator_get_all();
|
||||
|
||||
@ -60,6 +60,7 @@ require_once('inc_errors.php');
|
||||
<?php echo getlocal("page_agents.status") ?>
|
||||
<?php if($page['canmodify']) { ?>
|
||||
</th><th>
|
||||
</th><th>
|
||||
<?php } ?>
|
||||
</th>
|
||||
</tr>
|
||||
@ -85,6 +86,13 @@ require_once('inc_errors.php');
|
||||
<?php } ?>
|
||||
</td>
|
||||
<?php if($page['canmodify']) { ?>
|
||||
<td>
|
||||
<?php if(operator_is_disabled($a)){ ?>
|
||||
<a href="<?php echo $webimroot ?>/operator/operators.php?act=enable&id=<?php echo $a['operatorid'] ?>"><?php echo getlocal("page_agents.enable.agent") ?></a>
|
||||
<?php }else{ ?>
|
||||
<a href="<?php echo $webimroot ?>/operator/operators.php?act=disable&id=<?php echo $a['operatorid'] ?>"><?php echo getlocal("page_agents.disable.agent") ?></a>
|
||||
<?php } ?>
|
||||
</td>
|
||||
<td>
|
||||
<a class="removelink" id="i<?php echo $a['operatorid'] ?>" href="<?php echo $webimroot ?>/operator/operators.php?act=del&id=<?php echo $a['operatorid'] ?>">
|
||||
remove
|
||||
|
||||
Loading…
Reference in New Issue
Block a user