From ffa12a7d3e70a63b2cae34e1441f3b2521a6f9e1 Mon Sep 17 00:00:00 2001 From: Peter Rotich <peter@osticket.com> Date: Tue, 1 Apr 2014 20:07:16 +0000 Subject: [PATCH] Add abilility to delete users and organizations --- include/ajax.users.php | 22 ++++---- include/class.organization.php | 12 +---- include/class.user.php | 55 ++++++++++++++++---- include/staff/templates/org-delete.tmpl.php | 7 +++ include/staff/templates/user-delete.tmpl.php | 13 ++--- include/staff/user-view.inc.php | 1 - scp/ajax.php | 2 +- 7 files changed, 74 insertions(+), 38 deletions(-) diff --git a/include/ajax.users.php b/include/ajax.users.php index 05b4094e4..5529cf6c6 100644 --- a/include/ajax.users.php +++ b/include/ajax.users.php @@ -177,18 +177,22 @@ class UsersAjaxAPI extends AjaxController { elseif (!($user = User::lookup($id))) Http::response(404, 'Unknown user'); - //Switch to end user so we can get ticket stats - // fixme: use orm to get ticket count at the user model level. - $user = new EndUser($user); - $info = array(); - if ($_SERVER['REQUEST_METHOD'] == 'DELETE') { + if ($_POST) { + if ($user->tickets->count()) { + if (!$thisstaff->canDeleteTickets()) { + $info['error'] = 'You do not have permission to delete a user with tickets!'; + } elseif ($_POST['deletetickets']) { + foreach($user->tickets as $ticket) + $ticket->delete(); + } else { + $info['error'] = 'You cannot delete a user with tickets!'; + } + } - if ($user->getNumTickets()) - $info['error'] = 'You cannot delete a user with tickets!'; - elseif ($user->delete()) + if (!$info['error'] && $user->delete()) Http::response(204, 'User deleted successfully'); - else + elseif (!$info['error']) $info['error'] = 'Unable to delete user - try again!'; } diff --git a/include/class.organization.php b/include/class.organization.php index 18b9f537d..7f9fdec75 100644 --- a/include/class.organization.php +++ b/include/class.organization.php @@ -15,6 +15,7 @@ require_once(INCLUDE_DIR . 'class.orm.php'); require_once(INCLUDE_DIR . 'class.forms.php'); require_once(INCLUDE_DIR . 'class.dynamic_forms.php'); +require_once(INCLUDE_DIR . 'class.user.php'); class OrganizationModel extends VerySimpleModel { static $meta = array( @@ -29,12 +30,6 @@ class OrganizationModel extends VerySimpleModel { var $users; - static function objects() { - $qs = parent::objects(); - - return $qs; - } - function getId() { return $this->id; } @@ -44,9 +39,6 @@ class Organization extends OrganizationModel { var $_entries; var $_forms; - function __construct($ht) { - parent::__construct($ht); - } //XXX: Shouldn't getName use magic get method to figure this out? function getName() { @@ -251,6 +243,6 @@ class OrganizationForm extends DynamicForm { } -//Organization::_inspect(); +Organization::_inspect(); ?> diff --git a/include/class.user.php b/include/class.user.php index d51c61639..e5dbfd361 100644 --- a/include/class.user.php +++ b/include/class.user.php @@ -15,7 +15,6 @@ vim: expandtab sw=4 ts=4 sts=4: **********************************************************************/ require_once(INCLUDE_DIR . 'class.orm.php'); -require_once(INCLUDE_DIR . 'class.organization.php'); class UserEmailModel extends VerySimpleModel { static $meta = array( @@ -29,6 +28,30 @@ class UserEmailModel extends VerySimpleModel { ); } +class TicketModel extends VerySimpleModel { + static $meta = array( + 'table' => TICKET_TABLE, + 'pk' => array('ticket_id'), + 'joins' => array( + 'user' => array( + 'constraint' => array('user_id' => 'UserModel.id') + ) + ) + ); + + function getId() { + return $this->ticket_id; + } + + function delete() { + + if (($ticket=Ticket::lookup($this->getId())) && @$ticket->delete()) + return true; + + return false; + } +} + class UserModel extends VerySimpleModel { static $meta = array( 'table' => USER_TABLE, @@ -37,6 +60,9 @@ class UserModel extends VerySimpleModel { 'emails' => array( 'reverse' => 'UserEmailModel.user', ), + 'tickets' => array( + 'reverse' => 'TicketModel.user', + ), 'account' => array( 'list' => false, 'reverse' => 'UserAccount.user', @@ -49,6 +75,9 @@ class UserModel extends VerySimpleModel { ); var $emails; + var $tickets; + var $account; + static function objects() { $qs = parent::objects(); @@ -257,12 +286,6 @@ class User extends UserModel { return UserAccount::register($this, $vars, $errors); } - //TODO: Add organization support - function getOrg() { - return ''; - } - - function updateInfo($vars, &$errors) { $valid = true; @@ -333,11 +356,17 @@ class User extends UserModel { } function delete() { - //TODO: See about deleting other associated models. + // TODO: Refuse to delete user with tickets + // Re-enable it once orm support resetting intrumented list + if (0 && $this->tickets->count()) + return false; - // Delete email - if ($this->default_email) - $this->default_email->delete(); + // Delete account record (if any) + if ($this->getAccount()) + $this->getAccount()->delete(); + + // Delete emails. + $this->emails->expunge(); // Delete user return parent::delete(); @@ -536,6 +565,9 @@ class UserAccountModel extends VerySimpleModel { 'null' => false, 'constraint' => array('user_id' => 'UserModel.id') ), + 'org' => array( + 'constraint' => array('org_id' => 'OrganizationModel.id') + ), ), ); } @@ -867,6 +899,7 @@ class UserList implements IteratorAggregate, ArrayAccess { return $list ? implode(', ', $list) : ''; } } +require_once(INCLUDE_DIR . 'class.organization.php'); User::_inspect(); ?> diff --git a/include/staff/templates/org-delete.tmpl.php b/include/staff/templates/org-delete.tmpl.php index 17ab2bc6a..5b00aee55 100644 --- a/include/staff/templates/org-delete.tmpl.php +++ b/include/staff/templates/org-delete.tmpl.php @@ -37,6 +37,13 @@ if ($info['error']) { ?> </table> <div class="clear"></div> + <?php + if (($users=$org->users->count())) { ?> + <hr> + <div> <strong><?php echo sprintf('%d %s', $users, $users>1 ? 'users' : 'user'); + ?> assigned to this organization will be orphaned.</strong></div> + <?php + } ?> <hr> <form method="delete" class="org" action="#orgs/<?php echo $org->getId(); ?>/delete"> diff --git a/include/staff/templates/user-delete.tmpl.php b/include/staff/templates/user-delete.tmpl.php index 661bfa70e..ae9b5ca1c 100644 --- a/include/staff/templates/user-delete.tmpl.php +++ b/include/staff/templates/user-delete.tmpl.php @@ -47,20 +47,21 @@ if ($info['error']) { </table> <div class="clear"></div> <hr> + <form method="post" class="user" + action="#users/<?php echo $user->getId(); ?>/delete"> + <input type="hidden" name="id" value="<?php echo $user->getId(); ?>" /> + <?php - if ($user->getNumTickets()) { + if (($num=$user->tickets->count())) { echo sprintf('<div><input type="checkbox" name="deletetickets" value="1" > <strong>Delete <a href="tickets.php?a=search&uid=%d" target="_blank">%d %s</a> and any associated attachments and data.</strong></div><hr>', $user->getId(), - $user->getNumTickets(), - ($user->getNumTickets() >1) ? 'tickets' : 'ticket' + $num, + ($num >1) ? 'tickets' : 'ticket' ); } ?> - <form method="delete" class="user" - action="#users/<?php echo $user->getId(); ?>/delete"> - <input type="hidden" name="id" value="<?php echo $user->getId(); ?>" /> <p class="full-width"> <span class="buttons" style="float:left"> <input type="reset" value="Reset"> diff --git a/include/staff/user-view.inc.php b/include/staff/user-view.inc.php index 5ad4478c7..a548a9e05 100644 --- a/include/staff/user-view.inc.php +++ b/include/staff/user-view.inc.php @@ -4,7 +4,6 @@ if(!defined('OSTSCPINC') || !$thisstaff || !is_object($user)) die('Invalid path' $account = $user->getAccount(); $org = $account ? $account->getOrganization() : null; - ?> <table width="940" cellpadding="2" cellspacing="0" border="0"> <tr> diff --git a/scp/ajax.php b/scp/ajax.php index 65ce1c011..5a340bbce 100644 --- a/scp/ajax.php +++ b/scp/ajax.php @@ -84,7 +84,7 @@ $dispatcher = patterns('', url_get('^/(?P<id>\d+)/register$', 'register'), url_post('^/(?P<id>\d+)/register$', 'register'), url_get('^/(?P<id>\d+)/delete$', 'delete'), - url_delete('^/(?P<id>\d+)/delete$', 'delete'), + url_post('^/(?P<id>\d+)/delete$', 'delete'), url_get('^/(?P<id>\d+)/manage(?:/(?P<target>\w+))?$', 'manage'), url_post('^/(?P<id>\d+)/manage(?:/(?P<target>\w+))?$', 'manage'), url_get('^/(?P<id>\d+)/org(?:/(?P<orgid>\d+))?$', 'updateOrg'), -- GitLab