FOSSology  4.4.0
Open Source License Compliance by Open Source Software
user-del.php
1 <?php
2 /*
3  SPDX-FileCopyrightText: © 2008-2013 Hewlett-Packard Development Company, L.P.
4  SPDX-FileCopyrightText: © 2017 Siemens AG
5 
6  SPDX-License-Identifier: GPL-2.0-only
7 */
8 
9 require_once "user-del-helper.php";
10 define("TITLE_USER_DEL", _("Delete A User"));
11 
12 use \Fossology\Lib\Auth\Auth;
13 
18 class user_del extends FO_Plugin
19 {
20  function __construct()
21  {
22  $this->Name = "user_del";
23  $this->Title = TITLE_USER_DEL;
24  $this->MenuList = "Admin::Users::Delete";
25  $this->DBaccess = PLUGIN_DB_ADMIN;
26  $this->dbManager = $GLOBALS['container']->get('db.manager');
27 
28  parent::__construct();
29  }
30 
36  function Delete($UserId)
37  {
38  global $PG_CONN;
39  /* See if the user already exists */
40  $sql = "SELECT * FROM users WHERE user_pk = '$UserId' LIMIT 1;";
41  $result = pg_query($PG_CONN, $sql);
42  DBCheckResult($result, $sql, __FILE__, __LINE__);
43  $row = pg_fetch_assoc($result);
44  pg_free_result($result);
45  if (empty($row['user_name'])) {
46  $text = _("User does not exist.");
47  return ($text);
48  }
49 
50  /* Delete the users group
51  * First look up the users group_pk
52  */
53  $sql = "SELECT group_pk FROM groups WHERE group_name = '$row[user_name]' LIMIT 1;";
54  $result = pg_query($PG_CONN, $sql);
55  DBCheckResult($result, $sql, __FILE__, __LINE__);
56  $GroupRow = pg_fetch_assoc($result);
57  pg_free_result($result);
58 
59  /* Delete all the group user members for this user_pk */
60  $sql = "DELETE FROM group_user_member WHERE user_fk = '$UserId'";
61  $result = pg_query($PG_CONN, $sql);
62  DBCheckResult($result, $sql, __FILE__, __LINE__);
63  pg_free_result($result);
64 
65  /* Delete the user */
66  $sql = "DELETE FROM users WHERE user_pk = '$UserId';";
67  $result = pg_query($PG_CONN, $sql);
68  DBCheckResult($result, $sql, __FILE__, __LINE__);
69  pg_free_result($result);
70 
71  /* Now delete their group */
72  DeleteGroup($GroupRow['group_pk']);
73 
74  /* Make sure it was deleted */
75  $sql = "SELECT * FROM users WHERE user_name = '$UserId' LIMIT 1;";
76  $result = pg_query($PG_CONN, $sql);
77  DBCheckResult($result, $sql, __FILE__, __LINE__);
78  $rowCount = pg_num_rows($result);
79  pg_free_result($result);
80  if ($rowCount != 0) {
81  $text = _("Failed to delete user.");
82  return ($text);
83  }
84 
85  return(NULL);
86  } // Delete()
87 
91  public function Output()
92  {
93  global $PG_CONN;
94  $V="";
95  /* If this is a POST, then process the request. */
96  $User = GetParm('userid',PARM_TEXT);
97  $Confirm = GetParm('confirm',PARM_INTEGER);
98  if (! empty($User)) {
99  if ($Confirm != 1) {
100  $rc = "Deletion not confirmed. Not deleted.";
101  } else {
102  $rc = deleteUser($User, $this->dbManager);
103  }
104  if (empty($rc)) {
105  /* Need to refresh the screen */
106  $text = _("User deleted.");
107  $this->vars['message'] = $text;
108  } else {
109  $this->vars['message'] = $rc;
110  }
111  }
112 
113  /* Get the user list */
114  $currentUserId = Auth::getUserId();
115  $sql = "SELECT user_pk,user_name,user_desc FROM users WHERE user_pk != '$currentUserId' AND user_pk != '1' ORDER BY user_name";
116  $result = pg_query($PG_CONN, $sql);
117  DBCheckResult($result, $sql, __FILE__, __LINE__);
118  if (pg_num_rows($result) == 0) {
119  $V .= _("No users to delete.");
120  } else {
121  /* Build HTML form */
122  $V .= _("Deleting a user removes the user entry from the FOSSology system. The user's name, account information, and password will be <font color='red'>permanently</font> removed. (There is no 'undo' to this delete.)<P />\n");
123  $V .= "<form name='formy' method='POST'>\n"; // no url = this url
124  $V .= _("To delete a user, enter the following information:<P />\n");
125  $V .= "<ol>\n";
126  $V .= _("<li>Select the user to delete.<br />");
127  $V .= "<select name='userid' class='ui-render-select2'>\n";
128  while ($row = pg_fetch_assoc($result)) {
129  $V .= "<option value='" . $row['user_pk'] . "'>";
130  $V .= $row['user_name'];
131  $V .= "</option>\n";
132  }
133  $V .= "</select>\n";
134 
135  $text = _("Confirm user deletion");
136  $V .= "<P /><li>$text: <input type='checkbox' name='confirm' value='1'>";
137  $V .= "</ol>\n";
138 
139  $text = _("Delete");
140  $V .= "<input type='submit' value='$text'>\n";
141  $V .= "</form>\n";
142  }
143  pg_free_result($result);
144 
145  return $V;
146  }
147 }
148 
149 $NewPlugin = new user_del();
FO_Plugin
This is the Plugin class. All plugins should:
Definition: FO_Plugin.php:57
user_del
delete a user
Definition: user-del.php:19
user_del\Delete
Delete($UserId)
Delete a user.
Definition: user-del.php:36
user_del\__construct
__construct()
base constructor. Most plugins will just use this
Definition: user-del.php:20
user_del\Output
Output()
Generate the text for this plugin.
Definition: user-del.php:91
DBCheckResult
DBCheckResult($result, $sql, $filenm, $lineno)
Check the postgres result for unexpected errors. If found, treat them as fatal.
Definition: common-db.php:187
PARM_TEXT
const PARM_TEXT
Definition: common-parm.php:20
PARM_INTEGER
const PARM_INTEGER
Definition: common-parm.php:14
GetParm
GetParm($parameterName, $parameterType)
This function will retrieve the variables and check data types.
Definition: common-parm.php:46
DeleteGroup
DeleteGroup($group_pk)
Delete a group.
Definition: common-perms.php:213
PLUGIN_DB_ADMIN
#define PLUGIN_DB_ADMIN
Plugin requires admin level permission on DB.
Definition: libfossology.h:39
$PG_CONN
foreach($Options as $Option=> $OptVal) if(0==$reference_flag &&0==$nomos_flag) $PG_CONN
Definition: list_license.php:50
dbManager
fo_dbManager * dbManager
fo_dbManager object
Definition: process.c:16