Added back Accounts and Auth without almost working modals

Author: markc

public/index.php

@@ -10,28 +10,6 @@
 
 use HCP\Init;
 
-function dbg($var = null): void
-{
-    if (is_object($var)) {
-        $refobj = new \ReflectionObject($var);
-        // get all public and protected properties
-        $var = $refobj->getProperties(\ReflectionProperty::IS_PUBLIC);
-        $var = \array_merge($var, $refobj->getProperties(\ReflectionProperty::IS_PROTECTED));
-    }
-    ob_start();
-    print_r($var);
-    $ob = ob_get_contents();
-    ob_end_clean();
-    error_log($ob);
-}
-
-function elog(string $content): void
-{
-    if (DBG) {
-        error_log($content);
-    }
-}
-
 echo new Init(new class()
 {
     public $cfg = [
@@ -53,7 +31,7 @@ function elog(string $content): void
         'm' => 'list',              // Method (action)
         'o' => 'Home',              // Object (content)
         'r' => 'local',             // Remotes (local)
-        't' => 'TopNav',        // Theme (Default)
+        't' => 'TopNav',            // Theme (Default)
         'x' => '',                  // XHR (request)
     ];
 
@@ -71,6 +49,8 @@ function elog(string $content): void
         'end'  => '',
     ];
 
+    public $t;
+
     public $db = [
         'host' => '127.0.0.1',      // DB site
         'name' => 'sysadm',         // DB name
@@ -97,18 +77,18 @@ function elog(string $content): void
                 ['Phpmyadmin',  'phpmyadmin/',  'bi bi-globe'],
             ], 'bi bi-list'],
             ['Admin',       [
-                ['Accounts',    '?o=accounts',  'bi bi-people'],
-                ['Vhosts',      '?o=vhosts',    'bi bi-globe'],
-                ['Mailboxes',   '?o=vmails',    'bi bi-envelope'],
-                ['Aliases',     '?o=valias',    'bi bi-envelope-fill'],
-                ['DKIM',        '?o=dkim',      'bi bi-person-vcard'],
-                ['Domains',     '?o=domains',   'bi bi-server'],
+                ['Accounts',    '?o=Accounts',  'bi bi-people'],
+                ['Vhosts',      '?o=Vhosts',    'bi bi-globe'],
+                ['Mailboxes',   '?o=Vmails',    'bi bi-envelope'],
+                ['Aliases',     '?o=Valias',    'bi bi-envelope-fill'],
+                ['DKIM',        '?o=Dkim',      'bi bi-person-vcard'],
+                ['Domains',     '?o=Domains',   'bi bi-server'],
             ], 'bi bi-gear-fill'],
             ['Stats',       [
                 ['Sys Info',    '?o=InfoSys',   'bi bi-speedometer'],
                 ['Processes',   '?o=Processes', 'bi bi-diagram-2'],
-                ['Mail Info',   '?o=infomail',  'bi bi-envelope-fill'],
-                ['Mail Graph',  '?o=mailgraph', 'bi bi-envelope'],
+                ['Mail Info',   '?o=Infomail',  'bi bi-envelope-fill'],
+                ['Mail Graph',  '?o=Mailgraph', 'bi bi-envelope'],
             ], 'bi bi-graph-up'],
         ],
     ];
@@ -152,3 +132,25 @@ function elog(string $content): void
         9 => 'Anonymous',
     ];
 });
+
+function elog(string $content): void
+{
+    if (DBG) {
+        error_log($content);
+    }
+}
+
+function dbg($var = null): void
+{
+    if (is_object($var)) {
+        $refobj = new \ReflectionObject($var);
+        // get all public and protected properties
+        $var = $refobj->getProperties(\ReflectionProperty::IS_PUBLIC);
+        $var = \array_merge($var, $refobj->getProperties(\ReflectionProperty::IS_PROTECTED));
+    }
+    ob_start();
+    print_r($var);
+    $ob = ob_get_contents();
+    ob_end_clean();
+    error_log($ob);
+}

src/Db.php

@@ -15,7 +15,8 @@ public function __construct(array $dbcfg)
     {
         elog(__METHOD__);
 
-        dbg($dbcfg);
+        //dbg($dbcfg);
+
         if (is_null(self::$dbh)) {
             extract($dbcfg);
             $dsn = 'mysql' === $type
@@ -53,7 +54,7 @@ public static function create(array $ary)
  INSERT INTO `' . self::$tbl . "` ({$fields})
  VALUES ({$values})";
 
-        elog("sql={$sql}");
+        //elog("sql={$sql}");
 
         try {
             $stm = self::$dbh->prepare($sql);
@@ -84,7 +85,7 @@ public static function read(
  SELECT {$field}
    FROM `" . self::$tbl . "`{$w} {$extra}";
 
-        elog("sql={$sql}");
+        //elog("sql={$sql}");
 
         return self::qry($sql, $a, $type);
     }
@@ -112,7 +113,7 @@ public static function update(array $set, array $where)
  UPDATE `' . self::$tbl . "` SET{$set_str}
   WHERE{$where_str}";
 
-        elog("sql={$sql}");
+        //elog("sql={$sql}");
 
         try {
             $stm = self::$dbh->prepare($sql);
@@ -139,7 +140,7 @@ public static function delete(array $where)
  DELETE FROM `' . self::$tbl . "`
   WHERE {$where_str}";
 
-        elog("sql={$sql}");
+        //elog("sql={$sql}");
 
         try {
             $stm = self::$dbh->prepare($sql);
@@ -226,7 +227,7 @@ public static function simple($request, $table, $primaryKey, $columns, $extra =
             $where .= $where ? " AND ({$extra})" : " WHERE {$extra}";
         }
 
-        elog("where={$where}");
+        //elog("where={$where}");
 
         $query = "
  SELECT {$cols}
@@ -386,7 +387,7 @@ public static function sql_exec($db, $bindings, $sql = null, string $type = 'all
     {
         elog(__METHOD__);
 
-        elog("sql={$sql}");
+        //elog("sql={$sql}");
 
         // Argument shifting
         if (null === $sql) {

src/Init.php

@@ -25,6 +25,10 @@ private function initializeSession(object $g): void
         elog(__METHOD__);
 
         session_start();
+
+        //elog(var_export($_SESSION, true));
+        //$_SESSION  = [];
+
         $g->cfg['host'] ??= getenv('HOSTNAME');
         Util::cfg($g);
         $g->in = Util::esc($g->in);
@@ -56,6 +60,9 @@ private function loadTheme(object $g): void
             // Fallback to default Theme
             $this->theme = new Theme($g);
         }
+
+        // Assign theme instance to g->t for access in plugins
+        $g->t = $this->theme;
     }
 
     private function processPlugin(object $g): void
@@ -109,6 +116,10 @@ public function __toString(): string
         }
 
         if ($x) {
+            if ($x === 'html') {
+                return $g->out['main'];
+            }
+
             $out = $g->out[$x] ?? '';
             if ($out) {
                 header('Content-Type: application/json');

src/Plugin.php

@@ -25,8 +25,8 @@ public function __construct(public Theme $t)
         $o = $t->g->in['o'];
         $m = $t->g->in['m'];
 
-        if (!util::is_usr() && ('auth' !== $o || ('list' !== $m && 'create' !== $m && 'resetpw' !== $m))) {
-            util::redirect($t->g->cfg['self'] . '?o=auth');
+        if (!util::is_usr() && ('Auth' !== $o || ('list' !== $m && 'create' !== $m && 'resetpw' !== $m))) {
+            util::redirect($t->g->cfg['self'] . '?o=Auth');
         }
 
         $this->t = $t;
@@ -98,7 +98,7 @@ protected function update(): string
         return $this->read();
     }
 
-    protected function delete(): void
+    protected function delete(): string
     {
         elog(__METHOD__);
 
@@ -107,10 +107,11 @@ protected function delete(): void
                 $res = db::delete([['id', '=', $this->g->in['i']]]);
                 util::log('Item number ' . $this->g->in['i'] . ' removed', 'success');
                 util::relist();
+            } else {
+                util::log('Error deleting item');
             }
         }
-
-        util::log('Error deleting item');
+        return '';
     }
 
     protected function list(): string

src/Plugins/Accounts/Model.php

@@ -0,0 +1,115 @@
+<?php
+
+declare(strict_types=1);
+// lib/php/plugins/users.php 20150101 - 20200414
+// Copyright (C) 2015-2020 Mark Constable <markc@renta.net> (AGPL-3.0)
+
+namespace HCP\Plugins\Accounts;
+
+use HCP\Plugin;
+use HCP\Util;
+use HCP\Db;
+
+class Model extends Plugin
+{
+    protected string $tbl = 'accounts';
+    protected array $in = [
+        'grp'       => 1,
+        'acl'       => 2,
+        'vhosts'    => 1,
+        'login'     => '',
+        'fname'     => '',
+        'lname'     => '',
+        'altemail'  => '',
+    ];
+
+    protected function create(): string
+    {
+        elog(__METHOD__);
+
+        if (Util::is_adm()) return parent::create();
+        Util::log('You are not authorized to perform this action, please contact your administrator.');
+        Util::relist();
+        return '';
+    }
+
+    protected function read(): string
+    {
+        elog(__METHOD__);
+
+        $usr = Db::read('*', 'id', $this->g->in['i'], '', 'one');
+        if (!$usr) {
+            Util::log('User not found.');
+            Util::relist();
+            return '';
+        }
+
+        if (Util::is_acl(0)) {
+            // superadmin
+        } elseif (Util::is_acl(1)) { // normal admin
+            if ((int)$_SESSION['usr']['grp'] !== (int)$usr['grp']) {
+                Util::log('You are not authorized to perform this action.');
+                Util::relist();
+                return '';
+            }
+        } else { // Other users
+            if ((int)$_SESSION['usr']['id'] !== (int)$usr['id']) {
+                Util::log('You are not authorized to perform this action.');
+                Util::relist();
+                return '';
+            }
+        }
+        return $this->g->t->read($usr);
+    }
+
+    protected function delete(): string
+    {
+        elog(__METHOD__);
+
+        if (Util::is_post()) {
+            parent::delete();
+            return '';
+        }
+        return $this->g->t->delete();
+    }
+
+    protected function list(): string
+    {
+        elog(__METHOD__);
+
+        if ($this->g->in['x'] === 'json') {
+            $columns = [
+                ['dt' => null, 'db' => 'id'],
+                ['dt' => 0, 'db' => 'login', 'formatter' => function ($d, array $row): string {
+                    return '<b><a href="?o=Accounts&m=read&i=' . $row['id'] . '&x=html" class="bslink">' . $d . '</a></b>';
+                }],
+                ['dt' => 1, 'db' => 'fname'],
+                ['dt' => 2, 'db' => 'lname'],
+                ['dt' => 3, 'db' => 'altemail'],
+                ['dt' => 4, 'db' => 'acl', 'formatter' => function ($d): string {
+                    return $this->g->acl[is_string($d) ? (int)$d : $d];
+                }],
+                ['dt' => 5, 'db' => 'grp'],
+            ];
+            return json_encode(Db::simple($_GET, 'accounts', 'id', $columns));
+        }
+        return $this->g->t->list($this->in);
+    }
+
+    protected function switch_user(): string
+    {
+        elog(__METHOD__);
+
+        if (Util::is_adm() && !is_null($this->g->in['i'])) {
+            $usr = Db::read('id,acl,grp,login,fname,lname,webpw,cookie', 'id', $this->g->in['i'], '', 'one');
+            if ($usr) {
+                $_SESSION['usr'] = $usr;
+                Util::log('Switch to user: ' . $usr['login'], 'success');
+            }
+        } else {
+            Util::log('Not authorized to switch users');
+        }
+        Util::relist();
+        return '';
+    }
+}