From e468f3c558dcf1c992309fe8382b91b01c2dab6a Mon Sep 17 00:00:00 2001
From: Frédéric Guillot <fred@kanboard.net>
Date: Sun, 17 Aug 2014 15:54:02 -0700
Subject: Fix bug #197: admin flag removed after a user update
---
app/Model/User.php | 61 +++++++++++++++++++++++++++---------------------------
1 file changed, 30 insertions(+), 31 deletions(-)
(limited to 'app')
diff --git a/app/Model/User.php b/app/Model/User.php
index 19ec0494..cfabd342 100644
--- a/app/Model/User.php
+++ b/app/Model/User.php
@@ -112,30 +112,50 @@ class User extends Base
}
/**
- * Add a new user in the database
+ * Prepare values before an update or a create
*
* @access public
- * @param array $values Form values
- * @return boolean
+ * @param array $values Form values
*/
- public function create(array $values)
+ public function prepare(array &$values)
{
+ if (isset($values['password'])) {
+
+ if (! empty($values['password'])) {
+ $values['password'] = \password_hash($values['password'], PASSWORD_BCRYPT);
+ }
+ else {
+ unset($values['password']);
+ }
+ }
+
if (isset($values['confirmation'])) {
unset($values['confirmation']);
}
- if (isset($values['password'])) {
- $values['password'] = \password_hash($values['password'], PASSWORD_BCRYPT);
+ if (isset($values['current_password'])) {
+ unset($values['current_password']);
}
- if (empty($values['is_admin'])) {
+ if (isset($values['is_admin']) && empty($values['is_admin'])) {
$values['is_admin'] = 0;
}
- if (empty($values['is_ldap_user'])) {
+ if (isset($values['is_ldap_user']) && empty($values['is_ldap_user'])) {
$values['is_ldap_user'] = 0;
}
+ }
+ /**
+ * Add a new user in the database
+ *
+ * @access public
+ * @param array $values Form values
+ * @return boolean
+ */
+ public function create(array $values)
+ {
+ $this->prepare($values);
return $this->db->table(self::TABLE)->save($values);
}
@@ -148,31 +168,10 @@ class User extends Base
*/
public function update(array $values)
{
- if (! empty($values['password'])) {
- $values['password'] = \password_hash($values['password'], PASSWORD_BCRYPT);
- }
- else {
- unset($values['password']);
- }
-
- if (isset($values['confirmation'])) {
- unset($values['confirmation']);
- }
-
- if (isset($values['current_password'])) {
- unset($values['current_password']);
- }
-
- if (empty($values['is_admin'])) {
- $values['is_admin'] = 0;
- }
-
- if (empty($values['is_ldap_user'])) {
- $values['is_ldap_user'] = 0;
- }
-
+ $this->prepare($values);
$result = $this->db->table(self::TABLE)->eq('id', $values['id'])->update($values);
+ // If the user is connected refresh his session
if (session_id() !== '' && $_SESSION['user']['id'] == $values['id']) {
$this->updateSession();
}
--
cgit v1.2.3