diff options
-rw-r--r-- | include/ws_functions.inc.php | 40 | ||||
-rw-r--r-- | ws.php | 31 |
2 files changed, 52 insertions, 19 deletions
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php index 20bc8f658..4954ec726 100644 --- a/include/ws_functions.inc.php +++ b/include/ws_functions.inc.php @@ -3216,7 +3216,7 @@ SELECT COUNT(*) GROUPS_TABLE, array( 'name' => $params['name'], - 'is_default' => $params['is_default'], + 'is_default' => boolean_to_string($params['is_default']), ) ); @@ -3312,7 +3312,7 @@ SELECT COUNT(*) if ($params['is_default'] !== null) { - $updates['is_default'] = $params['is_default']; + $updates['is_default'] = boolean_to_string($params['is_default']); } single_update( @@ -3554,7 +3554,7 @@ function ws_users_delete($params, &$service) */ function ws_users_setInfo($params, &$service) { - global $conf; + global $conf, $user; include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); @@ -3563,7 +3563,7 @@ function ws_users_setInfo($params, &$service) return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.'); } - $updates = array(); + $updates = $updates_infos = array(); $params = array_map('trim', $params); if (!empty($params['username'])) @@ -3594,11 +3594,43 @@ function ws_users_setInfo($params, &$service) $updates[ $conf['user_fields']['password'] ] = $conf['password_hash']($params['password']); } + if (!empty($params['status'])) + { + if ( $params['status'] == 'webmaster' and !is_webmaster() ) + { + return new PwgError(403, 'Only webmasters can grant "webmaster" status'); + } + if ( $user['id'] == $params['user_id'] ) + { + $params['status'] = $user['status']; + } + if ( $conf['guest_id'] == $params['user_id'] ) + { + $params['status'] = 'guest'; + } + $updates_infos['status'] = $params['status']; + } + + if ($params['level'] !== null) + { + if ( !in_array($params['level'], $conf['available_permission_levels']) ) + { + return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level'); + } + $updates_infos['level'] = $params['level']; + } + single_update( USERS_TABLE, $updates, array($conf['user_fields']['id'] => $params['user_id']) ); + + single_update( + USER_INFOS_TABLE, + $updates_infos, + array('user_id' => $params['user_id']) + ); return $service->invoke('pwg.users.getList', array('user_id' => $params['user_id'])); } @@ -707,10 +707,9 @@ function ws_addDefaultMethods( $arr ) 'pwg.groups.getList', 'ws_groups_getList', array( - 'group_id' => array('default'=>null, - 'flags'=>WS_PARAM_FORCE_ARRAY, + 'group_id' => array('flags'=>WS_PARAM_OPTIONAL|WS_PARAM_FORCE_ARRAY, 'type'=>WS_TYPE_ID), - 'name' => array('default'=>null, + 'name' => array('flags'=>WS_PARAM_OPTIONAL, 'info'=>'Use "%" as wildcard.'), 'per_page' => array('default'=>100, 'maxValue'=>$conf['ws_max_users_per_page'], @@ -755,8 +754,8 @@ function ws_addDefaultMethods( $arr ) 'ws_groups_setInfo', array( 'group_id' => array('type'=>WS_TYPE_ID), - 'name' => array('default'=>null), - 'is_default' => array('default'=>null, + 'name' => array('flags'=>WS_PARAM_OPTIONAL), + 'is_default' => array('flags'=>WS_PARAM_OPTIONAL, 'type'=>WS_TYPE_BOOL), ), '<b>Admin & POST only.</b> Updates a group. Leave a field blank to keep the current value.', @@ -794,19 +793,16 @@ function ws_addDefaultMethods( $arr ) 'pwg.users.getList', 'ws_users_getList', array( - 'user_id' => array('default'=>null, - 'flags'=>WS_PARAM_FORCE_ARRAY, + 'user_id' => array('flags'=>WS_PARAM_OPTIONAL|WS_PARAM_FORCE_ARRAY, 'type'=>WS_TYPE_ID), - 'username' => array('default'=>null, + 'username' => array('flags'=>WS_PARAM_OPTIONAL, 'info'=>'Use "%" as wildcard.'), - 'status' => array('default'=>null, - 'flags'=>WS_PARAM_FORCE_ARRAY, + 'status' => array('flags'=>WS_PARAM_OPTIONAL|WS_PARAM_FORCE_ARRAY, 'info'=>'guest,generic,normal,admin,webmaster'), 'min_level' => array('default'=>0, 'maxValue'=>max($conf['available_permission_levels']), 'type'=>WS_TYPE_INT|WS_TYPE_POSITIVE), - 'group_id' => array('default'=>null, - 'flags'=>WS_PARAM_FORCE_ARRAY, + 'group_id' => array('flags'=>WS_PARAM_OPTIONAL|WS_PARAM_FORCE_ARRAY, 'type'=>WS_TYPE_ID), 'per_page' => array('default'=>100, 'maxValue'=>$conf['ws_max_users_per_page'], @@ -851,9 +847,14 @@ function ws_addDefaultMethods( $arr ) 'ws_users_setInfo', array( 'user_id' => array('type'=>WS_TYPE_ID), - 'username' => array('default'=>null), - 'password' => array('default'=>null), - 'email' => array('default'=>null), + 'username' => array('flags'=>WS_PARAM_OPTIONAL), + 'password' => array('flags'=>WS_PARAM_OPTIONAL), + 'email' => array('flags'=>WS_PARAM_OPTIONAL), + 'status' => array('flags'=>WS_PARAM_OPTIONAL, + 'info'=>'generic,normal,admin'), + 'level'=> array('flags'=>WS_PARAM_OPTIONAL, + 'maxValue'=>max($conf['available_permission_levels']), + 'type'=>WS_TYPE_INT|WS_TYPE_POSITIVE), ), '<b>Admin & POST only.</b> Updates a user. Leave a field blank to keep the current value.', null, |