Add ability to view users by group (#3484)

* Add ability to sort users by group, integration, active and banned * Sanitise get params * style: styleci fixes --------- Co-authored-by: Sam <samerton@users.noreply.github.com>
NamelessMC · Mar 9, 2024 · 639d989 · 639d989
1 parent 0c80570
commit 639d989
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 6 deletions.
diff --git a/custom/panel_templates/Default/core/groups.tpl b/custom/panel_templates/Default/core/groups.tpl
@@ -59,7 +59,7 @@
                       <td>{$group.order}</td>
                       <td>{$group.id}</td>
                       <td><a href="{$group.edit_link}">{$group.name}</a></td>
-                      <td>{$group.users}</td>
+                      <td><a href="{$group.users_link}">{$group.users}</a></td>
                       <td>
                         {if $group.staff}
                         <i class="fas fa-check-circle text-success"></i>

diff --git a/custom/panel_templates/Default/template.php b/custom/panel_templates/Default/template.php
@@ -306,6 +306,23 @@ public function onPageLoad()
                                 AssetTree::DATATABLES,
                             ]);
 
+                            $url_parameters = [];
+                            if (isset($_GET['group'])) {
+                                $url_parameters[] = 'group=' . Output::getClean($_GET['group']);
+                            }
+
+                            if (isset($_GET['integration'])) {
+                                $url_parameters[] = 'integration=' . Output::getClean($_GET['integration']);
+                            }
+
+                            if (isset($_GET['banned'])) {
+                                $url_parameters[] = 'banned=' . Output::getClean($_GET['banned']);
+                            }
+
+                            if (isset($_GET['active'])) {
+                                $url_parameters[] = 'active=' . Output::getClean($_GET['active']);
+                            }
+
                             $this->addJSScript('
                             $(document).ready(function() {
                                 var usersTable = $(\'.dataTables-users\').DataTable({
@@ -318,7 +335,7 @@ public function onPageLoad()
                                     responsive: true,
                                     processing: true,
                                     serverSide: true,
-                                    ajax: "' . URL::build('/queries/admin_users') . '",
+                                    ajax: "' . URL::build('/queries/admin_users', implode('&', $url_parameters)) . '",
                                     columns: [
                                         { data: "id", hidden: true },
                                         { data: "username" },

diff --git a/modules/Core/pages/panel/groups.php b/modules/Core/pages/panel/groups.php
@@ -509,6 +509,7 @@
             'edit_link' => URL::build('/panel/core/groups/', 'action=edit&group=' . urlencode($group->id)),
             'clone_link' => URL::build('/panel/core/groups/', 'action=clone&group=' . urlencode($group->id)),
             'users' => DB::getInstance()->query('SELECT COUNT(*) AS c FROM nl2_users_groups WHERE group_id = ?', [$group->id])->first()->c,
+            'users_link' => URL::build('/panel/users/', 'group=' . $group->id),
             'staff' => $group->staff
         ];
     }

diff --git a/modules/Core/queries/admin_users.php b/modules/Core/queries/admin_users.php
@@ -12,16 +12,48 @@
 
 $total = $db->query('SELECT COUNT(*) as `total` FROM nl2_users', [])->first()->total;
 $query = 'SELECT u.id, u.username, u.nickname, u.joined, u.gravatar, u.email, u.has_avatar, u.avatar_updated, IFNULL(nl2_users_integrations.identifier, \'none\') as uuid FROM nl2_users u LEFT JOIN nl2_users_integrations ON user_id=u.id AND integration_id=1';
-$where = '';
+$extra_query = '';
+$where = [];
 $order = '';
 $limit = '';
 $params = [];
 
+if (isset($_GET['group'])) {
+    $extra_query .= ' INNER JOIN nl2_users_groups ug ON u.id = ug.user_id';
+    $where[] = 'ug.group_id = ?';
+    $params[] = $_GET['group'];
+}
+
+if (isset($_GET['integration'])) {
+    $extra_query .= ' INNER JOIN nl2_users_integrations ui ON ui.user_id=u.id INNER JOIN nl2_integrations i ON i.id=ui.integration_id';
+    $where[] = 'i.name = ?';
+    $params[] = $_GET['integration'];
+}
+
+if (isset($_GET['banned'])) {
+    $where[] = '`u`.`isbanned` = ' . ($_GET['banned'] == 'true' ? '1' : '0');
+}
+
+if (isset($_GET['active'])) {
+    $where[] = '`u`.`active` = ' . ($_GET['active'] == 'true' ? '1' : '0');
+}
+
 if (isset($_GET['search']) && $_GET['search']['value'] != '') {
-    $where .= ' WHERE u.username LIKE ? OR u.nickname LIKE ? OR u.email LIKE ?';
+    $where[] = ' (u.username LIKE ? OR u.nickname LIKE ? OR u.email LIKE ?)';
     array_push($params, '%' . $_GET['search']['value'] . '%', '%' . $_GET['search']['value'] . '%', '%' . $_GET['search']['value'] . '%');
 }
 
+// Build where string
+$where_query = '';
+if (!empty($where)) {
+    $where_query .= ' WHERE ';
+    foreach ($where as $item) {
+        $where_query .= $item . ' AND ';
+    }
+    $where_query = rtrim($where_query, ' AND ');
+}
+$where = $where_query;
+
 if (isset($_GET['order']) && count($_GET['order'])) {
     $orderBy = [];
 
@@ -57,10 +89,10 @@
 }
 
 if (strlen($where) > 0) {
-    $totalFiltered = $db->query('SELECT COUNT(*) as `total` FROM nl2_users u' . $where, $params)->first()->total;
+    $totalFiltered = $db->query('SELECT COUNT(*) as `total` FROM nl2_users u ' . $extra_query . $where, $params)->first()->total;
 }
 
-$results = $db->query($query . $where . $order . $limit, $params)->results();
+$results = $db->query($query . $extra_query . $where . $order . $limit, $params)->results();
 $data = [];
 $groups = [];