emoncms · TrystanLea · Nov 3, 2023 · Nov 3, 2023
diff --git a/.gitignore b/.gitignore
@@ -24,5 +24,4 @@ Modules/*/
 !Modules/time/
 !Modules/user/
 !Modules/vis/
-
 /vendor/
diff --git a/Modules/user/deleteuser.php b/Modules/user/deleteuser.php
@@ -4,6 +4,11 @@
 
 function delete_user($userid,$mode) {
 
+    $dryrun = true;
+    if ($mode=="permanentdelete") {
+        $dryrun = false;
+    }
+
     global $mysqli,$redis,$user,$settings;
 
     $result1 = $mysqli->query("SELECT id,apikey_read,apikey_write FROM users WHERE id=$userid");
@@ -54,6 +59,16 @@ function delete_user($userid,$mode) {
             }
         }
 
+        // It would be better to implement some kind of standard interface for this
+        if (file_exists("Modules/account/account_model.php")) {
+            require_once("Modules/account/account_model.php");
+            $account_class = new Accounts($mysqli, $redis, $user);
+            $account_result = $account_class->delete_user($userid, $dryrun);
+            if ($account_result['success']) {
+                $result .= "- ".$account_result['message']."\n";
+            }
+        }
+
         $result .= "- user entry\n";
         if ($mode=="permanentdelete") $mysqli->query("DELETE FROM users WHERE `id` = '$userid'");
 

diff --git a/Modules/user/user_model.php b/Modules/user/user_model.php
@@ -38,6 +38,10 @@ public function __construct($mysqli,$redis)
         $this->redis = $redis;
         $this->log = new EmonLogger(__FILE__);
     }
+
+    public function set_email_verification($email_verification) {
+        $this->email_verification = $email_verification;
+    }
 
     //---------------------------------------------------------------------------------------
     // Core session methods
@@ -410,12 +414,25 @@ public function login($username, $password, $remembermecheck, $referrer='')
         }
         else
         {
+            // Default write access
+            if (!isset($userData->access)) $userData->access = 2;
+
+            // If no access via login
+            if ($userData->access==0) {
+                return array('success'=>false, 'message'=>_("Login disabled for this account"));
+            }
+
             session_regenerate_id();
             $_SESSION['userid'] = $userData->id;
             $_SESSION['username'] = $username;
-            $_SESSION['read'] = 1;
-            $_SESSION['write'] = 1;
-            $_SESSION['admin'] = $userData->admin;
+
+            if ($userData->access>0) { 
+                $_SESSION['read'] = 1;
+            }
+            if ($userData->access>1) {
+                $_SESSION['write'] = 1;
+                $_SESSION['admin'] = $userData->admin;
+            }
             $_SESSION['lang'] = $userData->language;
             $_SESSION['timezone'] = $userData->timezone;
             $_SESSION['startingpage'] = $userData->startingpage;
@@ -772,6 +789,22 @@ public function set_timezone($userid,$timezone)
         $stmt->execute();
         $stmt->close();
     }
+
+    //---------------------------------------------------------------------------------------
+    // Access
+    //---------------------------------------------------------------------------------------
+    public function set_access($userid, $access) {
+        $userid = (int) $userid;
+        $access = (int) $access;
+        $this->mysqli->query("UPDATE users SET `access`='$access' WHERE `id`='$userid'");
+    }
+
+    public function get_access($userid) {
+        $userid = (int) $userid;
+        $result = $this->mysqli->query("SELECT `access` FROM users WHERE `id`='$userid'");
+        $data = $result->fetch_object();
+        return $data->access;
+    }
 
     //---------------------------------------------------------------------------------------
     // Special methods

diff --git a/Modules/user/user_schema.php b/Modules/user/user_schema.php
@@ -9,6 +9,8 @@
     'apikey_write' => array('type' => 'varchar(64)'),
     'apikey_read' => array('type' => 'varchar(64)'),
     'lastlogin' => array('type' => 'datetime'),
+    // Via username & password login (0: no access, 1: read access, 2: write access)
+    'access' => array('type' => 'int(11)', 'default'=>2),
     'admin' => array('type' => 'int(11)', 'Null'=>false),
 
     // User profile fields

diff --git a/Theme/theme.php b/Theme/theme.php
@@ -56,7 +56,7 @@
         <div class="menu-top bg-menu-top">
             <div class="menu-l1"><ul></ul></div>
             <div class="menu-tr"><ul>
-
+            
             <?php if ($session["read"]) { ?>
             <li class="<?php echo $session["gravatar"]?'':'no-'; ?>gravitar dropdown"><a id="user-dropdown" href="#" title="<?php echo $session["username"]." ".($session['admin']?'(Admin)':'')?>" class="grav-container img-circle d-flex dropdown-toggle" data-toggle="dropdown">
             <?php if (!$session["gravatar"]) { ?>
@@ -71,6 +71,10 @@
                     <li><a href="<?php echo $path; ?>user/view" title="<?php echo _("My Account"); ?>" style="line-height:30px"><svg class="icon"><use xlink:href="#icon-user"></use></svg> <?php echo _("My Account"); ?></a></li>
                     <li class="divider"><a href="#"></a></li>
                     <?php } ?>
+                    <?php if (isset($_SESSION['adminuser'])) { ?>
+                    <li><a href="<?php echo $path; ?>account/switch" title="<?php echo _("Admin"); ?>" style="line-height:30px"><svg class="icon"><use xlink:href="#icon-logout"></use></svg> <?php echo _("Admin"); ?></a></li>
+                    <li class="divider"><a href="#"></a></li>
+                    <?php } ?>
                     <li><a href="<?php echo $path; ?>user/logout" title="<?php echo _("Logout"); ?>" style="line-height:30px"><svg class="icon"><use xlink:href="#icon-logout"></use></svg> <?php echo _("Logout"); ?></a></li>
                 </ul>
             </li>