add Ftps.list and Ftps.delete
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -90,66 +90,11 @@ if ($page == 'overview') {
|
|||||||
|
|
||||||
if (isset($result['username']) && $result['username'] != $userinfo['loginname']) {
|
if (isset($result['username']) && $result['username'] != $userinfo['loginname']) {
|
||||||
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
||||||
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
|
try {
|
||||||
SET `up_count` = `up_count` + :up_count,
|
Ftps::getLocal($userinfo, $_POST)->delete();
|
||||||
`up_bytes` = `up_bytes` + :up_bytes,
|
} catch (Exception $e) {
|
||||||
`down_count` = `down_count` + :down_count,
|
dynamic_error($e->getMessage());
|
||||||
`down_bytes` = `down_bytes` + :down_bytes
|
|
||||||
WHERE `username` = :username"
|
|
||||||
);
|
|
||||||
$params = array(
|
|
||||||
"up_count" => $result['up_count'],
|
|
||||||
"up_bytes" => $result['up_bytes'],
|
|
||||||
"down_count" => $result['down_count'],
|
|
||||||
"down_bytes" => $result['down_bytes'],
|
|
||||||
"username" => $userinfo['loginname']
|
|
||||||
);
|
|
||||||
Database::pexecute($stmt, $params);
|
|
||||||
|
|
||||||
$result_stmt = Database::prepare("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "`
|
|
||||||
WHERE `customerid` = :customerid
|
|
||||||
AND `id` = :id"
|
|
||||||
);
|
|
||||||
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
|
|
||||||
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
|
|
||||||
|
|
||||||
$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = :name");
|
|
||||||
Database::pexecute($stmt, array("name" => $result['username']));
|
|
||||||
|
|
||||||
$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_USERS . "`
|
|
||||||
WHERE `customerid` = :customerid
|
|
||||||
AND `id` = :id"
|
|
||||||
);
|
|
||||||
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
|
|
||||||
|
|
||||||
$stmt = Database::prepare("
|
|
||||||
UPDATE `" . TABLE_FTP_GROUPS . "` SET
|
|
||||||
`members` = REPLACE(`members`, :username,'')
|
|
||||||
WHERE `customerid` = :customerid
|
|
||||||
");
|
|
||||||
Database::pexecute($stmt, array("username" => ",".$result['username'], "customerid" => $userinfo['customerid']));
|
|
||||||
|
|
||||||
$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
|
|
||||||
|
|
||||||
$resetaccnumber = ($userinfo['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';
|
|
||||||
|
|
||||||
// refs #293
|
|
||||||
if (isset($_POST['delete_userfiles']) && (int)$_POST['delete_userfiles'] == 1) {
|
|
||||||
inserttask('8', $userinfo['loginname'], $result['homedir']);
|
|
||||||
} else {
|
|
||||||
if (Settings::Get('system.nssextrausers') == 1)
|
|
||||||
{
|
|
||||||
// this is used so that the libnss-extrausers cron is fired
|
|
||||||
inserttask(5);
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
|
|
||||||
SET `ftps_used` = `ftps_used` - 1 $resetaccnumber
|
|
||||||
WHERE `customerid` = :customerid"
|
|
||||||
);
|
|
||||||
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
|
|
||||||
|
|
||||||
redirectTo($filename, array('page' => $page, 's' => $s));
|
redirectTo($filename, array('page' => $page, 's' => $s));
|
||||||
} else {
|
} else {
|
||||||
ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
|
ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
|
||||||
|
|||||||
@@ -86,9 +86,186 @@ class Ftps extends ApiCommand implements ResourceEntity
|
|||||||
public function update()
|
public function update()
|
||||||
{}
|
{}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* list all ftp-users, if called from an admin, list all ftp-users of all customers you are allowed to view, or specify id or loginname for one specific customer
|
||||||
|
*
|
||||||
|
* @param int $customerid
|
||||||
|
* optional, admin-only, select ftp-users of a specific customer by id
|
||||||
|
* @param string $loginname
|
||||||
|
* optional, admin-only, select ftp-users of a specific customer by loginname
|
||||||
|
*
|
||||||
|
* @access admin, customer
|
||||||
|
* @throws Exception
|
||||||
|
* @return array count|list
|
||||||
|
*/
|
||||||
public function list()
|
public function list()
|
||||||
{}
|
{
|
||||||
|
if ($this->isAdmin()) {
|
||||||
|
// if we're an admin, list all ftp-users of all the admins customers
|
||||||
|
// or optionally for one specific customer identified by id or loginname
|
||||||
|
$customerid = $this->getParam('customerid', true, 0);
|
||||||
|
$loginname = $this->getParam('loginname', true, '');
|
||||||
|
|
||||||
|
if (! empty($customer_id) || ! empty($loginname)) {
|
||||||
|
$json_result = Customers::getLocal($this->getUserData(), array(
|
||||||
|
'id' => $customerid,
|
||||||
|
'loginname' => $loginname
|
||||||
|
))->get();
|
||||||
|
$custom_list_result = array(
|
||||||
|
json_decode($json_result, true)['data']
|
||||||
|
);
|
||||||
|
} else {
|
||||||
|
$json_result = Customers::getLocal($this->getUserData())->list();
|
||||||
|
$custom_list_result = json_decode($json_result, true)['data']['list'];
|
||||||
|
}
|
||||||
|
$customer_ids = array();
|
||||||
|
foreach ($custom_list_result as $customer) {
|
||||||
|
$customer_ids[] = $customer['customerid'];
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (Settings::IsInList('panel.customer_hide_options', 'ftp')) {
|
||||||
|
throw new Exception("You cannot access this resource", 405);
|
||||||
|
}
|
||||||
|
$customer_ids = array(
|
||||||
|
$this->getUserDetail('customerid')
|
||||||
|
);
|
||||||
|
}
|
||||||
|
$result = array();
|
||||||
|
$params['customerid'] = implode(", ", $customer_ids);
|
||||||
|
$result_stmt = Database::prepare("
|
||||||
|
SELECT * FROM `" . TABLE_FTP_USERS . "`
|
||||||
|
WHERE `customerid` IN (:customerid)
|
||||||
|
");
|
||||||
|
Database::pexecute($result_stmt, $params);
|
||||||
|
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
|
||||||
|
$result[] = $row;
|
||||||
|
}
|
||||||
|
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_NOTICE, "[API] list ftp-users");
|
||||||
|
return $this->response(200, "successfull", array(
|
||||||
|
'count' => count($result),
|
||||||
|
'list' => $result
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* delete a ftp-user by either id or username
|
||||||
|
*
|
||||||
|
* @param int $id
|
||||||
|
* optional, the ftp-user-id
|
||||||
|
* @param string $username
|
||||||
|
* optional, the username
|
||||||
|
* @param bool $delete_userfiles
|
||||||
|
* optional, default false
|
||||||
|
*
|
||||||
|
* @access admin, customer
|
||||||
|
* @throws Exception
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
public function delete()
|
public function delete()
|
||||||
{}
|
{
|
||||||
|
$id = $this->getParam('id', true, 0);
|
||||||
|
$un_optional = ($id <= 0 ? false : true);
|
||||||
|
$username = $this->getParam('username', $un_optional, '');
|
||||||
|
$delete_userfiles = $this->getParam('delete_userfiles', true, 0);
|
||||||
|
|
||||||
|
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'ftp')) {
|
||||||
|
throw new Exception("You cannot access this resource", 405);
|
||||||
|
}
|
||||||
|
|
||||||
|
// get ftp-user
|
||||||
|
$json_result = Ftps::getLocal($this->getUserData(), array(
|
||||||
|
'id' => $id,
|
||||||
|
'username' => $username
|
||||||
|
))->get();
|
||||||
|
$result = json_decode($json_result, true)['data'];
|
||||||
|
$id = $result['id'];
|
||||||
|
|
||||||
|
if ($this->isAdmin()) {
|
||||||
|
// get customer-data
|
||||||
|
$json_result = Customers::getLocal($this->getUserData(), array(
|
||||||
|
'id' => $result['customerid']
|
||||||
|
))->get();
|
||||||
|
$customer_data = json_decode($json_result, true)['data'];
|
||||||
|
} else {
|
||||||
|
$customer_data = $this->getUserData();
|
||||||
|
}
|
||||||
|
|
||||||
|
// add usage of this ftp-user to main-ftp user of customer if different
|
||||||
|
if ($result['username'] != $customer_data['loginname']) {
|
||||||
|
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
|
||||||
|
SET `up_count` = `up_count` + :up_count,
|
||||||
|
`up_bytes` = `up_bytes` + :up_bytes,
|
||||||
|
`down_count` = `down_count` + :down_count,
|
||||||
|
`down_bytes` = `down_bytes` + :down_bytes
|
||||||
|
WHERE `username` = :username
|
||||||
|
");
|
||||||
|
$params = array(
|
||||||
|
"up_count" => $result['up_count'],
|
||||||
|
"up_bytes" => $result['up_bytes'],
|
||||||
|
"down_count" => $result['down_count'],
|
||||||
|
"down_bytes" => $result['down_bytes'],
|
||||||
|
"username" => $customer_data['loginname']
|
||||||
|
);
|
||||||
|
Database::pexecute($stmt, $params, true, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
// remove all quotatallies
|
||||||
|
$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = :name");
|
||||||
|
Database::pexecute($stmt, array(
|
||||||
|
"name" => $result['username']
|
||||||
|
), true, tue);
|
||||||
|
|
||||||
|
// remove user itself
|
||||||
|
$stmt = Database::prepare("
|
||||||
|
DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid` = :customerid AND `id` = :id
|
||||||
|
");
|
||||||
|
Database::pexecute($stmt, array(
|
||||||
|
"customerid" => $customer_data['customerid'],
|
||||||
|
"id" => $id
|
||||||
|
), true, true);
|
||||||
|
|
||||||
|
// update ftp-groups
|
||||||
|
$stmt = Database::prepare("
|
||||||
|
UPDATE `" . TABLE_FTP_GROUPS . "` SET
|
||||||
|
`members` = REPLACE(`members`, :username,'')
|
||||||
|
WHERE `customerid` = :customerid
|
||||||
|
");
|
||||||
|
Database::pexecute($stmt, array(
|
||||||
|
"username" => "," . $result['username'],
|
||||||
|
"customerid" => $customer_data['customerid']
|
||||||
|
), true, true);
|
||||||
|
|
||||||
|
$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
|
||||||
|
|
||||||
|
// refs #293
|
||||||
|
if ($delete_userfiles == 1) {
|
||||||
|
inserttask('8', $customer_data['loginname'], $result['homedir']);
|
||||||
|
} else {
|
||||||
|
if (Settings::Get('system.nssextrausers') == 1) {
|
||||||
|
// this is used so that the libnss-extrausers cron is fired
|
||||||
|
inserttask(5);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// decrease ftp-user usage for customer
|
||||||
|
$resetaccnumber = ($customer_data['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';
|
||||||
|
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
|
||||||
|
SET `ftps_used` = `ftps_used` - 1 $resetaccnumber
|
||||||
|
WHERE `customerid` = :customerid");
|
||||||
|
Database::pexecute($stmt, array(
|
||||||
|
"customerid" => $customer_data['customerid']
|
||||||
|
), true, true);
|
||||||
|
// update admin usage
|
||||||
|
$stmt = Database::prepare("
|
||||||
|
UPDATE `" . TABLE_PANEL_ADMINS . "`
|
||||||
|
SET `mysqls_used` = `mysqls_used` - 1
|
||||||
|
WHERE `adminid` = :adminid
|
||||||
|
");
|
||||||
|
Database::pexecute($stmt, array(
|
||||||
|
"adminid" => ($this->isAdmin() ? $customer_data['adminid'] : $this->getUserDetail('adminid'))
|
||||||
|
), true, true);
|
||||||
|
|
||||||
|
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_WARNING, "[API] deleted ftp-user '" . $result['username'] . "'");
|
||||||
|
return $this->response(200, "successfull", $result);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -440,6 +440,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
|||||||
* optional, admin-only, select dbs of a specific customer by loginname
|
* optional, admin-only, select dbs of a specific customer by loginname
|
||||||
*
|
*
|
||||||
* @access admin, customer
|
* @access admin, customer
|
||||||
|
* @throws Exception
|
||||||
* @return array count|list
|
* @return array count|list
|
||||||
*/
|
*/
|
||||||
public function list()
|
public function list()
|
||||||
@@ -560,7 +561,6 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
|||||||
Database::needRoot(true, $result['dbserver']);
|
Database::needRoot(true, $result['dbserver']);
|
||||||
$dbm = new DbManager($this->logger());
|
$dbm = new DbManager($this->logger());
|
||||||
$dbm->getManager()->deleteDatabase($result['databasename']);
|
$dbm->getManager()->deleteDatabase($result['databasename']);
|
||||||
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_WARNING, "[API] deleted database '" . $result['databasename'] . "'");
|
|
||||||
Database::needRoot(false);
|
Database::needRoot(false);
|
||||||
// End root-session
|
// End root-session
|
||||||
|
|
||||||
@@ -602,6 +602,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
|||||||
"adminid" => ($this->isAdmin() ? $customer['adminid'] : $this->getUserDetail('adminid')),
|
"adminid" => ($this->isAdmin() ? $customer['adminid'] : $this->getUserDetail('adminid')),
|
||||||
), true, true);
|
), true, true);
|
||||||
|
|
||||||
|
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_WARNING, "[API] deleted database '" . $result['databasename'] . "'");
|
||||||
return $this->response(200, "successfull", $result);
|
return $this->response(200, "successfull", $result);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user