From c93e2678f755714bc857a53f157b198d57f03df7 Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Thu, 22 Feb 2018 10:47:14 +0100
Subject: [PATCH] make Customers::update() also work with loginname as an
 alternative to the id

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
---
 lib/classes/api/commands/class.Admins.php    | 39 ++++++++++++++++++--
 lib/classes/api/commands/class.Customers.php | 34 +++++++++++++----
 2 files changed, 61 insertions(+), 12 deletions(-)

diff --git a/lib/classes/api/commands/class.Admins.php b/lib/classes/api/commands/class.Admins.php
index 65d53782..9d23534f 100644
--- a/lib/classes/api/commands/class.Admins.php
+++ b/lib/classes/api/commands/class.Admins.php
@@ -95,7 +95,7 @@ class Admins extends ApiCommand implements ResourceEntity
 	 * delete a admin entry by either id or loginname
 	 *
 	 * @param int $id
-	 *        	optional, the customer-id
+	 *        	optional, the admin-id
 	 * @param string $loginname
 	 *        	optional, the loginname
 	 * @param bool $delete_userfiles
@@ -109,15 +109,46 @@ class Admins extends ApiCommand implements ResourceEntity
 	}
 
 	/**
-	 * unlock a locked admin by id
+	 * unlock a locked admin by either id or loginname
 	 *
 	 * @param int $id
-	 *        	customer-id
-	 *        	
+	 *        	optional, the admin-id
+	 * @param string $loginname
+	 *        	optional, the loginname
+	 *
 	 * @throws Exception
 	 * @return array
 	 */
 	public function unlock()
 	{
+		if ($this->isAdmin()) {
+			$id = $this->getParam('id', true, 0);
+			$ln_optional = ($id <= 0 ? false : true);
+			$loginname = $this->getParam('loginname', $ln_optional, '');
+
+			if ($id <= 0 && empty($loginname)) {
+				throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
+			}
+
+			$json_result = Admins::getLocal($this->getUserData(), array(
+				'id' => $id,
+				'loginname' => $loginname
+			))->get();
+			$result = json_decode($json_result, true)['data'];
+			$id = $result['adminid'];
+
+			$result_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_ADMINS . "` SET
+				`loginfail_count` = '0'
+				WHERE `adminid`= :id
+			");
+			Database::pexecute($result_stmt, array(
+				'id' => $id
+			), true, true);
+
+			$this->logger()->logAction(ADM_ACTION, LOG_WARNING, "[API] unlocked admin '" . $result['loginname'] . "'");
+			return $this->response(200, "successfull", $result);
+		}
+		throw new Exception("Not allowed to execute given command.", 403);
 	}
 }
diff --git a/lib/classes/api/commands/class.Customers.php b/lib/classes/api/commands/class.Customers.php
index 015a09c5..4aeadf28 100644
--- a/lib/classes/api/commands/class.Customers.php
+++ b/lib/classes/api/commands/class.Customers.php
@@ -646,12 +646,20 @@ class Customers extends ApiCommand implements ResourceEntity
 	public function update()
 	{
 		if ($this->isAdmin()) {
-			$id = $this->getParam('id');
-			
+			$id = $this->getParam('id', true, 0);
+			$ln_optional = ($id <= 0 ? false : true);
+			$loginname = $this->getParam('loginname', $ln_optional, '');
+
+			if ($id <= 0 && empty($loginname)) {
+				throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
+			}
+
 			$json_result = Customers::getLocal($this->getUserData(), array(
-				'id' => $id
+				'id' => $id,
+				'loginname' => $loginname
 			))->get();
 			$result = json_decode($json_result, true)['data'];
+			$id = $result['customerid'];
 			
 			// parameters
 			$move_to_admin = intval_ressource($this->getParam('move_to_admin', true, 0));
@@ -1354,10 +1362,12 @@ class Customers extends ApiCommand implements ResourceEntity
 	}
 
 	/**
-	 * unlock a locked customer by id
+	 * unlock a locked customer by either id or loginname
 	 *
 	 * @param int $id
-	 *        	customer-id
+	 *        	optional, the customer-id
+	 * @param string $loginname
+	 *        	optional, the loginname
 	 *        	
 	 * @throws Exception
 	 * @return array
@@ -1365,12 +1375,20 @@ class Customers extends ApiCommand implements ResourceEntity
 	public function unlock()
 	{
 		if ($this->isAdmin()) {
-			$id = $this->getParam('id');
-			
+			$id = $this->getParam('id', true, 0);
+			$ln_optional = ($id <= 0 ? false : true);
+			$loginname = $this->getParam('loginname', $ln_optional, '');
+
+			if ($id <= 0 && empty($loginname)) {
+				throw new Exception("Either 'id' or 'loginname' parameter must be given", 406);
+			}
+
 			$json_result = Customers::getLocal($this->getUserData(), array(
-				'id' => $id
+				'id' => $id,
+				'loginname' => $loginname
 			))->get();
 			$result = json_decode($json_result, true)['data'];
+			$id = $result['customerid'];
 			
 			$result_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET