From 5a003c56651eb6fc1b7cb651aab22982250f6447 Mon Sep 17 00:00:00 2001
From: Andy Smith <andy@m0vkg.org.uk>
Date: Fri, 19 Aug 2011 17:12:13 +0100
Subject: [PATCH] Controller work for user functions

---
 application/controllers/api.php     |   2 +
 application/controllers/contest.php |   6 +-
 application/controllers/qso.php     |   6 +-
 application/controllers/user.php    | 112 ++++++++++++++++++++++------
 4 files changed, 100 insertions(+), 26 deletions(-)

diff --git a/application/controllers/api.php b/application/controllers/api.php
index a7e2e03a..d5967245 100644
--- a/application/controllers/api.php
+++ b/application/controllers/api.php
@@ -71,6 +71,8 @@ class API extends CI_Controller {
 		// Load the API and Logbook models
 		$this->load->model('api_model');
 		$this->load->model('logbook_model');
+		$this->load->model('user_model');
+		if(!$this->user_model->authorize(3)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 
 		// Retrieve the arguments from the query string
 		$arguments = $this->_retrieve();
diff --git a/application/controllers/contest.php b/application/controllers/contest.php
index 1026cf93..8c3539f4 100644
--- a/application/controllers/contest.php
+++ b/application/controllers/contest.php
@@ -78,6 +78,8 @@ class Contest extends CI_Controller {
 	
 		// Load database items
 		$this->load->model('contests');
+		$this->load->model('user_model');
+		if(!$this->user_model->authorize(2)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 		$data['templates'] = $this->contests->list_templates();
 		
 		$this->load->helper(array('form', 'url'));
@@ -104,6 +106,8 @@ class Contest extends CI_Controller {
 	*/
 	public function add_template() {
 	
+		$this->load->model('user_model');
+		if(!$this->user_model->authorize(2)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 		$this->load->helper(array('form', 'url'));
 		$this->load->library('form_validation');
 	
@@ -120,4 +124,4 @@ class Contest extends CI_Controller {
 			redirect('contest');
 		}
 	}
-}
\ No newline at end of file
+}
diff --git a/application/controllers/qso.php b/application/controllers/qso.php
index 63ee266e..a47841ed 100644
--- a/application/controllers/qso.php
+++ b/application/controllers/qso.php
@@ -13,6 +13,8 @@ class QSO extends CI_Controller {
 	public function index()
 	{
 		$this->load->model('logbook_model');
+		$this->load->model('user_model');
+		if(!$this->user_model->authorize(2)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 		
 		$data['notice'] = false;
 		
@@ -58,6 +60,8 @@ class QSO extends CI_Controller {
 	function edit() {
 	
 		$this->load->model('logbook_model');
+		$this->load->model('user_model');
+		if(!$this->user_model->authorize(2)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 		$query = $this->logbook_model->qso_info($this->uri->segment(3));
 		
 		$this->load->library('form_validation');
@@ -82,4 +86,4 @@ class QSO extends CI_Controller {
 		}
 		
 	}
-}
\ No newline at end of file
+}
diff --git a/application/controllers/user.php b/application/controllers/user.php
index b9100466..9c0b1350 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -6,6 +6,7 @@ class User extends CI_Controller {
 	public function index()
 	{
 		$this->load->model('user_model');
+		if(!$this->user_model->authorize(99)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 
 		$data['results'] = $this->user_model->users();
 
@@ -16,6 +17,7 @@ class User extends CI_Controller {
 
 	function add() {
 		$this->load->model('user_model');
+		if(!$this->user_model->authorize(99)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 		
 		$this->load->library('form_validation');
 
@@ -41,24 +43,36 @@ class User extends CI_Controller {
 		}
 		else
 		{
-			if($this->user_model->add($this->input->post('user_name'), $this->input->post('user_password'), $this->input->post('user_email'), $this->input->post('user_type'))) {
-				$this->session->set_flashdata('notice', 'User '.$this->input->post('user_name').' added');
-				redirect('user');
-			} else {
-				$this->load->view('layout/header');
-				$this->session->set_flashdata('notice', 'Problem adding user');
-				$data['user_name'] = $this->input->post('user_name');
-				$data['user_email'] = $this->input->post('user_email');
-				$data['user_password'] = $this->input->post('user_password');
-				$data['user_type'] = $this->input->post('user_type');
-				$this->load->view('user/add', $data);
-				$this->load->view('layout/footer');
+			switch($this->user_model->add($this->input->post('user_name'), $this->input->post('user_password'), $this->input->post('user_email'), $this->input->post('user_type'))) {
+				// Check for errors
+				case EUSERNAMEEXISTS:
+					$data['username_error'] = 'Username <b>'.$this->input->post('user_name').'</b> already in use!';
+					break;
+				case EEMAILEXISTS:
+					$data['email_error'] = 'E-mail address <b>'.$this->input->post('user_email').'</b> already in use!';
+					break;
+				case EPASSWORDINVALID:
+					$data['password_error'] = 'Invalid password!';
+					break;
+				// All okay, return to user screen
+				case OK:
+					$this->session->set_flashdata('notice', 'User '.$this->input->post('user_name').' added');
+					redirect('user');
+					return;
 			}
+			$this->load->view('layout/header');
+			$data['user_name'] = $this->input->post('user_name');
+			$data['user_email'] = $this->input->post('user_email');
+			$data['user_password'] = $this->input->post('user_password');
+			$data['user_type'] = $this->input->post('user_type');
+			$this->load->view('user/add', $data);
+			$this->load->view('layout/footer');
 		}
 	}
 
 	function edit() {
 		$this->load->model('user_model');
+		if(!$this->user_model->authorize(99)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
 		$query = $this->user_model->get_by_id($this->uri->segment(3));
 		
 		$this->load->library('form_validation');
@@ -72,14 +86,73 @@ class User extends CI_Controller {
 		if ($this->form_validation->run() == FALSE)
 		{
 			$this->load->view('layout/header');
+			if($this->input->post('user_name'))
+			{
+				$data['user_name'] = $this->input->post('user_name');
+				$data['user_email'] = $this->input->post('user_email');
+				$data['user_password'] = $this->input->post('user_password');
+				$data['user_type'] = $this->input->post('user_type');
+			}
 			$this->load->view('user/edit', $data);
 			$this->load->view('layout/footer');
 		}
 		else
 		{
-			$this->user_model->edit();
-			$this->session->set_flashdata('notice', 'User updated');
-			redirect('user');
+			unset($data);
+			switch($this->user_model->edit($this->input->post('id'), $this->input->post('user_name'), $this->input->post('user_password'), $this->input->post('user_email'), $this->input->post('user_type'))) {
+				// Check for errors
+				case EUSERNAMEEXISTS:
+					$data['username_error'] = 'Username <b>'.$this->input->post('user_name').'</b> already in use!';
+					break;
+				case EEMAILEXISTS:
+					$data['email_error'] = 'E-mail address <b>'.$this->input->post('user_email').'</b> already in use!';
+					break;
+				case EPASSWORDINVALID:
+					$data['password_error'] = 'Invalid password!';
+					break;
+				// All okay, return to user screen
+				case OK:
+					$this->session->set_flashdata('notice', 'User '.$this->input->post('user_name').' edited');
+					redirect('user');
+					return;
+			}
+			$this->load->view('layout/header');
+			$data['user_name'] = $this->input->post('user_name');
+			$data['user_email'] = $this->input->post('user_email');
+			$data['user_password'] = $this->input->post('user_password');
+			$data['user_type'] = $this->input->post('user_type');
+			$this->load->view('user/edit', $data);
+			$this->load->view('layout/footer');
+		}
+	}
+
+	function delete() {
+		$this->load->model('user_model');
+		if(!$this->user_model->authorize(99)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
+		$query = $this->user_model->get_by_id($this->uri->segment(3));
+
+		$this->load->library('form_validation');
+
+		$this->form_validation->set_rules('id', 'user_id', 'required');
+
+		$data = $query->row();
+
+		if ($this->form_validation->run() == FALSE)
+		{
+			$this->load->view('layout/header');
+			$this->load->view('user/delete', $data);
+			$this->load->view('layout/footer');
+		}
+		else
+		{
+			if($this->user_model->delete($data->user_id))
+			{
+				$this->session->set_flashdata('notice', 'User deleted');
+				redirect('user');
+			} else {
+				$this->session->set_flashdata('notice', '<b>Database error:</b> Could not delete user!');
+				redirect('user');
+			}
 		}
 	}
 
@@ -123,13 +196,4 @@ class User extends CI_Controller {
 		$this->session->set_flashdata('notice', 'User '.$user_name.' logged out.');
 		redirect('dashboard');
 	}
-
-	/*
-	function delete($id) {
-		$this->load->model('note');
-		$this->note->delete($id);
-		
-		redirect('notes');
-	}
-*/
 }