1<?php
2/*
3** Zabbix
4** Copyright (C) 2001-2021 Zabbix SIA
5**
6** This program is free software; you can redistribute it and/or modify
7** it under the terms of the GNU General Public License as published by
8** the Free Software Foundation; either version 2 of the License, or
9** (at your option) any later version.
10**
11** This program is distributed in the hope that it will be useful,
12** but WITHOUT ANY WARRANTY; without even the implied warranty of
13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14** GNU General Public License for more details.
15**
16** You should have received a copy of the GNU General Public License
17** along with this program; if not, write to the Free Software
18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19**/
20
21
22/**
23 * Class containing operations with user profile edit form.
24 */
25class CControllerUserProfileEdit extends CControllerUserEditGeneral {
26
27	protected function checkInput() {
28		$locales = array_keys(getLocales());
29		$locales[] = LANG_DEFAULT;
30		$themes = array_keys(APP::getThemes());
31		$themes[] = THEME_DEFAULT;
32
33		$fields = [
34			'change_password' =>	'in 1',
35			'password1' =>			'string',
36			'password2' =>			'string',
37			'lang' =>				'db users.lang|in '.implode(',', $locales),
38			'timezone' =>			'db users.timezone|in '.implode(',', array_keys($this->timezones)),
39			'theme' =>				'db users.theme|in '.implode(',', $themes),
40			'autologin' =>			'db users.autologin|in 0,1',
41			'autologout' =>			'db users.autologout',
42			'refresh' =>			'db users.refresh',
43			'rows_per_page' =>		'db users.rows_per_page',
44			'url' =>				'db users.url',
45			'messages' =>			'array',
46			'form_refresh' =>		'int32'
47		];
48
49		if (CWebUser::$data['type'] > USER_TYPE_ZABBIX_USER) {
50			$fields += [
51				'medias' =>			'array',
52				'new_media' =>		'array',
53				'enable_media' =>	'int32',
54				'disable_media' =>	'int32'
55			];
56		}
57
58		$ret = $this->validateInput($fields);
59
60		if (!$ret) {
61			$this->setResponse(new CControllerResponseFatal());
62		}
63
64		return $ret;
65	}
66
67	protected function checkPermissions() {
68		if (CWebUser::isGuest() || !CWebUser::isLoggedIn()) {
69			return false;
70		}
71
72		$users = API::User()->get([
73			'output' => ['username', 'name', 'surname', 'lang', 'theme', 'autologin', 'autologout', 'refresh',
74				'rows_per_page', 'url', 'timezone'
75			],
76			'selectMedias' => (CWebUser::$data['type'] > USER_TYPE_ZABBIX_USER)
77				? ['mediatypeid', 'period', 'sendto', 'severity', 'active']
78				: null,
79			'userids' => CWebUser::$data['userid'],
80			'editable' => true
81		]);
82
83		if (!$users) {
84			return false;
85		}
86
87		$this->user = $users[0];
88
89		return true;
90	}
91
92	/**
93	 * Set user medias if user is at least admin and set messages in data.
94	 */
95	protected function doAction() {
96
97		$data = [
98			'userid' => CWebUser::$data['userid'],
99			'username' => $this->user['username'],
100			'name' => $this->user['name'],
101			'surname' => $this->user['surname'],
102			'change_password' => $this->hasInput('change_password') || $this->hasInput('password1'),
103			'password1' => '',
104			'password2' => '',
105			'lang' => $this->user['lang'],
106			'timezone' => $this->user['timezone'],
107			'timezones' => $this->timezones,
108			'theme' => $this->user['theme'],
109			'autologin' => $this->user['autologin'],
110			'autologout' => $this->user['autologout'],
111			'refresh' => $this->user['refresh'],
112			'rows_per_page' => $this->user['rows_per_page'],
113			'url' => $this->user['url'],
114			'messages' => $this->getInput('messages', []) + getMessageSettings(),
115			'form_refresh' => 0,
116			'action' => $this->getAction()
117		];
118
119		if (CWebUser::$data['type'] > USER_TYPE_ZABBIX_USER) {
120			$data['medias'] = $this->user['medias'];
121		}
122
123		// Overwrite with input variables.
124		$this->getInputs($data, ['password1', 'password2', 'lang', 'timezone', 'theme', 'autologin', 'autologout',
125			'refresh', 'rows_per_page', 'url', 'form_refresh'
126		]);
127
128		if (CWebUser::$data['type'] > USER_TYPE_ZABBIX_USER) {
129			if ($data['form_refresh'] != 0) {
130				$data['medias'] = $this->getInput('medias', []);
131			}
132
133			$data = $this->setUserMedias($data);
134		}
135
136		$response = new CControllerResponseData($data);
137		$response->setTitle(_('User profile'));
138		$this->setResponse($response);
139	}
140}
141