1<?php 2 3/* 4 * vim:set softtabstop=4 shiftwidth=4 expandtab: 5 * 6 * LICENSE: GNU Affero General Public License, version 3 (AGPL-3.0-or-later) 7 * Copyright 2001 - 2020 Ampache.org 8 * 9 * This program is free software: you can redistribute it and/or modify 10 * it under the terms of the GNU Affero General Public License as published by 11 * the Free Software Foundation, either version 3 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU Affero General Public License for more details. 18 * 19 * You should have received a copy of the GNU Affero General Public License 20 * along with this program. If not, see <https://www.gnu.org/licenses/>. 21 * 22 */ 23 24declare(strict_types=0); 25 26namespace Ampache\Module\Api\Method; 27 28use Ampache\Config\AmpConfig; 29use Ampache\Repository\Model\Preference; 30use Ampache\Repository\Model\User; 31use Ampache\Module\Api\Api; 32use Ampache\Module\Authorization\Access; 33use Ampache\Module\System\Session; 34use Ampache\Module\User\UserStateTogglerInterface; 35use Ampache\Module\Util\Mailer; 36 37/** 38 * Class UserUpdateMethod 39 * @package Lib\ApiMethods 40 */ 41final class UserUpdateMethod 42{ 43 private const ACTION = 'user_update'; 44 45 /** 46 * user_update 47 * MINIMUM_API_VERSION=400001 48 * 49 * Update an existing user. 50 * Takes the username with optional parameters. 51 * 52 * @param array $input 53 * username = (string) $username 54 * password = (string) hash('sha256', $password)) //optional 55 * fullname = (string) $fullname //optional 56 * email = (string) $email //optional 57 * website = (string) $website //optional 58 * state = (string) $state //optional 59 * city = (string) $city //optional 60 * disable = (integer) 0,1 true to disable, false to enable //optional 61 * maxbitrate = (integer) $maxbitrate //optional 62 * @return boolean 63 */ 64 public static function user_update(array $input) 65 { 66 if (!Api::check_access('interface', 100, User::get_from_username(Session::username($input['auth']))->id, self::ACTION, $input['api_format'])) { 67 return false; 68 } 69 if (!Api::check_parameter($input, array('username'), self::ACTION)) { 70 return false; 71 } 72 $username = $input['username']; 73 $fullname = $input['fullname']; 74 $email = $input['email']; 75 $website = $input['website']; 76 $password = $input['password']; 77 $state = $input['state']; 78 $city = $input['city']; 79 $disable = $input['disable']; 80 $maxbitrate = $input['maxbitrate']; 81 82 // identify the user to modify 83 $user = User::get_from_username($username); 84 $user_id = $user->getId(); 85 86 if ($password && Access::check('interface', 100, $user_id)) { 87 /* HINT: Requested object string/id/type ("album", "myusername", "some song title", 1298376) */ 88 Api::error(sprintf(T_('Bad Request: %s'), $username), '4710', self::ACTION, 'system', $input['api_format']); 89 90 return false; 91 } 92 93 $userStateToggler = static::getUserStateToggler(); 94 95 if ($user_id > 0) { 96 if ($password && !AmpConfig::get('simple_user_mode')) { 97 $user->update_password('', $password); 98 } 99 if ($fullname) { 100 $user->update_fullname($fullname); 101 } 102 if (Mailer::validate_address($email)) { 103 $user->update_email($email); 104 } 105 if ($website) { 106 $user->update_website($website); 107 } 108 if ($state) { 109 $user->update_state($state); 110 } 111 if ($city) { 112 $user->update_city($city); 113 } 114 if ($disable === '1') { 115 $userStateToggler->disable($user); 116 } elseif ($disable === '0') { 117 $userStateToggler->enable($user); 118 } 119 if ((int) $maxbitrate > 0) { 120 Preference::update('transcode_bitrate', $user_id, $maxbitrate); 121 } 122 Api::message('successfully updated: ' . $username, $input['api_format']); 123 124 return true; 125 } 126 /* HINT: Requested object string/id/type ("album", "myusername", "some song title", 1298376) */ 127 Api::error(sprintf(T_('Bad Request: %s'), $username), '4710', self::ACTION, 'system', $input['api_format']); 128 Session::extend($input['auth']); 129 130 return false; 131 } 132 133 /** 134 * @deprecated Inject by constructor 135 */ 136 private static function getUserStateToggler(): UserStateTogglerInterface 137 { 138 global $dic; 139 140 return $dic->get(UserStateTogglerInterface::class); 141 } 142} 143