Odyssey
userSupportDelete.prg
1 <?php
2 /**
3  * @package UserSupport (Subpackage delete)
4  * @author SPB
5  *
6  * This script is run when the user opens up the delete card in the user hub. It cannot be run independently of that.
7  */
8 
9 $string = array("filter" => HCUFILTER_INPUT_STRING);
10 $parameters = array("a" => array("operation" => "", "payload" => ""));
11 HCU_ImportVars($parameters, "a", array("operation" => $string, "payload" => $string));
12 extract($parameters["a"]);
13 
14 $operation = !isset($operation) ? "" : trim($operation);
15 $payload = !isset($payload) ? "" : trim($payload);
16 
17 $userId = null;
18 try { $userId = HCU_PayloadDecode($Cu, $payload); } catch(exception $e) {}
19 $userId = isset($userId) ? $userId["user_id"] : null;
20 $showSQL = $SYSENV["devmode"];
21 
22 if ($operation != "") {
23  if (isset($userId)) {
24  switch($operation) {
25  case "deleteUser":
26  $returnArray = deleteUser($dbh, $Cu, $userId, $Cn);
27  break;
28  default: // Won't get here
29  $returnArray = array("error" => array("Operation not specified: '$operation'"), "record" => array(), "sql" => array());
30  }
31  } else {
32  $returnArray = array("error" => "No User Found", "record" => array(), "sql" => array());
33  }
34 
35  header('Content-type: application/json');
36  if (!$showSQL) {
37  unset($returnArray["sql"]);
38  }
39  print HCU_JsonEncode($returnArray);
40 } else {
41  if (isset($userId)) {
42  $isPrimary = getIsPrimary($dbh, $Cu, $userId);
43  $isPrimary = $isPrimary["code"] == 0 ? $isPrimary["isPrimary"] : false;
44  printPage("$menu_link?ft=$ft", $userId, $isPrimary, "$menu_link?ft=22", $payload);
45  } else { ?>
46  <div class='noUserFound'><div>No User Found</div></div>
47  <?php }
48 }
49 
50 /**
51  * function getIsPrimary($dbh, $Cu, $userId)
52  * This will get information to see if deleting the primary user. If so there will be a different text and confirmation message.
53  *
54  * @param $dbh -- the database connection
55  * @param $Cu -- the credit union
56  * @param $userId -- the user id to delete
57  *
58  * @return "error" -- the last error encountered or empty array, "code" -- zero if successful, non-zero if not, "isPrimary" -- true if primary, false if not.
59  */
60 function getIsPrimary($dbh, $Cu, $userId) {
61  $sqls = array();
62  try {
63  $sql = "select is_group_primary from ${Cu}user where user_id = $userId";
64  $sqls[] = $sql;
65  $sth = db_query($sql, $dbh);
66  if (!$sth) {
67  throw new exception("Select query failed.", 1);
68  }
69  if (db_num_rows($sth) == 0) {
70  throw new exception("User not found.", 2);
71  }
72  $isPrimary = trim(db_fetch_row($sth, 0)[0]) == "t";
73  } catch(exception $e) {
74  return array("error" => array($e->getMessage()), "code" => $e->getCode());
75  }
76  return array("error" => array(), "code" => 0, "isPrimary" => $isPrimary);
77 }
78 
79 /**
80  * function createHighLevelDeleteAuditRecord($dbh, $Cu, $Cn, $userId, $shortCode, $longDescription, &$sqls, &$email)
81  * Creates an audit record with no before and after.
82  *
83  * @param $dbh -- the database connection
84  * @param $Cu -- the credit union
85  * @param $Cn -- the logged in user
86  * @param $userId -- the user id
87  * @param $shortCode -- the identifying code
88  * @param $longDescription -- the full description
89  * @param $sqls -- the array to append SQLs to
90  * @param $email -- get/set email
91  * @param $before -- before to use
92  *
93  * @throws between 100 and 200 which will fail the transaction at the higher level.
94  */
95 function createHighLevelDeleteAuditRecord($dbh, $Cu, $Cn, $userId, $shortCode, $longDescription, &$sqls, &$email, $before) {
96  if (!isset($email) || trim($email) == "") {
97  $sql = "select email from cuadminusers where user_name = '$Cn' and cu = '$Cu'";
98  $sqls[] = $sql;
99  $sth = db_query($sql, $dbh);
100  if (!$sth) {
101  throw new exception("email query failed.", 105);
102  }
103  $email = trim(db_fetch_row($sth)[0]);
104  }
105 
106  $context = "admin";
107  $script = "userSupportDelete.prg";
108  $addr = trim($_SERVER["REMOTE_ADDR"]);
109  $vars = array("cu" => $Cu);
110 
111  $auditRecord = SetAuditRecord($dbh, array("cu" => $Cu), null, $userId, $shortCode, "admin", "userSupportDelete.prg", "A", $longDescription, $Cn, $email,
112  trim($_SERVER["REMOTE_ADDR"]), $before, null);
113  if ($auditRecord["code"] != "000") {
114  throw new exception("Audit record creation failed.", 104);
115  }
116 }
117 
118 /**
119  * function deleteOption4($dbh, $Cu, $userId, $accountnumber, $Cn)
120  * This is what happens when you specify the fourth option.
121  *
122  * @param $dbh -- the database connection
123  * @param $Cu -- the credit union
124  * @param $userId -- the userId
125  * @param $Cn -- the logged in user
126  *
127  * @return "error: array of one if not successful, array of zero if successful
128  * "code": 0 if successful, nonzero if not successful
129  * "sql": any SQL used
130  */
131 function deleteUser($dbh, $Cu, $userId, $Cn) {
132  $sqls = array();
133  try {
134  if (!isset($userId) || !is_numeric($userId) || $userId <= 0) {
135  throw new exception("UserId must be set to a valid number.", 3);
136  }
137 
138  $sql = "select u.group_id, u.is_group_primary, u.user_name, g.group_name from ${Cu}user u
139  inner join ${Cu}group g on u.group_id = g.group_id where u.user_id = $userId";
140  $sqls[] = $sql;
141  $sth = db_query($sql, $dbh);
142  if (!$sth) {
143  throw new exception("select query failed.", 4);
144  }
145  $row = db_fetch_assoc($sth, 0);
146  $groupId = isset($row["group_id"]) ? intval($row["group_id"]) : 0;
147  $isPrimary = !isset($row["is_group_primary"]) ? false : trim($row["is_group_primary"]) == "t";
148  $username = trim($row["user_name"]);
149  $groupname = trim($row["group_name"]);
150 
151  $nonPrimaryUsers = array();
152  $accounts = array(); // in most cases, this will be only one.
153  if ($isPrimary) {
154  $sql = "select user_id, user_name from ${Cu}user where group_id = $groupId and user_id <> $userId";
155  $sqls[] = $sql;
156  $sth = db_query($sql, $dbh);
157  if (!$sth) {
158  throw new exception("non primary query failed.", 5);
159  }
160  for($i = 0; $row = db_fetch_row($sth, $i); $i++) {
161  $nonPrimaryUsers[] = $row;
162  }
163 
164  $sql = "select distinct accountnumber from ${Cu}useraccounts where user_id = $userId";
165  $sqls[] = $sql;
166  $sth = db_query($sql, $dbh);
167  if (!$sth) {
168  throw new exception("distinct accountnumber query failed.", 6);
169  }
170  for($i = 0; $row = db_fetch_row($sth, $i); $i++) {
171  $accounts[] = trim($row[0]);
172  }
173  }
174 
175  $sql = "begin work";
176  $sqls[] = $sql;
177  $sth = db_query($sql, $dbh);
178  if (!$sth) {
179  throw new exception("Begin work failed.", 134);
180  }
181 
182  if ($isPrimary) {
183  foreach($nonPrimaryUsers as $nonPrimaryUserRow) {
184  $nonPrimaryUser = trim($nonPrimaryUserRow[0]);
185  userDeletion($dbh, $Cu, $nonPrimaryUser, $sqls);
186  $before = HCU_JsonEncode(array("deldata" => array("user_name" => $nonPrimaryUserRow[1])));
187  createHighLevelDeleteAuditRecord($dbh, $Cu, $Cn, $nonPrimaryUser, "U_DEL_U", "User Login Deleted", $sqls, $email, $before);
188  }
189  }
190 
191  userDeletion($dbh, $Cu, $userId, $sqls);
192  $before = HCU_JsonEncode(array("deldata" => array("user_name" => $username)));
193  createHighLevelDeleteAuditRecord($dbh, $Cu, $Cn, $userId, "U_DEL_U", "User Login Deleted", $sqls, $email, $before);
194 
195  if ($isPrimary) {
196  groupDeletion($dbh, $Cu, $groupId, $sqls);
197  $before = HCU_JsonEncode(array("deldata" => array("group_name" => $groupname, "user_name" => $username)));
198  createHighLevelDeleteAuditRecord($dbh, $Cu, $Cn, $userId, "U_DEL_G", "Group Deleted", $sqls, $email, $before);
199 
200  foreach ($accounts as $accountnumber) {
201  if (checkAccountUsage($dbh, $Cu, $userId, $accountnumber, $sqls)) {
202  accountDeletion($dbh, $Cu, $accountnumber, $sqls);
203  $before = HCU_JsonEncode(array("deldata" => array("accountnumber" => $accountnumber, "user_name" => $username)));
204  createHighLevelDeleteAuditRecord($dbh, $Cu, $Cn, $userId, "U_DEL_A", "Account Deleted", $sqls, $email, $before);
205  }
206  }
207  }
208 
209  $sql = "commit work";
210  $sqls[] = $sql;
211  $sth = db_query($sql, $dbh);
212  if (!$sth) {
213  throw new exception("commit work failed.", 135);
214  }
215  } catch (exception $e) {
216  if ($e->getCode() >= 100) {
217  $sql = "rollback work";
218  $sqls[] = $sql;
219  db_query($sql, $dbh); // Got greater problems if this fails.
220  return array("error" => array("Deletion was not successful."), "code" => 101, "sql" => $sqls);
221  }
222  return array("error" => array($e->getMessage()), "code" => $e->getCode(), "sql" => $sqls);
223  }
224  return array("error" => array(), "code" => 0, "sql" => $sqls);
225 }
226 
227 /**
228  * function printPage($self, $userId, $primaryAccount)
229  * This function will print out the delete card.
230  *
231  * @param $self -- the URL of this script
232  * @param $userId -- the userID
233  * @param $primaryUser -- true if primary user
234  * @param $userReset -- the URL of the user hub without a selected user
235  * @param $payload -- the payload to send the data calls
236  */
237 function printPage($self, $userId, $primaryUser, $userReset, $payload) { ?>
238  <script type="text/javascript">
239  //# sourceURL=delete.js
240 
241  <?php
242  /**
243  * function init()
244  * This will initialize the card which is miminal
245  */
246  ?>
247  function init() {
248  $.homecuValidator.setup({formValidate: "deleteDiv", formStatusField: "formValidateDiv"});
249  $("#externalTabWindow").data("preferredHeight", "auto");
250  $(".deleteDiv").on("click", ".cancelBtn", function() {
251  postPostPostPost();
252  return false;
253  });
254 
255  $(".deleteDiv").on("click", ".deleteBtn", function() {
256  openConfirm();
257  return false;
258  });
259  }
260 
261  <?php
262  /**
263  * function openFailDialog(errors, title)
264  * This one would open a dialog with an error message.
265  *
266  * @param errors -- the errors (Will be put in the body.)
267  * @param title -- the title of this dialog.
268  */
269  ?>
270  function openFailDialog(errors, title) {
271  var failDialog = $("#failDialog").data("kendoDialog");
272  if (failDialog == null) {
273  failDialog = $("<div id='failDialog'></div>").appendTo("body").kendoDialog({
274  actions: [
275  {text: "Okay"}
276  ],
277  open: function() {
278  if (window.activeWindows != null) {
279  window.activeWindows.push(this);
280  }
281  },
282  close: function() {
283  if (window.activeWindows != null) {
284  window.activeWindows.pop();
285  }
286  },
287  visible: false,
288  modal: true,
289  width: 300
290  }).data("kendoDialog");
291  }
292 
293  var content = errors == null ? "" : (typeof(errors) == "string" ? errors.trim() : (errors.length <=1 ? errors.join("").trim() : "<ul><li>" + errors.join("</li><li>") + "</li></ul>"));
294  failDialog.title(title).content(content).open();
295  }
296 
297  <?php
298  /**
299  * function openConfirm()
300  * This opens up the confirmation message.
301  */
302  ?>
303  function openConfirm() {
304  var confirmDialog = $("#confirmDeleteDialog").data("kendoDialog");
305 
306  if (confirmDialog == null) {
307  <?php if ($primaryUser) { ?>
308 
309  var content = "";
310  content += "<p>This user is a group primary user.</p>";
311  content += "<p>Deleting this user will result in the following:</p>";
312  content += "<ul style=\"margin-left: 15px;\"><li>Delete primary user</li><li>Delete group</li><li>Delete all other users in the group</li>"
313  content += "<li>Delete the primary user's account(s) if no other users reference the account(s)</li></ul>";
314  content += "<p>Do you wish to continue?</p>";
315 
316  <?php } else { ?>
317 
318  var content = "<p>You are about to delete this user.</p><p>Do you wish to continue?</p>";
319 
320  <?php } ?>
321 
322  confirmDialog = $("<div id='confirmDeleteDialog'></div>").appendTo("body").kendoDialog({
323  content: content,
324  actions: [{text: "No"}, {text: "Yes", primary: true, action: function() {
325  confirmDialog.close();
326  showWaitWindow();
327  $.post("<?php echo $self; ?>&operation=deleteUser", {payload: "<?php echo $payload; ?>"}, function(data) {
328  hideWaitWindow();
329  if (data.error.length > 0) {
330  $.homecuValidator.displayMessage(data.error, $.homecuValidator.settings.statusError );
331  } else {
332  window.location.href= "<?php echo $userReset; ?>";
333  }
334  });
335  return false;
336  }}],
337  visible: false,
338  open: function() {
339  if (window.activeWindows != null) {
340  window.activeWindows.push(this);
341  }
342  },
343  close: function() {
344  if (window.activeWindows != null) {
345  window.activeWindows.pop();
346  }
347  },
348  title: "Confirm User Removal",
349  visible: false,
350  modal: true,
351  minWidth: 300
352  }).data("kendoDialog");
353  }
354  confirmDialog.open();
355  }
356 
357  <?php
358  /**
359  * function postPostPostPost()
360  * This obviously happens after everything else.
361  */
362  ?>
363  function postPostPostPost() {
364  $("#externalTabWindow").data("isClosing", true);
365  $("#externalTabWindow").data("kendoWindow").close();
366  $("#externalTabWindow").data("isClosing", false);
367  }
368 
369  init();
370 
371  </script>
372  <div class="container hcu-all-100 deleteDiv vsgPrimary hcu-template" id="deleteDiv">
373  <div class="row notificationRow hcuSpacer"></div>
374  <div class="row">
375  <div id="formValidateDiv" class="k-block k-error-colored formValidateDiv" style="display:none"></div>
376  </div>
377  <div class="row">
378  <?php echo $primaryUser ? "Delete this primary user, all users in the group, the group, and the account if no more users reference the account."
379  : "Delete this non-primary user."; ?>
380  </div>
381  <div class="hcu-edit-buttons k-state-default row">
382  <a class="cancelBtn" href="#">Cancel</a>&nbsp;&nbsp;&nbsp;<a class="deleteBtn k-button k-primary" href="#"><i class="fa fa-trash"></i>Delete</a>
383  </div>
384  </div>
385 <?php }
User
Definition: User.php:7
Generated by   doxygen 1.8.15