DB IO add flag to ignore not existing on cache reset, and ignore in ACL Login

in the ACL login cache reset, set flag to ignore unset query data
ACL Login add page information and lookup
2025-04-16 17:42:09 +09:00 · 2025-04-15 18:38:14 +09:00 · 2025-04-15 17:51:32 +09:00
5 changed files with 49 additions and 6 deletions
--- a/4dev/tests/ACL/CoreLibsACLLoginTest.php
+++ b/4dev/tests/ACL/CoreLibsACLLoginTest.php
@@ -12,6 +12,8 @@ Not yet covered tests:
 - loginGetLocale
 - loginGetHeaderColor
 - loginGetPages
 - loginGetPageLookupList
 - loginPageAccessAllowed
 - loginGetEuid
 */
--- a/www/admin/class_test.login.php
+++ b/www/admin/class_test.login.php
@@ -127,6 +127,12 @@ if (isset($login->loginGetAcl()['unit'])) {
 // IP check: 'REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'CLIENT_IP' in _SERVER
 // Agent check: 'HTTP_USER_AGENT'
 print "<hr>";
 print "PAGE lookup:<br>";
 $file_name = 'test_edit_base.php';
 print "Access to '$file_name': " . $log->prAr($login->loginPageAccessAllowed($file_name)) . "<br>";
 $file_name = 'i_do_not_exists.php';
 print "Access to '$file_name': " . $log->prAr($login->loginPageAccessAllowed($file_name)) . "<br>";
 echo "<hr>";
 print "SESSION: " . Support::printAr($_SESSION) . "<br>";
--- a/www/lib/CoreLibs/ACL/Login.php
+++ b/www/lib/CoreLibs/ACL/Login.php
@@ -924,7 +924,9 @@ class Login
 		$mandatory_session_vars = [
 			'LOGIN_USER_NAME', 'LOGIN_GROUP_NAME', 'LOGIN_EUCUID', 'LOGIN_EUCUUID',
 			'LOGIN_USER_ADDITIONAL_ACL', 'LOGIN_GROUP_ADDITIONAL_ACL',
-			'LOGIN_ADMIN', 'LOGIN_GROUP_ACL_LEVEL', 'LOGIN_PAGES_ACL_LEVEL', 'LOGIN_USER_ACL_LEVEL',
+			'LOGIN_ADMIN', 'LOGIN_GROUP_ACL_LEVEL',
 			'LOGIN_PAGES', 'LOGIN_PAGES_LOOKUP', 'LOGIN_PAGES_ACL_LEVEL',
 			'LOGIN_USER_ACL_LEVEL',
 			'LOGIN_UNIT', 'LOGIN_UNIT_DEFAULT_EACUID'
 		];
 		$force_reauth = false;
@@ -1152,7 +1154,7 @@ class Login
 			$q
 		);
 		// reset any query data that might exist
-		$this->db->dbCacheReset($q, $params);
+		$this->db->dbCacheReset($q, $params, show_warning:false);
 		// never cache return data
 		$res = $this->db->dbReturnParams($q, $params, $this->db::NO_CACHE);
 		// query was not run successful
@@ -1264,6 +1266,7 @@ class Login
 		}
 		$edit_page_ids = [];
 		$pages = [];
 		$pages_lookup = [];
 		$pages_acl = [];
 		// set pages access
 		$q = <<<SQL
@@ -1307,6 +1310,7 @@ class Login
 				'query' => [],
 				'visible' => []
 			];
 			$pages_lookup[$res['filename']] = $res['cuid'];
 			// make reference filename -> level
 			$pages_acl[$res['filename']] = $res['level'];
 		} // for each page
@@ -1367,6 +1371,7 @@ class Login
 		// write back the pages data to the output array
 		$this->session->setMany([
 			'LOGIN_PAGES' => $pages,
 			'LOGIN_PAGES_LOOKUP' => $pages_lookup,
 			'LOGIN_PAGES_ACL_LEVEL' => $pages_acl,
 		]);
 		// load the edit_access user rights
@@ -1526,6 +1531,8 @@ class Login
 		) {
 			$this->acl['page'] = $_SESSION['LOGIN_PAGES_ACL_LEVEL'][$this->page_name];
 		}
 		$this->acl['pages_detail'] = $_SESSION['LOGIN_PAGES'];
 		$this->acl['pages_lookup_cuid'] = $_SESSION['LOGIN_PAGES_LOOKUP'];
 		$this->acl['unit_cuid'] = null;
 		$this->acl['unit_name'] = null;
@@ -2728,6 +2735,31 @@ HTML;
 		return $this->session->get('LOGIN_PAGES');
 	}
 	/**
 	 * Return the current loaded list of pages the user can access
 	 *
 	 * @return array<mixed>
 	 */
 	public function loginGetPageLookupList(): array
 	{
 		return $this->session->get('LOGIN_PAGES_LOOKUP');
 	}
 	/**
 	 * Check access to a file in the pages list
 	 *
 	 * @param  string $filename File name to check
 	 * @return bool             True if page in list and anything other than None access, False if failed
 	 */
 	public function loginPageAccessAllowed(string $filename): bool
 	{
 		return (
 			$this->session->get('LOGIN_PAGES')[
 				$this->session->get('LOGIN_PAGES_LOOKUP')[$filename] ?? ''
 			] ?? 0
 		) != 0 ? true : false;
 	}
 	// MARK: logged in uid(pk)/eucuid/eucuuid
 	/**
--- a/www/lib/CoreLibs/DB/IO.php
+++ b/www/lib/CoreLibs/DB/IO.php
@@ -2942,12 +2942,14 @@ class IO
 	 *                              data to create a unique call one, optional
 	 * @return bool                 False if query not found, true if success
 	 */
-	public function dbCacheReset(string $query, array $params = []): bool
+	public function dbCacheReset(string $query, array $params = [], bool $show_warning = true): bool
 	{
 		$this->__dbErrorReset();
 		$query_hash = $this->dbBuildQueryHash($query, $params);
 		// clears cache for this query
-		if (empty($this->cursor_ext[$query_hash]['query'])) {
+		if (
 			$show_warning &&
 			empty($this->cursor_ext[$query_hash]['query'])
 		) {
 			$this->__dbWarning(18, context: [
 				'query' => $query,
 				'params' => $params,
--- a/www/lib/CoreLibs/Output/Form/TableArrays/EditUsers.php
+++ b/www/lib/CoreLibs/Output/Form/TableArrays/EditUsers.php
@@ -50,7 +50,8 @@ class EditUsers implements Interface\TableArraysInterface
 					'HIDDEN_value' => $_POST['HIDDEN_password'] ?? '',
 					'CONFIRM_value' => $_POST['CONFIRM_password'] ?? '',
 					'output_name' => 'Password',
-					'mandatory' => 1,
+					// make it not mandatory to create dummy accounts that can only login via login url id
 					'mandatory' => 0,
 					'type' => 'password', // later has to be password for encryption in database
 					'update' => [ // connected field updates, and update data
 						'password_change_date' => [ // db row to update
Author	SHA1	Message	Date
Clemens Schwaighofer	8134da349f	DB IO add flag to ignore not existing on cache reset, and ignore in ACL Login in the ACL login cache reset, set flag to ignore unset query data	2025-04-16 17:42:09 +09:00
Clemens Schwaighofer	8396f7856b	ACL Login add page information and lookup Add the full page information and a new file name to cuid lookup to the acl array. Add a new method to check if a page name is in the list of pages that can be accessed by the user.	2025-04-15 18:38:14 +09:00
Clemens Schwaighofer	b18866077e	Edit user settings class remove password as mandatory	2025-04-15 17:51:32 +09:00