Users are not able to change their own name.
This commit is contained in:
@@ -48,29 +48,47 @@ if ($API_users->request_method === 'GET') {
|
||||
$API_users->createUser();
|
||||
|
||||
} elseif ($API_users->request_method === 'PUT') {
|
||||
|
||||
# Edit a user
|
||||
$API_users->checkPermissions('admin-access-admins', 'RW');
|
||||
if (isset($API_users->postedData['user_profile_change'])) { # If the user is changing their own profile
|
||||
$API_users->postedData['user_uuid'] = $_SESSION['user']['user_uuid']; # Make sure the user being changed is always its own user_uuid
|
||||
|
||||
$requiredFields = [
|
||||
'user_uuid' => ['type' => 'uuid'],
|
||||
'user_group_uuid' => ['type' => 'uuid'],
|
||||
'user_email' => ['type' => 'email'],
|
||||
'user_first_name' => ['type' => 'string'],
|
||||
'user_last_name' => ['type' => 'string'],
|
||||
'user_full_name' => ['type' => 'string'],
|
||||
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
|
||||
'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
|
||||
];
|
||||
$requiredFields = [
|
||||
'user_uuid' => ['type' => 'uuid'],
|
||||
'user_email' => ['type' => 'email'],
|
||||
'user_first_name' => ['type' => 'string'],
|
||||
'user_last_name' => ['type' => 'string'],
|
||||
'user_full_name' => ['type' => 'string'],
|
||||
'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
|
||||
];
|
||||
|
||||
$optionalFields = [
|
||||
'user_phone_number' => ['type' => 'string'],
|
||||
'user_stompable' => ['type' => 'boolean']
|
||||
];
|
||||
$optionalFields = [
|
||||
'user_phone_number' => ['type' => 'string']
|
||||
];
|
||||
|
||||
} else {
|
||||
$API_users->checkPermissions('admin-access-admins', 'RW');
|
||||
|
||||
$requiredFields = [
|
||||
'user_uuid' => ['type' => 'uuid'],
|
||||
'user_group_uuid' => ['type' => 'uuid'],
|
||||
'user_email' => ['type' => 'email'],
|
||||
'user_first_name' => ['type' => 'string'],
|
||||
'user_last_name' => ['type' => 'string'],
|
||||
'user_full_name' => ['type' => 'string'],
|
||||
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
|
||||
'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
|
||||
];
|
||||
|
||||
$optionalFields = [
|
||||
'user_phone_number' => ['type' => 'string'],
|
||||
'user_stompable' => ['type' => 'boolean']
|
||||
];
|
||||
|
||||
$API_users->postedData['user_stompable'] = (bool)$API_users->postedData['user_stompable'];
|
||||
}
|
||||
|
||||
$API_users->postedData['user_full_name'] = trim($API_users->postedData['user_first_name'] . ' ' . $API_users->postedData['user_last_name']);
|
||||
$API_users->postedData['user_pref_language'] = $API_users->postedData['user_pref_language'] ?? 'en';
|
||||
$API_users->postedData['user_stompable'] = (bool)$API_users->postedData['user_stompable'];
|
||||
|
||||
$API_users->validateData($requiredFields, $optionalFields);
|
||||
|
||||
@@ -78,7 +96,6 @@ if ($API_users->request_method === 'GET') {
|
||||
|
||||
} elseif ($API_users->request_method === 'DELETE') {
|
||||
|
||||
|
||||
$API_users->return_url = false;
|
||||
|
||||
$API_users->checkPermissions('admin-access-admins', 'RW');
|
||||
|
||||
Reference in New Issue
Block a user