diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2016-10-22 20:32:16 +0200 |
|---|---|---|
| committer | Alexandre Alapetite <alexandre@alapetite.fr>
| 2016-10-22 20:32:16 +0200 |
| commit | 5b1b43ab57da6a7bc1599c224d47455b2e56d53d (patch) | |
| tree | ebe9280bccf98e467b46dd6ba4e33909af8fb6db | |
| parent | d9ee59f999d5221b961bfc7519c83ce27a7d8367 (diff) | |
CLI delete user https://github.com/FreshRSS/FreshRSS/issues/1095
| -rw-r--r-- | app/Controllers/userController.php | 39 | ||||
| -rwxr-xr-x | cli/delete-user.php | 33 |
2 files changed, 56 insertions, 16 deletions
diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index f880b951d..2f04c7a1d 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -186,6 +186,27 @@ class FreshRSS_user_Controller extends Minz_ActionController { Minz_Request::forward($redirect_url, true); } + public static function deleteUser($username) { + $db = FreshRSS_Context::$system_conf->db; + require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); + + $ok = ctype_alnum($username); + if ($ok) { + $default_user = FreshRSS_Context::$system_conf->default_user; + $ok &= (strcasecmp($username, $default_user) !== 0); //It is forbidden to delete the default user + } + $user_data = join_path(DATA_PATH, 'users', $username); + if ($ok) { + $ok &= is_dir($user_data); + } + if ($ok) { + $userDAO = new FreshRSS_UserDAO(); + $ok &= $userDAO->deleteUser($username); + $ok &= recursive_unlink($user_data); + } + return $ok; + } + /** * This action delete an existing user. * @@ -207,16 +228,7 @@ class FreshRSS_user_Controller extends Minz_ActionController { FreshRSS_Auth::hasAccess('admin') || $self_deletion )) { - $db = FreshRSS_Context::$system_conf->db; - require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php'); - - $ok = ctype_alnum($username); - $user_data = join_path(DATA_PATH, 'users', $username); - - if ($ok) { - $default_user = FreshRSS_Context::$system_conf->default_user; - $ok &= (strcasecmp($username, $default_user) !== 0); //It is forbidden to delete the default user - } + $ok = true; if ($ok && $self_deletion) { // We check the password if it's a self-destruction $nonce = Minz_Session::param('nonce'); @@ -228,12 +240,7 @@ class FreshRSS_user_Controller extends Minz_ActionController { ); } if ($ok) { - $ok &= is_dir($user_data); - } - if ($ok) { - $userDAO = new FreshRSS_UserDAO(); - $ok &= $userDAO->deleteUser($username); - $ok &= recursive_unlink($user_data); + $ok &= self::deleteUser($username); } if ($ok && $self_deletion) { FreshRSS_Auth::removeAccess(); diff --git a/cli/delete-user.php b/cli/delete-user.php new file mode 100755 index 000000000..46332fe34 --- /dev/null +++ b/cli/delete-user.php @@ -0,0 +1,33 @@ +#!/usr/bin/php +<?php +require('_cli.php'); + +$options = getopt('', array( + 'user:', + )); + +if (empty($options['user'])) { + fail('Usage: ' . basename(__FILE__) . " --user=username"); +} +$username = $options['user']; +if (!ctype_alnum($username)) { + fail('FreshRSS error: invalid username “' . $username . '”'); +} + +$usernames = listUsers(); +if (!preg_grep("/^$username$/i", $usernames)) { + fail('FreshRSS error: username not found “' . $username . '”'); +} + +if (strcasecmp($username, FreshRSS_Context::$system_conf->default_user) === 0) { + fail('FreshRSS error: default user must not be deleted: “' . $username . '”'); +} + +echo 'FreshRSS deleting user “', $username, "”…\n"; + +$ok = FreshRSS_user_Controller::deleteUser($username); + +invalidateHttpCache(FreshRSS_Context::$system_conf->default_user); + +echo 'Result: ', ($ok ? 'success' : 'fail'), ".\n"; +exit($ok ? 0 : 1); |