Pman/Login.php

[Pman.Base] / Pman / Login.php

diff --git a/Pman/Login.php b/Pman/Login.php
index d08cfaa..d5e0849 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -123,6 +123,36 @@ class Pman_Login extends Pman
     }
 
     
+    function switchUser($id)
+    {
+        $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
+        $u = DB_DataObject::factory($tbl);
+        if (!$u->isAuth()) {
+            $this->err("not logged in");
+        }
+        
+        $au = $u->getAuthUser();
+        
+        
+        // first check they have perms to do this..
+        if (!$au|| ($au->company()->comptype != 'OWNER') || !$this->hasPerm('Core.Person', 'E')) {
+            $this->jerr("User switching not permitted");
+        }
+        
+        
+        $u = DB_DataObject::factory($tbl);
+        $u->get($id);
+        if (!$u->active()) {
+            $this->jerr('Account disabled');
+        }
+        $u->login();
+            // we might need this later..
+        $this->addEvent("SWITCH USER", false, $au->name . ' TO ' . $u->name);
+        $this->jok("SWITCH");
+        
+    }
+    
+    
     var $domObj = false;
     function post()
     {
@@ -170,6 +200,15 @@ class Pman_Login extends Pman
             $this->jerr('Account disabled');
         }
         
+        // check if config allows non-owner passwords.
+        // auth_company = "OWNER" auth_company = "CLIENT"
+        $ff= HTML_FlexyFramework::get();
+        if (!empty($ff->Pman['auth_comptype']) && $ff->Pman['auth_comptype'] != $u->company()->comptype) {
+            $this->jerr("Login not permited to outside companies");
+        }
+        
+        
+        
         if ($u->checkPassword($_REQUEST['password'])) {
             $u->login();
             // we might need this later..