Block and unBlock of a User

TiG
TiG
@tig
4 years ago
184 posts
Just checking in case I missed it. We have a need to programmatically issue a block and optionally an unblock of a user. The objective is to ensure a suspended user (suspension is an NT function) can no longer access their account settings and change their name, etc. The block function conveniently does that (and more) by preventing signin.

Trouble is, the active function that implements the block and unblock is embedded within view_ code. Thus it is not a function we can call. Accordingly, I would need to reproduce the embedded functional code instead of making a call. This is of course undesirable since a change in implementation might break our code.

Is there a better approach that would enable me to reuse the block / unblock functionality without duplicating the code?


--
TiG

updated by @tig: 03/18/21 05:17:26PM
michael
@michael
4 years ago
7,743 posts
The view_jrUser_block_save() function was added in 2016 and nothing has changed with it since. I think you'd be pretty safe copy+paste the innards to set the block.

SET THE BLOCK:
        // When blocking a user we set BOTH user and profile inactive and remove any sessions
        jrCore_db_update_item('jrUser', $uid, array('user_active' => 0, 'user_blocked' => 1));

        // Delete existing session and login cookie
        jrUser_session_remove($uid);

        $tbl = jrCore_db_table_name('jrUser', 'cookie');
        $req = "DELETE FROM {$tbl} WHERE cookie_user_id = '{$uid}'";
        jrCore_db_query($req);

        // Next - we need to get ALL profiles this user is linked to abd block the profiles
        $_pr = jrProfile_get_user_linked_profiles($uid);
        if ($_pr && is_array($_pr)) {
            foreach ($_pr as $pid => $user_id) {
                jrCore_db_update_item('jrProfile', $pid, array('profile_active' => 0));
                jrProfile_reset_cache($pid);
            }
        }

REMOVE THE BLOCK:

        // UN-blocking a user
        jrCore_db_update_item('jrUser', $uid, array('user_active' => 1));
        jrCore_db_delete_item_key('jrUser', $uid, 'user_blocked');

        // Next - we need to get ALL profiles this user is linked to abd block the profiles
        $_pr = jrProfile_get_user_linked_profiles($uid);
        if ($_pr && is_array($_pr)) {
            foreach ($_pr as $pid => $user_id) {
                jrCore_db_update_item('jrProfile', $pid, array('profile_active' => 1));
                jrProfile_reset_cache($pid);
            }
        }

If you're still feeling real nervous about it I'm sure we could separate those sections out into their own functions for next release.

--edit--
Actually, doing that is trivial, I'll get it added.
updated by @michael: 12/15/20 07:45:43PM
michael
@michael
4 years ago
7,743 posts
Changed the body of view_jrUser_block_save() to

    // Block a User
    if ($_post['mode'] == 'b') {
        jrUser_block($uid);
    }
    else {
        // UN-blocking a user
        jrUser_unblock($uid);
    }
from jrUser 2.9.3. Just needs to pass testing then will be in the next release.
TiG
TiG
@tig
4 years ago
184 posts
Michael

I greatly appreciate that! Now I have an elegant and safe solution.

Thanks for this. TiG


--
TiG

Tags