hedera-web/rest/client/supplant.php

31 lines
694 B
PHP
Raw Normal View History

2022-05-05 13:56:17 +00:00
<?php
use Vn\Web;
class Supplant extends Vn\Web\JsonRequest {
const PARAMS = ['supplantUser'];
function run($db) {
$userId = $db->getValue(
'SELECT id FROM account.user WHERE `name` = #',
[$_REQUEST['supplantUser']]
);
2022-05-05 13:56:17 +00:00
$isClient = $db->getValue(
'SELECT COUNT(*) > 0 FROM vn.client WHERE id = #',
[$userId]
);
if (!$isClient)
throw new Web\ForbiddenException(s('The user is not a client'));
2022-10-04 13:12:16 +00:00
$hasAccount = $db->getValue(
'SELECT COUNT(*) > 0 FROM account.account WHERE id = #',
2022-05-05 13:56:17 +00:00
[$userId]
);
2022-10-04 13:12:16 +00:00
if ($hasAccount)
throw new Web\ForbiddenException(s('The user is not impersonable'));
2022-05-05 13:56:17 +00:00
return $this->service->createToken($_REQUEST['supplantUser']);
}
}