/**
* Edit a user account.
*
* @since 2.0.0
* @access public
* @param int $UserID Unique ID.
*/
public function edit($UserID)
{
$this->permission('Garden.Users.Edit');
// Page setup
$this->addJsFile('user.js');
$this->title(t('Edit User'));
$this->addSideMenu('dashboard/user');
// Only admins can reassign roles
$RoleModel = new RoleModel();
$AllRoles = $RoleModel->getArray();
$RoleData = $RoleModel->getAssignable();
$UserModel = new UserModel();
$User = $UserModel->getID($UserID, DATASET_TYPE_ARRAY);
// Determine if username can be edited
$CanEditUsername = (bool) c("Garden.Profile.EditUsernames") || Gdn::session()->checkPermission('Garden.Users.Edit');
$this->setData('_CanEditUsername', $CanEditUsername);
// Determine if emails can be edited
$CanEditEmail = Gdn::session()->checkPermission('Garden.Users.Edit');
$this->setData('_CanEditEmail', $CanEditEmail);
// Decide if they have ability to confirm users
$Confirmed = (bool) valr('Confirmed', $User);
$CanConfirmEmail = UserModel::RequireConfirmEmail() && Gdn::session()->checkPermission('Garden.Users.Edit');
$this->setData('_CanConfirmEmail', $CanConfirmEmail);
$this->setData('_EmailConfirmed', $Confirmed);
$User['ConfirmEmail'] = (int) $Confirmed;
// Determine whether user being edited is privileged (can escalate permissions)
$UserModel = new UserModel();
$EditingPrivilegedUser = $UserModel->checkPermission($User, 'Garden.Settings.Manage');
// Determine our password reset options
// Anyone with user editing my force reset over email
$this->ResetOptions = array(0 => t('Keep current password.'), 'Auto' => t('Force user to reset their password and send email notification.'));
// Only admins may manually reset passwords for other admins
if (checkPermission('Garden.Settings.Manage') || !$EditingPrivilegedUser) {
$this->ResetOptions['Manual'] = t('Manually set user password. No email notification.');
}
// Set the model on the form.
$this->Form->setModel($UserModel);
// Make sure the form knows which item we are editing.
$this->Form->addHidden('UserID', $UserID);
try {
$AllowEditing = true;
$this->EventArguments['AllowEditing'] =& $AllowEditing;
$this->EventArguments['TargetUser'] =& $User;
// These are all the 'effective' roles for this edit action. This list can
// be trimmed down from the real list to allow subsets of roles to be
// edited.
$this->EventArguments['RoleData'] =& $RoleData;
$UserRoleData = $UserModel->getRoles($UserID)->resultArray();
$RoleIDs = array_column($UserRoleData, 'RoleID');
$RoleNames = array_column($UserRoleData, 'Name');
$UserRoleData = arrayCombine($RoleIDs, $RoleNames);
$this->EventArguments['UserRoleData'] =& $UserRoleData;
$this->fireEvent("BeforeUserEdit");
$this->setData('AllowEditing', $AllowEditing);
$this->Form->setData($User);
if ($this->Form->authenticatedPostBack()) {
if (!$CanEditUsername) {
$this->Form->setFormValue("Name", $User['Name']);
}
// Allow mods to confirm/unconfirm emails
$this->Form->removeFormValue('Confirmed');
$Confirmation = $this->Form->getFormValue('ConfirmEmail', null);
$Confirmation = !is_null($Confirmation) ? (bool) $Confirmation : null;
if ($CanConfirmEmail && is_bool($Confirmation)) {
$this->Form->setFormValue('Confirmed', (int) $Confirmation);
}
$ResetPassword = $this->Form->getValue('ResetPassword', false);
// If we're an admin or this isn't a privileged user, allow manual setting of password
$AllowManualReset = checkPermission('Garden.Settings.Manage') || !$EditingPrivilegedUser;
if ($ResetPassword == 'Manual' && $AllowManualReset) {
// If a new password was specified, add it to the form's collection
$NewPassword = $this->Form->getValue('NewPassword', '');
$this->Form->setFormValue('Password', $NewPassword);
}
// Role changes
// These are the new roles the editing user wishes to apply to the target
// user, adjusted for his ability to affect those roles
$RequestedRoles = $this->Form->getFormValue('RoleID');
if (!is_array($RequestedRoles)) {
$RequestedRoles = array();
}
$RequestedRoles = array_flip($RequestedRoles);
$UserNewRoles = array_intersect_key($RoleData, $RequestedRoles);
// These roles will stay turned on regardless of the form submission contents
// because the editing user does not have permission to modify them
$ImmutableRoles = array_diff_key($AllRoles, $RoleData);
$UserImmutableRoles = array_intersect_key($ImmutableRoles, $UserRoleData);
// Apply immutable roles
foreach ($UserImmutableRoles as $IMRoleID => $IMRoleName) {
$UserNewRoles[$IMRoleID] = $IMRoleName;
}
// Put the data back into the forum object as if the user had submitted
// this themselves
$this->Form->setFormValue('RoleID', array_keys($UserNewRoles));
if ($this->Form->save(array('SaveRoles' => true)) !== false) {
if ($this->Form->getValue('ResetPassword', '') == 'Auto') {
$UserModel->PasswordRequest($User['Email']);
$UserModel->setField($UserID, 'HashMethod', 'Reset');
}
$this->informMessage(t('Your changes have been saved.'));
}
$UserRoleData = $UserNewRoles;
}
} catch (Exception $Ex) {
$this->Form->addError($Ex);
}
$this->setData('User', $User);
$this->setData('Roles', $RoleData);
$this->setData('UserRoles', $UserRoleData);
$this->render();
}
/**
* Configuration of registration settings.
*
* Events: BeforeRegistrationUpdate
*
* @since 2.0.0
* @access public
* @param string $RedirectUrl Where to send user after registration.
*/
public function registration($RedirectUrl = '')
{
$this->permission('Garden.Settings.Manage');
$this->addSideMenu('dashboard/settings/registration');
$this->addJsFile('registration.js');
$this->title(t('Registration'));
// Create a model to save configuration settings
$Validation = new Gdn_Validation();
$ConfigurationModel = new Gdn_ConfigurationModel($Validation);
$registrationOptions = array('Garden.Registration.Method' => 'Captcha', 'Garden.Registration.InviteExpiration', 'Garden.Registration.ConfirmEmail');
if ($manageCaptcha = c('Garden.Registration.ManageCaptcha', true)) {
$registrationOptions[] = 'Garden.Registration.CaptchaPrivateKey';
$registrationOptions[] = 'Garden.Registration.CaptchaPublicKey';
}
$this->setData('_ManageCaptcha', $manageCaptcha);
$ConfigurationModel->setField($registrationOptions);
// Set the model on the forms.
$this->Form->setModel($ConfigurationModel);
// Load roles with sign-in permission
$RoleModel = new RoleModel();
$this->RoleData = $RoleModel->getByPermission('Garden.SignIn.Allow');
$this->setData('_Roles', array_column($this->RoleData->resultArray(), 'Name', 'RoleID'));
// Get currently selected InvitationOptions
$this->ExistingRoleInvitations = Gdn::config('Garden.Registration.InviteRoles');
if (is_array($this->ExistingRoleInvitations) === false) {
$this->ExistingRoleInvitations = array();
}
// Get the currently selected Expiration Length
$this->InviteExpiration = Gdn::config('Garden.Registration.InviteExpiration', '');
// Registration methods.
$this->RegistrationMethods = array('Captcha' => "New users fill out a simple form and are granted access immediately.", 'Approval' => "New users are reviewed and approved by an administrator (that's you!).", 'Invitation' => "Existing members send invitations to new members.", 'Connect' => "New users are only registered through SSO plugins.");
// Options for how many invitations a role can send out per month.
$this->InvitationOptions = array('0' => t('None'), '1' => '1', '2' => '2', '5' => '5', '-1' => t('Unlimited'));
// Options for when invitations should expire.
$this->InviteExpirationOptions = array('1 week' => t('1 week after being sent'), '2 weeks' => t('2 weeks after being sent'), '1 month' => t('1 month after being sent'), 'FALSE' => t('never'));
if ($this->Form->authenticatedPostBack() === false) {
$this->Form->setData($ConfigurationModel->Data);
} else {
// Define some validation rules for the fields being saved
$ConfigurationModel->Validation->applyRule('Garden.Registration.Method', 'Required');
// Define the Garden.Registration.RoleInvitations setting based on the postback values
$InvitationRoleIDs = $this->Form->getValue('InvitationRoleID');
$InvitationCounts = $this->Form->getValue('InvitationCount');
$this->ExistingRoleInvitations = arrayCombine($InvitationRoleIDs, $InvitationCounts);
$ConfigurationModel->forceSetting('Garden.Registration.InviteRoles', $this->ExistingRoleInvitations);
// Event hook
$this->EventArguments['ConfigurationModel'] =& $ConfigurationModel;
$this->fireEvent('BeforeRegistrationUpdate');
// Save!
if ($this->Form->save() !== false) {
$this->informMessage(t("Your settings have been saved."));
if ($RedirectUrl != '') {
$this->RedirectUrl = $RedirectUrl;
}
}
}
$this->render();
}
