Esempio n. 1
0
 public function test_get_all()
 {
     $groups_before = UserGroups::get_all();
     UserGroup::create(array('name' => 'testcasegroup'));
     $groups_after = UserGroups::get_all();
     $this->assert_not_equal(count($groups_before), count($groups_after));
     $this->assert_not_identical($groups_before, $groups_after);
     UserGroup::get('testcasegroup')->delete();
 }
Esempio n. 2
0
 public function configure()
 {
     $groups_array = array();
     foreach (UserGroups::get_all() as $group) {
         $groups_array[$group->id] = $group->name;
     }
     $form = new FormUI('proposal');
     $form->append(new FormControlSelect('type', 'staff__group', 'Group To Use for Staff', $groups_array));
     $form->append(new FormControlSubmit('save', _t('Save')));
     return $form;
 }
 /**
  * Simple plugin configuration
  * @return FormUI The configuration form
  **/
 public function configure()
 {
     $form = new FormUI('loginredirectgroup');
     $groups = array();
     foreach (UserGroups::get_all() as $group) {
         $groups[$group->id] = $group->name;
     }
     $form->append(new FormControlCheckboxes('group', 'lrg__group', _t("If you're any of these groups:"), $groups));
     $form->append(new FormControlText('url', 'lrg__url', _t('Redirect to this URL after login:'******'save', _t('Save')));
     return $form;
 }
Esempio n. 4
0
 public function configure()
 {
     $form = new FormUI(strtolower(get_class($this)));
     $form->append('checkbox', 'standalone', 'register__standalone', sprintf(_t('Show standalone <a href="%s">registration form</a>', __CLASS__), URL::get('register_page')));
     $groups = UserGroups::get_all();
     $options = array();
     foreach ($groups as $group) {
         $options[$group->id] = $group->name;
     }
     $form->append('select', 'group', strtolower(get_class($this)) . '__group', _t('Default group:', __CLASS__), $options);
     $form->append('submit', 'save', _t('Save'));
     $form->out();
 }
 public function action_plugin_ui_configure()
 {
     // get the groups list for the drop-down
     $ugs = UserGroups::get_all();
     $groups = array();
     foreach ($ugs as $group) {
         $groups[$group->name] = $group->name;
     }
     // remove anonymous - that would be pointless
     unset($groups['anonymous']);
     $ui = new FormUI('plugin_directory');
     $ui->append('text', 'passwdfile', 'passwdlogins__file', _t('Passwd File', 'passwdlogins'));
     $ui->append('checkbox', 'createusers', 'passwdlogins__create', _t('Create users on successful login', 'passwdlogins'));
     $select = $ui->append('select', 'defaultgroup', 'passwdlogins__group', _t('Group to create new users in', 'passwdlogins'));
     $select->default = 'authenticated';
     // emulate $default until it actually works
     if ($select->value == null) {
         $select->value = $select->default;
     }
     $select->options = $groups;
     $ui->append('submit', 'save', _t('Save'));
     $ui->out();
 }
Esempio n. 6
0
 /**
  * Handles GET requests for a group's page.
  */
 public function get_group()
 {
     $group = UserGroup::get_by_id($this->handler_vars['id']);
     if (null == $group) {
         Utils::redirect(URL::get('admin', 'page=groups'));
     } else {
         $tokens = ACL::all_tokens('id');
         $access_names = ACL::$access_names;
         $access_names[] = 'deny';
         // attach access bitmasks to the tokens
         foreach ($tokens as $token) {
             $token->access = ACL::get_group_token_access($group->id, $token->id);
         }
         // separate tokens into groups
         $grouped_tokens = array();
         foreach ($tokens as $token) {
             $grouped_tokens[$token->token_group][$token->token_type ? 'crud' : 'bool'][] = $token;
         }
         $group = UserGroup::get_by_id($this->handler_vars['id']);
         $potentials = array();
         $users = Users::get_all();
         $users[] = User::anonymous();
         $members = $group->members;
         $jsusers = array();
         foreach ($users as $user) {
             $jsuser = new StdClass();
             $jsuser->id = $user->id;
             $jsuser->username = $user->username;
             $jsuser->member = in_array($user->id, $members);
             $jsusers[$user->id] = $jsuser;
         }
         $this->theme->potentials = $potentials;
         $this->theme->users = $users;
         $this->theme->members = $members;
         $js = '$(function(){groupManage.init(' . json_encode($jsusers) . ');});';
         Stack::add('admin_header_javascript', $js, 'groupmanage', 'admin');
         $this->theme->access_names = $access_names;
         $this->theme->grouped_tokens = $grouped_tokens;
         $this->theme->groups = UserGroups::get_all();
         $this->theme->group = $group;
         $this->theme->id = $group->id;
         $this->theme->wsse = Utils::WSSE();
         $this->display('group');
     }
 }
Esempio n. 7
0
 /**
  * Handles form submission from a user's page.
  */
 public function form_user_success($form)
 {
     $edit_user = User::get_by_id($form->edit_user->value);
     $current_user = User::identify();
     $permission = false;
     // Check if the user is editing their own profile
     if ($edit_user->id == $current_user->id) {
         if ($edit_user->can('manage_self') || $edit_user->can('manage_users')) {
             $permission = true;
         }
     } else {
         if ($current_user->can('manage_users')) {
             $permission = true;
         }
     }
     if (!$permission) {
         Session::error(_t('Access to that page has been denied by the administrator.'));
         $this->get_blank();
         return;
     }
     // Let's check for deletion
     if (Controller::get_var('delete') != null) {
         if ($current_user->id != $edit_user->id) {
             // We're going to delete the user before we need it, so store the username
             $username = $edit_user->username;
             $posts = Posts::get(array('user_id' => $edit_user->id, 'nolimit' => true));
             if (Controller::get_var('reassign') != null && Controller::get_var('reassign') != 0 && Controller::get_var('reassign') != $edit_user->id) {
                 // we're going to re-assign all of this user's posts
                 $newauthor = Controller::get_var('reassign');
                 Posts::reassign($newauthor, $posts);
                 $edit_user->delete();
             } else {
                 // delete user, then delete posts
                 $edit_user->delete();
                 // delete posts
                 foreach ($posts as $post) {
                     $post->delete();
                 }
             }
             Session::notice(_t('%s has been deleted', array($username)));
             Utils::redirect(URL::get('admin', array('page' => 'users')));
         } else {
             Session::notice(_t('You cannot delete yourself.'));
         }
     }
     $update = false;
     // Change username
     if (isset($form->username) && $edit_user->username != $form->username->value) {
         Session::notice(_t('%1$s has been renamed to %2$s.', array($edit_user->username, $form->username->value)));
         $edit_user->username = $form->username->value;
         $update = true;
     }
     // Change email
     if (isset($form->email) && $edit_user->email != $form->email->value) {
         $edit_user->email = $form->email->value;
         $update = true;
     }
     // Change password
     if (isset($form->password1) && !Utils::crypt($form->password1->value, $edit_user->password) && $form->password1->value != '') {
         Session::notice(_t('Password changed.'));
         $edit_user->password = Utils::crypt($form->password1->value);
         $edit_user->update();
     }
     // Change group membership
     if (User::identify()->can('manage_groups')) {
         $allgroups = UserGroups::get_all();
         $new_groups = $form->user_group_membership->value;
         foreach ($allgroups as $group) {
             if (!$edit_user->in_group($group) && in_array($group->id, $new_groups)) {
                 $edit_user->add_to_group($group);
             }
             if ($edit_user->in_group($group) && !in_array($group->id, $new_groups)) {
                 $edit_user->remove_from_group($group);
             }
         }
     }
     // Set various info fields
     $info_fields = array('displayname', 'imageurl', 'locale_tz', 'locale_date_format', 'locale_time_format', 'dashboard_hide_spam_count');
     // let plugins easily specify other user info fields to pick
     $info_fields = Plugins::filter('adminhandler_post_user_fields', $info_fields);
     foreach ($info_fields as $info_field) {
         if (isset($form->{$info_field}) && $edit_user->info->{$info_field} != $form->{$info_field}->value && !empty($form->{$info_field}->value)) {
             $edit_user->info->{$info_field} = $form->{$info_field}->value;
             $update = true;
         } else {
             if (isset($edit_user->info->{$info_field}) && empty($form->{$info_field}->value)) {
                 unset($edit_user->info->{$info_field});
                 $update = true;
             }
         }
     }
     // Let plugins tell us to update
     $update = Plugins::filter('form_user_update', $update, $form, $edit_user);
     $form->save();
     if ($update) {
         $edit_user->update();
         Session::notice(_t('User updated.'));
     }
     Utils::redirect(URL::get('admin', array('page' => 'user', 'user' => $edit_user->username)));
 }
Esempio n. 8
0
 private function upgrade_db_post_4770()
 {
     // Add CRUD access tokens for other users' unpublished posts
     ACL::create_token('post_unpublished', _t("Permissions to other users' unpublished posts"), _t('Content'), true);
     // If a group doesn't have super_user permission, deny access to post_unpublished
     $groups = UserGroups::get_all();
     foreach ($groups as $group) {
         if (!ACL::group_can($group->id, 'super_user', 'read')) {
             $group->deny('post_unpublished');
         }
     }
 }
Esempio n. 9
0
 /**
  * Add or delete groups.
  */
 public function update_groups($handler_vars, $ajax = true)
 {
     $wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']);
     if (isset($handler_vars['digest']) && $handler_vars['digest'] != $wsse['digest'] || isset($handler_vars['password_digest']) && $handler_vars['password_digest'] != $wsse['digest']) {
         Session::error(_t('WSSE authentication failed.'));
         return Session::messages_get(true, 'array');
     }
     if (isset($handler_vars['password_digest']) || isset($handler_vars['digest'])) {
         if (isset($handler_vars['action']) && $handler_vars['action'] == 'add' || isset($handler_vars['newgroup'])) {
             if (isset($handler_vars['newgroup'])) {
                 $name = trim($handler_vars['new_groupname']);
             } else {
                 $name = trim($handler_vars['name']);
             }
             $settings = array('name' => $name);
             $this->theme->addform = $settings;
             if (UserGroup::exists($name)) {
                 Session::notice(sprintf(_t('The group %s already exists'), $name));
                 if ($ajax) {
                     return Session::messages_get(true, 'array');
                 } else {
                     return;
                 }
             } elseif (empty($name)) {
                 Session::notice(_t('The group must have a name'));
                 if ($ajax) {
                     return Session::message_get(true, 'array');
                 } else {
                     return;
                 }
             } else {
                 $groupdata = array('name' => $name);
                 $group = UserGroup::create($groupdata);
                 Session::notice(sprintf(_t('Added group %s'), $name));
                 // reload the groups
                 $this->theme->groups = UserGroups::get_all();
                 $this->theme->addform = array();
             }
             if ($ajax) {
                 return Session::messages_get(true, 'array');
             } else {
                 if (!$ajax) {
                     Utils::redirect(URL::get('admin', 'page=groups'));
                 }
             }
         }
         if (isset($handler_vars['action']) && $handler_vars['action'] == 'delete' && $ajax == true) {
             $ids = array();
             foreach ($_POST as $id => $delete) {
                 // skip POST elements which are not group ids
                 if (preg_match('/^p\\d+$/', $id) && $delete) {
                     $id = (int) substr($id, 1);
                     $ids[] = array('id' => $id);
                 }
             }
             $count = 0;
             if (!isset($ids)) {
                 Session::notice(_t('No groups deleted.'));
                 return Session::messages_get(true, 'array');
             }
             foreach ($ids as $id) {
                 $id = $id['id'];
                 $group = UserGroup::get_by_id($id);
                 $group->delete();
                 $count++;
             }
             if (!isset($msg_status)) {
                 $msg_status = sprintf(_t('Deleted %d groups.'), $count);
             }
             Session::notice($msg_status);
             return Session::messages_get(true, 'array');
         }
     }
 }
Esempio n. 10
0
 /**
  * Plugin UI - Displays the 'configure' config option.
  *
  * @access public
  * @return void
  */
 public function action_plugin_ui_configure()
 {
     $ui = new FormUI(strtolower(__CLASS__));
     $post_fieldset = $ui->append('fieldset', 'post_settings', _t('Autopost Updates from Habari', 'twitter'));
     $twitter_post = $post_fieldset->append('checkbox', 'post_status', 'twitter__post_status', _t('Autopost to Twitter:', 'twitter'));
     $twitter_post_nonanon = $post_fieldset->append('checkbox', 'post_nonanon', 'twitter__post_nonanon', _t("When autoposting, include posts that anonymous users can't read:", 'twitter'));
     $twitter_post = $post_fieldset->append('text', 'prepend', 'twitter__prepend', _t('Prepend to Autopost:', 'twitter'));
     $tweet_fieldset = $ui->append('fieldset', 'tweet_settings', _t('Displaying Status Updates', 'twitter'));
     $twitter_limit = $tweet_fieldset->append('select', 'limit', 'twitter__limit', _t('Number of updates to show', 'twitter'));
     $twitter_limit->options = array_combine(range(1, 20), range(1, 20));
     $twitter_show = $tweet_fieldset->append('checkbox', 'hide_replies', 'twitter__hide_replies', _t('Do not show @replies', 'twitter'));
     $twitter_show = $tweet_fieldset->append('checkbox', 'linkify_urls', 'twitter__linkify_urls', _t('Linkify URLs'));
     $twitter_hashtags = $tweet_fieldset->append('text', 'hashtags_query', 'twitter__hashtags_query', _t('#hashtags query link:', 'twitter'));
     $twitter_cache_time = $tweet_fieldset->append('text', 'cache', 'twitter__cache', _t('Cache expiry in seconds:', 'twitter'));
     $tweet_logins = $ui->append('fieldset', 'tweet_logins', _t('Logging In Using Twitter', 'twitter'));
     $twitterlogin = $tweet_logins->append('checkbox', 'twitterlogin', 'twitter__login', _t('Show button to log in with Twitter', 'twitter'));
     $twitterlogin = $tweet_logins->append('checkbox', 'twitterlogincreate', 'twitter__logincreate', _t('Create new users for unknown Twitter logins', 'twitter'));
     $raw_groups = UserGroups::get_all();
     $groups = array();
     foreach ($raw_groups as $group) {
         $groups[$group->id] = $group->name;
     }
     $twittergroup = $tweet_logins->append('select', 'twitterlogingroup', 'twitter__logingroup', _t('When a new user is created for a Twitter account, add it to this group:', 'twitter'), $groups);
     $ui->on_success(array($this, 'updated_config'));
     $ui->append('submit', 'save', _t('Save', 'twitter'));
     $ui->out();
 }
Esempio n. 11
0
 /**
  * The on_success handler of the Apply button on the user profile editing page
  * @param FormUI $form
  */
 public function edit_user_apply(FormUI $form)
 {
     $edit_user = User::get_by_id($form->edit_user->value);
     $edit_user_info = $edit_user->info;
     $update = false;
     // Change username
     if (isset($form->username) && $edit_user->username != $form->username->value) {
         Session::notice(_t('%1$s has been renamed to %2$s.', array($edit_user->username, $form->username->value)));
         $edit_user->username = $form->username->value;
         $update = true;
     }
     // Change email
     if (isset($form->email) && $edit_user->email != $form->email->value) {
         $edit_user->email = $form->email->value;
         $update = true;
     }
     // Change password
     if (isset($form->password1) && !Utils::crypt($form->password1->value, $edit_user->password) && $form->password1->value != '') {
         Session::notice(_t('Password changed.'));
         $edit_user->password = Utils::crypt($form->password1->value);
         $edit_user->update();
     }
     // Change group membership
     if (User::identify()->can('manage_groups')) {
         $allgroups = UserGroups::get_all();
         $new_groups = $form->user_group_membership->value;
         foreach ($allgroups as $group) {
             if (!$edit_user->in_group($group) && in_array($group->id, $new_groups)) {
                 $edit_user->add_to_group($group);
             }
             if ($edit_user->in_group($group) && !in_array($group->id, $new_groups)) {
                 $edit_user->remove_from_group($group);
             }
         }
     }
     // Set various info fields
     $info_fields = array('displayname', 'imageurl', 'locale_tz', 'locale_lang', 'locale_date_format', 'locale_time_format', 'dashboard_hide_spam_count');
     // let plugins easily specify other user info fields to pick
     $info_fields = Plugins::filter('adminhandler_post_user_fields', $info_fields);
     foreach ($info_fields as $info_field) {
         if (isset($form->{$info_field}) && $edit_user_info->{$info_field} != $form->{$info_field}->value && !empty($form->{$info_field}->value)) {
             $edit_user_info->{$info_field} = $form->{$info_field}->value;
             $update = true;
         } else {
             if (isset($edit_user_info->{$info_field}) && empty($form->{$info_field}->value)) {
                 unset($edit_user_info->{$info_field});
                 $update = true;
             }
         }
     }
     // Let plugins tell us to update
     $update = Plugins::filter('form_user_update', $update, $form, $edit_user);
     $form->save();
     if ($update) {
         $edit_user->update();
         Session::notice(_t('User updated.'));
     }
     Utils::redirect(URL::get('user_profile', array('user' => $edit_user->username)));
 }