public function test_get_all()
{
$groups_before = UserGroups::get_all();
UserGroup::create(array('name' => 'testcasegroup'));
$groups_after = UserGroups::get_all();
$this->assert_not_equal(count($groups_before), count($groups_after));
$this->assert_not_identical($groups_before, $groups_after);
UserGroup::get('testcasegroup')->delete();
}
public function configure()
{
$groups_array = array();
foreach (UserGroups::get_all() as $group) {
$groups_array[$group->id] = $group->name;
}
$form = new FormUI('proposal');
$form->append(new FormControlSelect('type', 'staff__group', 'Group To Use for Staff', $groups_array));
$form->append(new FormControlSubmit('save', _t('Save')));
return $form;
}
/**
* Simple plugin configuration
* @return FormUI The configuration form
**/
public function configure()
{
$form = new FormUI('loginredirectgroup');
$groups = array();
foreach (UserGroups::get_all() as $group) {
$groups[$group->id] = $group->name;
}
$form->append(new FormControlCheckboxes('group', 'lrg__group', _t("If you're any of these groups:"), $groups));
$form->append(new FormControlText('url', 'lrg__url', _t('Redirect to this URL after login:'******'save', _t('Save')));
return $form;
}
public function configure()
{
$form = new FormUI(strtolower(get_class($this)));
$form->append('checkbox', 'standalone', 'register__standalone', sprintf(_t('Show standalone <a href="%s">registration form</a>', __CLASS__), URL::get('register_page')));
$groups = UserGroups::get_all();
$options = array();
foreach ($groups as $group) {
$options[$group->id] = $group->name;
}
$form->append('select', 'group', strtolower(get_class($this)) . '__group', _t('Default group:', __CLASS__), $options);
$form->append('submit', 'save', _t('Save'));
$form->out();
}
public function action_plugin_ui_configure()
{
// get the groups list for the drop-down
$ugs = UserGroups::get_all();
$groups = array();
foreach ($ugs as $group) {
$groups[$group->name] = $group->name;
}
// remove anonymous - that would be pointless
unset($groups['anonymous']);
$ui = new FormUI('plugin_directory');
$ui->append('text', 'passwdfile', 'passwdlogins__file', _t('Passwd File', 'passwdlogins'));
$ui->append('checkbox', 'createusers', 'passwdlogins__create', _t('Create users on successful login', 'passwdlogins'));
$select = $ui->append('select', 'defaultgroup', 'passwdlogins__group', _t('Group to create new users in', 'passwdlogins'));
$select->default = 'authenticated';
// emulate $default until it actually works
if ($select->value == null) {
$select->value = $select->default;
}
$select->options = $groups;
$ui->append('submit', 'save', _t('Save'));
$ui->out();
}
/**
* Handles GET requests for a group's page.
*/
public function get_group()
{
$group = UserGroup::get_by_id($this->handler_vars['id']);
if (null == $group) {
Utils::redirect(URL::get('admin', 'page=groups'));
} else {
$tokens = ACL::all_tokens('id');
$access_names = ACL::$access_names;
$access_names[] = 'deny';
// attach access bitmasks to the tokens
foreach ($tokens as $token) {
$token->access = ACL::get_group_token_access($group->id, $token->id);
}
// separate tokens into groups
$grouped_tokens = array();
foreach ($tokens as $token) {
$grouped_tokens[$token->token_group][$token->token_type ? 'crud' : 'bool'][] = $token;
}
$group = UserGroup::get_by_id($this->handler_vars['id']);
$potentials = array();
$users = Users::get_all();
$users[] = User::anonymous();
$members = $group->members;
$jsusers = array();
foreach ($users as $user) {
$jsuser = new StdClass();
$jsuser->id = $user->id;
$jsuser->username = $user->username;
$jsuser->member = in_array($user->id, $members);
$jsusers[$user->id] = $jsuser;
}
$this->theme->potentials = $potentials;
$this->theme->users = $users;
$this->theme->members = $members;
$js = '$(function(){groupManage.init(' . json_encode($jsusers) . ');});';
Stack::add('admin_header_javascript', $js, 'groupmanage', 'admin');
$this->theme->access_names = $access_names;
$this->theme->grouped_tokens = $grouped_tokens;
$this->theme->groups = UserGroups::get_all();
$this->theme->group = $group;
$this->theme->id = $group->id;
$this->theme->wsse = Utils::WSSE();
$this->display('group');
}
}
/**
* Handles form submission from a user's page.
*/
public function form_user_success($form)
{
$edit_user = User::get_by_id($form->edit_user->value);
$current_user = User::identify();
$permission = false;
// Check if the user is editing their own profile
if ($edit_user->id == $current_user->id) {
if ($edit_user->can('manage_self') || $edit_user->can('manage_users')) {
$permission = true;
}
} else {
if ($current_user->can('manage_users')) {
$permission = true;
}
}
if (!$permission) {
Session::error(_t('Access to that page has been denied by the administrator.'));
$this->get_blank();
return;
}
// Let's check for deletion
if (Controller::get_var('delete') != null) {
if ($current_user->id != $edit_user->id) {
// We're going to delete the user before we need it, so store the username
$username = $edit_user->username;
$posts = Posts::get(array('user_id' => $edit_user->id, 'nolimit' => true));
if (Controller::get_var('reassign') != null && Controller::get_var('reassign') != 0 && Controller::get_var('reassign') != $edit_user->id) {
// we're going to re-assign all of this user's posts
$newauthor = Controller::get_var('reassign');
Posts::reassign($newauthor, $posts);
$edit_user->delete();
} else {
// delete user, then delete posts
$edit_user->delete();
// delete posts
foreach ($posts as $post) {
$post->delete();
}
}
Session::notice(_t('%s has been deleted', array($username)));
Utils::redirect(URL::get('admin', array('page' => 'users')));
} else {
Session::notice(_t('You cannot delete yourself.'));
}
}
$update = false;
// Change username
if (isset($form->username) && $edit_user->username != $form->username->value) {
Session::notice(_t('%1$s has been renamed to %2$s.', array($edit_user->username, $form->username->value)));
$edit_user->username = $form->username->value;
$update = true;
}
// Change email
if (isset($form->email) && $edit_user->email != $form->email->value) {
$edit_user->email = $form->email->value;
$update = true;
}
// Change password
if (isset($form->password1) && !Utils::crypt($form->password1->value, $edit_user->password) && $form->password1->value != '') {
Session::notice(_t('Password changed.'));
$edit_user->password = Utils::crypt($form->password1->value);
$edit_user->update();
}
// Change group membership
if (User::identify()->can('manage_groups')) {
$allgroups = UserGroups::get_all();
$new_groups = $form->user_group_membership->value;
foreach ($allgroups as $group) {
if (!$edit_user->in_group($group) && in_array($group->id, $new_groups)) {
$edit_user->add_to_group($group);
}
if ($edit_user->in_group($group) && !in_array($group->id, $new_groups)) {
$edit_user->remove_from_group($group);
}
}
}
// Set various info fields
$info_fields = array('displayname', 'imageurl', 'locale_tz', 'locale_date_format', 'locale_time_format', 'dashboard_hide_spam_count');
// let plugins easily specify other user info fields to pick
$info_fields = Plugins::filter('adminhandler_post_user_fields', $info_fields);
foreach ($info_fields as $info_field) {
if (isset($form->{$info_field}) && $edit_user->info->{$info_field} != $form->{$info_field}->value && !empty($form->{$info_field}->value)) {
$edit_user->info->{$info_field} = $form->{$info_field}->value;
$update = true;
} else {
if (isset($edit_user->info->{$info_field}) && empty($form->{$info_field}->value)) {
unset($edit_user->info->{$info_field});
$update = true;
}
}
}
// Let plugins tell us to update
$update = Plugins::filter('form_user_update', $update, $form, $edit_user);
$form->save();
if ($update) {
$edit_user->update();
Session::notice(_t('User updated.'));
}
Utils::redirect(URL::get('admin', array('page' => 'user', 'user' => $edit_user->username)));
}
private function upgrade_db_post_4770()
{
// Add CRUD access tokens for other users' unpublished posts
ACL::create_token('post_unpublished', _t("Permissions to other users' unpublished posts"), _t('Content'), true);
// If a group doesn't have super_user permission, deny access to post_unpublished
$groups = UserGroups::get_all();
foreach ($groups as $group) {
if (!ACL::group_can($group->id, 'super_user', 'read')) {
$group->deny('post_unpublished');
}
}
}
/**
* Add or delete groups.
*/
public function update_groups($handler_vars, $ajax = true)
{
$wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']);
if (isset($handler_vars['digest']) && $handler_vars['digest'] != $wsse['digest'] || isset($handler_vars['password_digest']) && $handler_vars['password_digest'] != $wsse['digest']) {
Session::error(_t('WSSE authentication failed.'));
return Session::messages_get(true, 'array');
}
if (isset($handler_vars['password_digest']) || isset($handler_vars['digest'])) {
if (isset($handler_vars['action']) && $handler_vars['action'] == 'add' || isset($handler_vars['newgroup'])) {
if (isset($handler_vars['newgroup'])) {
$name = trim($handler_vars['new_groupname']);
} else {
$name = trim($handler_vars['name']);
}
$settings = array('name' => $name);
$this->theme->addform = $settings;
if (UserGroup::exists($name)) {
Session::notice(sprintf(_t('The group %s already exists'), $name));
if ($ajax) {
return Session::messages_get(true, 'array');
} else {
return;
}
} elseif (empty($name)) {
Session::notice(_t('The group must have a name'));
if ($ajax) {
return Session::message_get(true, 'array');
} else {
return;
}
} else {
$groupdata = array('name' => $name);
$group = UserGroup::create($groupdata);
Session::notice(sprintf(_t('Added group %s'), $name));
// reload the groups
$this->theme->groups = UserGroups::get_all();
$this->theme->addform = array();
}
if ($ajax) {
return Session::messages_get(true, 'array');
} else {
if (!$ajax) {
Utils::redirect(URL::get('admin', 'page=groups'));
}
}
}
if (isset($handler_vars['action']) && $handler_vars['action'] == 'delete' && $ajax == true) {
$ids = array();
foreach ($_POST as $id => $delete) {
// skip POST elements which are not group ids
if (preg_match('/^p\\d+$/', $id) && $delete) {
$id = (int) substr($id, 1);
$ids[] = array('id' => $id);
}
}
$count = 0;
if (!isset($ids)) {
Session::notice(_t('No groups deleted.'));
return Session::messages_get(true, 'array');
}
foreach ($ids as $id) {
$id = $id['id'];
$group = UserGroup::get_by_id($id);
$group->delete();
$count++;
}
if (!isset($msg_status)) {
$msg_status = sprintf(_t('Deleted %d groups.'), $count);
}
Session::notice($msg_status);
return Session::messages_get(true, 'array');
}
}
}
/**
* Plugin UI - Displays the 'configure' config option.
*
* @access public
* @return void
*/
public function action_plugin_ui_configure()
{
$ui = new FormUI(strtolower(__CLASS__));
$post_fieldset = $ui->append('fieldset', 'post_settings', _t('Autopost Updates from Habari', 'twitter'));
$twitter_post = $post_fieldset->append('checkbox', 'post_status', 'twitter__post_status', _t('Autopost to Twitter:', 'twitter'));
$twitter_post_nonanon = $post_fieldset->append('checkbox', 'post_nonanon', 'twitter__post_nonanon', _t("When autoposting, include posts that anonymous users can't read:", 'twitter'));
$twitter_post = $post_fieldset->append('text', 'prepend', 'twitter__prepend', _t('Prepend to Autopost:', 'twitter'));
$tweet_fieldset = $ui->append('fieldset', 'tweet_settings', _t('Displaying Status Updates', 'twitter'));
$twitter_limit = $tweet_fieldset->append('select', 'limit', 'twitter__limit', _t('Number of updates to show', 'twitter'));
$twitter_limit->options = array_combine(range(1, 20), range(1, 20));
$twitter_show = $tweet_fieldset->append('checkbox', 'hide_replies', 'twitter__hide_replies', _t('Do not show @replies', 'twitter'));
$twitter_show = $tweet_fieldset->append('checkbox', 'linkify_urls', 'twitter__linkify_urls', _t('Linkify URLs'));
$twitter_hashtags = $tweet_fieldset->append('text', 'hashtags_query', 'twitter__hashtags_query', _t('#hashtags query link:', 'twitter'));
$twitter_cache_time = $tweet_fieldset->append('text', 'cache', 'twitter__cache', _t('Cache expiry in seconds:', 'twitter'));
$tweet_logins = $ui->append('fieldset', 'tweet_logins', _t('Logging In Using Twitter', 'twitter'));
$twitterlogin = $tweet_logins->append('checkbox', 'twitterlogin', 'twitter__login', _t('Show button to log in with Twitter', 'twitter'));
$twitterlogin = $tweet_logins->append('checkbox', 'twitterlogincreate', 'twitter__logincreate', _t('Create new users for unknown Twitter logins', 'twitter'));
$raw_groups = UserGroups::get_all();
$groups = array();
foreach ($raw_groups as $group) {
$groups[$group->id] = $group->name;
}
$twittergroup = $tweet_logins->append('select', 'twitterlogingroup', 'twitter__logingroup', _t('When a new user is created for a Twitter account, add it to this group:', 'twitter'), $groups);
$ui->on_success(array($this, 'updated_config'));
$ui->append('submit', 'save', _t('Save', 'twitter'));
$ui->out();
}
/**
* The on_success handler of the Apply button on the user profile editing page
* @param FormUI $form
*/
public function edit_user_apply(FormUI $form)
{
$edit_user = User::get_by_id($form->edit_user->value);
$edit_user_info = $edit_user->info;
$update = false;
// Change username
if (isset($form->username) && $edit_user->username != $form->username->value) {
Session::notice(_t('%1$s has been renamed to %2$s.', array($edit_user->username, $form->username->value)));
$edit_user->username = $form->username->value;
$update = true;
}
// Change email
if (isset($form->email) && $edit_user->email != $form->email->value) {
$edit_user->email = $form->email->value;
$update = true;
}
// Change password
if (isset($form->password1) && !Utils::crypt($form->password1->value, $edit_user->password) && $form->password1->value != '') {
Session::notice(_t('Password changed.'));
$edit_user->password = Utils::crypt($form->password1->value);
$edit_user->update();
}
// Change group membership
if (User::identify()->can('manage_groups')) {
$allgroups = UserGroups::get_all();
$new_groups = $form->user_group_membership->value;
foreach ($allgroups as $group) {
if (!$edit_user->in_group($group) && in_array($group->id, $new_groups)) {
$edit_user->add_to_group($group);
}
if ($edit_user->in_group($group) && !in_array($group->id, $new_groups)) {
$edit_user->remove_from_group($group);
}
}
}
// Set various info fields
$info_fields = array('displayname', 'imageurl', 'locale_tz', 'locale_lang', 'locale_date_format', 'locale_time_format', 'dashboard_hide_spam_count');
// let plugins easily specify other user info fields to pick
$info_fields = Plugins::filter('adminhandler_post_user_fields', $info_fields);
foreach ($info_fields as $info_field) {
if (isset($form->{$info_field}) && $edit_user_info->{$info_field} != $form->{$info_field}->value && !empty($form->{$info_field}->value)) {
$edit_user_info->{$info_field} = $form->{$info_field}->value;
$update = true;
} else {
if (isset($edit_user_info->{$info_field}) && empty($form->{$info_field}->value)) {
unset($edit_user_info->{$info_field});
$update = true;
}
}
}
// Let plugins tell us to update
$update = Plugins::filter('form_user_update', $update, $form, $edit_user);
$form->save();
if ($update) {
$edit_user->update();
Session::notice(_t('User updated.'));
}
Utils::redirect(URL::get('user_profile', array('user' => $edit_user->username)));
}
