/**
* View a user's public profile
*/
public function view()
{
$view = $this->getView();
$request = $this->getPageRequest();
$manager = \Core\user()->checkAccess('p:/user/users/manage');
// Current user an admin?
// First argument here will either be the username or user id.
$arg1 = $request->getParameter(0);
$user = UserModel::Construct($arg1);
if (!($user && $user->exists())) {
// Try by username instead.
$match = UserUserConfigModel::Find(array('key' => 'username', 'value' => $arg1), 1);
if (!$match) {
return View::ERROR_NOTFOUND;
}
$user = UserModel::Construct($match->get('user_id'));
}
if (!$user) {
return View::ERROR_NOTFOUND;
}
// If the UA requested the user by ID but the user has a username set, return a 404 as well.
// This should help cut down on scanning attempts for userdata.
if (is_numeric($arg1) && $user->get('username')) {
return View::ERROR_NOTFOUND;
}
// Now see why username needs to not begin with a number? :p
/** @var $user UserModel */
// Only allow this if the user is either the same user or has the user manage permission.
if ($user->get('id') == \Core\user()->get('id') || $manager) {
$editor = true;
} else {
$editor = false;
}
$view->controls = ViewControls::DispatchModel($user);
$view->title = $user->getDisplayName();
$view->assign('user', $user);
$view->assign('profiles', $user->get('external_profiles'));
}
/**
* Shortcut function to dispatch the /core/controllinks hook to request functions for a given subject.
*
* @param string $baseurl The baseurl, (excluding /core/controllinks), of the request
* @param mixed $subject The subject matter of this hook, (if any)
*
* @return string HTML of the <ul/> tag.
*/
public static function DispatchAndFetch($baseurl, $subject){
$links = HookHandler::DispatchHook('/core/controllinks' . $baseurl, $subject);
$controls = new ViewControls();
$controls->addLinks($links);
return $controls->fetch();
}
/**
* Render a UL of control links for a given Model.
*
* Will call the /core/controllinks/{baseurl} hook automatically to retrieve any addon calls.
*
* #### Smarty Parameters
*
* * model
* * Preferred way to use this method, simply pass the model to retrieve the control links from.
* * This MUST be a valid Model and calls the getControlLinks method of that model.
* * baseurl
* * String of the "baseurl" or the model or object to view.
* * This relies on a hook being dispatched on /core/controllinks/{baseurl}.
* * subject
* * If baseurl is requested, this can be an ID, string, object, or anything else that the hook should pass along with the request.
* * hover
* * Set to "0" to disable hover functionality in the UI.
* * proxy-force
* * Set to "0" to disallow a proxy and "1" to force a proxy.
* * proxy-text
* * Set the proxy text to a given value
*
* #### Example Usage
*
* Shortened, inline version of the model controls and the /core/controllinks hook.
* This is the most ideal use of this function.
*
* This version will first query the Model's getControlLinks method,
* then the appropriate /core/controllinks hook for any additional links.
*
* <pre>
* {controls model=$user}
* </pre>
*
* Traditional usage of the controls and the /core/controllinks hook.
*
* <pre>
* {controls baseurl="/user/view" subject="`$user.id`"}
* </pre>
*
* @param array $params Associative (and/or indexed) array of smarty parameters passed in from the template
* @param Smarty $smarty Parent Smarty template object
*
* @throws SmartyException
*
* @return string
*/
function smarty_function_controls($params, $smarty){
if(isset($params['model'])){
// There is a "model" attribute provided, this must be a valid Model object,
// (and is the preferred way of handling this system).
$subject = $params['model'];
if(!$subject instanceof Model){
throw new SmartyException('Only Models can be used with the {controls model=...} syntax!');
}
$controls = ViewControls::DispatchModel($subject);
}
elseif(isset($params['baseurl'])){
// There is a baseurl provided, this does not require a full object and simply a string will suffice.
// Since there is no Model provided, only the registered hooks will be called.
$baseurl = $params['baseurl'];
// They may or may not have subjects.
// The subject is the subject matter of this control link.
$subject = (isset($params['subject'])) ? $params['subject'] : null;
$controls = ViewControls::Dispatch($baseurl, $subject);
}
else{
throw new SmartyException('Unable to get links without a baseurl! Provided Parameters: ' . print_r($params, true));
}
// Other options
if(isset($params['hover'])){
$controls->hovercontext = ($params['hover']);
}
if(isset($params['proxy-force'])){
$controls->setProxyForce($params['proxy-force']);
}
if(isset($params['proxy-text'])){
$controls->setProxyText($params['proxy-text']);
}
// Render out controls.
echo $controls->fetch();
}
/**
* Add an array of controls at once, useful in conjunction with the model->getControlLinks method.
*
* If a Model is provided as the subject, that is used as the subject and all system hooks apply thereof.
*
* @param array|Model $controls
*/
public function addControls($controls){
if($controls instanceof Model){
// Allow a raw Model to be sent in as the control subject.
// This is a shortcut for Controllers much like the {controls} smarty function has.
$this->controls = ViewControls::DispatchModel($controls);
return;
}
foreach($controls as $c){
$this->addControl($c);
}
}
/**
* View to edit the user account, both administratively and from within the user's profile.
*/
public function edit(){
$view = $this->getView();
$req = $this->getPageRequest();
$userid = $req->getParameter(0);
$manager = \Core\user()->checkAccess('p:/user/users/manage'); // Current user an admin?
$groupmanager = \Core\user()->checkAccess('p:/user/groups/manage');
$contextnames = [];
$contexts = [];
$usecontexts = false;
if($userid === null) $userid = \Core\user()->get('id'); // Default to current user.
// Only allow this if the user is either the same user or has the user manage permission.
if(!($userid == \Core\user()->get('id') || $manager)){
\Core\set_message('Insufficient Permissions', 'error');
\core\redirect('/');
}
/** @var UserModel $user */
$user = UserModel::Construct($userid);
if($user) {
$form = \Core\User\Helper::GetEditForm($user);
} else {
\Core\set_message('A user with this ID does not exist');
\Core\go_back();
}
if($groupmanager){
$contextgroups = UserGroupModel::Find(['context != '], null, 'name');
foreach($contextgroups as $group){
/** @var UserGroupModel $group */
$ckey = $group->get('context');
$gkey = $group->get('id');
$contextnames[ $group->get('name') ] = $gkey;
// I need to load *all* those models into the system so they're available to the UI.
$fac = new ModelFactory($ckey . 'Model');
$all = [];
foreach($fac->get() as $m){
/** @var Model $m */
$all[$m->getPrimaryKeyString()] = $m->getLabel();
}
$contexts[$gkey] = $all;
$usecontexts = true;
}
}
$view->controls = ViewControls::DispatchModel($user);
$view->mastertemplate = ConfigHandler::Get('/theme/siteskin/user');
$view->title = 'Editing ' . $user->getDisplayName();
$view->assign('form', $form);
$view->assign('contextnames_json', json_encode($contextnames));
$view->assign('contextnames', $contextnames);
$view->assign('contexts_json', json_encode($contexts));
$view->assign('use_contexts', $usecontexts);
$view->assign('user', $user);
// Breadcrumbs! (based on access permissions)
if($manager){
//$view->addBreadcrumb('User Administration', '/user/admin');
}
}
