diff options
| author | Luke Shumaker <LukeShu@sbcglobal.net> | 2011-10-09 04:00:06 -0400 |
|---|---|---|
| committer | Luke Shumaker <LukeShu@sbcglobal.net> | 2011-10-09 04:00:06 -0400 |
| commit | 38bb3a7c752199ee8f58e16bc784f48a6a600e08 (patch) | |
| tree | 771b6d80fbf4fceb6f708ada6bb7b3838e593d66 /src | |
| parent | f72b9a7658cea71ee1edf4ae678a2c8043d9e5bf (diff) | |
| parent | 0fd0403876aacecfde74fca0641530875f09200f (diff) | |
Merge branch 'master' into concurrent-editing
So, here's the deal:
* The meat of [concurrent-editing]:Form.class got merged into [master]:DB.class
* The string-generation stuff in [concurrent-editing]:Form.class didn't fit
nicely anywhere anymore, so I got rid of it by makeing datatype explicit.
* Users.class: declare datatypes explicitly in attrib()
* index.html.php: use this new explicit data
* style.scss: add a .small, which we can do because of the datatypes thing.
Conflicts:
src/controllers/Users.class.php
Diffstat (limited to 'src')
| -rw-r--r-- | src/controllers/Users.class.php | 154 | ||||
| -rw-r--r-- | src/lib/DB.class.php | 164 | ||||
| -rw-r--r-- | src/lib/Database.class.php | 2 | ||||
| -rw-r--r-- | src/lib/Form.class.php | 57 | ||||
| -rw-r--r-- | src/models/Auth.class.php | 6 | ||||
| -rw-r--r-- | src/views/Template.class.php | 2 | ||||
| -rw-r--r-- | src/views/pages/users/index.html.php | 46 | ||||
| -rw-r--r-- | src/views/pages/users/individual.html.php | 12 | ||||
| -rw-r--r-- | src/views/pages/users/new-locked.html.php | 9 |
9 files changed, 284 insertions, 168 deletions
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php index b8c9244..df00663 100644 --- a/src/controllers/Users.class.php +++ b/src/controllers/Users.class.php @@ -1,6 +1,7 @@ <?php require_once('Login.class.php'); require_once('Auth.class.php'); +require_once('DB.class.php'); Router::register('users/new' , 'Users', 'new_user'); Router::register('users/index', 'Users', 'index_file'); @@ -22,7 +23,12 @@ class Users extends Controller { switch ($method) { case 'POST': // We're POSTing a new user. - $this->create_user(); + if ($this->registrationOpen()) { + $this->create_user(); + } else { + $this->showView('users/new-locked', array()); + exit(); + } break; case 'HEAD': // fall-through to GET case 'GET': @@ -61,6 +67,10 @@ class Users extends Controller { $this->showView('users/new-logged-in', array()); exit(); } + if (!$this->registrationOpen()) { + $this->showView('users/new-locked', array()); + exit(); + } if (!isset($vars['errors'])) $vars['errors'] = array(); global $mm; $pm = $mm->pluginManager(); $vars['antispam_html'] = $pm->callHook('antispam_html'); @@ -68,26 +78,34 @@ class Users extends Controller { } public function individual($routed, $remainder) { - $username = implode('/', $remainder); - global $mm; // also used for pluginmanager $db = $mm->database(); - $uid = $db->getUID($username); - $user = Auth::getObj($uid); - - if ($user->isGroup()) $uid = false; // ignore groups. - - if ($uid===false) { - $this->http404($routed, $remainder); + $pm = $mm->pluginManager(); + + $username = implode('/', $remainder); + if ($username == 'all') { + $uids = $db->listUsers(); } else { + $uids = array($db->getUID($username)); + } + + $vars = array(); + + if (count($uids)<2) { + $user = Auth::getObj($uid); + + if ($user->isGroup()) $uid = false; // ignore groups. + + if ($uid===false) { + $this->http404($routed, $remainder); + exit(); + } if (!$user->canRead()) { $this->http401($routed, $remainder); exit(); } - $vars = array(); $method = $_SERVER['REQUEST_METHOD']; - switch ($method) { case 'PUT': $_POST = $_PUT; case 'POST': @@ -97,19 +115,23 @@ class Users extends Controller { } break; } - - $config_options = array(); - $mm->pluginManager()->callHook('userConfig', &$config_options); - - $vars['config_options'] = $config_options; - $vars['user'] = $user; - $vars['groups'] = $db->listGroupNames(); - require_once('ContactMethod.class.php'); - $this->showView('users/individual', $vars); } + + $config_options = array(); + $pm->callHook('userConfig', &$config_options); + + $vars['users'] = array(); + foreach ($uids as $uid) { + $vars['users'][] = Auth::getObj($uid); + } + $vars['username'] = $username; + $vars['config_options'] = $config_options; + $vars['groups'] = $db->listGroupNames(); + require_once('ContactMethod.class.php'); + $this->showView('users/individual', $vars); } - public function http404($routed, $rnemainder) { + public function http404($routed, $remainder) { $username = implode('/', $remainder); $this->showView('users/404', array('username'=>$username)); @@ -167,7 +189,7 @@ class Users extends Controller { $this->showView('users/500'); } else { Login::login($username, $password); - $this->setConf($uid, 'email', $vars['email']); + DB::set('users', $uid, 'email', $vars['email']); $this->showView('users/created', array('username'=>$username)); } @@ -257,11 +279,8 @@ class Users extends Controller { if (isset($_POST[$key]) && is_array($_POST[$key])) { $old = $_POST['_old'][$key]; foreach ($_POST[$key] as $uid => $value) { - // FIXME - $form->setter = create_function('$k,$v', "return Users::setConf($uid, \$k, \$v)"); - $form->getter = create_function('$k' , "return Users::getConf($uid, \$k)"); - @$value_old = $_POST[$key]; - $set = $form->updateValue($value, $value_old); + @$value_base = $old[$uid]; + $set = DB::set('users', $uid, $key, $value, $value_base); if (is_string($set)) { echo "<pre>\n"; echo "Error: Value changed elsewhere, ". @@ -303,79 +322,22 @@ class Users extends Controller { $vars['users'][$uid] = array(); foreach ($vars['attribs'] as $attrib) { $key = $attrib['key']; - $props = $this->getConf($uid, $key); + $props = DB::get('users', $uid, $key); $vars['users'][$uid][$key] = $props; } } $this->showView('users/index', $vars); } - public static function getConf($uid, $key) { - $user = Auth::getObj($uid); - $logged_in_user = Auth::getObj(Login::isLoggedIn()); - - $post_key = $key."[$uid]"; - @$value = $_POST[$post_key]; - $editable = $user->canEdit(); - - switch ($key) { - case 'auth_name': - $value = $user->getName(); - break; - case 'auth_user': - $editable = $editable && $logged_in_user->isAdmin(); - $value = $user->isUser(); - break; - case 'auth_admin': - $editable = $editable && $logged_in_user->isAdmin(); - $value = $user->isAdmin(); - break; - case 'auth_delete': - $editable = $editable && $logged_in_user->isAdmin(); - $value = false; - break; - default: - $value = $user->getConf($key); - if ($value===false) $value=''; - break; - } - - return array('value'=>$value, - 'post_key'=>$post_key, - 'editable'=>$editable); - } - public static function setConf($uid, $key, $value) { - // So, this rocks because we don't have to check permissions, - // the User object does that. - $user = Auth::getObj($uid); - - switch ($key) { - case 'auth_name': - return $user->setName($value); - break; - case 'auth_user': - return $user->setUser($value=='true'); - break; - case 'auth_admin': - return $user->setAdmin($value=='true'); - break; - case 'auth_delete': - if ($value=='true') return $user->delete(); - default: - return $user->setConf($key, $value); - break; - } - } - - function attrib($key, $name) { - return array('key'=>$key, 'name'=>$name); + function attrib($key, $name, $type='string') { + return array('key'=>$key, 'name'=>$name, 'type'=>$type); } private function getIndexAttribs() { $attribs = array(); - $attribs[] = $this->attrib('auth_user', 'Active'); + $attribs[] = $this->attrib('auth_user', 'Active', 'bool'); if (Auth::getObj(Login::isLoggedIn())->isAdmin()) { - $attribs[] = $this->attrib('auth_admin', 'Admin'); - $attribs[] = $this->attrib('auth_delete', 'Delete'); + $attribs[] = $this->attrib('auth_admin', 'Admin', 'bool'); + $attribs[] = $this->attrib('auth_delete', 'Delete', 'bool'); } $attribs[] = $this->attrib('lastname','Last'); $attribs[] = $this->attrib('firstname','First'); @@ -385,4 +347,14 @@ class Users extends Controller { $attribs[] = $this->attrib('auth_name', 'Username'); return $attribs; } + + private function registrationOpen() { + global $mm; $db = $mm->database(); + $val = $db->getSysConf('registration_open'); + switch ($val) { + case 'true': return true; + case 'false': return false; + default: return true; + } + } } diff --git a/src/lib/DB.class.php b/src/lib/DB.class.php new file mode 100644 index 0000000..5954726 --- /dev/null +++ b/src/lib/DB.class.php @@ -0,0 +1,164 @@ +<?php + +require_once('Auth.class.php'); +require_once('Login.class.php'); + +class DB { + public static function set($table, $unit, $key, $value, $orig_value) { + $value_base = $orig_value; + + $doit = true; + $forked = false; + $have_old = ($value_base!==null); + if ($have_old) { + $we_changed_it = $value_base != $value; + if ($we_changed_it) { + $value_fork = $this->getConfString($key); + $someone_else_changed_it = + $value_fork != $value_base; + if ($someone_else_changed_it) { + if ($value == $value_fork) { + // we might as well not have + $we_changed_it = false; + } else { + $forked = true; + } + } + } + if (!$we_changed_it) { + $doit = false;// nothing to do + } + } + if ($doit) { + return $this->setConf($key, $value); + } + if ($forked) { + return $value_fork; + } + } + + public static function get($table, $unit, $key) { + switch ($table) { + case 'conf': + case 'plugins': + return self::admin_get($unit, $key); + break; + case 'users': + return self::user_get($unit, $key); + break; + default: + return false; + } + } + public static function raw_set($table, $unit, $key, $value) { + switch ($table) { + case 'conf': + case 'plugins': + return self::admin_get($unit, $key, $value); + break; + case 'users': + return self::user_set($unit, $key, $value); + break; + default: + return false; + } + } + + private static function user_get($uid, $key) { + $user = Auth::getObj($uid); + $logged_in_user = Auth::getObj(Login::isLoggedIn()); + + $post_key = $key."[$uid]"; + @$value = $_POST[$post_key]; + $editable = $user->canEdit(); + + switch ($key) { + case 'auth_uid': + $value = $user->getUID(); + $editable = false; + break; + case 'auth_name': + $value = $user->getName(); + break; + case 'auth_user': + $editable = $editable && $logged_in_user->isAdmin(); + $value = $user->isUser()?'true':'false'; + break; + case 'auth_admin': + $editable = $editable && $logged_in_user->isAdmin(); + $value = $user->isAdmin()?'true':'false'; + break; + case 'auth_delete': + $editable = $editable && $logged_in_user->isAdmin(); + $value = 'false'; + break; + default: + $value = $user->getConf($key); + if ($value===false) $value=''; + break; + } + + return array('value'=>$value, + 'post_key'=>$post_key, + 'editable'=>$editable); + } + private static function user_set($uid, $key, $value) { + $user = Auth::getObj($uid); + + switch ($key) { + case 'auth_uid': + return false; + break; + case 'auth_name': + return $user->setName($value); + break; + case 'auth_user': + return $user->setUser($value=='true'); + break; + case 'auth_admin': + return $user->setAdmin($value=='true'); + break; + case 'auth_delete': + if ($value=='true') return $user->delete(); + default: + return $user->setConf($key, $value); + break; + } + } + + private static function admin_get($plugin, $key) { + global $mm; $db = $mm->database(); + $user = Auth::getObj(Login::isLoggedIn()); + if ($user->isAdmin()) { + $editable = true; + switch ($plugin) { + case 'system': + $value = $db->getSysConf($key); + break; + default: + $value = $db->getPluginConf($plugin, $key); + break; + } + } else { + $editable = false; + $value = false; + } + + return array('value'=>$value, + 'post_key'=>'to be implemented',// FIXME + 'editable'=>$editable); + } + private static function admin_set($plugin, $key, $value) { + global $mm; $db = $mm->database(); + $user = Auth::getObj(Login::isLoggedIn()); + if (!$user->isAdmin()) { + return false; + } + switch ($plugin) { + case 'system': + return $db->setSysConf($key, $value); + default: + return $db->setPluginConf($plugin, $key, $value); + } + } +} diff --git a/src/lib/Database.class.php b/src/lib/Database.class.php index ab56d09..13d9559 100644 --- a/src/lib/Database.class.php +++ b/src/lib/Database.class.php @@ -396,4 +396,4 @@ class Database { return $out_list; } -}
\ No newline at end of file +} diff --git a/src/lib/Form.class.php b/src/lib/Form.class.php deleted file mode 100644 index 725bac5..0000000 --- a/src/lib/Form.class.php +++ /dev/null @@ -1,57 +0,0 @@ -<?php - -require_once('Auth.class.php'); - -class Form { - public $getter = null; - public $setter = null; - public function __constructor($get, $set) { - $this->getter = $get; - $this->setter = $set; - } - private function getConf($key) { - call_user_func($getter, $key); - } - public function setConf($key, $value) { - call_user_func($setter, $key, $value); - } - private function getConfString($key) { - $raw = $this->getConf($key); - $value = $raw['value']; - if ($value===false) return 'false'; - if ($value===true) return 'true'; - return $value; - } - - public function updateValue($value, $value_base=null) { - $doit = true; - $forked = false; - $have_old = ($value_base!==null); - if ($have_old) { - @$value_base = $old[$uid]; - $we_changed_it = $value_base != $value; - if ($we_changed_it) { - $value_fork = $this->getConfString($key); - $someone_else_changed_it = - $value_fork != $value_base; - if ($someone_else_changed_it) { - if ($value == $value_fork) { - // we might as well not have - $we_changed_it = false; - } else { - $forked = true; - } - } - } - if (!$we_changed_it) { - $doit = false;// nothing to do - } - } - if ($doit) { - return $this->setConf($key, $value); - } - if ($forked) { - return $value_fork; - } - } -} diff --git a/src/models/Auth.class.php b/src/models/Auth.class.php index 25570bf..b51aef9 100644 --- a/src/models/Auth.class.php +++ b/src/models/Auth.class.php @@ -26,12 +26,12 @@ class Auth { // Current rules: // * Not in "$illegal_names" // * Does not contain '.' - // * Less <256 characters - $illegal_names = array('', 'new', 'index'); + // * Fewer than 256 characters + $illegal_names = array('', 'new', 'index', 'all'); return true && (!in_array($name, $illegal_names)) && (strpos($name,'.')===false) - && (strlen($name)<=256); + && (strlen($name)<256); } protected $db = null; diff --git a/src/views/Template.class.php b/src/views/Template.class.php index 663ec05..bf57e93 100644 --- a/src/views/Template.class.php +++ b/src/views/Template.class.php @@ -138,7 +138,7 @@ class Template { $str.= $this->tag('title', array(), htmlspecialchars($title)); $str.= $this->css('style.css', 'all'); $str.= $this->css('screen.css', 'screen'); - $str.= $this->css('logo-style.css', 'screen'); + $str.= $this->css('print.css', 'print'); $str.= $this->closeTag('head'); $body_class = 'logged'.($logged_in?'in':'out'); diff --git a/src/views/pages/users/index.html.php b/src/views/pages/users/index.html.php index 7f51592..daed9f7 100644 --- a/src/views/pages/users/index.html.php +++ b/src/views/pages/users/index.html.php @@ -13,14 +13,35 @@ $t->openTag('form', array('action'=>$t->url('users/index'), $t->tag('input', array('type'=>'submit', 'value'=>'Save/Update')); -$t->openTag('table'); +$t->openTag('table', array('class'=>'sortable', 'id'=>'bar')); +$t->openTag('thead'); $t->openTag('tr'); foreach ($attribs as $attrib) { - $t->tag('th', array(), $attrib['name']); + switch ($attrib['type']) { + case 'bool': $class = 'small'; break; + default: $class = ''; break; + } + $t->tag('th', array('class'=>$class), $attrib['name']); } -$t->tag('th'); +$t->tag('th', array(), '-'); $t->closeTag('tr'); +$t->closeTag('thead'); + +$t->openTag('tfoot'); +$t->openTag('tr'); +foreach ($attribs as $attrib) { + switch ($attrib['type']) { + case 'bool': $class = 'small'; break; + default: $class = ''; break; + } + $t->tag('th', array('class'=>$class), $attrib['name']); +} +$t->tag('th', array(), '-'); +$t->closeTag('tr'); +$t->closeTag('tfoot'); + +$t->openTag('tbody'); foreach ($users as $user) { $t->openTag('tr'); @@ -29,11 +50,15 @@ foreach ($users as $user) { $t->openTag('td'); $props = $user[$attrib['key']]; - - $value = $props['value']; + + $bool = $attrib['type']=='bool'; + if ($bool) { + $value = $props['value']=='true'; + } else { + $value = $props['value']; + } $editable = $props['editable']; $post_key = $props['post_key']; - $bool = is_bool($value); $arr = array('name'=>$post_key); if (!$editable) { @@ -48,6 +73,7 @@ foreach ($users as $user) { $arr['value'] = 'true'; $arr['type'] = 'checkbox'; } else { + $t->tag('span', array('class'=>'cell_width'), $value); $arr['value'] = $value; $arr['type'] = 'text'; } @@ -66,13 +92,7 @@ foreach ($users as $user) { $t->closeTag('tr'); } -$t->openTag('tr'); -foreach ($attribs as $attrib) { - $t->tag('th', array(), $attrib['name']); -} -$t->tag('th'); -$t->closeTag('tr'); - +$t->closeTag('tbody'); $t->closeTag('table'); $t->tag('input', array('type'=>'submit', diff --git a/src/views/pages/users/individual.html.php b/src/views/pages/users/individual.html.php index 5722977..39360b7 100644 --- a/src/views/pages/users/individual.html.php +++ b/src/views/pages/users/individual.html.php @@ -1,6 +1,7 @@ <?php global $VARS, $CONTACT_METHODS; $t = $VARS['template']; -$user = $VARS['user']; +$users = $VARS['users']; +$username = $VARS['username']; function inputText($user, $key, $label, $hint='') { global $VARS; $t = $VARS['template']; @@ -56,8 +57,14 @@ function inputField($user, $arr) { //////////////////////////////////////////////////////////////////////////////// +if (count($users)>1) { + $t->header("Users: $username"); +} else { + $t->header("User: $username"); +} + +foreach($users as $user) { $username = $user->getName(); -$t->header("Users: $username"); $t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User <q>$username</q> (UID: ".$user->getUID().")"); @@ -136,4 +143,5 @@ if ($user->canEdit()) { $t->tag('input', array('type'=>'submit', 'value'=>'Save')); } $t->closeTag('form'); +} $t->footer(); diff --git a/src/views/pages/users/new-locked.html.php b/src/views/pages/users/new-locked.html.php new file mode 100644 index 0000000..dc7ad0d --- /dev/null +++ b/src/views/pages/users/new-locked.html.php @@ -0,0 +1,9 @@ +<?php global $VARS; +$t = $VARS['template']; + +$t->status('403 Forbidden'); +$t->header('Create new user'); + +$t->paragraph("Sorry, new user registration is disabled."); + +$t->footer(); |