From 2a71bacfc5536279bbc5e238fb6a07c03e85d12d Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Wed, 5 Oct 2011 00:18:51 -0400 Subject: Edit individual.html to allow showing multiple users at once. Add a hack to the Users.class controller to show all users for the "all" username. Mark "all" as forbiddent in the Auth.class model. --- src/controllers/Users.class.php | 54 +++++++++++++++++++------------ src/models/Auth.class.php | 6 ++-- src/views/pages/users/individual.html.php | 12 +++++-- 3 files changed, 46 insertions(+), 26 deletions(-) diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php index 27efbcd..170d25f 100644 --- a/src/controllers/Users.class.php +++ b/src/controllers/Users.class.php @@ -77,26 +77,34 @@ class Users extends Controller { } public function individual($routed, $remainder) { - $username = implode('/', $remainder); - global $mm; // also used for pluginmanager $db = $mm->database(); - $uid = $db->getUID($username); - $user = Auth::getObj($uid); - - if ($user->isGroup()) $uid = false; // ignore groups. - - if ($uid===false) { - $this->http404($routed, $remainder); + $pm = $mm->pluginManager(); + + $username = implode('/', $remainder); + if ($username == 'all') { + $uids = $db->listUsers(); } else { + $uids = array($db->getUID($username)); + } + + $vars = array(); + + if (count($uids)<2) { + $user = Auth::getObj($uid); + + if ($user->isGroup()) $uid = false; // ignore groups. + + if ($uid===false) { + $this->http404($routed, $remainder); + exit(); + } if (!$user->canRead()) { $this->http401($routed, $remainder); exit(); } - $vars = array(); $method = $_SERVER['REQUEST_METHOD']; - switch ($method) { case 'PUT': $_POST = $_PUT; case 'POST': @@ -106,19 +114,23 @@ class Users extends Controller { } break; } - - $config_options = array(); - $mm->pluginManager()->callHook('userConfig', &$config_options); - - $vars['config_options'] = $config_options; - $vars['user'] = $user; - $vars['groups'] = $db->listGroupNames(); - require_once('ContactMethod.class.php'); - $this->showView('users/individual', $vars); } + + $config_options = array(); + $pm->callHook('userConfig', &$config_options); + + $vars['users'] = array(); + foreach ($uids as $uid) { + $vars['users'][] = Auth::getObj($uid); + } + $vars['username'] = $username; + $vars['config_options'] = $config_options; + $vars['groups'] = $db->listGroupNames(); + require_once('ContactMethod.class.php'); + $this->showView('users/individual', $vars); } - public function http404($routed, $rnemainder) { + public function http404($routed, $remainder) { $username = implode('/', $remainder); $this->showView('users/404', array('username'=>$username)); diff --git a/src/models/Auth.class.php b/src/models/Auth.class.php index 25570bf..b51aef9 100644 --- a/src/models/Auth.class.php +++ b/src/models/Auth.class.php @@ -26,12 +26,12 @@ class Auth { // Current rules: // * Not in "$illegal_names" // * Does not contain '.' - // * Less <256 characters - $illegal_names = array('', 'new', 'index'); + // * Fewer than 256 characters + $illegal_names = array('', 'new', 'index', 'all'); return true && (!in_array($name, $illegal_names)) && (strpos($name,'.')===false) - && (strlen($name)<=256); + && (strlen($name)<256); } protected $db = null; diff --git a/src/views/pages/users/individual.html.php b/src/views/pages/users/individual.html.php index c630515..39360b7 100644 --- a/src/views/pages/users/individual.html.php +++ b/src/views/pages/users/individual.html.php @@ -1,6 +1,7 @@ 1) { + $t->header("Users: $username"); +} else { + $t->header("User: $username"); +} + +foreach($users as $user) { $username = $user->getName(); -$t->header("User: $username"); $t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User $username (UID: ".$user->getUID().")"); @@ -136,4 +143,5 @@ if ($user->canEdit()) { $t->tag('input', array('type'=>'submit', 'value'=>'Save')); } $t->closeTag('form'); +} $t->footer(); -- cgit v1.2.3