From dbeb76f57aab441e5e93dcb1919b0b442c889965 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@sbcglobal.net>
Date: Tue, 4 Oct 2011 14:42:59 -0700
Subject: Add the ability to close user registration.

---
 src/controllers/Users.class.php | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index a5d23fc..27efbcd 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -22,7 +22,12 @@ class Users extends Controller {
 		switch ($method) {
 		case 'POST':
 			// We're POSTing a new user.
-			$this->create_user();
+			if ($this->registrationOpen()) {
+				$this->create_user();
+			} else {
+				$this->showView('users/new-locked', array());
+				exit();
+			}
 			break;
 		case 'HEAD': // fall-through to GET
 		case 'GET':
@@ -61,6 +66,10 @@ class Users extends Controller {
 			$this->showView('users/new-logged-in', array());
 			exit();
 		}
+		if (!$this->registrationOpen()) {
+			$this->showView('users/new-locked', array());
+			exit();
+		}
 		if (!isset($vars['errors'])) $vars['errors'] = array();
 		global $mm; $pm = $mm->pluginManager();
 		$vars['antispam_html'] = $pm->callHook('antispam_html');
@@ -404,4 +413,14 @@ class Users extends Controller {
 		$attribs[] = $this->attrib('auth_name', 'Username');
 		return $attribs;
 	}
+	
+	private function registrationOpen() {
+		global $mm; $db = $mm->database();
+		$val = $db->getSysConf('registration_open');
+		switch ($val) {
+		case 'true': return true;
+		case 'false': return false;
+		default: return true;
+		}
+	}
 }
-- 
cgit v1.2.3


From 2a71bacfc5536279bbc5e238fb6a07c03e85d12d Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Wed, 5 Oct 2011 00:18:51 -0400
Subject: Edit individual.html to allow showing multiple users at once. Add a
 hack to the Users.class controller to show all users for the "all" username. 
 Mark "all" as forbiddent in the Auth.class model.

---
 src/controllers/Users.class.php | 54 +++++++++++++++++++++++++----------------
 1 file changed, 33 insertions(+), 21 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 27efbcd..170d25f 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -77,26 +77,34 @@ class Users extends Controller {
 	}
 	
 	public function individual($routed, $remainder) {
-		$username = implode('/', $remainder);
-		
 		global $mm; // also used for pluginmanager
 		$db = $mm->database();
-		$uid = $db->getUID($username);
-		$user = Auth::getObj($uid);
-		
-		if ($user->isGroup()) $uid = false; // ignore groups.
-		
-		if ($uid===false) {
-			$this->http404($routed, $remainder);
+		$pm = $mm->pluginManager();
+
+		$username = implode('/', $remainder);
+		if ($username == 'all') {
+			$uids = $db->listUsers();
 		} else {
+			$uids = array($db->getUID($username));
+		}
+
+		$vars = array();
+		
+		if (count($uids)<2) {
+			$user = Auth::getObj($uid);
+			
+			if ($user->isGroup()) $uid = false; // ignore groups.
+			
+			if ($uid===false) {
+				$this->http404($routed, $remainder);
+				exit();
+			}
 			if (!$user->canRead()) {
 				$this->http401($routed, $remainder);
 				exit();
 			}
 			
-			$vars = array();
 			$method = $_SERVER['REQUEST_METHOD'];
-			
 			switch ($method) {
 			case 'PUT': $_POST = $_PUT;
 			case 'POST':
@@ -106,19 +114,23 @@ class Users extends Controller {
 				}
 				break;
 			}
-			
-			$config_options = array();
-			$mm->pluginManager()->callHook('userConfig', &$config_options);
-			
-			$vars['config_options'] = $config_options;
-			$vars['user'] = $user;
-			$vars['groups'] = $db->listGroupNames();
-			require_once('ContactMethod.class.php');
-			$this->showView('users/individual', $vars);
 		}
+		
+		$config_options = array();
+		$pm->callHook('userConfig', &$config_options);
+
+		$vars['users'] = array();
+		foreach ($uids as $uid) {
+			$vars['users'][] = Auth::getObj($uid);
+		}
+		$vars['username'] = $username;
+		$vars['config_options'] = $config_options;
+		$vars['groups'] = $db->listGroupNames();
+		require_once('ContactMethod.class.php');
+		$this->showView('users/individual', $vars);
 	}
 	
-	public function http404($routed, $rnemainder) {
+	public function http404($routed, $remainder) {
 		$username = implode('/', $remainder);
 		$this->showView('users/404',
 		                array('username'=>$username));
-- 
cgit v1.2.3


From e99a2ea7e361fdc5bab219bea6d9b967b5df486c Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 00:51:28 -0400
Subject: Add auth_uid as a parameter for forms in the Users controller.

---
 src/controllers/Users.class.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 170d25f..a4403e3 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -359,6 +359,10 @@ class Users extends Controller {
 		$editable = $user->canEdit();
 		
 		switch ($key) {
+		case 'auth_uid':
+			$value = $user->getUID();
+			$editable = false;
+			break;
 		case 'auth_name':
 			$value = $user->getName();
 			break;
@@ -390,6 +394,8 @@ class Users extends Controller {
 		$user = Auth::getObj($uid);
 		
 		switch ($key) {
+		case 'auth_uid':
+			break;
 		case 'auth_name':
 			$user->setName($value);
 			break;
-- 
cgit v1.2.3


From 0fd0403876aacecfde74fca0641530875f09200f Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 03:25:12 -0400
Subject: Move Users->[gs]etConf into a new DB.class.php, add in some wrappers
 for equivalent stuff with plugin and system config.

---
 src/controllers/Users.class.php | 73 +++--------------------------------------
 1 file changed, 5 insertions(+), 68 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index a4403e3..54e4675 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -1,6 +1,7 @@
 <?php
 require_once('Login.class.php');
 require_once('Auth.class.php');
+require_once('DB.class.php');
 
 Router::register('users/new'  , 'Users', 'new_user');
 Router::register('users/index', 'Users', 'index_file');
@@ -188,7 +189,7 @@ class Users extends Controller {
 				$this->showView('users/500');
 			} else {
 				Login::login($username, $password);
-				$this->setConf($uid, 'email', $vars['email']);
+				DB::set('users', $uid, 'email', $vars['email']);
 				$this->showView('users/created',
 				                array('username'=>$username));
 			}
@@ -284,8 +285,7 @@ class Users extends Controller {
 						@$value_base = $old[$uid];
 						$we_changed_it = $value_base != $value;
 						if ($we_changed_it) {
-							$user = Auth::getObj($uid);
-							$value_fork = $this->getConf($user,$key);
+							$value_fork = DB::get('users', $uid, $key);
 							$value_fork = $value_fork['value'];
 							if ($value_fork===false) $value_fork = 'false';
 							if ($value_fork===true)  $value_fork = 'true';
@@ -305,7 +305,7 @@ class Users extends Controller {
 						}
 					}
 					if ($doit) {
-						$this->setConf($uid, $key, $value);
+						DB::set('users', $uid, $key, $value);
 					}
 					if ($forked) {
 						echo "<pre>\n";
@@ -340,79 +340,16 @@ class Users extends Controller {
 		$vars['users'] = array();
 		$uids = $db->listUsers();
 		foreach ($uids as $uid) {
-			$user = Auth::getObj($uid);
 			$vars['users'][$uid] = array();
 			foreach ($vars['attribs'] as $attrib) {
 				$key = $attrib['key'];
-				$props = $this->getConf($user, $key);
+				$props = DB::get('users', $uid, $key);
 				$vars['users'][$uid][$key] = $props;
 			}
 		}
 		$this->showView('users/index', $vars);
 	}
-	
-	private function getConf($user, $key) {
-		$logged_in_user = Auth::getObj(Login::isLoggedIn());
-		$uid = $user->getUID();
-		$post_key = $key."[$uid]";
-		@$value = $_POST[$post_key];
-		$editable = $user->canEdit();
-		
-		switch ($key) {
-		case 'auth_uid':
-			$value = $user->getUID();
-			$editable = false;
-			break;
-		case 'auth_name':
-			$value = $user->getName();
-			break;
-		case 'auth_user':
-			$editable = $editable && $logged_in_user->isAdmin();
-			$value = $user->isUser();
-			break;
-		case 'auth_admin':
-			$editable = $editable && $logged_in_user->isAdmin();
-			$value = $user->isAdmin();
-			break;
-		case 'auth_delete':
-			$editable = $editable && $logged_in_user->isAdmin();
-			$value = false;
-			break;
-		default:
-			$value = $user->getConf($key);
-			if ($value===false) $value='';
-			break;
-		}
 		
-		return array('value'=>$value,
-		             'post_key'=>$post_key,
-		             'editable'=>$editable);
-	}
-	private function setConf($uid, $key, $value) {
-		// So, this rocks because we don't have to check permissions,
-		// the User object does that.
-		$user = Auth::getObj($uid);
-		
-		switch ($key) {
-		case 'auth_uid':
-			break;
-		case 'auth_name':
-			$user->setName($value);
-			break;
-		case 'auth_user':
-			$user->setUser($value=='true');
-			break;
-		case 'auth_admin':
-			$user->setAdmin($value=='true');
-			break;
-		case 'auth_delete':
-			if ($value=='true') $user->delete();
-		default: 
-			$user->setConf($key, $value);
-			break;
-		}
-	}
-	
 	function attrib($key, $name) {
 		return array('key'=>$key, 'name'=>$name);
 	}
-- 
cgit v1.2.3