From ee99a8ef50a61a5a8d8b001c336536f23a855119 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 7 Nov 2009 19:18:22 -0500 Subject: superclass for adminpanel actions --- lib/adminpanelaction.php | 206 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 206 insertions(+) create mode 100644 lib/adminpanelaction.php (limited to 'lib/adminpanelaction.php') diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php new file mode 100644 index 000000000..2e9261711 --- /dev/null +++ b/lib/adminpanelaction.php @@ -0,0 +1,206 @@ +. + * + * @category UI + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * superclass for admin panel actions + * + * Common code for all admin panel actions. + * + * @category UI + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + * + * @todo Find some commonalities with SettingsAction and combine + */ + +class AdminPanelAction extends Action +{ + var $success = true; + var $msg = null; + + /** + * Prepare for the action + * + * We check to see that the user is logged in, has + * authenticated in this session, and has the right + * to configure the site. + * + * @param array $args Array of arguments from Web driver + * + * @return boolean success flag + */ + + function prepare($args) + { + parent::prepare($args); + + // User must be logged in. + + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + return; + } + + $user = common_current_user(); + + // It must be a "real" login, not saved cookie login + + if (!common_is_real_login()) { + // Cookie theft is too easy; we require automatic + // logins to re-authenticate before admining the site + common_set_returnto($this->selfUrl()); + if (Event::handle('RedirectToLogin', array($this, $user))) { + common_redirect(common_local_url('login'), 303); + } + } + + // User must have the right to change admin settings + + $user = common_current_user(); + + if (!$user->hasRight(Right::CONFIGURESITE)) { + $this->clientError(_('You cannot make changes to this site.')); + return; + } + + return true; + } + + /** + * handle the action + * + * Check session token and try to save the settings if this is a + * POST. Otherwise, show the form. + * + * @param array $args unused. + * + * @return void + */ + + function handle($args) + { + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->checkSessionToken(); + try { + $this->saveSettings(); + + $this->success = true; + $this->msg = _('Settings saved.'); + } catch (Exception $e) { + $this->success = false; + $this->msg = $e->getMessage(); + } + } + $this->showPage(); + } + + /** + * Show the content section of the page + * + * Here, we show the admin panel's form. + * + * @return void. + */ + + function showContent() + { + $this->showForm(); + } + + /** + * show human-readable instructions for the page, or + * a success/failure on save. + * + * @return void + */ + + function showPageNotice() + { + if ($this->msg) { + $this->element('div', ($this->success) ? 'success' : 'error', + $this->msg); + } else { + $inst = $this->getInstructions(); + $output = common_markup_to_html($inst); + + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + } + + /** + * Show the admin panel form + * + * Sub-classes should overload this. + * + * @return void + */ + + function showForm() + { + $this->clientError(_('showForm() not implemented.')); + return; + } + + /** + * Instructions for using this form. + * + * String with instructions for using the form. + * + * Subclasses should overload this. + * + * @return void + */ + + function getInstructions() + { + return ''; + } + + /** + * Save settings from the form + * + * Validate and save the settings from the user. + * + * @return void + */ + + function saveSettings() + { + $this->clientError(_('saveSettings() not implemented.')); + return; + } +} -- cgit v1.2.3-54-g00ecf