From ee99a8ef50a61a5a8d8b001c336536f23a855119 Mon Sep 17 00:00:00 2001
From: Evan Prodromou <evan@status.net>
Date: Sat, 7 Nov 2009 19:18:22 -0500
Subject: superclass for adminpanel actions

---
 lib/adminpanelaction.php | 206 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 206 insertions(+)
 create mode 100644 lib/adminpanelaction.php

(limited to 'lib')

diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php
new file mode 100644
index 000000000..2e9261711
--- /dev/null
+++ b/lib/adminpanelaction.php
@@ -0,0 +1,206 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Superclass for admin panel actions
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category  UI
+ * @package   StatusNet
+ * @author    Evan Prodromou <evan@status.net>
+ * @copyright 2009 StatusNet, Inc.
+ * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link      http://status.net/
+ */
+
+if (!defined('STATUSNET')) {
+    exit(1);
+}
+
+/**
+ * superclass for admin panel actions
+ *
+ * Common code for all admin panel actions.
+ *
+ * @category UI
+ * @package  StatusNet
+ * @author   Evan Prodromou <evan@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link     http://status.net/
+ *
+ * @todo Find some commonalities with SettingsAction and combine
+ */
+
+class AdminPanelAction extends Action
+{
+    var $success = true;
+    var $msg     = null;
+
+    /**
+     * Prepare for the action
+     *
+     * We check to see that the user is logged in, has
+     * authenticated in this session, and has the right
+     * to configure the site.
+     *
+     * @param array $args Array of arguments from Web driver
+     *
+     * @return boolean success flag
+     */
+
+    function prepare($args)
+    {
+        parent::prepare($args);
+
+        // User must be logged in.
+
+        if (!common_logged_in()) {
+            $this->clientError(_('Not logged in.'));
+            return;
+        }
+
+        $user = common_current_user();
+
+        // It must be a "real" login, not saved cookie login
+
+        if (!common_is_real_login()) {
+            // Cookie theft is too easy; we require automatic
+            // logins to re-authenticate before admining the site
+            common_set_returnto($this->selfUrl());
+            if (Event::handle('RedirectToLogin', array($this, $user))) {
+                common_redirect(common_local_url('login'), 303);
+            }
+        }
+
+        // User must have the right to change admin settings
+
+        $user = common_current_user();
+
+        if (!$user->hasRight(Right::CONFIGURESITE)) {
+            $this->clientError(_('You cannot make changes to this site.'));
+            return;
+        }
+
+        return true;
+    }
+
+    /**
+     * handle the action
+     *
+     * Check session token and try to save the settings if this is a
+     * POST. Otherwise, show the form.
+     *
+     * @param array $args unused.
+     *
+     * @return void
+     */
+
+    function handle($args)
+    {
+        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+            $this->checkSessionToken();
+            try {
+                $this->saveSettings();
+
+                $this->success = true;
+                $this->msg     = _('Settings saved.');
+            } catch (Exception $e) {
+                $this->success = false;
+                $this->msg     = $e->getMessage();
+            }
+        }
+        $this->showPage();
+    }
+
+    /**
+     * Show the content section of the page
+     *
+     * Here, we show the admin panel's form.
+     *
+     * @return void.
+     */
+
+    function showContent()
+    {
+        $this->showForm();
+    }
+
+    /**
+     * show human-readable instructions for the page, or
+     * a success/failure on save.
+     *
+     * @return void
+     */
+
+    function showPageNotice()
+    {
+        if ($this->msg) {
+            $this->element('div', ($this->success) ? 'success' : 'error',
+                           $this->msg);
+        } else {
+            $inst   = $this->getInstructions();
+            $output = common_markup_to_html($inst);
+
+            $this->elementStart('div', 'instructions');
+            $this->raw($output);
+            $this->elementEnd('div');
+        }
+    }
+
+    /**
+     * Show the admin panel form
+     *
+     * Sub-classes should overload this.
+     *
+     * @return void
+     */
+
+    function showForm()
+    {
+        $this->clientError(_('showForm() not implemented.'));
+        return;
+    }
+
+    /**
+     * Instructions for using this form.
+     *
+     * String with instructions for using the form.
+     *
+     * Subclasses should overload this.
+     *
+     * @return void
+     */
+
+    function getInstructions()
+    {
+        return '';
+    }
+
+    /**
+     * Save settings from the form
+     *
+     * Validate and save the settings from the user.
+     *
+     * @return void
+     */
+
+    function saveSettings()
+    {
+        $this->clientError(_('saveSettings() not implemented.'));
+        return;
+    }
+}
-- 
cgit v1.2.3-54-g00ecf