Add a new event: CanUserChangeField

author: Craig Andrews <candrews@integralblue.com> 2009-11-09 17:43:37 -0500
committer: Craig Andrews <candrews@integralblue.com> 2009-11-09 17:43:37 -0500
commit: 3be120571446880cb71a57845204b3213e6df67e (patch)
tree: 1699a4cb46af0e7b8a1edcd009f9554893668e85
parent: 22310d17a4886d5382832caee43da0bcf7914419 (diff)
4 files changed, 49 insertions, 15 deletions
diff --git a/EVENTS.txt b/EVENTS.txt
index 25a51516b..c3fe73134 100644
--- a/EVENTS.txt
+++ b/EVENTS.txt
@@ -489,6 +489,10 @@ ChangePassword: Handle a password change request
 - $newpassword: the desired new password
 - &$errormsg: set this to an error message if the password could not be changed. If the password was changed, leave this as false
 
+CanUserChangeField: Determines if a user is allowed to change a specific profile field
+- $nickname: nickname of the user who would like to know which of their profile fields are mutable
+- $field: name of the field the user wants to change (nickname, fullname, password, avatar, etc)
+
 UserDeleteRelated: Specify additional tables to delete entries from when deleting users
 - $user: User object
 - &$related: array of DB_DataObject class names to delete entries on matching user_id.
diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php
index 6658d279f..15539d4a0 100644
--- a/actions/passwordsettings.php
+++ b/actions/passwordsettings.php
@@ -58,6 +58,19 @@ class PasswordsettingsAction extends AccountSettingsAction
         return _('Change password');
     }
 
+    function prepare($args){
+        parent::prepare($args);
+
+        $user = common_current_user();
+
+        Event::handle('CanUserChangeField', array($user->nickname, 'password'));
+
+        if(! $fields['password']){
+            //user is not allowed to change his password
+            $this->clientError(_('You are not allowed to change your password'));
+        }
+    }
+
     /**
      * Instructions for use
      *
@@ -86,6 +99,7 @@ class PasswordsettingsAction extends AccountSettingsAction
     function showContent()
     {
         $user = common_current_user();
+
         $this->elementStart('form', array('method' => 'POST',
                                           'id' => 'form_password',
                                           'class' => 'form_settings',
diff --git a/lib/accountsettingsaction.php b/lib/accountsettingsaction.php
index a004a3ed9..9865e1748 100644
--- a/lib/accountsettingsaction.php
+++ b/lib/accountsettingsaction.php
@@ -102,26 +102,31 @@ class AccountSettingsNav extends Widget
         $this->action->elementStart('ul', array('class' => 'nav'));
 
         if (Event::handle('StartAccountSettingsNav', array(&$this->action))) {
+            $user = common_current_user();
 
-            $menu =
-              array('profilesettings' =>
+            $menu = array();
+            $menu['profilesettings'] =
                     array(_('Profile'),
-                          _('Change your profile settings')),
-                    'avatarsettings' =>
-                    array(_('Avatar'),
-                          _('Upload an avatar')),
-                    'passwordsettings' =>
-                    array(_('Password'),
-                          _('Change your password')),
-                    'emailsettings' =>
+                          _('Change your profile settings'));
+            if(Event::handle('CanUserChangeField', array($user->nickname, 'avatar'))){
+                $menu['avatarsettings'] =
+                        array(_('Avatar'),
+                              _('Upload an avatar'));
+            }
+            if(Event::handle('CanUserChangeField', array($user->nickname, 'password'))){
+                $menu['passwordsettings'] =
+                        array(_('Password'),
+                              _('Change your password'));
+            }
+            $menu['emailsettings'] =
                     array(_('Email'),
-                          _('Change email handling')),
-                    'userdesignsettings' =>
+                          _('Change email handling'));
+            $menu['userdesignsettings'] =
                     array(_('Design'),
-                          _('Design your profile')),
-                    'othersettings' =>
+                          _('Design your profile'));
+            $menu['othersettings'] =
                     array(_('Other'),
-                          _('Other options')));
+                          _('Other options'));
 
             foreach ($menu as $menuaction => $menudesc) {
                 $this->action->menuItem(common_local_url($menuaction),
diff --git a/plugins/Ldap/LdapPlugin.php b/plugins/Ldap/LdapPlugin.php
index 755562f54..3795ffd7f 100644
--- a/plugins/Ldap/LdapPlugin.php
+++ b/plugins/Ldap/LdapPlugin.php
@@ -102,4 +102,15 @@ class LdapPlugin extends Plugin
         //return false, indicating that the event has been handled
         return false;
     }
+
+    function onCanUserChangeField($nickname, $field)
+    {
+        switch($field)
+        {
+            case 'password':
+            case 'nickname':
+            case 'email':
+                return false;
+        }
+    }
 }
author	Craig Andrews <candrews@integralblue.com>	2009-11-09 17:43:37 -0500
committer	Craig Andrews <candrews@integralblue.com>	2009-11-09 17:43:37 -0500
commit	3be120571446880cb71a57845204b3213e6df67e (patch)
tree	1699a4cb46af0e7b8a1edcd009f9554893668e85
parent	22310d17a4886d5382832caee43da0bcf7914419 (diff)