1<?php 2/* 3 * Gallery - a web based photo album viewer and editor 4 * Copyright (C) 2000-2008 Bharat Mediratta 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; either version 2 of the License, or (at 9 * your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, but 12 * WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. 19 */ 20 21/** 22 * This controller will handle changes made to an user 23 * @package GalleryCore 24 * @subpackage UserInterface 25 * @author Bharat Mediratta <bharat@menalto.com> 26 * @version $Revision: 17580 $ 27 */ 28class AdminEditUserController extends GalleryController { 29 30 /** 31 * @see GalleryController::handleRequest 32 */ 33 function handleRequest($form) { 34 $ret = GalleryCoreApi::assertUserIsSiteAdministrator(); 35 if ($ret) { 36 return array($ret, null); 37 } 38 39 $results = $status = $error = array(); 40 41 $userId = GalleryUtilities::getRequestVariables('userId'); 42 list ($ret, $user) = GalleryCoreApi::loadEntitiesById($userId, 'GalleryUser'); 43 if ($ret) { 44 return array($ret, null); 45 } 46 47 /* We treat anonymous users differently, so see if we're editing the anonymous user */ 48 list ($ret, $anonymousUserId) = 49 GalleryCoreApi::getPluginParameter('module', 'core', 'id.anonymousUser'); 50 if ($ret) { 51 return array($ret, null); 52 } 53 $isAnonymous = ($userId == $anonymousUserId); 54 55 if (isset($form['action']['cancel'])) { 56 57 /* Redirect back to the AdminUsers view */ 58 $redirect['view'] = 'core.SiteAdmin'; 59 $redirect['subView'] = 'core.AdminUsers'; 60 61 } else if (isset($form['action']['undo'])) { 62 63 /* Redirect back to the same view to reset the form */ 64 $redirect['view'] = 'core.SiteAdmin'; 65 $redirect['subView'] = 'core.AdminEditUser'; 66 $redirect['userId'] = $userId; 67 68 } else if (isset($form['action']['save'])) { 69 /* Validate our data before we continue. */ 70 71 /* username is required and might conflict */ 72 if (empty($form['userName'])) { 73 $error[] = 'form[error][userName][missing]'; 74 } 75 76 if (!empty($form['userName'])) { 77 list ($ret, $tmpUser) = GalleryCoreApi::fetchUserByUsername($form['userName']); 78 if ($ret && !($ret->getErrorCode() & ERROR_MISSING_OBJECT)) { 79 return array($ret, null); 80 } 81 82 if (!empty($tmpUser) && $tmpUser->getId() != $userId) { 83 $error[] = 'form[error][userName][duplicate]'; 84 } 85 } 86 87 /* full name is optional for everybody */ 88 89 /* language is optional for everybody */ 90 91 /* email is suggested, but optional for administrator edits */ 92 if (!empty($form['email'])) { 93 $form['email'] = trim($form['email']); 94 if (!GalleryUtilities::isValidEmailString($form['email'])) { 95 $error[] = 'form[error][email][invalid]'; 96 } 97 } 98 99 if (!$isAnonymous) { 100 if ($form['password1'] != $form['password2']) { 101 $error[] = 'form[error][password2][mismatch]'; 102 } 103 } 104 105 if (isset($form['action']['resetFailedLogins'])) { 106 $ret = GalleryCoreApi::removeMapEntry( 107 'FailedLoginsMap', array('userName' => $user->getUserName())); 108 if ($ret) { 109 return array($ret, null); 110 } 111 } 112 113 /* If all the right fields are in place then go ahead and modify the user. */ 114 if (empty($error)) { 115 list ($ret, $lockId) = GalleryCoreApi::acquireWriteLock($user->getId()); 116 if ($ret) { 117 return array($ret, null); 118 } 119 120 list ($ret, $user) = $user->refresh(); 121 if ($ret) { 122 return array($ret, null); 123 } 124 125 $user->setUserName(trim($form['userName'])); 126 $user->setFullname(trim($form['fullName'])); 127 $user->setLocked(!empty($form['locked']) ? 1 : 0); 128 if (!$isAnonymous) { 129 $user->setEmail($form['email']); 130 $user->setLanguage($form['language']); 131 if (!empty($form['password1'])) { 132 GalleryUtilities::unsanitizeInputValues($form['password1'], false); 133 $user->changePassword($form['password1']); 134 } 135 } 136 137 $ret = $user->save(); 138 if ($ret) { 139 return array($ret, null); 140 } 141 142 $ret = GalleryCoreApi::releaseLocks($lockId); 143 if ($ret) { 144 return array($ret, null); 145 } 146 147 /* Request a redirect to the confirmation screen */ 148 $redirect['view'] = 'core.SiteAdmin'; 149 $redirect['subView'] = 'core.AdminUsers'; 150 $status['modifiedUser'] = $user->getUserName(); 151 } 152 } 153 154 if (!empty($redirect)) { 155 $results['redirect'] = $redirect; 156 } else { 157 $results['delegate']['view'] = 'core.SiteAdmin'; 158 $results['delegate']['subView'] = 'core.AdminEditUser'; 159 } 160 $results['status'] = $status; 161 $results['error'] = $error; 162 163 return array(null, $results); 164 } 165} 166 167/** 168 * This view will show a form to change user options 169 */ 170class AdminEditUserView extends GalleryView { 171 172 /** 173 * @see GalleryView::loadTemplate 174 */ 175 function loadTemplate(&$template, &$form) { 176 global $gallery; 177 178 $ret = GalleryCoreApi::assertUserIsSiteAdministrator(); 179 if ($ret) { 180 return array($ret, null); 181 } 182 183 $userId = GalleryUtilities::getRequestVariables('userId'); 184 list ($ret, $user) = GalleryCoreApi::loadEntitiesById($userId, 'GalleryUser'); 185 if ($ret) { 186 return array($ret, null); 187 } 188 189 list ($ret, $isAdmin) = GalleryCoreApi::isUserInSiteAdminGroup($userId); 190 if ($ret) { 191 return array($ret, null); 192 } 193 194 /* Load the form with user data the first time around. */ 195 if ($form['formName'] != 'AdminEditUser') { 196 $form['userName'] = $user->getUserName(); 197 $form['fullName'] = $user->getFullName(); 198 $form['email'] = $user->getEmail(); 199 $form['language'] = $user->getLanguage(); 200 $form['formName'] = 'AdminEditUser'; 201 $form['locked'] = $user->isLocked(); 202 } 203 204 /* Email is not required for the anonymous user */ 205 list ($ret, $anonymousUserId) = 206 GalleryCoreApi::getPluginParameter('module', 'core', 'id.anonymousUser'); 207 if ($ret) { 208 return array($ret, null); 209 } 210 211 $show['email'] = ($userId != $anonymousUserId); 212 $show['language'] = ($userId != $anonymousUserId); 213 $show['password'] = ($userId != $anonymousUserId); 214 215 /* Only show the lock option if the user being edited is not an admin */ 216 $show['locked'] = !$isAdmin; 217 218 if ($show['language']) { 219 /* Set up our language selection list */ 220 list ($ret, $module) = GalleryCoreApi::loadPlugin('module', 'core'); 221 if ($ret) { 222 return array($ret, null); 223 } 224 225 $languageList = array(); 226 $languageList[''] = $module->translate('<none>'); 227 $supportedLanguages = GalleryCoreApi::getSupportedLanguages(); 228 foreach ($supportedLanguages as $language => $countryList) { 229 foreach ($countryList as $country => $languageData) { 230 $languageList[$language . '_' . $country] = $languageData['description']; 231 } 232 } 233 } 234 235 list ($ret, $searchResults) = GalleryCoreApi::getMapEntry( 236 'FailedLoginsMap', 237 array('count'), 238 array('userName' => $user->getUserName())); 239 if ($ret) { 240 return array($ret, null); 241 } 242 243 if ($searchResults->resultCount() > 0) { 244 $result = $searchResults->nextResult(); 245 $failedLoginCount = $result[0]; 246 } else { 247 $failedLoginCount = 0; 248 } 249 250 $AdminEditUser = array(); 251 $AdminEditUser['show'] = $show; 252 $AdminEditUser['user'] = (array)$user; 253 $AdminEditUser['failedLoginCount'] = $failedLoginCount; 254 if (isset($languageList)) { 255 $AdminEditUser['languageList'] = $languageList; 256 } 257 258 $template->setVariable('AdminEditUser', $AdminEditUser); 259 $template->setVariable('controller', 'core.AdminEditUser'); 260 return array(null, array('body' => 'modules/core/templates/AdminEditUser.tpl')); 261 } 262} 263?> 264