summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/Controller/User.php58
-rw-r--r--app/Controller/UserCreationController.php83
-rw-r--r--app/ServiceProvider/AuthenticationProvider.php3
-rw-r--r--app/Template/user/create_local.php53
-rw-r--r--app/Template/user/create_remote.php55
-rw-r--r--app/Template/user/index.php6
-rw-r--r--app/Template/user/layout.php12
-rw-r--r--app/Template/user_creation/local.php45
-rw-r--r--app/Template/user_creation/remote.php50
-rw-r--r--tests/units/Helper/UserHelperTest.php4
10 files changed, 191 insertions, 178 deletions
diff --git a/app/Controller/User.php b/app/Controller/User.php
index 11a7a01e..190acb61 100644
--- a/app/Controller/User.php
+++ b/app/Controller/User.php
@@ -3,9 +3,7 @@
namespace Kanboard\Controller;
use Kanboard\Core\Controller\PageNotFoundException;
-use Kanboard\Notification\Mail as MailNotification;
use Kanboard\Model\Project as ProjectModel;
-use Kanboard\Core\Security\Role;
/**
* User controller
@@ -56,62 +54,6 @@ class User extends BaseController
}
/**
- * Display a form to create a new user
- *
- * @access public
- * @param array $values
- * @param array $errors
- */
- public function create(array $values = array(), array $errors = array())
- {
- $is_remote = $this->request->getIntegerParam('remote') == 1 || (isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1);
-
- $this->response->html($this->helper->layout->app($is_remote ? 'user/create_remote' : 'user/create_local', array(
- 'timezones' => $this->timezone->getTimezones(true),
- 'languages' => $this->language->getLanguages(true),
- 'roles' => $this->role->getApplicationRoles(),
- 'projects' => $this->project->getList(),
- 'errors' => $errors,
- 'values' => $values + array('role' => Role::APP_USER),
- 'title' => t('New user')
- )));
- }
-
- /**
- * Validate and save a new user
- *
- * @access public
- */
- public function save()
- {
- $values = $this->request->getValues();
- list($valid, $errors) = $this->userValidator->validateCreation($values);
-
- if ($valid) {
- $project_id = empty($values['project_id']) ? 0 : $values['project_id'];
- unset($values['project_id']);
-
- $user_id = $this->user->create($values);
-
- if ($user_id !== false) {
- $this->projectUserRole->addUser($project_id, $user_id, Role::PROJECT_MEMBER);
-
- if (! empty($values['notifications_enabled'])) {
- $this->userNotificationType->saveSelectedTypes($user_id, array(MailNotification::TYPE));
- }
-
- $this->flash->success(t('User created successfully.'));
- return $this->response->redirect($this->helper->url->to('user', 'show', array('user_id' => $user_id)));
- } else {
- $this->flash->failure(t('Unable to create your user.'));
- $values['project_id'] = $project_id;
- }
- }
-
- return $this->create($values, $errors);
- }
-
- /**
* Display user information
*
* @access public
diff --git a/app/Controller/UserCreationController.php b/app/Controller/UserCreationController.php
new file mode 100644
index 00000000..d1c554ae
--- /dev/null
+++ b/app/Controller/UserCreationController.php
@@ -0,0 +1,83 @@
+<?php
+
+namespace Kanboard\Controller;
+
+use Kanboard\Core\Security\Role;
+use Kanboard\Notification\Mail as MailNotification;
+
+/**
+ * Class UserCreationController
+ *
+ * @package Kanboard\Controller
+ * @author Frederic Guillot
+ */
+class UserCreationController extends BaseController
+{
+ /**
+ * Display a form to create a new user
+ *
+ * @access public
+ * @param array $values
+ * @param array $errors
+ */
+ public function show(array $values = array(), array $errors = array())
+ {
+ $isRemote = $this->request->getIntegerParam('remote') == 1 || (isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1);
+ $template = $isRemote ? 'user_creation/remote' : 'user_creation/local';
+
+ $this->response->html($this->template->render($template, array(
+ 'timezones' => $this->timezone->getTimezones(true),
+ 'languages' => $this->language->getLanguages(true),
+ 'roles' => $this->role->getApplicationRoles(),
+ 'projects' => $this->project->getList(),
+ 'errors' => $errors,
+ 'values' => $values + array('role' => Role::APP_USER),
+ )));
+ }
+
+ /**
+ * Validate and save a new user
+ *
+ * @access public
+ */
+ public function save()
+ {
+ $values = $this->request->getValues();
+ list($valid, $errors) = $this->userValidator->validateCreation($values);
+
+ if ($valid) {
+ $this->createUser($values);
+ } else {
+ $this->show($values, $errors);
+ }
+ }
+
+ /**
+ * Create user
+ *
+ * @param array $values
+ */
+ private function createUser(array $values)
+ {
+ $project_id = empty($values['project_id']) ? 0 : $values['project_id'];
+ unset($values['project_id']);
+
+ $user_id = $this->user->create($values);
+
+ if ($user_id !== false) {
+ if ($project_id !== 0) {
+ $this->projectUserRole->addUser($project_id, $user_id, Role::PROJECT_MEMBER);
+ }
+
+ if (! empty($values['notifications_enabled'])) {
+ $this->userNotificationType->saveSelectedTypes($user_id, array(MailNotification::TYPE));
+ }
+
+ $this->flash->success(t('User created successfully.'));
+ $this->response->redirect($this->helper->url->to('user', 'show', array('user_id' => $user_id)));
+ } else {
+ $this->flash->failure(t('Unable to create your user.'));
+ $this->response->redirect($this->helper->url->to('user', 'index'));
+ }
+ }
+}
diff --git a/app/ServiceProvider/AuthenticationProvider.php b/app/ServiceProvider/AuthenticationProvider.php
index 8baa02ea..9c845905 100644
--- a/app/ServiceProvider/AuthenticationProvider.php
+++ b/app/ServiceProvider/AuthenticationProvider.php
@@ -138,7 +138,8 @@ class AuthenticationProvider implements ServiceProviderInterface
$acl->add('Projectuser', '*', Role::APP_MANAGER);
$acl->add('Twofactor', 'disable', Role::APP_ADMIN);
$acl->add('UserImportController', '*', Role::APP_ADMIN);
- $acl->add('User', array('index', 'create', 'save', 'authentication'), Role::APP_ADMIN);
+ $acl->add('UserCreationController', '*', Role::APP_ADMIN);
+ $acl->add('User', array('index', 'authentication'), Role::APP_ADMIN);
$acl->add('UserStatus', '*', Role::APP_ADMIN);
return $acl;
diff --git a/app/Template/user/create_local.php b/app/Template/user/create_local.php
deleted file mode 100644
index 7257456d..00000000
--- a/app/Template/user/create_local.php
+++ /dev/null
@@ -1,53 +0,0 @@
-<section id="main">
- <div class="page-header">
- <ul>
- <li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('All users'), 'user', 'index') ?></li>
- <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'user', 'create', array('remote' => 1)) ?></li>
- </ul>
- </div>
- <section>
- <form method="post" action="<?= $this->url->href('user', 'save') ?>" autocomplete="off">
-
- <?= $this->form->csrf() ?>
-
- <div class="form-column">
- <?= $this->form->label(t('Username'), 'username') ?>
- <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
-
- <?= $this->form->label(t('Name'), 'name') ?>
- <?= $this->form->text('name', $values, $errors) ?>
-
- <?= $this->form->label(t('Email'), 'email') ?>
- <?= $this->form->email('email', $values, $errors) ?>
-
- <?= $this->form->label(t('Password'), 'password') ?>
- <?= $this->form->password('password', $values, $errors, array('required')) ?>
-
- <?= $this->form->label(t('Confirmation'), 'confirmation') ?>
- <?= $this->form->password('confirmation', $values, $errors, array('required')) ?>
- </div>
-
- <div class="form-column">
- <?= $this->form->label(t('Add project member'), 'project_id') ?>
- <?= $this->form->select('project_id', $projects, $values, $errors) ?>
-
- <?= $this->form->label(t('Timezone'), 'timezone') ?>
- <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
-
- <?= $this->form->label(t('Language'), 'language') ?>
- <?= $this->form->select('language', $languages, $values, $errors) ?>
-
- <?= $this->form->label(t('Role'), 'role') ?>
- <?= $this->form->select('role', $roles, $values, $errors) ?>
-
- <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
- </div>
-
- <div class="form-actions">
- <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
- <?= t('or') ?>
- <?= $this->url->link(t('cancel'), 'user', 'index') ?>
- </div>
- </form>
- </section>
-</section>
diff --git a/app/Template/user/create_remote.php b/app/Template/user/create_remote.php
deleted file mode 100644
index 05acbba1..00000000
--- a/app/Template/user/create_remote.php
+++ /dev/null
@@ -1,55 +0,0 @@
-<section id="main">
- <div class="page-header">
- <ul>
- <li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('All users'), 'user', 'index') ?></li>
- <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'user', 'create') ?></li>
- </ul>
- </div>
- <form method="post" action="<?= $this->url->href('user', 'save') ?>" autocomplete="off">
-
- <?= $this->form->csrf() ?>
- <?= $this->form->hidden('is_ldap_user', array('is_ldap_user' => 1)) ?>
-
- <div class="form-column">
- <?= $this->form->label(t('Username'), 'username') ?>
- <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
-
- <?= $this->form->label(t('Name'), 'name') ?>
- <?= $this->form->text('name', $values, $errors) ?>
-
- <?= $this->form->label(t('Email'), 'email') ?>
- <?= $this->form->email('email', $values, $errors) ?>
-
- <?= $this->hook->render('template:user:create-remote:form', array('values' => $values, 'errors' => $errors)) ?>
- </div>
-
- <div class="form-column">
- <?= $this->form->label(t('Add project member'), 'project_id') ?>
- <?= $this->form->select('project_id', $projects, $values, $errors) ?>
-
- <?= $this->form->label(t('Timezone'), 'timezone') ?>
- <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
-
- <?= $this->form->label(t('Language'), 'language') ?>
- <?= $this->form->select('language', $languages, $values, $errors) ?>
-
- <?= $this->form->label(t('Role'), 'role') ?>
- <?= $this->form->select('role', $roles, $values, $errors) ?>
-
- <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
- <?= $this->form->checkbox('disable_login_form', t('Disallow login form'), 1, isset($values['disable_login_form']) && $values['disable_login_form'] == 1) ?>
- </div>
-
- <div class="form-actions">
- <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
- <?= t('or') ?>
- <?= $this->url->link(t('cancel'), 'user', 'index') ?>
- </div>
- </form>
- <div class="alert alert-info">
- <ul>
- <li><?= t('Remote users do not store their password in Kanboard database, examples: LDAP, Google and Github accounts.') ?></li>
- <li><?= t('If you check the box "Disallow login form", credentials entered in the login form will be ignored.') ?></li>
- </ul>
- </div>
-</section> \ No newline at end of file
diff --git a/app/Template/user/index.php b/app/Template/user/index.php
index 00cd0c82..b810373f 100644
--- a/app/Template/user/index.php
+++ b/app/Template/user/index.php
@@ -1,9 +1,9 @@
<section id="main">
<div class="page-header">
- <?php if ($this->user->hasAccess('user', 'create')): ?>
+ <?php if ($this->user->hasAccess('UserCreationController', 'show')): ?>
<ul>
- <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'user', 'create') ?></li>
- <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'user', 'create', array('remote' => 1)) ?></li>
+ <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'UserCreationController', 'show', array(), false, 'popover') ?></li>
+ <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'UserCreationController', 'show', array('remote' => 1), false, 'popover') ?></li>
<li><i class="fa fa-upload fa-fw"></i><?= $this->url->link(t('Import'), 'UserImportController', 'show', array(), false, 'popover') ?></li>
<li><i class="fa fa-users fa-fw"></i><?= $this->url->link(t('View all groups'), 'group', 'index') ?></li>
</ul>
diff --git a/app/Template/user/layout.php b/app/Template/user/layout.php
index 3a0a5ba6..47df2997 100644
--- a/app/Template/user/layout.php
+++ b/app/Template/user/layout.php
@@ -1,19 +1,19 @@
<section id="main">
<div class="page-header">
- <?php if ($this->user->hasAccess('user', 'create')): ?>
+ <?php if ($this->user->hasAccess('UserCreationController', 'show')): ?>
<ul>
<li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('All users'), 'user', 'index') ?></li>
- <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'user', 'create') ?></li>
- <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'user', 'create', array('remote' => 1)) ?></li>
+ <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'UserCreationController', 'show', array(), false, 'popover') ?></li>
+ <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'UserCreationController', 'show', array('remote' => 1), false, 'popover') ?></li>
+ <li><i class="fa fa-upload fa-fw"></i><?= $this->url->link(t('Import'), 'UserImportController', 'show', array(), false, 'popover') ?></li>
+ <li><i class="fa fa-users fa-fw"></i><?= $this->url->link(t('View all groups'), 'group', 'index') ?></li>
</ul>
<?php endif ?>
</div>
<section class="sidebar-container" id="user-section">
-
<?= $this->render('user/sidebar', array('user' => $user)) ?>
-
<div class="sidebar-content">
<?= $content_for_sublayout ?>
</div>
</section>
-</section> \ No newline at end of file
+</section>
diff --git a/app/Template/user_creation/local.php b/app/Template/user_creation/local.php
new file mode 100644
index 00000000..a83074e8
--- /dev/null
+++ b/app/Template/user_creation/local.php
@@ -0,0 +1,45 @@
+<div class="page-header">
+ <h2><?= t('New local user') ?></h2>
+</div>
+<form class="popover-form" method="post" action="<?= $this->url->href('UserCreationController', 'save') ?>" autocomplete="off">
+ <?= $this->form->csrf() ?>
+
+ <div class="form-column">
+ <?= $this->form->label(t('Username'), 'username') ?>
+ <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
+
+ <?= $this->form->label(t('Name'), 'name') ?>
+ <?= $this->form->text('name', $values, $errors) ?>
+
+ <?= $this->form->label(t('Email'), 'email') ?>
+ <?= $this->form->email('email', $values, $errors) ?>
+
+ <?= $this->form->label(t('Password'), 'password') ?>
+ <?= $this->form->password('password', $values, $errors, array('required')) ?>
+
+ <?= $this->form->label(t('Confirmation'), 'confirmation') ?>
+ <?= $this->form->password('confirmation', $values, $errors, array('required')) ?>
+ </div>
+
+ <div class="form-column">
+ <?= $this->form->label(t('Add project member'), 'project_id') ?>
+ <?= $this->form->select('project_id', $projects, $values, $errors) ?>
+
+ <?= $this->form->label(t('Timezone'), 'timezone') ?>
+ <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
+
+ <?= $this->form->label(t('Language'), 'language') ?>
+ <?= $this->form->select('language', $languages, $values, $errors) ?>
+
+ <?= $this->form->label(t('Role'), 'role') ?>
+ <?= $this->form->select('role', $roles, $values, $errors) ?>
+
+ <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
+ </div>
+
+ <div class="form-actions">
+ <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
+ <?= t('or') ?>
+ <?= $this->url->link(t('cancel'), 'user', 'index', array(), false, 'close-popover') ?>
+ </div>
+</form>
diff --git a/app/Template/user_creation/remote.php b/app/Template/user_creation/remote.php
new file mode 100644
index 00000000..5266fce8
--- /dev/null
+++ b/app/Template/user_creation/remote.php
@@ -0,0 +1,50 @@
+<div class="page-header">
+ <h2><?= t('New remote user') ?></h2>
+</div>
+<form class="popover-form" method="post" action="<?= $this->url->href('UserCreationController', 'save') ?>" autocomplete="off">
+
+ <?= $this->form->csrf() ?>
+ <?= $this->form->hidden('is_ldap_user', array('is_ldap_user' => 1)) ?>
+
+ <div class="form-column">
+ <?= $this->form->label(t('Username'), 'username') ?>
+ <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
+
+ <?= $this->form->label(t('Name'), 'name') ?>
+ <?= $this->form->text('name', $values, $errors) ?>
+
+ <?= $this->form->label(t('Email'), 'email') ?>
+ <?= $this->form->email('email', $values, $errors) ?>
+
+ <?= $this->hook->render('template:user:create-remote:form', array('values' => $values, 'errors' => $errors)) ?>
+ </div>
+
+ <div class="form-column">
+ <?= $this->form->label(t('Add project member'), 'project_id') ?>
+ <?= $this->form->select('project_id', $projects, $values, $errors) ?>
+
+ <?= $this->form->label(t('Timezone'), 'timezone') ?>
+ <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
+
+ <?= $this->form->label(t('Language'), 'language') ?>
+ <?= $this->form->select('language', $languages, $values, $errors) ?>
+
+ <?= $this->form->label(t('Role'), 'role') ?>
+ <?= $this->form->select('role', $roles, $values, $errors) ?>
+
+ <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
+ <?= $this->form->checkbox('disable_login_form', t('Disallow login form'), 1, isset($values['disable_login_form']) && $values['disable_login_form'] == 1) ?>
+ </div>
+
+ <div class="form-actions">
+ <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
+ <?= t('or') ?>
+ <?= $this->url->link(t('cancel'), 'user', 'index', array(), false, 'close-popover') ?>
+ </div>
+</form>
+<div class="alert alert-info">
+ <ul>
+ <li><?= t('Remote users do not store their password in Kanboard database, examples: LDAP, Google and Github accounts.') ?></li>
+ <li><?= t('If you check the box "Disallow login form", credentials entered in the login form will be ignored.') ?></li>
+ </ul>
+</div>
diff --git a/tests/units/Helper/UserHelperTest.php b/tests/units/Helper/UserHelperTest.php
index c1feafd2..c5e5903f 100644
--- a/tests/units/Helper/UserHelperTest.php
+++ b/tests/units/Helper/UserHelperTest.php
@@ -54,7 +54,7 @@ class UserHelperTest extends Base
'role' => Role::APP_MANAGER,
);
- $this->assertFalse($helper->hasAccess('user', 'create'));
+ $this->assertFalse($helper->hasAccess('UserCreationController', 'show'));
$this->assertTrue($helper->hasAccess('ProjectCreation', 'create'));
$this->assertTrue($helper->hasAccess('ProjectCreation', 'createPrivate'));
}
@@ -68,7 +68,7 @@ class UserHelperTest extends Base
'role' => Role::APP_USER,
);
- $this->assertFalse($helper->hasAccess('user', 'create'));
+ $this->assertFalse($helper->hasAccess('UserCreationController', 'show'));
$this->assertFalse($helper->hasAccess('ProjectCreation', 'create'));
$this->assertTrue($helper->hasAccess('ProjectCreation', 'createPrivate'));
}