From 9ec654186a8374b0d260cf641114bcbde1f6bb4f Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Sun, 15 May 2016 21:50:46 -0400
Subject: User creation forms are now displayed with inline popup

---
 app/Controller/User.php                        | 58 ------------------
 app/Controller/UserCreationController.php      | 83 ++++++++++++++++++++++++++
 app/ServiceProvider/AuthenticationProvider.php |  3 +-
 app/Template/user/create_local.php             | 53 ----------------
 app/Template/user/create_remote.php            | 55 -----------------
 app/Template/user/index.php                    |  6 +-
 app/Template/user/layout.php                   | 12 ++--
 app/Template/user_creation/local.php           | 45 ++++++++++++++
 app/Template/user_creation/remote.php          | 50 ++++++++++++++++
 tests/units/Helper/UserHelperTest.php          |  4 +-
 10 files changed, 191 insertions(+), 178 deletions(-)
 create mode 100644 app/Controller/UserCreationController.php
 delete mode 100644 app/Template/user/create_local.php
 delete mode 100644 app/Template/user/create_remote.php
 create mode 100644 app/Template/user_creation/local.php
 create mode 100644 app/Template/user_creation/remote.php

diff --git a/app/Controller/User.php b/app/Controller/User.php
index 11a7a01e..190acb61 100644
--- a/app/Controller/User.php
+++ b/app/Controller/User.php
@@ -3,9 +3,7 @@
 namespace Kanboard\Controller;
 
 use Kanboard\Core\Controller\PageNotFoundException;
-use Kanboard\Notification\Mail as MailNotification;
 use Kanboard\Model\Project as ProjectModel;
-use Kanboard\Core\Security\Role;
 
 /**
  * User controller
@@ -55,62 +53,6 @@ class User extends BaseController
         )));
     }
 
-    /**
-     * Display a form to create a new user
-     *
-     * @access public
-     * @param array $values
-     * @param array $errors
-     */
-    public function create(array $values = array(), array $errors = array())
-    {
-        $is_remote = $this->request->getIntegerParam('remote') == 1 || (isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1);
-
-        $this->response->html($this->helper->layout->app($is_remote ? 'user/create_remote' : 'user/create_local', array(
-            'timezones' => $this->timezone->getTimezones(true),
-            'languages' => $this->language->getLanguages(true),
-            'roles' => $this->role->getApplicationRoles(),
-            'projects' => $this->project->getList(),
-            'errors' => $errors,
-            'values' => $values + array('role' => Role::APP_USER),
-            'title' => t('New user')
-        )));
-    }
-
-    /**
-     * Validate and save a new user
-     *
-     * @access public
-     */
-    public function save()
-    {
-        $values = $this->request->getValues();
-        list($valid, $errors) = $this->userValidator->validateCreation($values);
-
-        if ($valid) {
-            $project_id = empty($values['project_id']) ? 0 : $values['project_id'];
-            unset($values['project_id']);
-
-            $user_id = $this->user->create($values);
-
-            if ($user_id !== false) {
-                $this->projectUserRole->addUser($project_id, $user_id, Role::PROJECT_MEMBER);
-
-                if (! empty($values['notifications_enabled'])) {
-                    $this->userNotificationType->saveSelectedTypes($user_id, array(MailNotification::TYPE));
-                }
-
-                $this->flash->success(t('User created successfully.'));
-                return $this->response->redirect($this->helper->url->to('user', 'show', array('user_id' => $user_id)));
-            } else {
-                $this->flash->failure(t('Unable to create your user.'));
-                $values['project_id'] = $project_id;
-            }
-        }
-
-        return $this->create($values, $errors);
-    }
-
     /**
      * Display user information
      *
diff --git a/app/Controller/UserCreationController.php b/app/Controller/UserCreationController.php
new file mode 100644
index 00000000..d1c554ae
--- /dev/null
+++ b/app/Controller/UserCreationController.php
@@ -0,0 +1,83 @@
+<?php
+
+namespace Kanboard\Controller;
+
+use Kanboard\Core\Security\Role;
+use Kanboard\Notification\Mail as MailNotification;
+
+/**
+ * Class UserCreationController
+ *
+ * @package Kanboard\Controller
+ * @author  Frederic Guillot
+ */
+class UserCreationController extends BaseController
+{
+    /**
+     * Display a form to create a new user
+     *
+     * @access public
+     * @param array $values
+     * @param array $errors
+     */
+    public function show(array $values = array(), array $errors = array())
+    {
+        $isRemote = $this->request->getIntegerParam('remote') == 1 || (isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1);
+        $template = $isRemote ? 'user_creation/remote' : 'user_creation/local';
+
+        $this->response->html($this->template->render($template, array(
+            'timezones' => $this->timezone->getTimezones(true),
+            'languages' => $this->language->getLanguages(true),
+            'roles' => $this->role->getApplicationRoles(),
+            'projects' => $this->project->getList(),
+            'errors' => $errors,
+            'values' => $values + array('role' => Role::APP_USER),
+        )));
+    }
+
+    /**
+     * Validate and save a new user
+     *
+     * @access public
+     */
+    public function save()
+    {
+        $values = $this->request->getValues();
+        list($valid, $errors) = $this->userValidator->validateCreation($values);
+
+        if ($valid) {
+            $this->createUser($values);
+        } else {
+            $this->show($values, $errors);
+        }
+    }
+
+    /**
+     * Create user
+     *
+     * @param array $values
+     */
+    private function createUser(array $values)
+    {
+        $project_id = empty($values['project_id']) ? 0 : $values['project_id'];
+        unset($values['project_id']);
+
+        $user_id = $this->user->create($values);
+
+        if ($user_id !== false) {
+            if ($project_id !== 0) {
+                $this->projectUserRole->addUser($project_id, $user_id, Role::PROJECT_MEMBER);
+            }
+
+            if (! empty($values['notifications_enabled'])) {
+                $this->userNotificationType->saveSelectedTypes($user_id, array(MailNotification::TYPE));
+            }
+
+            $this->flash->success(t('User created successfully.'));
+            $this->response->redirect($this->helper->url->to('user', 'show', array('user_id' => $user_id)));
+        } else {
+            $this->flash->failure(t('Unable to create your user.'));
+            $this->response->redirect($this->helper->url->to('user', 'index'));
+        }
+    }
+}
diff --git a/app/ServiceProvider/AuthenticationProvider.php b/app/ServiceProvider/AuthenticationProvider.php
index 8baa02ea..9c845905 100644
--- a/app/ServiceProvider/AuthenticationProvider.php
+++ b/app/ServiceProvider/AuthenticationProvider.php
@@ -138,7 +138,8 @@ class AuthenticationProvider implements ServiceProviderInterface
         $acl->add('Projectuser', '*', Role::APP_MANAGER);
         $acl->add('Twofactor', 'disable', Role::APP_ADMIN);
         $acl->add('UserImportController', '*', Role::APP_ADMIN);
-        $acl->add('User', array('index', 'create', 'save', 'authentication'), Role::APP_ADMIN);
+        $acl->add('UserCreationController', '*', Role::APP_ADMIN);
+        $acl->add('User', array('index', 'authentication'), Role::APP_ADMIN);
         $acl->add('UserStatus', '*', Role::APP_ADMIN);
 
         return $acl;
diff --git a/app/Template/user/create_local.php b/app/Template/user/create_local.php
deleted file mode 100644
index 7257456d..00000000
--- a/app/Template/user/create_local.php
+++ /dev/null
@@ -1,53 +0,0 @@
-<section id="main">
-    <div class="page-header">
-        <ul>
-            <li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('All users'), 'user', 'index') ?></li>
-            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'user', 'create', array('remote' => 1)) ?></li>
-        </ul>
-    </div>
-    <section>
-    <form method="post" action="<?= $this->url->href('user', 'save') ?>" autocomplete="off">
-
-        <?= $this->form->csrf() ?>
-
-        <div class="form-column">
-            <?= $this->form->label(t('Username'), 'username') ?>
-            <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
-
-            <?= $this->form->label(t('Name'), 'name') ?>
-            <?= $this->form->text('name', $values, $errors) ?>
-
-            <?= $this->form->label(t('Email'), 'email') ?>
-            <?= $this->form->email('email', $values, $errors) ?>
-
-            <?= $this->form->label(t('Password'), 'password') ?>
-            <?= $this->form->password('password', $values, $errors, array('required')) ?>
-
-            <?= $this->form->label(t('Confirmation'), 'confirmation') ?>
-            <?= $this->form->password('confirmation', $values, $errors, array('required')) ?>
-        </div>
-
-        <div class="form-column">
-            <?= $this->form->label(t('Add project member'), 'project_id') ?>
-            <?= $this->form->select('project_id', $projects, $values, $errors) ?>
-
-            <?= $this->form->label(t('Timezone'), 'timezone') ?>
-            <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
-
-            <?= $this->form->label(t('Language'), 'language') ?>
-            <?= $this->form->select('language', $languages, $values, $errors) ?>
-
-            <?= $this->form->label(t('Role'), 'role') ?>
-            <?= $this->form->select('role', $roles, $values, $errors) ?>
-
-            <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
-        </div>
-
-        <div class="form-actions">
-            <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
-            <?= t('or') ?>
-            <?= $this->url->link(t('cancel'), 'user', 'index') ?>
-        </div>
-    </form>
-    </section>
-</section>
diff --git a/app/Template/user/create_remote.php b/app/Template/user/create_remote.php
deleted file mode 100644
index 05acbba1..00000000
--- a/app/Template/user/create_remote.php
+++ /dev/null
@@ -1,55 +0,0 @@
-<section id="main">
-    <div class="page-header">
-        <ul>
-            <li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('All users'), 'user', 'index') ?></li>
-            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'user', 'create') ?></li>
-        </ul>
-    </div>
-    <form method="post" action="<?= $this->url->href('user', 'save') ?>" autocomplete="off">
-
-        <?= $this->form->csrf() ?>
-        <?= $this->form->hidden('is_ldap_user', array('is_ldap_user' => 1)) ?>
-
-        <div class="form-column">
-            <?= $this->form->label(t('Username'), 'username') ?>
-            <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
-
-            <?= $this->form->label(t('Name'), 'name') ?>
-            <?= $this->form->text('name', $values, $errors) ?>
-
-            <?= $this->form->label(t('Email'), 'email') ?>
-            <?= $this->form->email('email', $values, $errors) ?>
-
-            <?= $this->hook->render('template:user:create-remote:form', array('values' => $values, 'errors' => $errors)) ?>
-        </div>
-
-        <div class="form-column">
-            <?= $this->form->label(t('Add project member'), 'project_id') ?>
-            <?= $this->form->select('project_id', $projects, $values, $errors) ?>
-
-            <?= $this->form->label(t('Timezone'), 'timezone') ?>
-            <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
-
-            <?= $this->form->label(t('Language'), 'language') ?>
-            <?= $this->form->select('language', $languages, $values, $errors) ?>
-
-            <?= $this->form->label(t('Role'), 'role') ?>
-            <?= $this->form->select('role', $roles, $values, $errors) ?>
-
-            <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
-            <?= $this->form->checkbox('disable_login_form', t('Disallow login form'), 1, isset($values['disable_login_form']) && $values['disable_login_form'] == 1) ?>
-        </div>
-
-        <div class="form-actions">
-            <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
-            <?= t('or') ?>
-            <?= $this->url->link(t('cancel'), 'user', 'index') ?>
-        </div>
-    </form>
-    <div class="alert alert-info">
-        <ul>
-            <li><?= t('Remote users do not store their password in Kanboard database, examples: LDAP, Google and Github accounts.') ?></li>
-            <li><?= t('If you check the box "Disallow login form", credentials entered in the login form will be ignored.') ?></li>
-        </ul>
-    </div>
-</section>
\ No newline at end of file
diff --git a/app/Template/user/index.php b/app/Template/user/index.php
index 00cd0c82..b810373f 100644
--- a/app/Template/user/index.php
+++ b/app/Template/user/index.php
@@ -1,9 +1,9 @@
 <section id="main">
     <div class="page-header">
-        <?php if ($this->user->hasAccess('user', 'create')): ?>
+        <?php if ($this->user->hasAccess('UserCreationController', 'show')): ?>
         <ul>
-            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'user', 'create') ?></li>
-            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'user', 'create', array('remote' => 1)) ?></li>
+            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'UserCreationController', 'show', array(), false, 'popover') ?></li>
+            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'UserCreationController', 'show', array('remote' => 1), false, 'popover') ?></li>
             <li><i class="fa fa-upload fa-fw"></i><?= $this->url->link(t('Import'), 'UserImportController', 'show', array(), false, 'popover') ?></li>
             <li><i class="fa fa-users fa-fw"></i><?= $this->url->link(t('View all groups'), 'group', 'index') ?></li>
         </ul>
diff --git a/app/Template/user/layout.php b/app/Template/user/layout.php
index 3a0a5ba6..47df2997 100644
--- a/app/Template/user/layout.php
+++ b/app/Template/user/layout.php
@@ -1,19 +1,19 @@
 <section id="main">
     <div class="page-header">
-        <?php if ($this->user->hasAccess('user', 'create')): ?>
+        <?php if ($this->user->hasAccess('UserCreationController', 'show')): ?>
         <ul>
             <li><i class="fa fa-user fa-fw"></i><?= $this->url->link(t('All users'), 'user', 'index') ?></li>
-            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'user', 'create') ?></li>
-            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'user', 'create', array('remote' => 1)) ?></li>
+            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New local user'), 'UserCreationController', 'show', array(), false, 'popover') ?></li>
+            <li><i class="fa fa-plus fa-fw"></i><?= $this->url->link(t('New remote user'), 'UserCreationController', 'show', array('remote' => 1), false, 'popover') ?></li>
+            <li><i class="fa fa-upload fa-fw"></i><?= $this->url->link(t('Import'), 'UserImportController', 'show', array(), false, 'popover') ?></li>
+            <li><i class="fa fa-users fa-fw"></i><?= $this->url->link(t('View all groups'), 'group', 'index') ?></li>
         </ul>
         <?php endif ?>
     </div>
     <section class="sidebar-container" id="user-section">
-
         <?= $this->render('user/sidebar', array('user' => $user)) ?>
-
         <div class="sidebar-content">
             <?= $content_for_sublayout ?>
         </div>
     </section>
-</section>
\ No newline at end of file
+</section>
diff --git a/app/Template/user_creation/local.php b/app/Template/user_creation/local.php
new file mode 100644
index 00000000..a83074e8
--- /dev/null
+++ b/app/Template/user_creation/local.php
@@ -0,0 +1,45 @@
+<div class="page-header">
+    <h2><?= t('New local user') ?></h2>
+</div>
+<form class="popover-form" method="post" action="<?= $this->url->href('UserCreationController', 'save') ?>" autocomplete="off">
+    <?= $this->form->csrf() ?>
+
+    <div class="form-column">
+        <?= $this->form->label(t('Username'), 'username') ?>
+        <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
+
+        <?= $this->form->label(t('Name'), 'name') ?>
+        <?= $this->form->text('name', $values, $errors) ?>
+
+        <?= $this->form->label(t('Email'), 'email') ?>
+        <?= $this->form->email('email', $values, $errors) ?>
+
+        <?= $this->form->label(t('Password'), 'password') ?>
+        <?= $this->form->password('password', $values, $errors, array('required')) ?>
+
+        <?= $this->form->label(t('Confirmation'), 'confirmation') ?>
+        <?= $this->form->password('confirmation', $values, $errors, array('required')) ?>
+    </div>
+
+    <div class="form-column">
+        <?= $this->form->label(t('Add project member'), 'project_id') ?>
+        <?= $this->form->select('project_id', $projects, $values, $errors) ?>
+
+        <?= $this->form->label(t('Timezone'), 'timezone') ?>
+        <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
+
+        <?= $this->form->label(t('Language'), 'language') ?>
+        <?= $this->form->select('language', $languages, $values, $errors) ?>
+
+        <?= $this->form->label(t('Role'), 'role') ?>
+        <?= $this->form->select('role', $roles, $values, $errors) ?>
+
+        <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
+    </div>
+
+    <div class="form-actions">
+        <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
+        <?= t('or') ?>
+        <?= $this->url->link(t('cancel'), 'user', 'index', array(), false, 'close-popover') ?>
+    </div>
+</form>
diff --git a/app/Template/user_creation/remote.php b/app/Template/user_creation/remote.php
new file mode 100644
index 00000000..5266fce8
--- /dev/null
+++ b/app/Template/user_creation/remote.php
@@ -0,0 +1,50 @@
+<div class="page-header">
+    <h2><?= t('New remote user') ?></h2>
+</div>
+<form class="popover-form" method="post" action="<?= $this->url->href('UserCreationController', 'save') ?>" autocomplete="off">
+
+    <?= $this->form->csrf() ?>
+    <?= $this->form->hidden('is_ldap_user', array('is_ldap_user' => 1)) ?>
+
+    <div class="form-column">
+        <?= $this->form->label(t('Username'), 'username') ?>
+        <?= $this->form->text('username', $values, $errors, array('autofocus', 'required', 'maxlength="50"')) ?>
+
+        <?= $this->form->label(t('Name'), 'name') ?>
+        <?= $this->form->text('name', $values, $errors) ?>
+
+        <?= $this->form->label(t('Email'), 'email') ?>
+        <?= $this->form->email('email', $values, $errors) ?>
+
+        <?= $this->hook->render('template:user:create-remote:form', array('values' => $values, 'errors' => $errors)) ?>
+    </div>
+
+    <div class="form-column">
+        <?= $this->form->label(t('Add project member'), 'project_id') ?>
+        <?= $this->form->select('project_id', $projects, $values, $errors) ?>
+
+        <?= $this->form->label(t('Timezone'), 'timezone') ?>
+        <?= $this->form->select('timezone', $timezones, $values, $errors) ?>
+
+        <?= $this->form->label(t('Language'), 'language') ?>
+        <?= $this->form->select('language', $languages, $values, $errors) ?>
+
+        <?= $this->form->label(t('Role'), 'role') ?>
+        <?= $this->form->select('role', $roles, $values, $errors) ?>
+
+        <?= $this->form->checkbox('notifications_enabled', t('Enable email notifications'), 1, isset($values['notifications_enabled']) && $values['notifications_enabled'] == 1 ? true : false) ?>
+        <?= $this->form->checkbox('disable_login_form', t('Disallow login form'), 1, isset($values['disable_login_form']) && $values['disable_login_form'] == 1) ?>
+    </div>
+
+    <div class="form-actions">
+        <button type="submit" class="btn btn-blue"><?= t('Save') ?></button>
+        <?= t('or') ?>
+        <?= $this->url->link(t('cancel'), 'user', 'index', array(), false, 'close-popover') ?>
+    </div>
+</form>
+<div class="alert alert-info">
+    <ul>
+        <li><?= t('Remote users do not store their password in Kanboard database, examples: LDAP, Google and Github accounts.') ?></li>
+        <li><?= t('If you check the box "Disallow login form", credentials entered in the login form will be ignored.') ?></li>
+    </ul>
+</div>
diff --git a/tests/units/Helper/UserHelperTest.php b/tests/units/Helper/UserHelperTest.php
index c1feafd2..c5e5903f 100644
--- a/tests/units/Helper/UserHelperTest.php
+++ b/tests/units/Helper/UserHelperTest.php
@@ -54,7 +54,7 @@ class UserHelperTest extends Base
             'role' => Role::APP_MANAGER,
         );
 
-        $this->assertFalse($helper->hasAccess('user', 'create'));
+        $this->assertFalse($helper->hasAccess('UserCreationController', 'show'));
         $this->assertTrue($helper->hasAccess('ProjectCreation', 'create'));
         $this->assertTrue($helper->hasAccess('ProjectCreation', 'createPrivate'));
     }
@@ -68,7 +68,7 @@ class UserHelperTest extends Base
             'role' => Role::APP_USER,
         );
 
-        $this->assertFalse($helper->hasAccess('user', 'create'));
+        $this->assertFalse($helper->hasAccess('UserCreationController', 'show'));
         $this->assertFalse($helper->hasAccess('ProjectCreation', 'create'));
         $this->assertTrue($helper->hasAccess('ProjectCreation', 'createPrivate'));
     }
-- 
cgit v1.2.3