From e0d4877126acc1e7189e6e67e1f1ca24e1dd5f02 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Thu, 16 Jul 2015 21:33:05 -0400
Subject: Add edit form for user authentication

---
 app/Controller/User.php              | 40 +++++++++++++++++++++++++++++++++++-
 app/Model/Acl.php                    |  2 +-
 app/Template/user/authentication.php | 32 +++++++++++++++++++++++++++++
 app/Template/user/edit.php           | 11 +++-------
 app/Template/user/sidebar.php        |  3 +++
 5 files changed, 78 insertions(+), 10 deletions(-)
 create mode 100644 app/Template/user/authentication.php

diff --git a/app/Controller/User.php b/app/Controller/User.php
index 946373ef..189d068d 100644
--- a/app/Controller/User.php
+++ b/app/Controller/User.php
@@ -298,7 +298,7 @@ class User extends Base
 
         if ($this->request->isPost()) {
 
-            $values = $this->request->getValues() + array('disable_login_form' => 0);
+            $values = $this->request->getValues();
 
             if ($this->userSession->isAdmin()) {
                 $values += array('is_admin' => 0);
@@ -334,6 +334,44 @@ class User extends Base
         )));
     }
 
+    /**
+     * Display a form to edit authentication
+     *
+     * @access public
+     */
+    public function authentication()
+    {
+        $user = $this->getUser();
+        $values = $user;
+        $errors = array();
+
+        unset($values['password']);
+
+        if ($this->request->isPost()) {
+
+            $values = $this->request->getValues() + array('disable_login_form' => 0, 'is_ldap_user' => 0);
+            list($valid, $errors) = $this->user->validateModification($values);
+
+            if ($valid) {
+
+                if ($this->user->update($values)) {
+                    $this->session->flash(t('User updated successfully.'));
+                }
+                else {
+                    $this->session->flashError(t('Unable to update your user.'));
+                }
+
+                $this->response->redirect($this->helper->url->to('user', 'authentication', array('user_id' => $user['id'])));
+            }
+        }
+
+        $this->response->html($this->layout('user/authentication', array(
+            'values' => $values,
+            'errors' => $errors,
+            'user' => $user,
+        )));
+    }
+
     /**
      * Remove a user
      *
diff --git a/app/Model/Acl.php b/app/Model/Acl.php
index dfdc82d2..b9c06e98 100644
--- a/app/Model/Acl.php
+++ b/app/Model/Acl.php
@@ -70,7 +70,7 @@ class Acl extends Base
      * @var array
      */
     private $admin_acl = array(
-        'user' => array('index', 'create', 'save', 'remove'),
+        'user' => array('index', 'create', 'save', 'remove', 'authentication'),
         'config' => '*',
         'link' => '*',
         'project' => array('remove'),
diff --git a/app/Template/user/authentication.php b/app/Template/user/authentication.php
new file mode 100644
index 00000000..a62c8f93
--- /dev/null
+++ b/app/Template/user/authentication.php
@@ -0,0 +1,32 @@
+<div class="page-header">
+    <h2><?= t('Edit Authentication') ?></h2>
+</div>
+<form method="post" action="<?= $this->url->href('user', 'authentication', array('user_id' => $user['id'])) ?>" autocomplete="off">
+
+    <?= $this->form->csrf() ?>
+
+    <?= $this->form->hidden('id', $values) ?>
+    <?= $this->form->hidden('username', $values) ?>
+
+    <?= $this->form->label(t('Google Id'), 'google_id') ?>
+    <?= $this->form->text('google_id', $values, $errors) ?>
+
+    <?= $this->form->label(t('Github Id'), 'github_id') ?>
+    <?= $this->form->text('github_id', $values, $errors) ?>
+
+    <?= $this->form->checkbox('is_ldap_user', t('Remote user'), 1, isset($values['is_ldap_user']) && $values['is_ldap_user'] == 1) ?>
+    <?= $this->form->checkbox('disable_login_form', t('Disallow login form'), 1, isset($values['disable_login_form']) && $values['disable_login_form'] == 1) ?>
+
+    <div class="form-actions">
+        <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/>
+        <?= t('or') ?>
+        <?= $this->url->link(t('cancel'), 'user', 'show', array('user_id' => $user['id'])) ?>
+    </div>
+
+    <div class="alert alert-info">
+        <ul>
+            <li><?= t('Remote users do not store their password in Kanboard database, examples: LDAP, Google and Github accounts.') ?></li>
+            <li><?= t('If you check the box "Disallow login form", credentials entered in the login form will be ignored.') ?></li>
+        </ul>
+    </div>
+</form>
\ No newline at end of file
diff --git a/app/Template/user/edit.php b/app/Template/user/edit.php
index 2462308f..ea7e3875 100644
--- a/app/Template/user/edit.php
+++ b/app/Template/user/edit.php
@@ -6,7 +6,6 @@
     <?= $this->form->csrf() ?>
 
     <?= $this->form->hidden('id', $values) ?>
-    <?= $this->form->hidden('is_ldap_user', $values) ?>
 
     <?= $this->form->label(t('Username'), 'username') ?>
     <?= $this->form->text('username', $values, $errors, array('required', $values['is_ldap_user'] == 1 ? 'readonly' : '', 'maxlength="50"')) ?><br/>
@@ -23,13 +22,9 @@
     <?= $this->form->label(t('Language'), 'language') ?>
     <?= $this->form->select('language', $languages, $values, $errors) ?><br/>
 
-    <div class="alert alert-error">
-        <?= $this->form->checkbox('disable_login_form', t('Disable login form'), 1, isset($values['disable_login_form']) && $values['disable_login_form'] == 1) ?><br/>
-
-        <?php if ($this->user->isAdmin()): ?>
-            <?= $this->form->checkbox('is_admin', t('Administrator'), 1, isset($values['is_admin']) && $values['is_admin'] == 1) ?><br/>
-        <?php endif ?>
-    </div>
+    <?php if ($this->user->isAdmin()): ?>
+        <?= $this->form->checkbox('is_admin', t('Administrator'), 1, isset($values['is_admin']) && $values['is_admin'] == 1) ?><br/>
+    <?php endif ?>
 
     <div class="form-actions">
         <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/>
diff --git a/app/Template/user/sidebar.php b/app/Template/user/sidebar.php
index e61a43bf..3e79fda3 100644
--- a/app/Template/user/sidebar.php
+++ b/app/Template/user/sidebar.php
@@ -57,6 +57,9 @@
         <?php endif ?>
 
         <?php if ($this->user->isAdmin()): ?>
+            <li>
+                <?= $this->url->link(t('Edit Authentication'), 'user', 'authentication', array('user_id' => $user['id'])) ?>
+            </li>
             <li>
                 <?= $this->url->link(t('Hourly rates'), 'hourlyrate', 'index', array('user_id' => $user['id'])) ?>
             </li>
-- 
cgit v1.2.3