From d68ff648b1995c14506d4c61c9d97dc7f599496f Mon Sep 17 00:00:00 2001 From: Frédéric Guillot Date: Tue, 2 Sep 2014 23:41:12 -0800 Subject: Refactoring of user management (ui) --- app/Controller/Config.php | 29 ------ app/Controller/User.php | 257 +++++++++++++++++++++++++++++++++++----------- 2 files changed, 198 insertions(+), 88 deletions(-) (limited to 'app/Controller') diff --git a/app/Controller/Config.php b/app/Controller/Config.php index 48bfb9cf..a364c5f4 100644 --- a/app/Controller/Config.php +++ b/app/Controller/Config.php @@ -19,27 +19,15 @@ class Config extends Base { $this->response->html($this->template->layout('config_index', array( 'db_size' => $this->config->getDatabaseSize(), - 'user' => $_SESSION['user'], - 'user_projects' => $this->project->getAvailableList($this->acl->getUserId()), - 'notifications' => $this->notification->readSettings($this->acl->getUserId()), 'languages' => $this->config->getLanguages(), 'values' => $this->config->getAll(), 'errors' => array(), 'menu' => 'config', 'title' => t('Settings'), 'timezones' => $this->config->getTimezones(), - 'remember_me_sessions' => $this->authentication->backend('rememberMe')->getAll($this->acl->getUserId()), - 'last_logins' => $this->lastLogin->getAll($this->acl->getUserId()), ))); } - public function notifications() - { - $values = $this->request->getValues(); - $this->notification->saveSettings($this->acl->getUserId(), $values); - $this->response->redirect('?controller=config#notifications'); - } - /** * Validate and save settings * @@ -64,17 +52,12 @@ class Config extends Base $this->response->html($this->template->layout('config_index', array( 'db_size' => $this->config->getDatabaseSize(), - 'user' => $_SESSION['user'], - 'user_projects' => $this->project->getAvailableList($this->acl->getUserId()), - 'notifications' => $this->notification->readSettings($this->acl->getUserId()), 'languages' => $this->config->getLanguages(), 'values' => $values, 'errors' => $errors, 'menu' => 'config', 'title' => t('Settings'), 'timezones' => $this->config->getTimezones(), - 'remember_me_sessions' => $this->authentication->backend('rememberMe')->getAll($this->acl->getUserId()), - 'last_logins' => $this->lastLogin->getAll($this->acl->getUserId()), ))); } @@ -115,16 +98,4 @@ class Config extends Base $this->session->flash(t('All tokens have been regenerated.')); $this->response->redirect('?controller=config'); } - - /** - * Remove a "RememberMe" token - * - * @access public - */ - public function removeRememberMeToken() - { - $this->checkCSRFParam(); - $this->authentication->backend('rememberMe')->remove($this->request->getIntegerParam('id')); - $this->response->redirect('?controller=config&action=index#remember-me'); - } } diff --git a/app/Controller/User.php b/app/Controller/User.php index 0bb7aec1..25402f03 100644 --- a/app/Controller/User.php +++ b/app/Controller/User.php @@ -64,6 +64,48 @@ class User extends Base ))); } + /** + * Common layout for project views + * + * @access private + * @param string $template Template name + * @param array $params Template parameters + * @return string + */ + private function layout($template, array $params) + { + $content = $this->template->load($template, $params); + $params['user_content_for_layout'] = $content; + $params['menu'] = 'users'; + + if (isset($params['user'])) { + $params['title'] = $params['user']['name'] ?: $params['user']['username']; + } + + return $this->template->layout('user_layout', $params); + } + + /** + * Common method to get the user + * + * @access private + * @return array + */ + private function getUser() + { + $user = $this->user->getById($this->request->getIntegerParam('user_id'), true); + + if (! $user) { + $this->notfound(); + } + + if ($this->acl->isRegularUser() && $this->acl->getUserId() != $user['id']) { + $this->forbidden(); + } + + return $user; + } + /** * List all users * @@ -131,91 +173,180 @@ class User extends Base } /** - * Display a form to edit a user + * Display user information * * @access public */ - public function edit() + public function show() { - $user = $this->user->getById($this->request->getIntegerParam('user_id')); + $user = $this->getUser(); + $this->response->html($this->layout('user_show', array( + 'projects' => $this->project->getAvailableList($user['id']), + 'user' => $user, + ))); + } - if (! $user) $this->notfound(); + /** + * Display last connections + * + * @access public + */ + public function last() + { + $user = $this->getUser(); + $this->response->html($this->layout('user_last', array( + 'last_logins' => $this->lastLogin->getAll($user['id']), + 'user' => $user, + ))); + } - if ($this->acl->isRegularUser() && $this->acl->getUserId() != $user['id']) { - $this->forbidden(); - } + /** + * Display user sessions + * + * @access public + */ + public function sessions() + { + $user = $this->getUser(); + $this->response->html($this->layout('user_sessions', array( + 'sessions' => $this->authentication->backend('rememberMe')->getAll($user['id']), + 'user' => $user, + ))); + } - unset($user['password']); + /** + * Remove a "RememberMe" token + * + * @access public + */ + public function removeSession() + { + $this->checkCSRFParam(); + $user = $this->getUser(); + $this->authentication->backend('rememberMe')->remove($this->request->getIntegerParam('id')); + $this->response->redirect('?controller=user&action=sessions&user_id='.$user['id']); + } - $this->response->html($this->template->layout('user_edit', array( - 'projects' => $this->project->filterListByAccess($this->project->getList(), $user['id']), - 'errors' => array(), - 'values' => $user, - 'menu' => 'users', - 'title' => t('Edit user') + /** + * Display user notifications + * + * @access public + */ + public function notifications() + { + $user = $this->getUser(); + + if ($this->request->isPost()) { + $values = $this->request->getValues(); + $this->notification->saveSettings($user['id'], $values); + $this->session->flash(t('User updated successfully.')); + $this->response->redirect('?controller=user&action=notifications&user_id='.$user['id']); + } + + $this->response->html($this->layout('user_notifications', array( + 'projects' => $this->project->getAvailableList($user['id']), + 'notifications' => $this->notification->readSettings($user['id']), + 'user' => $user, ))); } /** - * Validate and update a user + * Display external accounts * * @access public */ - public function update() + public function external() { - $values = $this->request->getValues(); + $user = $this->getUser(); + $this->response->html($this->layout('user_external', array( + 'last_logins' => $this->lastLogin->getAll($user['id']), + 'user' => $user, + ))); + } - if ($this->acl->isAdminUser()) { - $values += array('is_admin' => 0); - } - else { + /** + * Password modification + * + * @access public + */ + public function password() + { + $user = $this->getUser(); + $values = array('id' => $user['id']); + $errors = array(); - if ($this->acl->getUserId() != $values['id']) { - $this->forbidden(); - } + if ($this->request->isPost()) { - if (isset($values['is_admin'])) { - unset($values['is_admin']); // Regular users can't be admin - } - } + $values = $this->request->getValues(); + list($valid, $errors) = $this->user->validatePasswordModification($values); - list($valid, $errors) = $this->user->validateModification($values); + if ($valid) { - if ($valid) { + if ($this->user->update($values)) { + $this->session->flash(t('Password modified successfully.')); + } + else { + $this->session->flashError(t('Unable to change the password.')); + } - if ($this->user->update($values)) { - $this->session->flash(t('User updated successfully.')); - $this->response->redirect('?controller=user'); - } - else { - $this->session->flashError(t('Unable to update your user.')); + $this->response->redirect('?controller=user&action=show&user_id='.$user['id']); } } - $this->response->html($this->template->layout('user_edit', array( - 'projects' => $this->project->filterListByAccess($this->project->getList(), $values['id']), - 'errors' => $errors, + $this->response->html($this->layout('user_password', array( 'values' => $values, - 'menu' => 'users', - 'title' => t('Edit user') + 'errors' => $errors, + 'user' => $user, ))); } /** - * Confirmation dialog before to remove a user + * Display a form to edit a user * * @access public */ - public function confirm() + public function edit() { - $user = $this->user->getById($this->request->getIntegerParam('user_id')); + $user = $this->getUser(); + $values = $user; + $errors = array(); + + unset($values['password']); + + if ($this->request->isPost()) { + + $values = $this->request->getValues(); + + if ($this->acl->isAdminUser()) { + $values += array('is_admin' => 0); + } + else { + + if (isset($values['is_admin'])) { + unset($values['is_admin']); // Regular users can't be admin + } + } + + list($valid, $errors) = $this->user->validateModification($values); + + if ($valid) { + + if ($this->user->update($values)) { + $this->session->flash(t('User updated successfully.')); + } + else { + $this->session->flashError(t('Unable to update your user.')); + } - if (! $user) $this->notfound(); + $this->response->redirect('?controller=user&action=show&user_id='.$user['id']); + } + } - $this->response->html($this->template->layout('user_remove', array( + $this->response->html($this->layout('user_edit', array( + 'values' => $values, + 'errors' => $errors, + 'projects' => $this->project->filterListByAccess($this->project->getList(), $user['id']), 'user' => $user, - 'menu' => 'users', - 'title' => t('Remove user') ))); } @@ -226,16 +357,24 @@ class User extends Base */ public function remove() { - $this->checkCSRFParam(); - $user_id = $this->request->getIntegerParam('user_id'); + $user = $this->getUser(); + + if ($this->request->getStringParam('confirmation') === 'yes') { - if ($user_id && $this->user->remove($user_id)) { - $this->session->flash(t('User removed successfully.')); - } else { - $this->session->flashError(t('Unable to remove this user.')); + $this->checkCSRFParam(); + + if ($this->user->remove($user['id'])) { + $this->session->flash(t('User removed successfully.')); + } else { + $this->session->flashError(t('Unable to remove this user.')); + } + + $this->response->redirect('?controller=user'); } - $this->response->redirect('?controller=user'); + $this->response->html($this->layout('user_remove', array( + 'user' => $user, + ))); } /** @@ -263,7 +402,7 @@ class User extends Base $this->session->flashError(t('Unable to link your Google Account.')); } - $this->response->redirect('?controller=user'); + $this->response->redirect('?controller=user&action=external&user_id='.$this->acl->getUserId()); } else if ($this->authentication->backend('google')->authenticate($profile['id'])) { $this->response->redirect('?controller=app'); @@ -297,7 +436,7 @@ class User extends Base $this->session->flashError(t('Unable to unlink your Google Account.')); } - $this->response->redirect('?controller=user'); + $this->response->redirect('?controller=user&action=external&user_id='.$this->acl->getUserId()); } /** @@ -324,7 +463,7 @@ class User extends Base $this->session->flashError(t('Unable to link your GitHub Account.')); } - $this->response->redirect('?controller=user'); + $this->response->redirect('?controller=user&action=external&user_id='.$this->acl->getUserId()); } else if ($this->authentication->backend('gitHub')->authenticate($profile['id'])) { $this->response->redirect('?controller=app'); @@ -361,6 +500,6 @@ class User extends Base $this->session->flashError(t('Unable to unlink your GitHub Account.')); } - $this->response->redirect('?controller=user'); + $this->response->redirect('?controller=user&action=external&user_id='.$this->acl->getUserId()); } } -- cgit v1.2.3