Add support in the scaffolding for adding users to groups, adding and

removing users and groups.

5 files changed, 110 insertions, 14 deletions

diff --git a/core/controllers/welcome.php b/core/controllers/welcome.php
index f2bc5699..08bfcb56 100644
--- a/core/controllers/welcome.php
+++ b/core/controllers/welcome.php
@@ -394,8 +394,8 @@ class Welcome_Controller extends Template_Controller {
     url::redirect("welcome");
   }
 
-  public function delete_user($name) {
-    user::delete($name);
+  public function delete_user($id) {
+    user::delete($id);
     url::redirect("welcome");
   }
 
@@ -405,9 +405,22 @@ class Welcome_Controller extends Template_Controller {
     url::redirect("welcome");
   }
 
-  public function delete_group($name) {
-    group::delete($name);
+  public function delete_group($id) {
+    group::delete($id);
     url::redirect("welcome");
   }
 
+  public function remove_from_group($group_id, $user_id) {
+    group::remove_user($group_id, $user_id);
+    url::redirect("welcome");
+  }
+
+  public function add_to_group($user_id) {
+    $group_name = $this->input->post("group_name");
+    $group = ORM::factory("group")->where("name", $group_name)->find();
+    if ($group->loaded) {
+      group::add_user($group->id, $user_id);
+    }
+    url::redirect("welcome");
+  }
 }
diff --git a/core/views/welcome.html.php b/core/views/welcome.html.php
index 7fc006b0..8a397f4b 100644
--- a/core/views/welcome.html.php
+++ b/core/views/welcome.html.php
@@ -252,7 +252,27 @@
             <div id="access_users" class="activity">
               <ul>
                 <? foreach ($users as $user): ?>
-                <li> <?= $user->name ?> <?= html::anchor("welcome/delete_user/$user->name", "[x]") ?></li>
+                <li>
+                  <?= $user->name ?>
+                  <? if ($user->id != user::ADMIN): ?>
+                  <?= html::anchor("welcome/delete_user/$user->id", "[x]") ?>
+                  <? endif ?>
+                  <ul>
+                    <? foreach ($user->groups as $group): ?>
+                    <li>
+                      <?= $group->name ?>
+                      <? if ($group->id != group::REGISTERED_USERS): ?>
+                      <?= html::anchor("welcome/remove_from_group/$group->id/$user->id", "[x]") ?>
+                      <? endif ?>
+                    </li>
+                    <? endforeach ?>
+                    <li>
+                      <form method="post" action="<?= url::site("welcome/add_to_group/$user->id") ?>">
+                        <input type="text" name="group_name"/>
+                      </form>
+                    </li>
+                  </ul>
+                </li>
                 <? endforeach ?>
               </ul>
               <fieldset>
@@ -267,7 +287,12 @@
             <div id="access_groups" class="activity">
               <ul>
                 <? foreach ($groups as $group): ?>
-                <li> <?= $group->name ?> <?= html::anchor("welcome/delete_group/$group->name", "[x]") ?></li>
+                <li>
+                  <?= $group->name ?>
+                  <? if ($group->id != group::REGISTERED_USERS): ?>
+                  <?= html::anchor("welcome/delete_group/$group->id", "[x]") ?>
+                  <? endif ?>
+                </li>
                 <? endforeach ?>
               </ul>
               <fieldset>
diff --git a/modules/user/helpers/group.php b/modules/user/helpers/group.php
index 84272b79..2e6a3962 100644
--- a/modules/user/helpers/group.php
+++ b/modules/user/helpers/group.php
@@ -24,6 +24,8 @@
  * Note: by design, this class does not do any permission checking.
  */
 class group_Core {
+  const REGISTERED_USERS = 1;
+
   /**
    * Create a new group.
    *
@@ -50,8 +52,8 @@ class group_Core {
    *
    * @param string $name the group name
    */
-  static function delete($name) {
-    $group = ORM::factory("group")->where("name", $name)->find();
+  static function delete($id) {
+    $group = ORM::factory("group", $id);
 
     if ($group->loaded) {
       // Drop the view column for this group in the items table.
@@ -59,4 +61,49 @@ class group_Core {
       $group->delete();
     }
   }
+
+  /**
+   * Remove a user from a group
+   *
+   * @param integer $group_id the id of the group
+   * @param integer $user_id the id of the user
+   * @return Group_Model
+   */
+  static function remove_user($group_id, $user_id) {
+    $group = ORM::factory("group", $group_id);
+    if (!$group->loaded) {
+      throw new Exception("@todo MISSING_GROUP $group_id");
+    }
+
+    $user = ORM::factory("user", $user_id);
+    if (!$user->loaded) {
+      throw new Exception("@todo MISSING_USER $user_id");
+    }
+
+    $group->remove($user);
+    return $group;
+  }
+
+
+  /**
+   * Add a user to a group
+   *
+   * @param integer $group_id the id of the group
+   * @param integer $user_id the id of the user
+   * @return Group_Model
+   */
+  static function add_user($group_id, $user_id) {
+    $group = ORM::factory("group", $group_id);
+    if (!$group->loaded) {
+      throw new Exception("@todo MISSING_GROUP $group_id");
+    }
+
+    $user = ORM::factory("user", $user_id);
+    if (!$user->loaded) {
+      throw new Exception("@todo MISSING_USER $user_id");
+    }
+
+    $group->add($user);
+    return $group;
+  }
 }
\ No newline at end of file
diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php
index 9d387b4b..6551891c 100644
--- a/modules/user/helpers/user.php
+++ b/modules/user/helpers/user.php
@@ -24,6 +24,8 @@
  * Note: by design, this class does not do any permission checking.
  */
 class user_Core {
+  const ADMIN = 1;
+
   /**
    * Return the form for creating / modifying users.
    */
@@ -74,16 +76,19 @@ class user_Core {
     $user->display_name = $name;
     $user->password = $name;
     $user->save();
+
+    group::add_user(group::REGISTERED_USERS, $user->id);
+
     return $user;
   }
 
   /**
    * Delete a user
    *
-   * @param string $name the user name
+   * @param string $id the user id
    */
-  static function delete($name) {
-    ORM::factory("user")->where("name", $name)->find()->delete();
+  static function delete($id) {
+    ORM::factory("user", $id)->delete();
   }
 
   /**
diff --git a/modules/user/helpers/user_installer.php b/modules/user/helpers/user_installer.php
index d3976e80..4a86692c 100644
--- a/modules/user/helpers/user_installer.php
+++ b/modules/user/helpers/user_installer.php
@@ -55,13 +55,14 @@ class user_installer {
 
       module::set_version("user", 1);
 
+      $registered = group::create("Registered Users");
+
       // @todo: get this info from the installer
       $admin = user::create("admin", "Gallery Administrator", "admin");
       $user = user::create("joe", "Joe User", "joe");
 
-      $registered = group::create("Registered Users");
-      $registered->add($admin);
-      $registered->add($user);
+      group::add_user($registered->id, $admin->id);
+      group::add_user($registered->id, $user->id);
 
       // Let the admin own everything
       $db->query("UPDATE `items` SET `owner_id` = {$admin->id} WHERE `owner_id` IS NULL");
@@ -69,6 +70,11 @@ class user_installer {
   }
 
   public static function uninstall() {
+    // Remove all our groups so that we clean up the items table
+    foreach (ORM::factory("group")->find_all() as $group) {
+      group::delete($group->id);
+    }
+
     try {
       Session::instance()->destroy();
     } catch (Exception $e) {