diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2008-12-25 05:12:46 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2008-12-25 05:12:46 +0000 |
| commit | fdc0f83024ee8a10f223132d9e02a9e10466e46a (patch) | |
| tree | 38dc87629f8063ac3997edbd2a852c318ffb089f | |
| parent | 6e68c5ca28e52773fca16e77aecdde2b92351af2 (diff) | |
Big round of normalization of the way that our controllers
communicate. Almost all controllers now use JSON to speak to the
theme when we're dealing with form processing. This means tht we only
send the form back and forth, but we use a JSON protocol to tell the
browser success/error status as well as the location of any newly
created resources, or where the browser should redirect the user.
Lots of small changes:
1) Admin -> Edit Profile is gone. Instead I fixed the "Modify Profile" link
in the top right corner to be a modal dialog
2) We use json_encode everywhere. No more Atom/XML for now. We can bring those
back later, though. For now there's a lot of code duplication but that'll be
easy to clean up.
3) REST_Controller is no longer abstract. All methods its subclasses should create
throw exceptions, which means that subclasses don't have to implement stubs for
those methods.
4) New pattern: helper method get_add_form calls take an Item_Model,
not an id since we have to load the Item_Model in the controller
anyway to check permissions.
5) User/Groups REST resources are separate from User/Group in the site
admin. They do different things, we should avoid confusing overlap.
| -rw-r--r-- | core/controllers/albums.php | 38 | ||||
| -rw-r--r-- | core/controllers/items.php | 33 | ||||
| -rw-r--r-- | core/controllers/photos.php | 10 | ||||
| -rw-r--r-- | core/controllers/rest.php | 32 | ||||
| -rw-r--r-- | core/helpers/core_menu.php | 5 | ||||
| -rw-r--r-- | modules/comment/controllers/comments.php | 17 | ||||
| -rw-r--r-- | modules/comment/helpers/comment.php | 4 | ||||
| -rw-r--r-- | modules/comment/js/comment.js | 6 | ||||
| -rw-r--r-- | modules/tag/controllers/tags.php | 22 | ||||
| -rw-r--r-- | modules/tag/helpers/tag.php | 4 | ||||
| -rw-r--r-- | modules/tag/js/tag.js | 6 | ||||
| -rw-r--r-- | modules/user/controllers/admin_users.php | 35 | ||||
| -rw-r--r-- | modules/user/controllers/groups.php | 106 | ||||
| -rw-r--r-- | modules/user/controllers/login.php | 51 | ||||
| -rw-r--r-- | modules/user/controllers/users.php | 88 | ||||
| -rw-r--r-- | modules/user/helpers/group.php | 26 | ||||
| -rw-r--r-- | modules/user/helpers/user.php | 36 | ||||
| -rw-r--r-- | modules/user/helpers/user_menu.php | 11 | ||||
| -rw-r--r-- | modules/user/views/admin_users.html.php | 81 | ||||
| -rw-r--r-- | modules/user/views/login.html.php | 4 | ||||
| -rw-r--r-- | themes/default/js/ui.init.js | 21 |
21 files changed, 250 insertions, 386 deletions
diff --git a/core/controllers/albums.php b/core/controllers/albums.php index 10887592..47412dfc 100644 --- a/core/controllers/albums.php +++ b/core/controllers/albums.php @@ -82,10 +82,15 @@ class Albums_Controller extends Items_Controller { log::add("content", "Created an album", log::INFO, html::anchor("albums/$new_album->id", "view album")); message::add(_("Successfully created album")); - rest::http_status(rest::CREATED); - rest::http_location(url::site("albums/$new_album->id")); + + print json_encode( + array("result" => "success", + "location" => url::site("albums/$new_album->id"), + "resource" => url::site("albums/$new_album->id"))); } else { - print $form; + print json_encode( + array("result" => "error", + "form" => $form->__toString())); } } @@ -105,11 +110,15 @@ class Albums_Controller extends Items_Controller { log::add("content", "Added a photo", log::INFO, html::anchor("photos/$photo->id", "view photo")); message::add(_("Successfully added photo")); - //rest::http_status(rest::CREATED); - //rest::http_location(url::site("photos/$photo->id")); - print "<h1>this is a response</h1>"; + + print json_encode( + array("result" => "success", + "resource" => url::site("photos/$photo->id"), + "location" => url::site("photos/$photo->id"))); } else { - print $form; + print json_encode( + array("result" => "error", + "form" => $form->__toString())); } } @@ -132,12 +141,15 @@ class Albums_Controller extends Items_Controller { log::add("content", "Updated album", log::INFO, "<a href=\"albums/$album->id\">view</a>"); message::add(_("Successfully saved album")); - rest::http_status(rest::CREATED); - rest::http_location(url::site("albums/$album->id")); + + print json_encode( + array("result" => "success", + "location" => url::site("albums/$album->id"))); } else { - rest::html($form); + print json_encode( + array("result" => "error", + "form" => $form->__toString())); } - rest::respond(); } /** @@ -149,11 +161,11 @@ class Albums_Controller extends Items_Controller { switch ($this->input->get("type")) { case "album": - print album::get_add_form($album)->render(); + print album::get_add_form($album); break; case "photo": - print photo::get_add_form($album)->render(); + print photo::get_add_form($album); break; default: diff --git a/core/controllers/items.php b/core/controllers/items.php index ab63889e..60b2762f 100644 --- a/core/controllers/items.php +++ b/core/controllers/items.php @@ -20,27 +20,6 @@ class Items_Controller extends REST_Controller { protected $resource_type = "item"; - /** - * @see REST_Controller::_index() - */ - public function _index() { - throw new Exception("@todo Item_Controller::_index NOT IMPLEMENTED"); - } - - /** - * @see REST_Controller::_form_add($parameters) - */ - public function _form_add($parameters) { - throw new Exception("@todo Items_Controller::_form_add NOT IMPLEMENTED"); - } - - /** - * @see REST_Controller::_form_edit($resource) - */ - public function _form_edit($item) { - throw new Exception("@todo Items_Controller::_form_edit NOT IMPLEMENTED"); - } - public function _show($item) { // Redirect to the more specific resource type, since it will render // differently. We could also just delegate here, but it feels more appropriate @@ -48,16 +27,4 @@ class Items_Controller extends REST_Controller { access::required("view", $item); return url::redirect("{$item->type}s/$item->id"); } - - public function _delete($item) { - throw new Exception("@todo Item_Controller::_delete NOT IMPLEMENTED"); - } - - public function _create($item) { - throw new Exception("@todo Item_Controller::_create NOT IMPLEMENTED"); - } - - public function _update($item) { - throw new Exception("@todo Item_Controller::_update NOT IMPLEMENTED"); - } } diff --git a/core/controllers/photos.php b/core/controllers/photos.php index a8282f36..04553bd1 100644 --- a/core/controllers/photos.php +++ b/core/controllers/photos.php @@ -59,12 +59,14 @@ class Photos_Controller extends Items_Controller { log::add("content", "Updated photo", log::INFO, "<a href=\"photos/$photo->id\">view</a>"); message::add(_("Successfully saved photo")); - rest::http_status(rest::FOUND); - rest::http_location(url::site("photos/$photo->id")); + print json_encode( + array("result" => "success", + "location" => url::site("photos/$photo->id"))); } else { - rest::html($form); + print json_encode( + array("result" => "error", + "form" => $form->__toString())); } - rest::respond(); } /** diff --git a/core/controllers/rest.php b/core/controllers/rest.php index 0ac7a1c9..ceca321e 100644 --- a/core/controllers/rest.php +++ b/core/controllers/rest.php @@ -55,11 +55,11 @@ * } * * A request to http://example.com/gallery3/comments/3 will result in a call to - * REST_Controller::dispatch(3) which will load up the comment associated with id 3. If there's + * REST_Controller::__call(3) which will load up the comment associated with id 3. If there's * no such comment, it returns a 404. Otherwise, it will then delegate to * Comment_Controller::get() with the ORM instance as an argument. */ -abstract class REST_Controller extends Controller { +class REST_Controller extends Controller { protected $resource_type = null; public function __construct() { @@ -125,41 +125,55 @@ abstract class REST_Controller extends Controller { * Perform a GET request on the controller root * (e.g. http://www.example.com/gallery3/comments) */ - abstract public function _index(); + public function _index() { + throw new Exception("@todo _create NOT IMPLEMENTED"); + } /** * Perform a POST request on this resource * @param ORM $resource the instance of this resource type */ - abstract public function _create($resource); + public function _create($resource) { + throw new Exception("@todo _create NOT IMPLEMENTED"); + } /** * Perform a GET request on this resource * @param ORM $resource the instance of this resource type */ - abstract public function _show($resource); + public function _show($resource) { + throw new Exception("@todo _show NOT IMPLEMENTED"); + } /** * Perform a PUT request on this resource * @param ORM $resource the instance of this resource type */ - abstract public function _update($resource); + public function _update($resource) { + throw new Exception("@todo _update NOT IMPLEMENTED"); + } /** * Perform a DELETE request on this resource * @param ORM $resource the instance of this resource type */ - abstract public function _delete($resource); + public function _delete($resource) { + throw new Exception("@todo _delete NOT IMPLEMENTED"); + } /** * Present a form for adding a new resource * @param string part of the URI after the controller name */ - abstract public function _form_add($parameter); + public function _form_add($parameter) { + throw new Exception("@todo _form_add NOT IMPLEMENTED"); + } /** * Present a form for editing an existing resource * @param ORM $resource the resource container for instances of this resource type */ - abstract public function _form_edit($resource); + public function _form_edit($resource) { + throw new Exception("@todo _form_edit NOT IMPLEMENTED"); + } } diff --git a/core/helpers/core_menu.php b/core/helpers/core_menu.php index 685ccf64..0a28f21f 100644 --- a/core/helpers/core_menu.php +++ b/core/helpers/core_menu.php @@ -57,11 +57,6 @@ class core_menu_Core { ->label(_("Add an album")) ->url(url::site("form/add/albums/$item->id?type=album"))); } - - $admin_menu->append(Menu::factory("dialog") - ->id("edit") - ->label(_("Edit")) - ->url(url::site("form/edit/{$item->type}s/$item->id"))); } if (user::active()->admin) { diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index e759309f..e6ade267 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -56,8 +56,10 @@ class Comments_Controller extends REST_Controller { */ public function _create($comment) { rest::http_content_type(rest::JSON); + $item = ORM::factory("item", $this->input->post("item_id")); + access::required("view", $item); - $form = comment::get_add_form($this->input->post("item_id")); + $form = comment::get_add_form($item); if ($form->validate()) { $comment->author = $this->input->post("author"); $comment->email = $this->input->post("email"); @@ -71,7 +73,7 @@ class Comments_Controller extends REST_Controller { print json_encode( array("result" => "success", "resource" => url::site("comments/{$comment->id}"), - "form" => comment::get_add_form($this->input->post("item_id"))->__toString())); + "form" => comment::get_add_form($item)->__toString())); } else { print json_encode( array("result" => "error", @@ -86,7 +88,9 @@ class Comments_Controller extends REST_Controller { */ public function _show($comment) { if (rest::output_format() == "json") { - print json_encode(array("result" => "success", "data" => $comment->as_array())); + print json_encode( + array("result" => "success", + "data" => $comment->as_array())); } else { $view = new View("comment.html"); $view->comment = $comment; @@ -135,8 +139,11 @@ class Comments_Controller extends REST_Controller { * Present a form for adding a new comment to this item or editing an existing comment. * @see REST_Controller::form_add($resource) */ - public function _form_add($item_id) { - print comment::get_add_form($item_id); + public function _form_add($item) { + $item = ORM::factory("item", $item_id); + access::required("view", $item); + + print comment::get_add_form($item); } /** diff --git a/modules/comment/helpers/comment.php b/modules/comment/helpers/comment.php index 51246444..79aa9ddc 100644 --- a/modules/comment/helpers/comment.php +++ b/modules/comment/helpers/comment.php @@ -52,13 +52,13 @@ class comment_Core { return $comment; } - static function get_add_form($item_id) { + static function get_add_form($item) { $form = new Forge(url::site("comments"), "", "post"); $group = $form->group("add_comment")->label(_("Add comment")); $group->input("author") ->label(_("Author")) ->id("gAuthor"); $group->input("email") ->label(_("Email")) ->id("gEmail"); $group->textarea("text")->label(_("Text")) ->id("gText"); - $group->hidden("item_id")->value($item_id); + $group->hidden("item_id")->value($item->id); $group->submit(_("Add")); $form->add_rules_from(ORM::factory("comment")); return $form; diff --git a/modules/comment/js/comment.js b/modules/comment/js/comment.js index 3ae23f62..c9cfeb08 100644 --- a/modules/comment/js/comment.js +++ b/modules/comment/js/comment.js @@ -6,8 +6,10 @@ function ajaxify_comment_form() { $("#gComments form").ajaxForm({ dataType: "json", success: function(data) { - $("#gComments form").replaceWith(data.form); - ajaxify_comment_form(); + if (data.form) { + $("#gComments form").replaceWith(data.form); + ajaxify_comment_form(); + } if (data.result == "success") { $.get(data.resource, function(data, textStatus) { $("#gComments .gBlockContent ul:first").append("<li>"+data+"</li>"); diff --git a/modules/tag/controllers/tags.php b/modules/tag/controllers/tags.php index 69bc9a48..4f8cfa5b 100644 --- a/modules/tag/controllers/tags.php +++ b/modules/tag/controllers/tags.php @@ -42,31 +42,22 @@ class Tags_Controller extends REST_Controller { } public function _index() { - // @todo: represent this in different formats print tag::cloud(30); } - public function _form_add($item_id) { - return tag::get_add_form($item_id); - } - - public function _form_edit($tag) { - throw new Exception("@todo Tag_Controller::_form_edit NOT IMPLEMENTED"); - } - public function _create($tag) { rest::http_content_type(rest::JSON); $item = ORM::factory("item", $this->input->post("item_id")); access::required("edit", $item); - $form = tag::get_add_form($item->id); + $form = tag::get_add_form($item); if ($form->validate()) { tag::add($item, $this->input->post("tag_name")); print json_encode( array("result" => "success", "resource" => url::site("tags/{$tag->id}"), - "form" => tag::get_add_form($item->id)->__toString())); + "form" => tag::get_add_form($item)->__toString())); } else { print json_encode( array("result" => "error", @@ -74,11 +65,10 @@ class Tags_Controller extends REST_Controller { } } - public function _delete($tag) { - throw new Exception("@todo Tag_Controller::_delete NOT IMPLEMENTED"); - } + public function _form_add($item_id) { + $item = ORM::factory("item", $item_id); + access::required("view", $item); - public function _update($tag) { - throw new Exception("@todo Tag_Controller::_update NOT IMPLEMENTED"); + return tag::get_add_form($item); } } diff --git a/modules/tag/helpers/tag.php b/modules/tag/helpers/tag.php index 7e42ed50..b6d39213 100644 --- a/modules/tag/helpers/tag.php +++ b/modules/tag/helpers/tag.php @@ -79,11 +79,11 @@ class tag_Core { } } - public static function get_add_form($item_id) { + public static function get_add_form($item) { $form = new Forge(url::site("tags"), "", "post", array("id" => "gAddTagForm")); $group = $form->group("add_tag")->label(_("Add Tag")); $group->input("tag_name")->label(_("Add tag")); - $group->hidden("item_id")->value($item_id); + $group->hidden("item_id")->value($item->id); $group->submit(_("Add")); $form->add_rules_from(ORM::factory("tag")); return $form; diff --git a/modules/tag/js/tag.js b/modules/tag/js/tag.js index 92f585a5..fc74eb26 100644 --- a/modules/tag/js/tag.js +++ b/modules/tag/js/tag.js @@ -6,8 +6,10 @@ function ajaxify_tag_form() { $("#gTag form").ajaxForm({ dataType: "json", success: function(data) { - $("#gTag form").replaceWith(data.form); - ajaxify_tag_form(); + if (data.form) { + $("#gTag form").replaceWith(data.form); + ajaxify_tag_form(); + } if (data.result == "success") { $.get($("#gTagCloud").attr("src"), function(data, textStatus) { $("#gTagCloud").html(data); diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index c39092b2..630b5764 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -26,6 +26,40 @@ class Admin_Users_Controller extends Controller { print $view; } + public function create() { + $form = user::get_add_form(); + if ($form->validate()) { + $user = user::create($form->add_user->inputs["name"]->value, + $form->add_user->full_name->value, $form->add_user->password->value); + $user->email = $form->add_user->email->value; + $user->save(); + log::add(sprintf(_("Created user %s"), $user->name)); + message::add(sprintf(_("Created user %s"), $user->name)); + url::redirect("admin/users"); + } + + print $form; + } + + public function delete($id) { + $user = ORM::factory("user", $id); + if (!$user->loaded) { + kohana::show_404(); + } + + $form = user::get_delete_form($user); + if ($form->validate()) { + $name = $user->name; + $user->delete(); + + log::add(sprintf(_("Deleted user %s"), $name)); + message::add(sprintf(_("Deleted user %s"), $name)); + url::redirect("admin/users"); + } + + print $form; + } + public function edit($id) { $user = ORM::factory("user", $id); if (!$user->loaded) { @@ -39,6 +73,7 @@ class Admin_Users_Controller extends Controller { $user->password = $form->edit_user->password->value; $user->email = $form->edit_user->email->value; $user->save(); + message::add(sprintf(_("Changed user %s"), $user->name)); url::redirect("admin/users/edit/$id"); } diff --git a/modules/user/controllers/groups.php b/modules/user/controllers/groups.php deleted file mode 100644 index 7c68c405..00000000 --- a/modules/user/controllers/groups.php +++ /dev/null @@ -1,106 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2008 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class Groups_Controller extends REST_Controller { - protected $resource_type = "group"; - - /** - * Display comments based on criteria. - * @see REST_Controller::_index() - */ - public function _index() { - throw new Exception("@todo Group_Controller::_index NOT IMPLEMENTED"); - } - - /** - * @see REST_Controller::_create($resource) - */ - public function _create($resource) { - $form = group::get_add_form(); - if ($form->validate()) { - group::create($form->add_group->gname->value); - if ($continue = $this->input->get("continue")) { - url::redirect($continue); - } - } - print $form; - } - - /** - * @see REST_Controller::_show($resource) - */ - public function _show($user) { - throw new Exception("@todo Group_Controller::_show NOT IMPLEMENTED"); - } - - /** - * @see REST_Controller::_update($resource) - */ - public function _update($group) { - $form = group::get_edit_form($group); - if ($form->validate()) { - $group->name = $form->edit_group->gname->value; - $group->save(); - if ($continue = $this->input->get("continue")) { - url::redirect($continue); - } - } - print $form; - } - - /** - * @see REST_Controller::_delete($resource) - */ - public function _delete($group) { - if (!(user::active()->admin) || $group->special) { - access::forbidden(); - } - // Prevent CSRF - $form = group::get_delete_form($group); - if ($form->validate()) { - $group->delete(); - if ($continue = $this->input->get("continue")) { - url::redirect($continue); - } - } - print $form; - } - - /** - * Present a form for editing a user - * @see REST_Controller::form($resource) - */ - public function _form_edit($group) { - if ($group->guest || group::active()->id != $group->id) { - access::forbidden(); - } - - print group::get_edit_form( - $group, - "users/{$group->id}?_method=put&continue=" . $this->input->get("continue")); - } - - /** - * Present a form for adding a user - * @see REST_Controller::form($resource) - */ - public function _form_add($parameters) { - throw new Exception("@todo Group_Controller::_form_add NOT IMPLEMENTED"); - } -} diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php index 508d282d..48527a41 100644 --- a/modules/user/controllers/login.php +++ b/modules/user/controllers/login.php @@ -19,26 +19,45 @@ */ class Login_Controller extends Controller { public function index() { - $form = new Forge(url::current(true), "", "post", array("id" => "gLoginForm")); - $group = $form->group("login_form")->label(_("Login")); - $group->input("name")->label(_("Name"))->id("gName")->class(null); - $group->password("password")->label(_("Password"))->id("gPassword")->class(null); - $group->inputs["name"]->error_messages("invalid_login", _("Invalid name or password")); + if (request::method() == "post") { + $this->_try_login(); + } else { + print $this->_login_form(); + } + } + + private function _try_login() { + $form = $this->_login_form(); - if (request::method() == "post" && $form->validate()) { - $user = ORM::factory("user")->where("name", $group->inputs["name"]->value)->find(); - if ($user->loaded && - user::is_correct_password($user, $group->password->value)) { - user::login($user); - log::add("user", "User $user->name logged in"); - rest::http_status(rest::ACCEPTED); - } else { - log::add("user", sprintf(_("Failed login for %s"), $group->inputs["name"]->value), + $valid = $form->validate(); + if ($valid) { + $user = ORM::factory("user")->where("name", $form->login->inputs["name"]->value)->find(); + if (!$user->loaded || !user::is_correct_password($user, $form->login->password->value)) { + log::add("user", sprintf(_("Failed login for %s"), $form->login->inputs["name"]->value), log::WARNING); - $group->inputs["name"]->add_error("invalid_login", 1); + $form->login->inputs["name"]->add_error("invalid_login", 1); + $valid = false; } } - print $form->render(); + if ($valid) { + user::login($user); + log::add("user", "User $user->name logged in"); + print json_encode( + array("result" => "success")); + } else { + print json_encode( + array("result" => "error", + "form" => $form->__toString())); + } + } + + private function _login_form() { + $form = new Forge(url::current(true), "", "post", array("id" => "gLoginForm")); + $group = $form->group("login")->label(_("Login")); + $group->input("name")->label(_("Name"))->id("gName")->class(null); + $group->password("password")->label(_("Password"))->id("gPassword")->class(null); + $group->inputs["name"]->error_messages("invalid_login", _("Invalid name or password")); + return $form; } }
\ No newline at end of file diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index a0e89922..7ccab28f 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -20,101 +20,35 @@ class Users_Controller extends REST_Controller { protected $resource_type = "user"; - /** - * Display comments based on criteria. - * @see REST_Controller::_index() - */ - public function _index() { - throw new Exception("@todo User_Controller::_index NOT IMPLEMENTED"); - } - - /** - * @see REST_Controller::_create($resource) - */ - public function _create($resource) { - if (!(user::active()->admin)) { - access::forbidden(); - } - - $form = user::get_add_form(); - if ($form->validate()) { - $user = user::create($form->add_user->uname->value, - $form->add_user->full_name->value, $form->add_user->password->value); - $user->email = $form->add_user->email->value; - $user->save(); - if ($continue = $this->input->get("continue")) { - url::redirect($continue); - } - } - print $form; - } - - /** - * @see REST_Controller::_show($resource) - */ - public function _show($user) { - throw new Exception("@todo User_Controller::_show NOT IMPLEMENTED"); - } - - /** - * @see REST_Controller::_update($resource) - */ public function _update($user) { - if (!user::active()->admin && ($user->guest || $user->id != user::active()->id)) { + if ($user->guest || $user->id != user::active()->id) { access::forbidden(); } $form = user::get_edit_form($user); $form->edit_user->password->rules("-required"); if ($form->validate()) { + // @todo: allow the user to change their name $user->full_name = $form->edit_user->full_name->value; $user->password = $form->edit_user->password->value; $user->email = $form->edit_user->email->value; $user->save(); - if ($continue = $this->input->get("continue")) { - url::redirect($continue); - } - } - print $form; - } - /** - * @see REST_Controller::_delete($resource) - */ - public function _delete($user) { - if (!user::active()->admin || $user->id == user::active()->id ) { - access::forbidden(); + print json_encode( + array("result" => "success", + "resource" => url::site("users/{$user->id}"))); + } else { + print json_encode( + array("result" => "error", + "form" => $form->__toString())); } - // Prevent CSRF - $form = user::get_delete_form($user); - if ($form->validate()) { - $user->delete(); - if ($continue = $this->input->get("continue")) { - url::redirect($continue); - } - } - print $form; } - /** - * Present a form for editing a user - * @see REST_Controller::form($resource) - */ public function _form_edit($user) { - if (!user::active()->admin && ($user->guest || $user->id != user::active()->id)) { + if ($user->guest || $user->id != user::active()->id) { access::forbidden(); } - print user::get_edit_form( - $user, - "users/{$user->id}?_method=put&continue=" . $this->input->get("continue")); - } - - /** - * Present a form for adding a user - * @see REST_Controller::form($resource) - */ - public function _form_add($parameters) { - throw new Exception("@todo User_Controller::_form_add NOT IMPLEMENTED"); + print user::get_edit_form($user); } } diff --git a/modules/user/helpers/group.php b/modules/user/helpers/group.php index 673f7d92..a1aea90f 100644 --- a/modules/user/helpers/group.php +++ b/modules/user/helpers/group.php @@ -46,50 +46,40 @@ class group_Core { /** * The group of all possible visitors. This includes the guest user. * - * @todo consider caching - * * @return Group_Model */ static function everybody() { - return ORM::factory("group", 1); + return model_cache::get("group", 1); } /** * The group of all logged-in visitors. This does not include guest users. * - * @todo consider caching - * * @return Group_Model */ static function registered_users() { - return ORM::factory("group", 2); + return model_cache::get("group", 2); } - - /** - * This is the API for handling groups. - * @TODO incorporate rules! - */ + public static function get_edit_form($group, $action = NULL) { $form = new Forge($action); $form_group = $form->group("edit_group")->label(_("Edit Group")); - $form_group->input("gname")->label(_("Name"))->id("gName")->value($group->name); + $form_group->input("name")->label(_("Name"))->id("gName")->value($group->name); $form_group->submit(_("Modify")); $form->add_rules_from($group); - $form->edit_group->gname->rules($group->rules["name"]); return $form; } - + public static function get_add_form($action = NULL) { $form = new Forge($action); $form_group = $form->group("add_group")->label(_("Add Group")); - $form_group->input("gname")->label(_("Name"))->id("gName"); + $form_group->input("name")->label(_("Name"))->id("gName"); $form_group->submit(_("Create")); $group = ORM::factory("group"); $form->add_rules_from($group); - $form->add_group->gname->rules($group->rules["name"]); return $form; } - + public static function get_delete_form($group, $action = NULL) { $form = new Forge($action); $form_group = $form->group("delete_group")->label(_("Delete Group")); @@ -97,4 +87,4 @@ class group_Core { $form_group->submit(_("Delete")); return $form; } -}
\ No newline at end of file +} diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index 34611dbd..83f9ca2b 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -25,39 +25,50 @@ */ class user_Core { public static function get_edit_form($user, $action = NULL) { - $form = new Forge($action, "", "post", array("id" => "gUserForm")); + $form = new Forge("users/$user->id?_method=put", "", "post", array("id" => "gUserForm")); $group = $form->group("edit_user")->label(_("Edit User")); - $group->input("uname")->label(_("Name"))->id("gName")->value($user->name); + $group->input("name")->label(_("Name"))->id("gName")->value($user->name); $group->input("full_name")->label(_("Full Name"))->id("gFullName")->value($user->full_name); $group->password("password")->label(_("Password"))->id("gPassword"); $group->input("email")->label(_("Email"))->id("gEmail")->value($user->email); $group->submit(_("Modify")); $form->add_rules_from($user); - $form->edit_user->uname->rules($user->rules["name"]); return $form; } - public static function get_add_form($action = NULL) { - $form = new Forge($action); + public static function get_edit_form_admin($user, $action = NULL) { + $form = new Forge("admin/users/edit/$user->id", "", "post", array("id" => "gUserForm")); + $group = $form->group("edit_user")->label(_("Edit User")); + $group->input("name")->label(_("Name"))->id("gName")->value($user->name); + $group->input("full_name")->label(_("Full Name"))->id("gFullName")->value($user->full_name); + $group->password("password")->label(_("Password"))->id("gPassword"); + $group->input("email")->label(_("Email"))->id("gEmail")->value($user->email); + $group->submit(_("Modify")); + $form->add_rules_from($user); + return $form; + } + + public static function get_add_form_admin($action = NULL) { + $form = new Forge("admin/users/create"); $group = $form->group("add_user")->label(_("Add User")); - $group->input("uname")->label(_("Name"))->id("gName"); + $group->input("name")->label(_("Name"))->id("gName"); $group->input("full_name")->label(_("Full Name"))->id("gFullName"); $group->password("password")->label(_("Password"))->id("gPassword"); $group->input("email")->label(_("Email"))->id("gEmail"); $group->submit(_("Add")); $user = ORM::factory("user"); $form->add_rules_from($user); - $form->add_user->uname->rules($user->rules["name"]); return $form; } - - public static function get_delete_form($user, $action = NULL) { + + public static function get_delete_form_admin($user, $action = NULL) { $form = new Forge($action); $group = $form->group("delete_user")->label(_("Delete User")); $group->label(sprintf(_("Are you sure you want to delete %s?"), $user->name)); $group->submit(_("Delete")); return $form; } + /** * Make sure that we have a session and group_ids cached in the session. */ @@ -145,10 +156,9 @@ class user_Core { $user->full_name = $full_name; $user->password = $password; - // Everybody group - $user->add(ORM::factory("group", 1)); - // Registered Users group - $user->add(ORM::factory("group", 2)); + // Required groups + $user->add(group::everybody()); + $user->add(group::registered_users()); $user->save(); module::event("user_created", $user); diff --git a/modules/user/helpers/user_menu.php b/modules/user/helpers/user_menu.php index 654a0d89..88f30f29 100644 --- a/modules/user/helpers/user_menu.php +++ b/modules/user/helpers/user_menu.php @@ -18,17 +18,6 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class user_menu_Core { - public static function site($menu, $theme) { - $user = user::active(); - if (!$user->guest) { - $menu->get("admin_menu")->append( - Menu::Factory("dialog") - ->id("edit_profile") - ->label(_("Edit Profile")) - ->url(url::site("users/form/edit/$user->id"))); - } - } - public static function admin($menu, $theme) { $menu->get("users_groups_menu") ->append(Menu::factory("link") diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php index 31ce7f2a..f9dc4c74 100644 --- a/modules/user/views/admin_users.html.php +++ b/modules/user/views/admin_users.html.php @@ -5,26 +5,25 @@ <p>These are the users in your system</p> <ul class="ui-accordion-container"> <? foreach ($users as $i => $user): ?> - <li> - <?= $user->name ?> - <?= ($user->last_login == 0) ? "" : "(" . date("M j, Y", $user->last_login) . ")" ?> - <a href="#">edit</a> - <div> - <?= user::get_edit_form($user, "users/{$user->id}?_method=put&continue=/admin/users"); ?> - </div> - <? if (!(user::active()->id == $user->id || user::guest()->id == $user->id)): ?> - <a href="#">delete</a> - <div> - <?= user::get_delete_form($user, - "users/{$user->id}?_method=delete&continue=/admin/users"); ?> - </div> - <? endif ?> - </li> + <li> + <?= $user->name ?> + <?= ($user->last_login == 0) ? "" : "(" . date("M j, Y", $user->last_login) . ")" ?> + <a href="#">edit</a> + <div> + <?= user::get_edit_form_admin($user); ?> + </div> + <? if (!(user::active()->id == $user->id || user::guest()->id == $user->id)): ?> + <a href="#">delete</a> + <div> + <?= user::get_delete_form_admin($user); ?> + </div> + <? endif ?> + </li> <? endforeach ?> <li><a href="#">Add user</a> - <div> - <?= user::get_add_form("users/add?_method=post&continue=/admin/users"); ?> - </div> + <div> + <?= user::get_add_form_admin(); ?> + </div> </li> </ul> </div> @@ -32,27 +31,27 @@ <div class="gBlockContent"> <p>These are the groups in your system</p> </div> - <ul class="ui-accordion-container"> - <? foreach ($groups as $i => $group): ?> - <li> - <?= $group->name ?> - <a href="#">edit</a> - <div> - <?= group::get_edit_form($group, "groups/{$group->id}?_method=put&continue=/admin/users"); ?> - </div> - <? if (!$group->special): ?> - <a href="#">delete</a> - <div> - <?= group::get_delete_form($group, - "groups/{$group->id}?_method=delete&continue=/admin/users"); ?> - </div> - <? endif ?> - </li> - <? endforeach ?> - <li><a href="#">Add group</a> - <div> - <?= group::get_add_form("groups/add?_method=post&continue=/admin/users"); ?> - </div> - </li> - </ul> + <ul class="ui-accordion-container"> + <? foreach ($groups as $i => $group): ?> + <li> + <?= $group->name ?> + <a href="#">edit</a> + <div> + <?= group::get_edit_form($group, "groups/{$group->id}?_method=put"); ?> + </div> + <? if (!$group->special): ?> + <a href="#">delete</a> + <div> + <?= group::get_delete_form($group, + "groups/{$group->id}?_method=delete"); ?> + </div> + <? endif ?> + </li> + <? endforeach ?> + <li><a href="#">Add group</a> + <div> + <?= group::get_add_form("groups/add?_method=post"); ?> + </div> + </li> + </ul> </div> diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php index a29cdbbd..8b024815 100644 --- a/modules/user/views/login.html.php +++ b/modules/user/views/login.html.php @@ -5,9 +5,9 @@ title="<?= _("Login to Gallery") ?>" id="gLoginLink"><?= _("Login") ?></a></li> <? else: ?> - <li><a href="<?= url::site("user/{$user->id}?continue=" . url::current(true))?>" + <li><a href="<?= url::site("form/edit/users/{$user->id}") ?>" title="<?= _("Edit Your Profile") ?>" - id="gUserProfileLink"><?= _("Modify Profile") ?></a></li> + id="gUserProfileLink" class="gDialogLink"><?= _("Modify Profile") ?></a></li> <li><a href="<?= url::site("logout?continue=" . url::current(true)) ?>" id="gLogoutLink"><?= _("Logout") ?></a></li> <? endif; ?> diff --git a/themes/default/js/ui.init.js b/themes/default/js/ui.init.js index b816dc46..90731faf 100644 --- a/themes/default/js/ui.init.js +++ b/themes/default/js/ui.init.js @@ -107,15 +107,18 @@ function openDialog(element) { var buttons = {}; buttons["Submit"] = function() { $("#gDialog form").ajaxForm({ - complete: function(xhr, statusText) { - if (xhr.status == 201) { - $("#gDialog").dialog("close"); - window.location = xhr.getResponseHeader("Location"); - } else if (xhr.status == 202) { - $("#gDialog").dialog("close"); - window.location.reload(); - } else { - $("#gDialog form").replaceWith(xhr.responseText); + dataType: "json", + success: function(data) { + if (data.form) { + $("#gDialog form").replaceWith(data.form); + } + if (data.result == "success") { + $("#gDialog").dialog("close"); + if (data.location) { + window.location = data.location; + } else { + window.location.reload(); + } } } }).submit(); |