diff options
| -rw-r--r-- | modules/user/controllers/admin_users.php | 20 | ||||
| -rw-r--r-- | modules/user/controllers/users.php | 19 | ||||
| -rw-r--r-- | modules/user/helpers/user.php | 40 | ||||
| -rw-r--r-- | modules/user/helpers/user_installer.php | 4 | ||||
| -rw-r--r-- | modules/user/models/user.php | 2 | ||||
| -rw-r--r-- | modules/user/views/admin_users.html.php | 12 |
6 files changed, 56 insertions, 41 deletions
diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index 7325455c..4ec96a1a 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -23,4 +23,24 @@ class Admin_Users_Controller extends Controller { $view->users = ORM::factory("user")->find_all(); return $view; } + + public function edit($id) { + $view = new View("admin_users_edit.html"); + $user = ORM::factory("user", $id); + if (!$user->loaded) { + kohana::show_404(); + } + + $form = user::get_edit_form($user, "admin/users/edit/$id"); + if (request::method() =="post" && $form->validate()) { + $user->name = $form->edit_user->uname->value; + $user->full_name = $form->edit_user->full_name->value; + $user->password = $form->edit_user->password->value; + $user->email = $form->edit_user->email->value; + $user->save(); + url::redirect("admin/users/edit/$id"); + } + + return $form; + } } diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index f6b77d0d..b287f685 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -46,16 +46,19 @@ class Users_Controller extends REST_Controller { * @see Rest_Controller::_update($resource) */ public function _update($user) { + if ($user->guest || $user->id != user::active()->id) { + access::forbidden(); + } + $form = user::get_edit_form($user); if ($form->validate()) { - foreach ($form->as_array() as $key => $value) { - $user->$key = $value; - } + $user->full_name = $form->edit_user->full_name->value; + $user->password = $form->edit_user->password->value; + $user->email = $form->edit_user->email->value; $user->save(); if ($continue = $this->input->get("continue")) { url::redirect($continue); } - return; } print $form; } @@ -72,7 +75,13 @@ class Users_Controller extends REST_Controller { * @see Rest_Controller::form($resource) */ public function _form_edit($user) { - print user::get_edit_form($user); + if ($user->guest || user::active()->id != $user->id) { + access::forbidden(); + } + + print user::get_edit_form( + $user, + "users/{$user->id}?_method=put&continue=" . $this->input->get("continue")); } /** diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index daf95f02..387e0e3e 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -24,33 +24,13 @@ * Note: by design, this class does not do any permission checking. */ class user_Core { - /** - * Return the form for creating / modifying users. - */ - public static function get_edit_form($user) { - $form = new Forge( - url::site("users/{$user->id}?_method=put"), "", "post", array("id" => "gUserForm")); - $group = $form->group(_("User Info")); - - $group->input("name") - ->label(_("Name")) - ->id("gName") - ->value($user->name); - - $group->input("display_name") - ->label(_("Display Name")) - ->id("gDisplayName") - ->value($user->display_name); - - $group->password("password") - ->label(_("Password")) - ->id("gPassword"); - - $group->input("email") - ->label(_("Email")) - ->id("gEmail") - ->value($user->email); - + public static function get_edit_form($user, $action) { + $form = new Forge($action, "", "post", array("id" => "gUserForm")); + $group = $form->group("edit_user")->label(_("Edit User")); + $group->input("uname")->label(_("Name"))->id("gName")->value($user->name); + $group->input("full_name")->label(_("Full Name"))->id("gFullName")->value($user->full_name); + $group->password("password")->label(_("Password"))->id("gPassword"); + $group->input("email")->label(_("Email"))->id("gEmail")->value($user->email); $group->submit(_("Modify")); $form->add_rules_from($user); return $form; @@ -129,18 +109,18 @@ class user_Core { * Create a new user. * * @param string $name - * @param string $display_name + * @param string $full_name * @param string $password * @return User_Model */ - public static function create($name, $display_name, $password) { + public static function create($name, $full_name, $password) { $user = ORM::factory("user")->where("name", $name)->find(); if ($user->loaded) { throw new Exception("@todo USER_ALREADY_EXISTS $name"); } $user->name = $name; - $user->display_name = $display_name; + $user->full_name = $full_name; $user->password = $password; // Everybody group diff --git a/modules/user/helpers/user_installer.php b/modules/user/helpers/user_installer.php index 739a8815..e19abc11 100644 --- a/modules/user/helpers/user_installer.php +++ b/modules/user/helpers/user_installer.php @@ -26,7 +26,7 @@ class user_installer { $db->query("CREATE TABLE IF NOT EXISTS `users` ( `id` int(9) NOT NULL auto_increment, `name` varchar(32) NOT NULL, - `display_name` varchar(255) NOT NULL, + `full_name` varchar(255) NOT NULL, `password` varchar(128) NOT NULL, `login_count` int(10) unsigned NOT NULL DEFAULT 0, `last_login` int(10) unsigned NOT NULL DEFAULT 0, @@ -34,7 +34,7 @@ class user_installer { `admin` BOOLEAN default 0, `guest` BOOLEAN default 0, PRIMARY KEY (`id`), - UNIQUE KEY(`display_name`)) + UNIQUE KEY(`name`)) ENGINE=InnoDB DEFAULT CHARSET=utf8;"); $db->query("CREATE TABLE IF NOT EXISTS `groups` ( diff --git a/modules/user/models/user.php b/modules/user/models/user.php index 82834930..118c1669 100644 --- a/modules/user/models/user.php +++ b/modules/user/models/user.php @@ -22,7 +22,7 @@ class User_Model extends ORM { var $rules = array( "name" => "required|length[4,32]", - "display_name" => "length[0,255]", + "full_name" => "length[0,255]", "email" => "valid_email|length[4,255]", "password" => "required|length[5,40]"); diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php index 5e43fae9..fc6c98bf 100644 --- a/modules/user/views/admin_users.html.php +++ b/modules/user/views/admin_users.html.php @@ -5,9 +5,15 @@ <div class="gBlockContent"> <p>These are the users in your system</p> <table> - <? foreach ($users as $i => $user): ?> - <tr><td><?= $user->name ?></td></tr> - <? endforeach ?> + <? foreach ($users as $i => $user): ?> + <tr> + <td> + <a href="<?= url::site("admin/users/edit/$user->id") ?>"> + <?= $user->name ?> + </a> + </td> + </tr> + <? endforeach ?> </table> </div> </div> |