diff options
Diffstat (limited to 'modules/user')
| -rw-r--r-- | modules/user/controllers/admin_users.php | 1 | ||||
| -rw-r--r-- | modules/user/libraries/drivers/Identity/Gallery.php | 256 | ||||
| -rw-r--r-- | modules/user/models/user.php | 21 | ||||
| -rw-r--r-- | modules/user/views/admin_users.html.php | 36 | ||||
| -rw-r--r-- | modules/user/views/admin_users_group.html.php | 4 |
5 files changed, 283 insertions, 35 deletions
diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index 5950c358..70348a69 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -21,6 +21,7 @@ class Admin_Users_Controller extends Admin_Controller { public function index() { $view = new Admin_View("admin.html"); $view->content = new View("admin_users.html"); + $view->content->writable = user::is_writable(); $view->content->users = user::get_user_list(array("orderby" => array("name" => "ASC"))); $view->content->groups = group::get_group_list(array("orderby" => array("name" => "ASC"))); print $view; diff --git a/modules/user/libraries/drivers/Identity/Gallery.php b/modules/user/libraries/drivers/Identity/Gallery.php new file mode 100644 index 00000000..013497b6 --- /dev/null +++ b/modules/user/libraries/drivers/Identity/Gallery.php @@ -0,0 +1,256 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +/* + * Based on the Cache_Sqlite_Driver developed by the Kohana Team + */ +class Identity_Gallery_Driver implements Identity_Driver { + /** + * @see Identity_Driver::guest. + */ + public function guest() { + return new Gallery_User(model_cache::get("user", 1)); + } + + /** + * @see Identity_Driver::create_user. + */ + public function create_user($name, $full_name, $password) { + $user = ORM::factory("user")->where("name", $name)->find(); + if ($user->loaded) { + throw new Exception("@todo USER_ALREADY_EXISTS $name"); + } + + $user->name = $name; + $user->full_name = $full_name; + $user->password = $password; + + // Required groups + $user->add($this->everybody()->_uncloaked()); + $user->add($this->registered_users()->_uncloaked()); + + $user->save(); + return new Gallery_User($user); + } + + /** + * @see Identity_Driver::is_correct_password. + */ + public function is_correct_password($user, $password) { + $valid = $user->password; + + // Try phpass first, since that's what we generate. + if (strlen($valid) == 34) { + require_once(MODPATH . "user/lib/PasswordHash.php"); + $hashGenerator = new PasswordHash(10, true); + return $hashGenerator->CheckPassword($password, $valid); + } + + $salt = substr($valid, 0, 4); + // Support both old (G1 thru 1.4.0; G2 thru alpha-4) and new password schemes: + $guess = (strlen($valid) == 32) ? md5($password) : ($salt . md5($salt . $password)); + if (!strcmp($guess, $valid)) { + return true; + } + + // Passwords with <&"> created by G2 prior to 2.1 were hashed with entities + $sanitizedPassword = html::specialchars($password, false); + $guess = (strlen($valid) == 32) ? md5($sanitizedPassword) + : ($salt . md5($salt . $sanitizedPassword)); + if (!strcmp($guess, $valid)) { + return true; + } + + return false; + } + + /** + * @see Identity_Driver::hash_password. + */ + public function hash_password($password) { + require_once(MODPATH . "user/lib/PasswordHash.php"); + $hashGenerator = new PasswordHash(10, true); + return $hashGenerator->HashPassword($password); + } + + /** + * @see Identity_Driver::lookup_user_by_field. + */ + public function lookup_user_by_field($field_name, $value) { + try { + $user = model_cache::get("user", $value, $field_name); + if ($user->loaded) { + return new Gallery_User($user); + } + } catch (Exception $e) { + if (strpos($e->getMessage(), "MISSING_MODEL") === false) { + throw $e; + } + } + return null; + } + + /** + * @see Identity_Driver::create_group. + */ + public function create_group($name) { + $group = ORM::factory("group")->where("name", $name)->find(); + if ($group->loaded) { + throw new Exception("@todo GROUP_ALREADY_EXISTS $name"); + } + + $group->name = $name; + $group->save(); + + return new Gallery_Group($group); + } + + /** + * @see Identity_Driver::everybody. + */ + public function everybody() { + return new Gallery_Group(model_cache::get("group", 1)); + } + + /** + * @see Identity_Driver::registered_users. + */ + public function registered_users() { + return new Gallery_Group(model_cache::get("group", 2)); + } + + /** + * @see Identity_Driver::lookup_group_by_field. + */ + public function lookup_group_by_field($field_name, $value) { + try { + $group = model_cache::get("group", $value, $field_name); + if ($group->loaded) { + return new Gallery_Group($group); + } + } catch (Exception $e) { + if (strpos($e->getMessage(), "MISSING_MODEL") === false) { + throw $e; + } + } + return null; + } + + /** + * @see Identity_Driver::get_user_list. + */ + public function get_user_list($filter=array()) { + $results = $this->_do_search("user", $filter); + $users = array(); + foreach ($results->as_array() as $user) { + $users[] = new Gallery_User($user); + } + return $users; + } + + /** + * @see Identity_Driver::get_group_list. + */ + public function get_group_list($filter=array()) { + $results = $this->_do_search("group", $filter); + $groups = array(); + foreach ($results->as_array() as $group) { + $groups[] = new Gallery_Group($group); + } + return $groups; + } + + /** + * @see Identity_Driver::get_edit_rules. + */ + public function get_edit_rules($object_type) { + return (object)ORM::factory($object_type)->rules; + } + + /** + * Build the query based on the supplied filters for the specified model. + * @param string $object_type to return rules for ("user"|"group") + * @param mixed $filters options to apply to the selection. + */ + private function _do_search($object_type, $filter) { + $object = ORM::factory($object_type); + + foreach ($filter as $method => $args) { + switch ($method) { + case "in": + $object->in($args[0], $args[1]); + break; + default: + $object->$method($args); + } + } + + return $object->find_all(); + } + +} // End Identity Gallery Driver + +/** + * User Data wrapper + */ +class Gallery_User extends User_Definition { + /* + * Not for general user, allows the back-end to easily create the interface object + */ + function __construct($user) { + $this->user = $user; + } + + public function save() { + $this->user->save(); + } + + public function delete() { + $this->user->delete(); + } + +} + +/** + * Group Data wrapper + */ +class Gallery_Group extends Group_Definition { + /* + * Not for general user, allows the back-end to easily create the interface object + */ + function __construct($group) { + $this->group = $group; + } + + public function save() { + $this->group->save(); + } + + public function delete() { + $this->group->delete(); + } + + public function add($user) { + $this->group->add($user->_uncloaked()); + } + + public function remove($user) { + $this->group->remove($user->_uncloaked()); + } +} diff --git a/modules/user/models/user.php b/modules/user/models/user.php index 55562f34..1993bd05 100644 --- a/modules/user/models/user.php +++ b/modules/user/models/user.php @@ -51,16 +51,6 @@ class User_Model extends ORM { module::event("user_deleted", $old); } - /** - * Return a url to the user's avatar image. - * @param integer $size the target size of the image (default 80px) - * @return string a url - */ - public function avatar_url($size=80, $default=null) { - return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s", - md5($this->email), $size, $default ? "&d=" . urlencode($default) : ""); - } - public function save() { if (!$this->loaded) { $created = 1; @@ -73,13 +63,4 @@ class User_Model extends ORM { } return $this; } - - /** - * Return the best version of the user's name. Either their specified full name, or fall back - * to the user name. - * @return string - */ - public function display_name() { - return empty($this->full_name) ? $this->name : $this->full_name; - } -}
\ No newline at end of file +} diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php index a127bc15..82d0926c 100644 --- a/modules/user/views/admin_users.html.php +++ b/modules/user/views/admin_users.html.php @@ -2,7 +2,7 @@ <script type="text/javascript"> var add_user_to_group_url = "<?= url::site("admin/users/add_user_to_group/__USERID__/__GROUPID__?csrf=$csrf") ?>"; $(document).ready(function(){ - $("#g-user-admin-list .core-info").draggable({ + $("#g-user-admin-list .g-draggable").draggable({ helper: "clone" }); $("#g-group-admin .g-group").droppable({ @@ -20,6 +20,7 @@ }); $("#group-1").droppable("destroy"); $("#group-2").droppable("destroy"); + $(".g-group-disable").droppable("destroy"); }); var reload_group = function(group_id) { @@ -42,12 +43,14 @@ } </script> <div class="g-block"> + <? if (!empty($writable)): ?> <a href="<?= url::site("admin/users/add_user_form") ?>" class="g-dialog-link g-button g-right ui-icon-left ui-state-default ui-corner-all" title="<?= t("Create a new user")->for_html_attr() ?>"> <span class="ui-icon ui-icon-circle-plus"></span> <?= t("Add a new user") ?> </a> + <? endif ?> <h2> <?= t("User Admin") ?> @@ -65,7 +68,7 @@ <? foreach ($users as $i => $user): ?> <tr id="g-user-<?= $user->id ?>" class="<?= text::alternate("g-odd", "g-even") ?> user <?= $user->admin ? "admin" : "" ?>"> - <td id="user-<?= $user->id ?>" class="core-info g-draggable"> + <td id="user-<?= $user->id ?>" class="core-info <?= !empty($writable) ? "g-draggable" : "" ?> "> <img src="<?= $user->avatar_url(20, $theme->url("images/avatar.jpg", true)) ?>" title="<?= t("Drag user onto group below to add as a new member")->for_html_attr() ?>" alt="<?= html::clean_attribute($user->name) ?>" @@ -86,15 +89,19 @@ <a href="<?= url::site("admin/users/edit_user_form/$user->id") ?>" open_text="<?= t("close") ?>" class="g-panel-link g-button ui-state-default ui-corner-all ui-icon-left"> - <span class="ui-icon ui-icon-pencil"></span><span class="g-button-text"><?= t("edit") ?></span></a> - <? if (user::active()->id != $user->id && !$user->guest): ?> - <a href="<?= url::site("admin/users/delete_user_form/$user->id") ?>" - class="g-dialog-link g-button ui-state-default ui-corner-all ui-icon-left"> - <span class="ui-icon ui-icon-trash"></span><?= t("delete") ?></a> - <? else: ?> - <span title="<?= t("This user cannot be deleted")->for_html_attr() ?>" - class="g-button ui-state-disabled ui-corner-all ui-icon-left"> - <span class="ui-icon ui-icon-trash"></span><?= t("delete") ?></span> + <span class="ui-icon ui-icon-pencil"></span><span class="g-button-text"> + <?= (!empty($writable)) ? t("edit") : t("display") ?> + </span></a> + <? if (!empty($writable)): ?> + <? if (user::active()->id != $user->id && !$user->guest): ?> + <a href="<?= url::site("admin/users/delete_user_form/$user->id") ?>" + class="g-dialog-link g-button ui-state-default ui-corner-all ui-icon-left"> + <span class="ui-icon ui-icon-trash"></span><?= t("delete") ?></a> + <? else: ?> + <span title="<?= t("This user cannot be deleted")->for_html_attr() ?>" + class="g-button ui-state-disabled ui-corner-all ui-icon-left"> + <span class="ui-icon ui-icon-trash"></span><?= t("delete") ?></span> + <? endif ?> <? endif ?> </td> </tr> @@ -104,12 +111,14 @@ </div> <div id="g-group-admin" class="g-block g-clearfix"> + <? if (!empty($writable)): ?> <a href="<?= url::site("admin/users/add_group_form") ?>" class="g-dialog-link g-button g-right ui-icon-left ui-state-default ui-corner-all" title="<?= t("Create a new group")->for_html_attr() ?>"> <span class="ui-icon ui-icon-circle-plus"></span> <?= t("Add a new group") ?> </a> + <? endif ?> <h2> <?= t("Group Admin") ?> @@ -118,8 +127,9 @@ <div class="g-block-content"> <ul> <? foreach ($groups as $i => $group): ?> - <li id="group-<?= $group->id ?>" class="g-group <?= ($group->special ? "g-default-group" : "") ?>" /> - <? $v = new View("admin_users_group.html"); $v->group = $group; ?> + <? $class = !empty($writable) ? "" : "g-group-disable" ?> + <li id="group-<?= $group->id ?>" class="g-group <?= $class ?> <?= ($group->special ? "g-default-group" : "") ?>" /> + <? $v = new View("admin_users_group.html"); $v->group = $group; $v->writable = !empty($writable) ?> <?= $v ?> </li> <? endforeach ?> diff --git a/modules/user/views/admin_users_group.html.php b/modules/user/views/admin_users_group.html.php index db3645a0..539f69b7 100644 --- a/modules/user/views/admin_users_group.html.php +++ b/modules/user/views/admin_users_group.html.php @@ -4,7 +4,7 @@ <? if (!$group->special): ?> <a href="<?= url::site("admin/users/delete_group_form/$group->id") ?>" title="<?= t("Delete the %name group", array("name" => $group->name))->for_html_attr() ?>" - class="g-dialog-link g-button ui-state-default ui-corner-all"> + class="g-dialog-link g-button ui-state-default ui-corner-all <?= !empty($writable) ? "" : "ui-state-disabled" ?>"> <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a> <? else: ?> <a title="<?= t("This default group cannot be deleted")->for_html_attr() ?>" @@ -20,7 +20,7 @@ <?= html::clean($user->name) ?> <? if (!$group->special): ?> <a href="javascript:remove_user(<?= $user->id ?>, <?= $group->id ?>)" - class="g-button ui-state-default ui-corner-all ui-icon-left" + class="g-button ui-state-default ui-corner-all ui-icon-left <?= !empty($writable) ? "" : "ui-state-disabled" ?>" title="<?= t("Remove %user from %group group", array("user" => $user->name, "group" => $group->name))->for_html_attr() ?>"> <span class="ui-icon ui-icon-closethick"><?= t("remove") ?></span> |