Context Navigation

User.pm @ 1908

Visit:

Revision 1908, 58.8 kB (checked in by fumiakiy, 20 months ago)
Fixed uploading userpic from edit_author screen. BugId:79319
Property svn:keywords set to `Id Revision`

Line
1	package MT::CMS::User;
2
3	use strict;
4
5	use MT::Util qw( format_ts relative_date is_url );
6	use MT::Author;
7
8	sub edit {
9	my $cb = shift;
10	my ($app, $id, $obj, $param) = @_;
11
12	my $author = $app->user;
13
14	if ($id) {
15	# TODO: Populate permissions / blogs for this user
16	# populate blog_loop, permission_loop
17	$param->{is_me} = 1 if $id == $author->id;
18	$param->{editing_other_profile} = 1
19	if !$param->{is_me} && $author->is_superuser;
20
21	$param->{userpic} = $obj->userpic_html();
22
23	require MT::Permission;
24
25	# General permissions...
26	my $sys_perms = MT::Permission->perms('system');
27	foreach (@$sys_perms) {
28	$param->{ 'perm_can_' . $_->[0] } =
29	($obj->is_superuser \|\| $obj->permissions(0)->has( $_->[0] )) ? 1 : 0;
30	}
31	$param->{perm_is_superuser} = $obj->is_superuser;
32
33	require MT::Auth;
34	if ( $app->user->is_superuser ) {
35	$param->{search_label} = $app->translate('Users');
36	$param->{object_type} = 'author';
37	$param->{can_edit_username} = 1;
38	}
39	$param->{status_enabled} = $obj->is_active ? 1 : 0;
40	$param->{status_pending} =
41	$obj->status == MT::Author::PENDING() ? 1 : 0;
42	$param->{can_modify_password} =
43	( $param->{editing_other_profile} \|\| $param->{is_me} )
44	&& MT::Auth->password_exists;
45	$param->{can_recover_password} = MT::Auth->can_recover_password;
46	$param->{languages} = $app->languages_list( $obj->preferred_language )
47	unless exists $param->{langauges};
48	} else {
49	$param->{create_personal_weblog} =
50	$app->config->NewUserAutoProvisioning ? 1 : 0
51	unless exists $param->{create_personal_weblog};
52	$param->{can_modify_password} = MT::Auth->password_exists;
53	$param->{can_recover_password} = MT::Auth->can_recover_password;
54	}
55
56	$app->add_breadcrumb( $app->translate("Users"),
57	$app->user->is_superuser
58	? $app->uri( mode => 'list_authors' )
59	: undef );
60	my $auth_prefs;
61	if ($obj) {
62	$app->add_breadcrumb( $obj->name );
63	$param->{languages} =
64	$app->languages_list( $obj->preferred_language );
65	$auth_prefs = $obj->entry_prefs;
66	}
67	else {
68	$app->add_breadcrumb( $app->translate("Create User") );
69	$param->{languages} =
70	$app->languages_list( $app->config('DefaultUserLanguage') )
71	unless ( exists $param->{languages} );
72	$auth_prefs = { tag_delim => $app->config->DefaultUserTagDelimiter }
73	unless ( exists $param->{'auth_pref_tag_delim'} );
74	}
75	$param->{text_filters} =
76	$app->load_text_filters( $obj ? $obj->text_format : undef,
77	'comment' );
78	unless ( exists $param->{'auth_pref_tag_delim'} ) {
79	my $delim = chr( $auth_prefs->{tag_delim} );
80	if ( $delim eq ',' ) {
81	$param->{'auth_pref_tag_delim_comma'} = 1;
82	}
83	elsif ( $delim eq ' ' ) {
84	$param->{'auth_pref_tag_delim_space'} = 1;
85	}
86	else {
87	$param->{'auth_pref_tag_delim_other'} = 1;
88	}
89	$param->{'auth_pref_tag_delim'} = $delim;
90	}
91	$param->{'nav_authors'} = 1;
92	}
93
94	sub edit_role {
95	my $app = shift;
96
97	$app->return_to_dashboard( redirect => 1 ) if $app->param('blog_id');
98
99	my %param = $_[0] ? %{ $_[0] } : ();
100	my $q = $app->param;
101	my $author = $app->user;
102	my $id = $q->param('id');
103
104	require MT::Permission;
105	if ( !$author->is_superuser ) {
106	return $app->error( $app->translate("Invalid request.") );
107	}
108	my $role;
109	require MT::Role;
110	if ($id) {
111	$role = MT::Role->load($id)
112	or return $app->error($app->translate('Can\'t load role #[_1].', $id));
113
114	# $param{is_enabled} = $role->is_active;
115	$param{is_enabled} = 1;
116	$param{name} = $role->name;
117	$param{description} = $role->description;
118	$param{id} = $role->id;
119	my $creator = MT::Author->load( $role->created_by )
120	if $role->created_by;
121	$param{created_by} = $creator ? $creator->name : '';
122
123	my $permissions = $role->permissions;
124	if ( defined($permissions) && $permissions ) {
125	my @perms = split ',', $permissions;
126
127	my @roles = MT::Role->load_same(
128	{ 'id' => [$id] },
129	{ not => { id => 1 } },
130	1, # exact match
131	@perms
132	);
133	my @same_perms;
134	for my $other_role (@roles) {
135	push @same_perms,
136	{
137	name => $other_role->name,
138	id => $other_role->id,
139	};
140	}
141	$param{same_perm_loop} = \@same_perms if @same_perms;
142	}
143	require MT::Association;
144	$param{user_count} = MT::Author->count( undef, { join => MT::Association->join_on( 'author_id', { role_id => $id }, { unique => 1 } ) } );
145	}
146
147	my $all_perm_flags = MT::Permission->perms('blog');
148
149	my @p_data;
150	for my $ref (@$all_perm_flags) {
151	$param{ 'have_access-' . $ref->[0] } =
152	( $role && $role->has( $ref->[0] ) ) ? 1 : 0;
153	$param{ 'prompt-' . $ref->[0] } = $ref->[1];
154	}
155	$param{saved} = $q->param('saved');
156	$param{nav_privileges} = 1;
157	$app->add_breadcrumb( $app->translate('Roles'),
158	$app->uri( mode => 'list_roles' ) );
159	if ($id) {
160	$app->add_breadcrumb( $role->name );
161	}
162	else {
163	$app->add_breadcrumb( $app->translate('Create Role') );
164	}
165	$param{screen_class} = "settings-screen edit-role";
166	$param{object_type} = 'role';
167	$param{object_label} = MT::Role->class_label;
168	$param{object_label_plural} = MT::Role->class_label_plural;
169	$param{search_label} = $app->translate('Users');
170	$app->load_tmpl( 'edit_role.tmpl', \%param );
171	}
172
173	sub list {
174	my $app = shift;
175	my (%param) = @_;
176
177	$app->return_to_dashboard( redirect => 1 )
178	if $app->param('blog_id');
179
180	my $this_author = $app->user;
181	return $app->return_to_dashboard( permission => 1 )
182	unless $this_author->is_superuser();
183
184	my $this_author_id = $this_author->id;
185	my $list_pref = $app->list_pref('author');
186	%param = (%param, %$list_pref);
187	my $limit = $list_pref->{rows};
188	my $offset = $app->param('offset') \|\| 0;
189	my $args = { offset => $offset, sort => 'name' };
190	$args->{limit} = $limit + 1;
191	my %author_entry_count;
192	$param{tab_users} = 1;
193	my ( $filter_col, $val );
194	$param{filter_args} = "";
195	my %terms = ( type => MT::Author::AUTHOR() );
196
197	my $filter_key = $app->param('filter_key');
198	if ( ( $filter_col = $app->param('filter') )
199	&& ( $val = $app->param('filter_val') ) )
200	{
201	if ( !exists( $terms{$filter_col} ) ) {
202	$terms{$filter_col} = $val;
203	$param{filter} = $filter_col;
204	$param{filter_val} = $val;
205	$param{filter_args} = "&filter=" . encode_url($filter_col) . "&filter_val=" . encode_url($val);
206	}
207	} elsif ($filter_key) {
208	my $filters = $app->registry("list_filters", "sys_user") \|\| {};
209	if ( my $filter = $filters->{$filter_key} ) {
210	if ( my $code = $filter->{code}
211	\|\| $app->handler_to_coderef( $filter->{handler} ) )
212	{
213	$param{filter} = 1;
214	$param{filter_key} = $filter_key;
215	$param{filter_label} = $filter->{label};
216	$code->( \%terms, $args );
217	}
218	}
219	}
220	$param{can_create_user} = $this_author->is_superuser;
221	$param{synchronized} = 1 if $app->param('synchronized');
222	$param{error} = 1 if $app->param('error');
223	my $author_iter = MT::Author->load_iter( \%terms, $args );
224	my ( @data, %authors, %entry_count_refs );
225	my $entry_class = $app->model('entry');
226	while ( my $au = $author_iter->() ) {
227	my $row = $au->column_values;
228	$row->{name} = '(unnamed)' if !$row->{name};
229	$authors{ $au->id } \|\|= $au;
230	$row->{id} = $au->id;
231	$row->{email} = ''
232	unless ( !defined $au->email )
233	or ( $au->email =~ /@/ );
234	$row->{entry_count} = 0;
235	$entry_count_refs{ $au->id } = \$row->{entry_count};
236	$row->{is_me} = $au->id == $this_author_id;
237	$row->{has_edit_access} = $this_author->is_superuser;
238	$row->{status_enabled} = $au->is_active;
239	$row->{status_pending} = $au->status == MT::Author::PENDING();
240
241	if ( $row->{created_by} ) {
242	my $parent_author = $authors{ $au->created_by } \|\|=
243	MT::Author->load( $au->created_by )
244	if $au->created_by;
245	if ($parent_author) {
246	$row->{created_by_name} = $parent_author->name;
247	}
248	else {
249	$row->{created_by_name} = $app->translate('(user deleted)');
250	}
251	}
252	push @data, $row;
253	last if scalar @data == $limit;
254	}
255	if ( keys %entry_count_refs ) {
256	my $author_entry_count_iter =
257	MT::Entry->count_group_by(
258	{ author_id => [ keys %entry_count_refs ] },
259	{ group => ['author_id'] } );
260	while ( my ( $count, $author_id ) = $author_entry_count_iter->() ) {
261	${ $entry_count_refs{$author_id} } = $count;
262	}
263	}
264	$param{object_loop} = \@data;
265	$param{object_type} = 'author';
266	$param{object_label} = $app->model('author')->class_label;
267	$param{object_label_plural} = $app->model('author')->class_label_plural;
268	if ( $this_author->is_superuser() ) {
269	$param{search_label} = $app->translate('Users');
270	$param{is_superuser} = 1;
271	}
272
273	$param{limit} = $limit;
274	$param{list_start} = $offset + 1;
275	delete $args->{limit};
276	delete $args->{offset};
277	$param{list_total} = MT::Author->count( \%terms, $args );
278	$param{list_end} = $offset + ( scalar @data );
279	$param{next_offset_val} = $offset + ( scalar @data );
280	$param{next_offset} = $param{next_offset_val} < $param{list_total} ? 1 : 0;
281	$param{next_max} = $param{list_total} - $limit;
282	$param{next_max} = 0 if ( $param{next_max} \|\| 0 ) < $offset + 1;
283	if ( $offset > 0 ) {
284	$param{prev_offset} = 1;
285	$param{prev_offset_val} = $offset - $limit;
286	$param{prev_offset_val} = 0 if $param{prev_offset_val} < 0;
287	}
288	$param{offset} = $offset;
289	$param{list_filters} = $app->list_filters("sys_user");
290	$param{list_noncron} = 1;
291	$param{saved_deleted} = $app->param('saved_deleted');
292	$param{saved_removed} = $app->param('saved_removed');
293	$param{author_ldap_found} = $app->param('author_ldap_found');
294	$param{saved} = $app->param('saved');
295	my $status = $app->param('saved_status');
296	$param{"saved_status_$status"} = 1 if $status;
297	$param{unchanged} = $app->param('unchanged');
298	$app->load_list_actions( 'author', \%param );
299	$param{page_actions} =
300	$app->page_actions('list_authors');
301
302	$param{nav_authors} = 1;
303	$param{listing_screen} = 1;
304	$param{screen_id} = "list-author";
305	my $tmpl_file = $param{output} \|\| 'list_author.tmpl';
306	$app->load_tmpl( $tmpl_file, \%param );
307	}
308
309	# list of all users, regardless of commenter/author on a blog
310	sub list_member {
311	my $app = shift;
312
313	my $blog_id = $app->param('blog_id');
314	$app->return_to_dashboard( redirect => 1 )
315	unless $blog_id;
316
317	my $blog = $app->blog;
318	my $user = $app->user;
319	my $perms = $app->permissions;
320	return $app->return_to_dashboard( permission => 1 )
321	unless $user->is_superuser() \|\| ($perms && $perms->can_administer_blog());
322
323	my $super_user = 1 if $user->is_superuser();
324	my $args = {};
325	my $terms = {};
326	my $param = { list_noncron => 1 };
327	$args->{join} =
328	MT::Permission->join_on( 'author_id', { blog_id => $blog_id, } );
329
330	$args->{sort_order} = 'created_on';
331	$args->{direction} = 'descend';
332
333	$param->{saved} = 1 if $app->param('saved');
334	$param->{search_label} = $app->translate('Users');
335	$param->{object_type} = 'author';
336
337	require MT::Association;
338	require MT::Role;
339	my @all_roles = MT::Role->load( undef, { sort => 'name' });
340
341	my $sel_role = 0;
342	my $filter = $app->param('filter') \|\| '';
343	if ($filter eq 'role') {
344	my $val = scalar $app->param('filter_val');
345	if ($val) {
346	$sel_role = $val;
347	$args->{join} = MT::Association->join_on('author_id', { blog_id => $blog_id, role_id => $val });
348	}
349	}
350	elsif ($filter eq 'status') {
351	my $val = $app->param('filter_val');
352	if ($val eq 'disabled') {
353	$terms->{status} = 2;
354	}
355	elsif ($val eq 'pending') {
356	$terms->{status} = 3;
357	}
358	else {
359	$terms->{status} = 1;
360	}
361	}
362
363	my @role_loop;
364	foreach my $r (@all_roles) {
365	push @role_loop, { role_id => $r->id, role_name => $r->name, selected => $r->id == $sel_role };
366	}
367	$param->{role_loop} = \@role_loop;
368	my $hasher = sub {
369	my ( $obj, $row ) = @_;
370	if ( ( $row->{email} \|\| '' ) !~ m/@/ ) {
371	$row->{email} = '';
372	}
373	if ( $row->{created_by} ) {
374	if ( my $created_by = MT::Author->load( $row->{created_by} ) ) {
375	$row->{created_by} = $created_by->name;
376	}
377	else {
378	$row->{created_by} = $app->translate('User deleted');
379	}
380	}
381	$row->{is_me} = $row->{id} == $user->id;
382	$row->{has_edit_access} = 1 if $super_user;
383	$row->{usertype_author} = 1 if $obj->type == MT::Author::AUTHOR();
384	if ( $obj->type == MT::Author::COMMENTER() ) {
385	$row->{usertype_commenter} = 1;
386	$row->{status_trusted} = 1 if $obj->is_trusted($blog_id);
387	if ($row->{name} =~ m/^[a-f0-9]{32}$/) {
388	$row->{name} = $row->{nickname} \|\| $row->{url};
389	}
390	}
391	$row->{status_enabled} = 1 if $obj->status == 1;
392	my @roles = MT::Role->load(undef, { join => MT::Association->join_on('role_id', { author_id => $row->{id}, blog_id => $blog_id }, { unique => 1 })});
393	my @role_loop;
394	foreach my $role (@roles) {
395	my @perms;
396	my @all_perms = @{ MT::Permission->perms() };
397	foreach (@all_perms) {
398	next unless length( $_->[1] \|\| '' );
399	push @perms, $_->[1]
400	if $role->has( $_->[0] );
401	}
402	my $role_perms = join(", ", @perms);
403	push @role_loop, { role_name => $role->name, role_id => $role->id, role_perms => $role_perms };
404	}
405	$row->{role_loop} = \@role_loop;
406	$row->{auth_icon_url} = $obj->auth_icon_url;
407	};
408	$param->{screen_id} = "list-member";
409
410	return $app->listing(
411	{
412	type => 'user',
413	template => 'list_member.tmpl',
414	terms => $terms,
415	params => $param,
416	args => $args,
417	code => $hasher,
418	}
419	);
420	}
421
422	sub list_association {
423	my $app = shift;
424
425	my $blog_id = $app->param('blog_id');
426	my $author_id = $app->param('author_id');
427	my $role_id = $app->param('role_id');
428
429	my $this_user = $app->user;
430	if ( !$this_user->is_superuser ) {
431	if (
432	(
433	!$blog_id
434	\|\| !$this_user->permissions($blog_id)->can_administer_blog
435	)
436	&& ( !$author_id \|\| ( $author_id != $this_user->id ) )
437	)
438	{
439	return $app->errtrans("Permission denied.");
440	}
441	}
442
443	my ( $user, $role );
444	$app->error(undef);
445
446	if ($author_id) {
447	$app->add_breadcrumb( $app->translate('Users'),
448	$app->user->is_superuser
449	? $app->uri( mode => 'list_authors' )
450	: undef );
451	if ( 'PSEUDO' ne $author_id ) {
452	my $author_class = $app->model('author');
453	$user = $author_class->load($author_id);
454	$app->add_breadcrumb(
455	$user->name,
456	$app->uri(
457	mode => 'view',
458	args => { _type => 'author', id => $author_id }
459	)
460	);
461	}
462	else {
463	$app->add_breadcrumb( $app->translate('(newly created user)') );
464	}
465	$app->add_breadcrumb( $app->translate('User Associations') );
466	}
467	if ($role_id) {
468	my $role_class = $app->model('role') or return;
469	$role = $role_class->load($role_id);
470	$app->add_breadcrumb( $app->translate("Roles"),
471	$app->uri( mode => "list_roles" ) );
472	$app->add_breadcrumb(
473	$role->name,
474	$app->uri(
475	mode => 'edit_role',
476	args => { _type => 'role', id => $role_id }
477	)
478	);
479	$app->add_breadcrumb( $app->translate("Role Users & Groups") );
480	}
481	if ( !$role_id && !$author_id ) {
482	if ($blog_id) {
483	$app->add_breadcrumb( $app->translate("Users") );
484	}
485	else {
486	$app->add_breadcrumb( $app->translate("Associations") );
487	}
488	}
489
490	my $pref = $app->list_pref('association');
491
492	# Supplies additional parameters for the row being listed
493	my %users;
494	$users{ $this_user->id } = $this_user;
495	my $hasher = sub {
496	my ( $obj, $row ) = @_;
497	if ( my $user = $obj->user ) {
498	$row->{user_id} = $user->id;
499	$row->{user_name} = $user->name;
500	}
501	if ( my $role = $obj->role ) {
502	$row->{role_name} = $role->name;
503
504	# populate permissions for the expanded view
505	if ( $pref->{view_expanded} ) {
506	my @perms;
507	my @all_perms = @{ MT::Permission->perms() };
508	foreach (@all_perms) {
509	next unless length( $_->[1] \|\| '' );
510	push @perms, { name => $_->[1] }
511	if $role->has( $_->[0] );
512	}
513	$row->{perm_loop} = \@perms;
514	}
515	}
516	else {
517	$row->{role_name} = $app->translate("(Custom)");
518	}
519	if ( my $blog = $obj->blog ) {
520	$row->{blog_name} = $blog->name;
521	}
522	if ( my $ts = $obj->created_on ) {
523	$row->{created_on_formatted} =
524	format_ts( MT::App::CMS::LISTING_DATE_FORMAT(), $ts, $obj->blog, $app->user ? $app->user->preferred_language : undef );
525	$row->{created_on_time_formatted} =
526	format_ts( MT::App::CMS::LISTING_TIMESTAMP_FORMAT(), $ts, $obj->blog, $app->user ? $app->user->preferred_language : undef );
527	$row->{created_on_relative} =
528	relative_date( $ts, time, $obj->blog );
529	}
530	if ( $row->{created_by} ) {
531	my $created_user = $users{ $row->{created_by} } \|\|=
532	MT::Author->load( $row->{created_by} );
533	if ($created_user) {
534	$row->{created_by} = $created_user->name;
535	}
536	else {
537	$row->{created_by} = $app->translate('(user deleted)');
538	}
539	}
540	};
541	$app->model('association') or return;
542	my $types;
543	if ( !$author_id && !$blog_id ) {
544	$types = [
545	MT::Association::USER_BLOG_ROLE(),
546	MT::Association::USER_ROLE(),
547	];
548	}
549	elsif ( !$author_id ) {
550	$types = [
551	MT::Association::USER_BLOG_ROLE(),
552	];
553	}
554	elsif ($author_id) {
555	$types =
556	[ MT::Association::USER_BLOG_ROLE(), MT::Association::USER_ROLE() ];
557	}
558
559	my $pre_build = sub {
560	my ($param) = @_;
561	my $data = $param->{object_loop} \|\| [];
562
563	#TODO: handle group_view
564	if ( $param->{user_view}
565	&& ( 'PSEUDO' ne $param->{edit_author_id} ) )
566	{
567
568	# don't merge
569	}
570	elsif ( $param->{role_view} ) {
571	_merge_default_assignments( $app, $data, $hasher, 'role',
572	$param->{role_id} );
573	}
574	elsif ( $param->{blog_view} ) {
575	_merge_default_assignments( $app, $data, $hasher, 'blog',
576	$param->{blog_id} );
577	}
578	else {
579	_merge_default_assignments( $app, $data, $hasher, 'all' );
580	}
581	};
582
583	return $app->listing(
584	{
585	args => { sort => 'created_on', direction => 'descend' },
586	type => 'association',
587	code => $hasher,
588	terms => {
589	type => $types,
590	$author_id ? ( author_id => $author_id ) : (),
591	$blog_id ? ( blog_id => $blog_id ) : (),
592	$role_id ? ( role_id => $role_id ) : (),
593	},
594	pre_build => $pre_build,
595	params => {
596	can_create_association => $app->user->is_superuser \|\| ( $blog_id
597	&& $app->user->permissions($blog_id)->can_administer_blog ),
598	has_expanded_mode => 1,
599	nav_privileges =>
600	( $author_id \|\| $blog_id ? 0 : 1 ) \|\| $role_id,
601	nav_authors => ( $author_id \|\| $blog_id ? 1 : 0 )
602	&& !$role_id,
603	blog_view => $blog_id ? 1 : 0,
604	user_view => $author_id ? 1 : 0,
605	role_view => $role_id ? 1 : 0,
606	$role_id
607	? (
608	role_id => $role_id,
609	role_name => $role->name,
610	)
611	: (),
612	$author_id
613	? (
614	edit_author_id => $author_id,
615	edit_name => $user
616	? ( $user->nickname ? $user->nickname : $user->name )
617	: $app->translate('(newly created user)'),
618	edit_object => $app->translate('The user'),
619	group_count => $user ? $user->group_count() : 0,
620	status_enabled => $user ? ( $user->is_active ? 1 : 0 ) : 0,
621	status_pending => $user
622	? ( $user->status == MT::Author::PENDING() ? 1 : 0 )
623	: 0,
624	)
625	: (),
626	saved => $app->param('saved') \|\| 0,
627	saved_deleted => $app->param('saved_deleted') \|\| 0,
628	usergroup_view => !$author_id && !$role_id,
629	blog_id => $blog_id,
630	search_label => $app->translate('Users'),
631	object_type => 'association',
632	pt_name => $app->translate('User'),
633	screen_id => "list-associations",
634	},
635	}
636	);
637	}
638
639	sub list_role {
640	my $app = shift;
641
642	$app->return_to_dashboard( redirect => 1 ) if $app->param('blog_id');
643
644	my $pref = $app->list_pref('role');
645
646	my $author_class = $app->model('author');
647	my $assoc_class = $app->model('association');
648	my $hasher = sub {
649	my ( $obj, $row ) = @_;
650	my $user_count = $assoc_class->count(
651	{
652	role_id => $obj->id,
653	author_id => [ 1, undef ],
654	},
655	{
656	unique => 'author_id',
657	range_incl => { author_id => 1 },
658	}
659	);
660	$row->{members} = $user_count;
661	$row->{weblogs} = $assoc_class->count(
662	{
663	role_id => $obj->id,
664	blog_id => [ 1, undef ],
665	},
666	{
667	unique => 'blog_id',
668	range_incl => { blog_id => 1 },
669	}
670	);
671	if ( $obj->created_by ) {
672	my $user = $author_class->load( $obj->created_by );
673	$row->{created_by} = $user ? $user->name : '';
674	}
675	else {
676	$row->{created_by} = '';
677	}
678
679	# populate permissions for the expanded view
680	if ( $pref->{view_expanded} ) {
681	my @perms;
682	my @all_perms = @{ MT::Permission->perms() };
683	foreach (@all_perms) {
684	next unless length( $_->[1] \|\| '' );
685	push @perms, { name => $_->[1] }
686	if $obj->has( $_->[0] );
687	}
688	$row->{perm_loop} = \@perms;
689	}
690	};
691	unless ( $app->user->is_superuser() ) {
692	return $app->errtrans("Permission denied.");
693	}
694	$app->add_breadcrumb( $app->translate("Roles") );
695	$app->listing(
696	{
697	args => { sort => 'name' },
698	type => 'role',
699	code => $hasher,
700	params => {
701	nav_privileges => 1,
702	list_noncron => 1,
703	can_create_role => $app->user->is_superuser,
704	has_expanded_mode => 1,
705	search_label => $app->translate('Users'),
706	object_type => 'role',
707	screen_id => 'list-role',
708	},
709	}
710	);
711	}
712
713	sub save_role {
714	my $app = shift;
715	my $q = $app->param;
716	$app->validate_magic() or return;
717	$app->user->is_superuser or return $app->errtrans("Invalid request.");
718
719	my $id = $q->param('id');
720	my @perms = $q->param('permission');
721	my $role;
722	require MT::Role;
723	$role = $id ? MT::Role->load($id) : MT::Role->new;
724	my $name = $q->param('name') \|\| '';
725	$name =~ s/(^\s+\|\s+$)//g;
726	return $app->errtrans("Role name cannot be blank.")
727	if $name eq '';
728
729	my $role_by_name = MT::Role->load( { name => $name } );
730	if ( $role_by_name && ( ( $id && ( $role->id != $id ) ) \|\| !$id ) ) {
731	return $app->errtrans("Another role already exists by that name.");
732	}
733	if ( !@perms ) {
734	return $app->errtrans("You cannot define a role without permissions.");
735	}
736
737	$role->name( $q->param('name') );
738	$role->description( $q->param('description') );
739	$role->clear_full_permissions;
740	$role->set_these_permissions(@perms);
741	if ( $role->id ) {
742	$role->modified_by( $app->user->id );
743	}
744	else {
745	$role->created_by( $app->user->id );
746	}
747	$role->save or return $app->error( $role->errstr );
748
749	my $url;
750	$url = $app->uri(
751	'mode' => 'edit_role',
752	args => { id => $role->id, saved => 1 }
753	);
754	$app->redirect($url);
755	}
756
757	sub enable {
758	my $app = shift;
759	set_object_status( $app, MT::Author::ACTIVE() );
760	}
761
762	sub disable {
763	my $app = shift;
764	set_object_status( $app, MT::Author::INACTIVE() );
765	}
766
767	sub set_object_status {
768	my ($app, $new_status) = @_;
769
770	$app->validate_magic() or return;
771	return $app->error( $app->translate('Permission denied.') )
772	unless $app->user->is_superuser;
773	return $app->error( $app->translate("Invalid request.") )
774	if $app->request_method ne 'POST';
775
776	my $q = $app->param;
777	my $type = $q->param('_type');
778	return $app->error( $app->translate('Invalid type') )
779	unless ( $type eq 'user' )
780	\|\| ( $type eq 'author' )
781	\|\| ( $type eq 'group' );
782
783	my $class = $app->model($type);
784
785	my @sync;
786	my $saved = 0;
787	for my $id ( $q->param('id') ) {
788	next unless $id; # avoid 'empty' ids
789	my $obj = $class->load($id);
790	next unless $obj;
791	if ( ( $obj->id == $app->user->id ) && ( $type eq 'author' ) ) {
792	next;
793	}
794	next if $new_status == $obj->status;
795	$obj->status($new_status);
796	$obj->save;
797	$saved++;
798	if ( $type eq 'author' ) {
799	if ( $new_status == MT::Author::ACTIVE() ) {
800	push @sync, $obj;
801	}
802	}
803	}
804	my $unchanged = 0;
805	if (@sync) {
806	MT::Auth->synchronize_author( User => \@sync );
807	foreach (@sync) {
808	if ( $_->status != MT::Author::ACTIVE() ) {
809	$unchanged++;
810	}
811	}
812	}
813	if ( $saved && ( $saved > $unchanged ) ) {
814	$app->add_return_arg(
815	saved_status => ( $new_status == MT::Author::ACTIVE() )
816	? 'enabled'
817	: 'disabled'
818	);
819	}
820	$app->add_return_arg( is_power_edit => 1 )
821	if $q->param('is_power_edit');
822	$app->add_return_arg( unchanged => $unchanged )
823	if $unchanged;
824	$app->call_return;
825	}
826
827	sub upload_userpic {
828	my $app = shift;
829
830	require MT::CMS::Asset;
831	my ($asset, $bytes) = MT::CMS::Asset::_upload_file(
832	$app,
833	@_,
834	require_type => 'image',
835	);
836	return if !defined $asset;
837	return $asset if !defined $bytes; # whatever it is
838
839	## TODO: should this be layered into _upload_file somehow, so we don't
840	## save the asset twice?
841	my $user_id = $app->param('user_id');
842
843	$asset->tags('@userpic');
844	$asset->created_by($user_id);
845	$asset->save;
846
847	$app->forward( 'asset_userpic', { asset => $asset, user_id => $user_id } );
848	}
849
850	sub cfg_system_users {
851	my $app = shift;
852	my %param;
853	if ( $app->param('blog_id') ) {
854	return $app->return_to_dashboard( redirect => 1 );
855	}
856
857	return $app->errtrans("Permission denied.")
858	unless $app->user->is_superuser();
859	my $cfg = $app->config;
860	$app->add_breadcrumb( $app->translate('General Settings') );
861	$param{nav_config} = 1;
862
863	$param{nav_settings} = 1;
864	$param{languages} =
865	$app->languages_list( $app->config('DefaultUserLanguage') );
866	my $tag_delim = $app->config('DefaultUserTagDelimiter') \|\| ord(',');
867	if ( $tag_delim eq ord(',') ) {
868	$tag_delim = 'comma';
869	}
870	elsif ( $tag_delim eq ord(' ') ) {
871	$tag_delim = 'space';
872	}
873	else {
874	$tag_delim = 'comma';
875	}
876	$param{"tag_delim_$tag_delim"} = 1;
877
878	( my $tz = $app->config('DefaultTimezone') ) =~ s![-\.]!_!g;
879	$tz =~ s!_00$!!;
880	$param{ 'server_offset_' . $tz } = 1;
881
882	$param{default_site_root} = $app->config('DefaultSiteRoot');
883	$param{default_site_url} = $app->config('DefaultSiteURL');
884	$param{personal_weblog_readonly} =
885	$app->config->is_readonly('NewUserAutoProvisioning');
886	$param{personal_weblog} = $app->config->NewUserAutoProvisioning ? 1 : 0;
887	if ( my $id = $param{new_user_template_blog_id} =
888	$app->config('NewUserTemplateBlogId') \|\| '' )
889	{
890	my $blog = MT::Blog->load($id);
891	if ($blog) {
892	$param{new_user_template_blog_name} = $blog->name;
893	}
894	else {
895	$app->config( 'NewUserTemplateBlogId', undef, 1 );
896	$cfg->save_config();
897	delete $param{new_user_template_blog_id};
898	}
899	}
900	$param{system_email_address} = $cfg->EmailAddressMain;
901	$param{saved} = $app->param('saved');
902	$param{error} = $app->param('error');
903	$param{screen_class} = "settings-screen system-general-settings";
904	my $registration = $cfg->CommenterRegistration;
905	if ( $registration->{Allow} ) {
906	$param{registration} = 1;
907	if ( my $ids = $registration->{Notify} ) {
908	my @ids = split ',', $ids;
909	my @sysadmins = MT::Author->load(
910	{
911	id => \@ids,
912	type => MT::Author::AUTHOR()
913	},
914	{
915	join => MT::Permission->join_on(
916	'author_id',
917	{
918	permissions => "\%'administer'\%",
919	blog_id => '0',
920	},
921	{ 'like' => { 'permissions' => 1 } }
922	)
923	}
924	);
925	my @names;
926	foreach my $a (@sysadmins) {
927	push @names, $a->name . '(' . $a->id . ')';
928	}
929	$param{notify_user_id} = $ids;
930	$param{notify_user_name} = join ',', @names;
931	}
932	}
933	$app->load_tmpl( 'cfg_system_users.tmpl', \%param );
934	}
935
936	sub save_cfg_system_users {
937	my $app = shift;
938	$app->validate_magic or return;
939	return $app->errtrans("Permission denied.")
940	unless $app->user->is_superuser();
941
942	my $tmpl_blog_id = $app->param('new_user_template_blog_id') \|\| '';
943	if ( $tmpl_blog_id =~ m/^\d+$/ ) {
944	MT::Blog->load($tmpl_blog_id)
945	or return $app->error(
946	$app->translate(
947	"Invalid ID given for personal blog clone source ID.")
948	);
949	}
950	else {
951	if ( $tmpl_blog_id ne '' ) {
952	return $app->error(
953	$app->translate(
954	"Invalid ID given for personal blog clone source ID.")
955	);
956	}
957	}
958
959	my $cfg = $app->config;
960	my $tz = $app->param('default_time_zone');
961	$app->config( 'DefaultTimezone', $tz \|\| undef, 1 );
962	$app->config( 'DefaultSiteRoot', $app->param('default_site_root') \|\| undef,
963	1 );
964	$app->config( 'DefaultSiteURL', $app->param('default_site_url') \|\| undef,
965	1 );
966	$app->config( 'NewUserAutoProvisioning',
967	$app->param('personal_weblog') ? 1 : 0, 1 );
968	$app->config( 'NewUserTemplateBlogId', $tmpl_blog_id \|\| undef, 1 );
969	$app->config( 'DefaultUserLanguage', $app->param('default_language'), 1 );
970	$app->config( 'DefaultUserTagDelimiter',
971	$app->param('default_user_tag_delimiter') \|\| undef, 1 );
972	my $registration = $cfg->CommenterRegistration;
973	if ( my $reg = $app->param('registration') ) {
974	$registration->{Allow} = $reg ? 1 : 0;
975	$registration->{Notify} = $app->param('notify_user_id');
976	$cfg->CommenterRegistration( $registration, 1 );
977	}
978	elsif ( $registration->{Allow} ) {
979	$registration->{Allow} = 0;
980	$cfg->CommenterRegistration( $registration, 1 );
981	}
982	$cfg->save_config();
983
984	my $args = ();
985
986	if ( $app->config->NewUserAutoProvisioning() ne
987	( $app->param('personal_weblog') ? 1 : 0 ) )
988	{
989	$args->{error} =
990	$app->translate(
991	'If personal blog is set, the default site URL and root are required.'
992	);
993	}
994	else {
995	$args->{saved} = 1;
996	}
997
998	$app->redirect(
999	$app->uri(
1000	'mode' => 'cfg_system_users',
1001	args => $args
1002	)
1003	);
1004	}
1005
1006	sub remove_user_assoc {
1007	my $app = shift;
1008	$app->validate_magic or return;
1009
1010	my $user = $app->user;
1011	my $perms = $app->permissions;
1012	return $app->errtrans("Permission denied.")
1013	unless $perms->can_administer_blog;
1014
1015	my $blog_id = $app->param('blog_id');
1016	my @ids = $app->param('id');
1017	return $app->errtrans("Invalid request.")
1018	unless $blog_id && @ids;
1019
1020	require MT::Association;
1021	require MT::Permission;
1022	foreach my $id (@ids) {
1023	next unless $id;
1024	MT::Association->remove({ blog_id => $blog_id, author_id => $id });
1025	# these too, just in case there are no real associations
1026	# (ie, commenters)
1027	MT::Permission->remove({ blog_id => $blog_id, author_id => $id });
1028	}
1029
1030	$app->add_return_arg( saved => 1 );
1031	$app->call_return;
1032	}
1033
1034	sub revoke_role {
1035	my $app = shift;
1036	$app->validate_magic or return;
1037
1038	my $user = $app->user;
1039	my $perms = $app->permissions;
1040	return $app->errtrans("Permission denied.")
1041	unless $perms->can_administer_blog;
1042
1043	my $blog_id = $app->param('blog_id');
1044	my $role_id = $app->param('role_id');
1045	my $user_id = $app->param('author_id');
1046	return $app->errtrans("Invalid request.")
1047	unless $blog_id && $role_id && $user_id;
1048
1049	require MT::Association;
1050	require MT::Role;
1051	require MT::Blog;
1052
1053	my $author = MT::Author->load( $user_id );
1054	my $role = MT::Role->load( $role_id );
1055	my $blog = MT::Blog->load( $blog_id );
1056	return $app->errtrans("Invalid request.")
1057	unless $blog && $role && $author;
1058
1059	MT::Association->unlink( $blog => $role => $author );
1060
1061	$app->add_return_arg( saved => 1 );
1062	$app->call_return;
1063	}
1064
1065	sub grant_role {
1066	my $app = shift;
1067
1068	my $user = $app->user;
1069
1070	my $blogs = $app->param('blog') \|\| '';
1071	my $authors = $app->param('author') \|\| '';
1072	my $roles = $app->param('role') \|\| '';
1073	my $author_id = $app->param('author_id');
1074	my $blog_id = $app->param('blog_id');
1075	my $role_id = $app->param('role_id');
1076
1077	my @blogs = split /,/, $blogs;
1078	my @authors = split /,/, $authors;
1079	my @roles = split /,/, $roles;
1080
1081	require MT::Blog;
1082	require MT::Role;
1083
1084	foreach (@blogs) {
1085	my $id = $_;
1086	$id =~ s/\D//g;
1087	$_ = MT::Blog->load($id);
1088	}
1089	foreach (@roles) {
1090	my $id = $_;
1091	$id =~ s/\D//g;
1092	$_ = MT::Role->load($id);
1093	}
1094	my $add_pseudo_new_user = 0;
1095	foreach (@authors) {
1096	my $id = $_;
1097	if ( 'author-PSEUDO' eq $id ) {
1098	$add_pseudo_new_user = 1;
1099	next;
1100	}
1101	$id =~ s/\D//g;
1102	$_ = MT::Author->load($id);
1103	}
1104	$app->error(undef);
1105
1106	if ($author_id) {
1107	if ( $author_id eq 'PSEUDO' ) {
1108	$add_pseudo_new_user = 1;
1109	}
1110	else {
1111	push @authors, MT::Author->load($author_id);
1112	}
1113	}
1114	push @blogs, MT::Blog->load($blog_id) if $blog_id;
1115	push @roles, MT::Role->load($role_id) if $role_id;
1116
1117	if ( !$user->is_superuser ) {
1118	if ( ( scalar @blogs != 1 )
1119	\|\| ( !$user->permissions( $blogs[0] )->can_administer_blog ) )
1120	{
1121	return $app->errtrans("Permission denied.");
1122	}
1123	}
1124
1125	require MT::Association;
1126
1127	my @default_assignments;
1128
1129	# TBD: handle case for associating system roles to users/groups
1130	foreach my $blog (@blogs) {
1131	next unless ref $blog;
1132	foreach my $role (@roles) {
1133	next unless ref $role;
1134	if ($add_pseudo_new_user) {
1135	push @default_assignments, $role->id . ',' . $blog->id;
1136	}
1137	foreach my $ug ( @authors ) {
1138	next unless ref $ug;
1139	MT::Association->link( $ug => $role => $blog );
1140	}
1141	}
1142	}
1143
1144	if ( $add_pseudo_new_user && @default_assignments ) {
1145	my $da = $app->config('DefaultAssignments');
1146	$da .= ',' if $da;
1147	$app->config( 'DefaultAssignments',
1148	$da . join( ',', @default_assignments ), 1 );
1149	$app->config->save_config;
1150	}
1151
1152	$app->add_return_arg( saved => 1 );
1153	$app->call_return;
1154	}
1155
1156	sub dialog_select_author {
1157	my $app = shift;
1158
1159	my $hasher = sub {
1160	my ( $obj, $row ) = @_;
1161	$row->{label} = $row->{name};
1162	$row->{description} = $row->{nickname};
1163	};
1164
1165	$app->listing(
1166	{
1167	type => 'author',
1168	terms => {
1169	type => MT::Author::AUTHOR(),
1170	status => MT::Author::ACTIVE(),
1171	},
1172	args => {
1173	sort => 'name',
1174	join => MT::Permission->join_on(
1175	'author_id',
1176	{
1177	permissions => "\%'create_post'\%",
1178	blog_id => $app->blog->id,
1179	},
1180	{ 'like' => { 'permissions' => 1 } }
1181	),
1182	},
1183	code => $hasher,
1184	template => 'dialog/select_users.tmpl',
1185	params => {
1186	dialog_title =>
1187	$app->translate("Select a entry author"),
1188	items_prompt =>
1189	$app->translate("Selected author"),
1190	search_prompt => $app->translate(
1191	"Type a username to filter the choices below."),
1192	panel_label => $app->translate("Entry author"),
1193	panel_description => $app->translate("Name"),
1194	panel_type => 'author',
1195	panel_multi => defined $app->param('multi')
1196	? $app->param('multi')
1197	: 0,
1198	panel_searchable => 1,
1199	panel_first => 1,
1200	panel_last => 1,
1201	list_noncron => 1,
1202	idfield => $app->param('idfield'),
1203	namefield => $app->param('namefield'),
1204	},
1205	}
1206	);
1207	}
1208
1209	sub dialog_select_sysadmin {
1210	my $app = shift;
1211	return $app->errtrans("Permission denied.")
1212	unless $app->user->is_superuser;
1213
1214	my $hasher = sub {
1215	my ( $obj, $row ) = @_;
1216	$row->{label} = $row->{name};
1217	$row->{description} = $row->{nickname};
1218	};
1219
1220	$app->listing(
1221	{
1222	type => 'author',
1223	terms => {
1224	type => MT::Author::AUTHOR(),
1225	status => MT::Author::ACTIVE(),
1226	},
1227	args => {
1228	sort => 'name',
1229	join => MT::Permission->join_on(
1230	'author_id',
1231	{
1232	permissions => "\%'administer'\%",
1233	blog_id => '0',
1234	},
1235	{ 'like' => { 'permissions' => 1 } }
1236	),
1237	},
1238	code => $hasher,
1239	template => 'dialog/select_users.tmpl',
1240	params => {
1241	dialog_title =>
1242	$app->translate("Select a System Administrator"),
1243	items_prompt =>
1244	$app->translate("Selected System Administrator"),
1245	search_prompt => $app->translate(
1246	"Type a username to filter the choices below."),
1247	panel_label => $app->translate("System Administrator"),
1248	panel_description => $app->translate("Name"),
1249	panel_type => 'author',
1250	panel_multi => defined $app->param('multi')
1251	? $app->param('multi')
1252	: 0,
1253	panel_searchable => 1,
1254	panel_first => 1,
1255	panel_last => 1,
1256	list_noncron => 1,
1257	idfield => $app->param('idfield'),
1258	namefield => $app->param('namefield'),
1259	},
1260	}
1261	);
1262	}
1263
1264	# This mode can be called to service a number of views
1265	# Adding roles->blogs for a user
1266	# Adding roles->blogs for a group
1267	# Adding users->roles->blogs
1268	# Adding groups->roles->blogs
1269	sub dialog_grant_role {
1270	my $app = shift;
1271
1272	my $author_id = $app->param('author_id');
1273	my $blog_id = $app->param('blog_id');
1274	my $role_id = $app->param('role_id');
1275
1276	my $this_user = $app->user;
1277	if ( !$this_user->is_superuser ) {
1278	if ( !$blog_id
1279	\|\| !$this_user->permissions($blog_id)->can_administer_blog )
1280	{
1281	return $app->errtrans("Permission denied.");
1282	}
1283	}
1284
1285	my $type = $app->param('_type');
1286	my ( $user, $role );
1287	if ($author_id) {
1288	$user = MT::Author->load($author_id);
1289	}
1290	if ($role_id) {
1291	require MT::Role;
1292	$role = MT::Role->load($role_id);
1293	}
1294
1295	my $hasher = sub {
1296	my ( $obj, $row ) = @_;
1297	$row->{label} = $row->{name};
1298	$row->{description} = $row->{nickname} if exists $row->{nickname};
1299	};
1300
1301	# Only show active users who are not commenters.
1302	my $terms = {};
1303	if ( $type && ( $type eq 'author' ) ) {
1304	$terms->{status} = MT::Author::ACTIVE();
1305	$terms->{type} = MT::Author::AUTHOR();
1306	}
1307
1308	my $pseudo_user_row = {
1309	id => 'PSEUDO',
1310	label => $app->translate('(newly created user)'),
1311	description =>
1312	$app->translate('represents a user who will be created afterwards'),
1313	};
1314
1315	if ( $app->param('search') \|\| $app->param('json') ) {
1316	my $params = {
1317	panel_type => $type,
1318	list_noncron => 1,
1319	panel_multi => 1,
1320	};
1321	$app->listing(
1322	{
1323	terms => $terms,
1324	type => $type,
1325	code => $hasher,
1326	params => $params,
1327	template => 'include/listing_panel.tmpl',
1328	$app->param('search') ? () : (
1329	pre_build => sub {
1330	my ($param) = @_;
1331	if ( $type && $type eq 'author' ) {
1332	if ( !$app->param('offset') ) {
1333	my $objs = $param->{object_loop} \|\|= [];
1334	unshift @$objs, $pseudo_user_row;
1335	}
1336	}
1337	}
1338	),
1339	}
1340	);
1341	}
1342	else {
1343
1344	# traditional, full-screen listing
1345	my $params = {
1346	($author_id \|\| 0) eq 'PSEUDO'
1347	? (
1348	edit_author_name => $app->translate('(newly created user)'),
1349	edit_author_id => 'PSEUDO'
1350	)
1351	: $author_id
1352	? (
1353	edit_author_name => $user->nickname
1354	? $user->nickname
1355	: $user->name,
1356	edit_author_id => $user->id,
1357	)
1358	: (),
1359	$role_id
1360	? (
1361	role_name => $role->name,
1362	role_id => $role->id,
1363	)
1364	: (),
1365	};
1366
1367	my @panels;
1368	if ( !$role_id ) {
1369	push @panels, 'role';
1370	}
1371	if ( !$blog_id ) {
1372	my @blogs;
1373	my $iter = MT::Blog->load_iter();
1374	while ( my $blog = $iter->() ) {
1375	push @blogs, $blog->id;
1376	}
1377
1378	# if only one blog exists, skip the blog selection step.
1379	if ( @blogs == 1 ) {
1380	$blog_id = $blogs[0];
1381	}
1382	else {
1383	push @panels, 'blog';
1384	}
1385	}
1386	if ( !$author_id ) {
1387	if ( $type eq 'user' ) {
1388	unshift @panels, 'author';
1389	}
1390	}
1391
1392	my $panel_info = {
1393	'blog' => {
1394	panel_title => $app->translate("Select Blogs"),
1395	panel_label => $app->translate("Blog Name"),
1396	items_prompt => $app->translate("Blogs Selected"),
1397	search_label => $app->translate("Search Blogs"),
1398	panel_description => $app->translate("Description"),
1399	},
1400	'author' => {
1401	panel_title => $app->translate("Select Users"),
1402	panel_label => $app->translate("Username"),
1403	items_prompt => $app->translate("Users Selected"),
1404	search_label => $app->translate("Search Users"),
1405	panel_description => $app->translate("Name"),
1406	},
1407	'role' => {
1408	panel_title => $app->translate("Select Roles"),
1409	panel_label => $app->translate("Role Name"),
1410	items_prompt => $app->translate("Roles Selected"),
1411	search_label => $app->translate(""),
1412	panel_description => $app->translate("Description"),
1413	},
1414	};
1415
1416	$params->{blog_id} = $blog_id;
1417	$params->{dialog_title} = $app->translate("Grant Permissions");
1418	$params->{panel_loop} = [];
1419	$params->{panel_multi} = 1;
1420
1421	for ( my $i = 0 ; $i <= $#panels ; $i++ ) {
1422	my $source = $panels[$i];
1423	my $panel_params = {
1424	panel_type => $source,
1425	%{ $panel_info->{$source} },
1426	list_noncron => 1,
1427	panel_last => $i == $#panels,
1428	panel_first => $i == 0,
1429	panel_number => $i + 1,
1430	panel_total => $#panels + 1,
1431	panel_has_steps => ( $#panels == '0' ? 0 : 1 ),
1432	panel_searchable => ( $source eq 'role' ? 0 : 1 ),
1433	};
1434
1435	# Only show active user/groups.
1436	my $terms = {};
1437	if ( $source eq 'author' ) {
1438	$terms->{status} = MT::Author::ACTIVE();
1439	$terms->{type} = MT::Author::AUTHOR();
1440	}
1441
1442	$app->listing(
1443	{
1444	no_html => 1,
1445	code => $hasher,
1446	type => $source,
1447	params => $panel_params,
1448	terms => $terms,
1449	args => { sort => 'name' },
1450	}
1451	);
1452	if ( $source && ( $source eq 'author' ) ) {
1453	if ( !$app->param('offset') ) {
1454	my $data = $panel_params->{object_loop} \|\|= [];
1455	unshift @$data, $pseudo_user_row;
1456	}
1457	}
1458	if (
1459	!$panel_params->{object_loop}
1460	\|\| ( $panel_params->{object_loop}
1461	&& @{ $panel_params->{object_loop} } < 1 )
1462	)
1463	{
1464	$params->{"missing_$source"} = 1;
1465	$params->{"missing_data"} = 1;
1466	}
1467	push @{ $params->{panel_loop} }, $panel_params;
1468	}
1469
1470	# save the arguments from whence we came...
1471	$params->{return_args} = $app->return_args;
1472	$app->load_tmpl( 'dialog/create_association.tmpl', $params );
1473	}
1474	}
1475
1476	sub remove_userpic {
1477	my $app = shift;
1478	$app->validate_magic() or return;
1479	my $q = $app->param;
1480	my $user_id = $q->param('user_id');
1481	my $user = $app->model('author')->load( { id => $user_id } )
1482	or return;
1483	if ($user->userpic_asset_id) {
1484	my $old_file = $user->userpic_file();
1485	my $fmgr = MT::FileMgr->new('Local');
1486	if ($fmgr->exists($old_file)) {
1487	$fmgr->delete($old_file);
1488	}
1489	$user->userpic_asset_id(0);
1490	$user->save;
1491	}
1492	return 'success';
1493	}
1494
1495	sub can_delete_association {
1496	my ( $eh, $app, $obj ) = @_;
1497
1498	my $blog_id = $app->param('blog_id');
1499	my $user = $app->user;
1500	if ( !$user->is_superuser ) {
1501	if ( !$blog_id \|\| !$user->permissions($blog_id)->can_administer_blog ) {
1502	return $eh->error( MT->translate("Permission denied.") );
1503	}
1504	if ( $obj->author_id == $user->id ) {
1505	return $eh->error(
1506	MT->translate("You cannot delete your own association.") );
1507	}
1508	}
1509	1;
1510	}
1511
1512	sub can_view {
1513	my ( $eh, $app, $id ) = @_;
1514	return $id && ( $app->user->id == $id );
1515	}
1516
1517	sub can_save {
1518	my ( $eh, $app, $id ) = @_;
1519	my $author = $app->user;
1520	if ( !$id ) {
1521	return $author->is_superuser;
1522	}
1523	else {
1524	return $author->id == $id;
1525	}
1526	}
1527
1528	sub can_delete {
1529	my ( $eh, $app, $obj ) = @_;
1530	my $author = $app->user;
1531	if ( $author->id == $obj->id ) {
1532	return $eh->error(
1533	MT->translate("You cannot delete your own user record.") );
1534	}
1535	return 1 if $author->is_superuser();
1536	if ( !( $obj->created_by && $obj->created_by == $author->id ) ) {
1537	return $eh->error(
1538	MT->translate(
1539	"You have no permission to delete the user [_1].", $obj->name
1540	)
1541	);
1542	}
1543	}
1544
1545	sub save_filter {
1546	my ( $eh, $app ) = @_;
1547
1548	my $status = $app->param('status');
1549	return 1 if $status and $status == MT::Author::INACTIVE();
1550
1551	require MT::Auth;
1552	my $auth_mode = $app->config('AuthenticationModule');
1553	my ($pref) = split /\s+/, $auth_mode;
1554
1555	my $name = $app->param('name');
1556	my $nickname = $app->param('nickname');
1557	if ( $pref eq 'MT' ) {
1558	if ( defined $name ) {
1559	$name =~ s/(^\s+\|\s+$)//g;
1560	$app->param( 'name', $name );
1561	}
1562	return $eh->error( $app->translate("User requires username") )
1563	if ( !$name );
1564
1565	if ( defined $nickname ) {
1566	$nickname =~ s/(^\s+\|\s+$)//g;
1567	$app->param( 'nickname', $nickname );
1568	}
1569	return $eh->error( $app->translate("User requires display name") )
1570	if ( !$nickname );
1571	}
1572
1573	require MT::Author;
1574	my $existing = MT::Author->load(
1575	{
1576	name => $name,
1577	type => MT::Author::AUTHOR()
1578	}
1579	);
1580	my $id = $app->param('id');
1581	if ( $existing && ( ( $id && $existing->id ne $id ) \|\| !$id ) ) {
1582	return $eh->error(
1583	$app->translate("A user with the same name already exists.") );
1584	}
1585
1586	return 1 if ( $pref ne 'MT' );
1587	if ( !$app->param('id') ) { # it's a new object
1588	return $eh->error( $app->translate("User requires password") )
1589	if ( !$app->param('pass') );
1590	return $eh->error(
1591	$app->translate("User requires password recovery word/phrase") )
1592	if ( !$app->param('hint') );
1593	}
1594	return $eh->error(
1595	MT->translate("Email Address is required for password recovery") )
1596	unless $app->param('email');
1597	if ( $app->param('url') ) {
1598	my $url = $app->param('url');
1599	return $eh->error( MT->translate("Website URL is imperfect") )
1600	unless is_url($url);
1601	}
1602	1;
1603	}
1604
1605	sub pre_save {
1606	my $eh = shift;
1607	my ( $app, $obj, $original ) = @_;
1608
1609	# Authors should only be of type AUTHOR when created from
1610	# the CMS app; COMMENTERs are created from the Comments app.
1611	$obj->type( MT::Author::AUTHOR() );
1612
1613	my $pass = $app->param('pass');
1614	if ($pass) {
1615	$obj->set_password($pass);
1616	}
1617	elsif ( !$obj->id ) {
1618	$obj->password('(none)');
1619	}
1620
1621	my ( $delim, $delim2 ) = $app->param('tag_delim');
1622	$delim = $delim ? $delim : $delim2;
1623	if ( $delim =~ m/comma/i ) {
1624	$delim = ord(',');
1625	}
1626	elsif ( $delim =~ m/space/i ) {
1627	$delim = ord(' ');
1628	}
1629	else {
1630	$delim = ord(',');
1631	}
1632	$obj->entry_prefs( 'tag_delim' => $delim );
1633
1634	unless ( $obj->id ) {
1635	$obj->created_by( $app->user->id );
1636	}
1637	1;
1638	}
1639
1640	sub post_save {
1641	my $eh = shift;
1642	my ( $app, $obj, $original ) = @_;
1643
1644	if ( !$original->id ) {
1645	$app->log(
1646	{
1647	message => $app->translate(
1648	"User '[_1]' (ID:[_2]) created by '[_3]'",
1649	$obj->name, $obj->id, $app->user->name
1650	),
1651	level => MT::Log::INFO(),
1652	class => 'author',
1653	category => 'new',
1654	}
1655	);
1656	$obj->add_default_roles;
1657
1658	my $author_id = $obj->id;
1659	if ( $app->param('create_personal_weblog') ) {
1660
1661	# provision new user with a personal blog
1662	$app->run_callbacks( 'new_user_provisioning', $obj );
1663	}
1664	}
1665	else {
1666	if ( $app->user->id == $obj->id ) {
1667	## If this is a user editing his/her profile, $id will be
1668	## some defined value; if so we should update the user's
1669	## cookie to reflect any changes made to username and password.
1670	## Otherwise, this is a new user, and we shouldn't update the
1671	## cookie.
1672	$app->user($obj);
1673	if ( ( $obj->name ne $original->name )
1674	\|\| ( $app->param('pass') ) )
1675	{
1676	$app->start_session();
1677	}
1678	}
1679	}
1680	1;
1681	}
1682
1683	sub post_delete {
1684	my ( $eh, $app, $obj ) = @_;
1685
1686	$app->log(
1687	{
1688	message => $app->translate(
1689	"User '[_1]' (ID:[_2]) deleted by '[_3]'",
1690	$obj->name, $obj->id, $app->user->name
1691	),
1692	level => MT::Log::INFO(),
1693	class => 'system',
1694	category => 'delete'
1695	}
1696	);
1697	}
1698
1699	sub _merge_default_assignments {
1700	my $app = shift;
1701	my ( $data, $hasher, $type, $id ) = @_;
1702
1703	if ( my $def = MT->config->DefaultAssignments ) {
1704	my @def = split ',', $def;
1705	while ( my $role_id = shift @def ) {
1706	my $blog_id = shift @def;
1707	next unless $role_id && $blog_id;
1708	next if ( $type eq 'role' ) && ( $id != $role_id );
1709	next if ( $type eq 'blog' ) && ( $id != $blog_id );
1710	my $obj = MT::Association->new;
1711	$obj->role_id($role_id);
1712	$obj->blog_id($blog_id);
1713	$obj->id( 'PSEUDO-' . $role_id . '-' . $blog_id );
1714	my $row = $obj->column_values();
1715	$hasher->( $obj, $row ) if $hasher;
1716	$row->{user_id} = 'PSEUDO';
1717	$row->{user_name} = MT->translate('(newly created user)');
1718	push @$data, $row;
1719	}
1720	}
1721	}
1722
1723	sub build_author_table {
1724	my $app = shift;
1725	my (%args) = @_;
1726
1727	my $i = 1;
1728	my @author;
1729	my $iter;
1730	if ( $args{load_args} ) {
1731	my $class = $app->model('author');
1732	$iter = $class->load_iter( @{ $args{load_args} } );
1733	}
1734	elsif ( $args{iter} ) {
1735	$iter = $args{iter};
1736	}
1737	elsif ( $args{items} ) {
1738	$iter = sub { pop @{ $args{items} } };
1739	}
1740	return [] unless $iter;
1741	my $blog_id = $app->param('blog_id');
1742	my $param = $args{param};
1743	$param->{has_edit_access} = $app->user->is_superuser();
1744	$param->{is_administrator} = $app->user->is_superuser();
1745	my ( %blogs, %entry_count_refs );
1746	while ( my $author = $iter->() ) {
1747	my $row = {
1748	name => $author->name,
1749	nickname => $author->nickname,
1750	email => $author->email,
1751	url => $author->url,
1752	status_enabled => $author->is_active,
1753	status_pending => ( $author->status == MT::Author::PENDING() )
1754	? 1
1755	: 0,
1756	id => $author->id,
1757	entry_count => 0,
1758	is_me => ( $app->user->id == $author->id ? 1 : 0 )
1759	};
1760	$entry_count_refs{ $author->id } = \$row->{entry_count};
1761	if ( $author->created_by ) {
1762	if ( my $parent_author =
1763	$app->model('author')->load( $author->created_by ) )
1764	{
1765	$row->{created_by} = $parent_author->name;
1766	}
1767	else {
1768	$row->{created_by} = $app->translate('(user deleted)');
1769	}
1770	}
1771	$row->{object} = $author;
1772	$row->{usertype_author} = 1 if $author->type == MT::Author::AUTHOR();
1773	if ( $author->type == MT::Author::COMMENTER() ) {
1774	$row->{usertype_commenter} = 1;
1775	$row->{status_trusted} = 1 if $blog_id && $author->is_trusted($blog_id);
1776	if ($row->{name} =~ m/^[a-f0-9]{32}$/) {
1777	$row->{name} = $row->{nickname} \|\| $row->{url};
1778	}
1779	}
1780	$row->{auth_icon_url} = $author->auth_icon_url;
1781	push @author, $row;
1782	}
1783	return [] unless @author;
1784	my $type = $app->param('entry_type') \|\| 'entry';
1785	my $entry_class = $app->model($type);
1786	my $author_entry_count_iter =
1787	$entry_class->count_group_by( { author_id => [ keys %entry_count_refs ] },
1788	{ group => ['author_id'] } );
1789	while ( my ( $count, $author_id ) = $author_entry_count_iter->() ) {
1790	${ $entry_count_refs{$author_id} } = $count;
1791	}
1792	$param->{author_table}[0]{object_loop} = \@author;
1793
1794	$app->load_list_actions( 'author', $param->{author_table}[0] );
1795	$param->{page_actions} = $param->{author_table}[0]{page_actions} =
1796	$app->page_actions('list_authors');
1797	$param->{object_loop} = $param->{author_table}[0]{object_loop};
1798
1799	\@author;
1800	}
1801
1802	sub _delete_pseudo_association {
1803	my $app = shift;
1804	my ($pid, $bid) = @_;
1805	my $rid;
1806	if ($pid) {
1807	( my $pseudo, $rid, $bid ) = split '-', $pid;
1808	}
1809	my @newdef;
1810	if ( my $def = $app->config->DefaultAssignments ) {
1811	my @def = split ',', $def;
1812	while ( my $role_id = shift @def ) {
1813	my $blog_id = shift @def;
1814	next unless $role_id && $blog_id;
1815	next
1816	if ( $rid && ( $role_id == $rid ) && ( $blog_id == $bid ) )
1817	\|\| ( !defined($rid) && ( $blog_id == $bid ) );
1818	push @newdef, "$role_id,$blog_id";
1819	}
1820	}
1821	if (@newdef) {
1822	$app->config( 'DefaultAssignments', join( ',', @newdef ), 1 );
1823	}
1824	else {
1825	$app->config( 'DefaultAssignments', undef, 1 );
1826	}
1827	$app->config->save_config;
1828	}
1829
1830	1;

Note: See TracBrowser for help on using the browser.

Context Navigation

root/branches/release-35/lib/MT/CMS/User.pm @ 1908

Download in other formats: