3 * StatusNet, the distributed open-source microblogging tool
5 * Superclass for admin panel actions
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@status.net>
25 * @copyright 2009 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
35 * superclass for admin panel actions
37 * Common code for all admin panel actions.
41 * @author Evan Prodromou <evan@status.net>
42 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
43 * @link http://status.net/
45 * @todo Find some commonalities with SettingsAction and combine
47 class AdminPanelAction extends Action
53 * Prepare for the action
55 * We check to see that the user is logged in, has
56 * authenticated in this session, and has the right
57 * to configure the site.
59 * @param array $args Array of arguments from Web driver
61 * @return boolean success flag
63 function prepare(array $args=array())
65 parent::prepare($args);
67 // User must be logged in.
69 if (!common_logged_in()) {
70 // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
71 $this->clientError(_('Not logged in.'));
74 $user = common_current_user();
76 // ...because they're logged in
78 assert(!empty($user));
80 // It must be a "real" login, not saved cookie login
82 if (!common_is_real_login()) {
83 // Cookie theft is too easy; we require automatic
84 // logins to re-authenticate before admining the site
85 common_set_returnto($this->selfUrl());
86 if (Event::handle('RedirectToLogin', array($this, $user))) {
87 common_redirect(common_local_url('login'), 303);
91 // User must have the right to change admin settings
93 if (!$user->hasRight(Right::CONFIGURESITE)) {
94 // TRANS: Client error message thrown when a user tries to change admin settings but has no access rights.
95 $this->clientError(_('You cannot make changes to this site.'));
98 // This panel must be enabled
100 $name = $this->trimmed('action');
102 $name = mb_substr($name, 0, -10);
104 if (!self::canAdmin($name)) {
105 // TRANS: Client error message throw when a certain panel's settings cannot be changed.
106 $this->clientError(_('Changes to that panel are not allowed.'), 403);
115 * Check session token and try to save the settings if this is a
116 * POST. Otherwise, show the form.
118 * @param array $args unused.
122 function handle(array $args=array())
124 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
125 $this->checkSessionToken();
127 $this->saveSettings();
131 Config::loadSettings();
133 $this->success = true;
134 // TRANS: Message after successful saving of administrative settings.
135 $this->msg = _('Settings saved.');
136 } catch (Exception $e) {
137 $this->success = false;
138 $this->msg = $e->getMessage();
145 * Show tabset for this page
147 * Uses the AdminPanelNav widget
152 function showLocalNav()
154 $nav = new AdminPanelNav($this);
159 * Show the content section of the page
161 * Here, we show the admin panel's form.
165 function showContent()
171 * Show content block. Overrided just to add a special class
172 * to the content div to allow styling.
176 function showContentBlock()
178 $this->elementStart('div', array('id' => 'content', 'class' => 'admin'));
179 $this->showPageTitle();
180 $this->showPageNoticeBlock();
181 $this->elementStart('div', array('id' => 'content_inner'));
182 // show the actual content (forms, lists, whatever)
183 $this->showContent();
184 $this->elementEnd('div');
185 $this->elementEnd('div');
189 * show human-readable instructions for the page, or
190 * a success/failure on save.
194 function showPageNotice()
197 $this->element('div', ($this->success) ? 'success' : 'error',
200 $inst = $this->getInstructions();
201 $output = common_markup_to_html($inst);
203 $this->elementStart('div', 'instructions');
205 $this->elementEnd('div');
210 * Show the admin panel form
212 * Sub-classes should overload this.
218 // TRANS: Client error message.
219 $this->clientError(_('showForm() not implemented.'));
223 * Instructions for using this form.
225 * String with instructions for using the form.
227 * Subclasses should overload this.
231 function getInstructions()
237 * Save settings from the form
239 * Validate and save the settings from the user.
243 function saveSettings()
245 // TRANS: Client error message
246 $this->clientError(_('saveSettings() not implemented.'));
249 function canAdmin($name)
253 if (Event::handle('AdminPanelCheck', array($name, &$isOK))) {
254 $isOK = in_array($name, common_config('admin', 'panels'));
260 function showProfileBlock()