3 * StatusNet, the distributed open-source microblogging tool
5 * Superclass for admin panel actions
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@status.net>
25 * @copyright 2009 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
35 * superclass for admin panel actions
37 * Common code for all admin panel actions.
41 * @author Evan Prodromou <evan@status.net>
42 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
43 * @link http://status.net/
45 * @todo Find some commonalities with SettingsAction and combine
48 class AdminPanelAction extends Action
54 * Prepare for the action
56 * We check to see that the user is logged in, has
57 * authenticated in this session, and has the right
58 * to configure the site.
60 * @param array $args Array of arguments from Web driver
62 * @return boolean success flag
65 function prepare($args)
67 parent::prepare($args);
69 // User must be logged in.
71 if (!common_logged_in()) {
72 $this->clientError(_('Not logged in.'));
76 $user = common_current_user();
78 // ...because they're logged in
80 assert(!empty($user));
82 // It must be a "real" login, not saved cookie login
84 if (!common_is_real_login()) {
85 // Cookie theft is too easy; we require automatic
86 // logins to re-authenticate before admining the site
87 common_set_returnto($this->selfUrl());
88 if (Event::handle('RedirectToLogin', array($this, $user))) {
89 common_redirect(common_local_url('login'), 303);
93 // User must have the right to change admin settings
95 if (!$user->hasRight(Right::CONFIGURESITE)) {
96 $this->clientError(_('You cannot make changes to this site.'));
100 // This panel must be enabled
102 $name = $this->trimmed('action');
104 $name = mb_substr($name, 0, -10);
106 if (!in_array($name, common_config('admin', 'panels'))) {
107 $this->clientError(_('Changes to that panel are not allowed.'), 403);
117 * Check session token and try to save the settings if this is a
118 * POST. Otherwise, show the form.
120 * @param array $args unused.
125 function handle($args)
127 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
128 $this->checkSessionToken();
130 $this->saveSettings();
134 Config::loadSettings();
136 $this->success = true;
137 $this->msg = _('Settings saved.');
138 } catch (Exception $e) {
139 $this->success = false;
140 $this->msg = $e->getMessage();
147 * Show tabset for this page
149 * Uses the AdminPanelNav widget
155 function showLocalNav()
157 $nav = new AdminPanelNav($this);
162 * Show the content section of the page
164 * Here, we show the admin panel's form.
169 function showContent()
175 * show human-readable instructions for the page, or
176 * a success/failure on save.
181 function showPageNotice()
184 $this->element('div', ($this->success) ? 'success' : 'error',
187 $inst = $this->getInstructions();
188 $output = common_markup_to_html($inst);
190 $this->elementStart('div', 'instructions');
192 $this->elementEnd('div');
197 * Show the admin panel form
199 * Sub-classes should overload this.
206 $this->clientError(_('showForm() not implemented.'));
211 * Instructions for using this form.
213 * String with instructions for using the form.
215 * Subclasses should overload this.
220 function getInstructions()
226 * Save settings from the form
228 * Validate and save the settings from the user.
233 function saveSettings()
235 $this->clientError(_('saveSettings() not implemented.'));
240 * Delete a design setting
242 * // XXX: Maybe this should go in Design? --Z
244 * @return mixed $result false if something didn't work
247 function deleteSetting($section, $setting)
249 $config = new Config();
251 $config->section = $section;
252 $config->setting = $setting;
254 if ($config->find(true)) {
255 $result = $config->delete();
257 common_log_db_error($config, 'DELETE', __FILE__);
258 $this->clientError(_("Unable to delete design setting."));
268 * Menu for public group of actions
272 * @author Evan Prodromou <evan@status.net>
273 * @author Sarven Capadisli <csarven@status.net>
274 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
275 * @link http://status.net/
280 class AdminPanelNav extends Widget
287 * @param Action $action current action, used for output
290 function __construct($action=null)
292 parent::__construct($action);
293 $this->action = $action;
304 $action_name = $this->action->trimmed('action');
306 $this->action->elementStart('ul', array('class' => 'nav'));
308 if (Event::handle('StartAdminPanelNav', array($this))) {
310 if ($this->canAdmin('site')) {
311 $this->out->menuItem(common_local_url('siteadminpanel'), _('Site'),
312 _('Basic site configuration'), $action_name == 'siteadminpanel', 'nav_site_admin_panel');
315 if ($this->canAdmin('design')) {
316 $this->out->menuItem(common_local_url('designadminpanel'), _('Design'),
317 _('Design configuration'), $action_name == 'designadminpanel', 'nav_design_admin_panel');
320 if ($this->canAdmin('user')) {
321 $this->out->menuItem(common_local_url('useradminpanel'), _('User'),
322 _('User configuration'), $action_name == 'useradminpanel', 'nav_design_admin_panel');
325 if ($this->canAdmin('access')) {
326 $this->out->menuItem(common_local_url('accessadminpanel'), _('Access'),
327 _('Access configuration'), $action_name == 'accessadminpanel', 'nav_design_admin_panel');
330 if ($this->canAdmin('paths')) {
331 $this->out->menuItem(common_local_url('pathsadminpanel'), _('Paths'),
332 _('Paths configuration'), $action_name == 'pathsadminpanel', 'nav_design_admin_panel');
335 if ($this->canAdmin('sessions')) {
336 $this->out->menuItem(common_local_url('sessionsadminpanel'), _('Sessions'),
337 _('Sessions configuration'), $action_name == 'sessionsadminpanel', 'nav_design_admin_panel');
340 Event::handle('EndAdminPanelNav', array($this));
342 $this->action->elementEnd('ul');
345 function canAdmin($name)
347 return in_array($name, common_config('admin', 'panels'));