3 * StatusNet, the distributed open-source microblogging tool
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@status.net>
25 * @copyright 2008-2009 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
34 require_once INSTALLDIR.'/plugins/OpenID/openid.php';
39 * Lets users add, edit and delete OpenIDs from their account
43 * @author Evan Prodromou <evan@status.net>
44 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
45 * @link http://status.net/
47 class OpenidsettingsAction extends SettingsAction
52 * @return string Page title
56 // TRANS: Title of OpenID settings page for a user.
57 return _m('TITLE','OpenID settings');
61 * Instructions for use
63 * @return string Instructions for use
65 function getInstructions()
67 // TRANS: Form instructions for OpenID settings.
68 // TRANS: This message contains Markdown links in the form [description](link).
69 return _m('[OpenID](%%doc.openid%%) lets you log into many sites ' .
70 'with the same user account. '.
71 'Manage your associated OpenIDs from here.');
74 function showScripts()
76 parent::showScripts();
77 $this->autofocus('openid_url');
81 * Show the form for OpenID management
83 * We have one form with a few different submit buttons to do different things.
87 function showContent()
89 $user = common_current_user();
91 if (!common_config('openid', 'trusted_provider')) {
92 $this->elementStart('form', array('method' => 'post',
93 'id' => 'form_settings_openid_add',
94 'class' => 'form_settings',
96 common_local_url('openidsettings')));
97 $this->elementStart('fieldset', array('id' => 'settings_openid_add'));
99 // TRANS: Fieldset legend.
100 $this->element('legend', null, _m('LEGEND','Add OpenID'));
101 $this->hidden('token', common_session_token());
102 $this->element('p', 'form_guide',
103 // TRANS: Form guide.
104 _m('If you want to add an OpenID to your account, ' .
105 'enter it in the box below and click "Add".'));
106 $this->elementStart('ul', 'form_data');
107 $this->elementStart('li');
108 $this->element('label', array('for' => 'openid_url'),
109 // TRANS: Field label.
111 $this->element('input', array('name' => 'openid_url',
113 'id' => 'openid_url'));
114 $this->elementEnd('li');
115 $this->elementEnd('ul');
116 $this->element('input', array('type' => 'submit',
117 'id' => 'settings_openid_add_action-submit',
120 // TRANS: Button text for adding an OpenID URL.
121 'value' => _m('BUTTON','Add')));
122 $this->elementEnd('fieldset');
123 $this->elementEnd('form');
125 $oid = new User_openid();
127 $oid->user_id = $user->id;
132 // TRANS: Header on OpenID settings page.
133 $this->element('h2', null, _m('HEADER','Remove OpenID'));
135 if ($cnt == 1 && !$user->password) {
137 $this->element('p', 'form_guide',
138 // TRANS: Form guide.
139 _m('Removing your only OpenID '.
140 'would make it impossible to log in! ' .
141 'If you need to remove it, '.
142 'add another OpenID first.'));
145 $this->elementStart('p');
146 $this->element('a', array('href' => $oid->canonical),
148 $this->elementEnd('p');
153 $this->element('p', 'form_guide',
154 // TRANS: Form guide.
155 _m('You can remove an OpenID from your account '.
156 'by clicking the button marked "Remove".'));
159 while ($oid->fetch()) {
160 $this->elementStart('form',
161 array('method' => 'POST',
162 'id' => 'form_settings_openid_delete' . $idx,
163 'class' => 'form_settings',
165 common_local_url('openidsettings')));
166 $this->elementStart('fieldset');
167 $this->hidden('token', common_session_token());
168 $this->element('a', array('href' => $oid->canonical),
170 $this->element('input', array('type' => 'hidden',
171 'id' => 'openid_url'.$idx,
172 'name' => 'openid_url',
173 'value' => $oid->canonical));
174 $this->element('input', array('type' => 'submit',
175 'id' => 'remove'.$idx,
177 'class' => 'submit remove',
178 // TRANS: Button text to remove an OpenID.
179 'value' => _m('BUTTON','Remove')));
180 $this->elementEnd('fieldset');
181 $this->elementEnd('form');
187 $this->elementStart('form', array('method' => 'post',
188 'id' => 'form_settings_openid_trustroots',
189 'class' => 'form_settings',
191 common_local_url('openidsettings')));
192 $this->elementStart('fieldset', array('id' => 'settings_openid_trustroots'));
193 // TRANS: Fieldset legend.
194 $this->element('legend', null, _m('OpenID Trusted Sites'));
195 $this->hidden('token', common_session_token());
196 $this->element('p', 'form_guide',
197 // TRANS: Form guide.
198 _m('The following sites are allowed to access your ' .
199 'identity and log you in. You can remove a site from ' .
200 'this list to deny it access to your OpenID.'));
201 $this->elementStart('ul', 'form_data');
202 $user_openid_trustroot = new User_openid_trustroot();
203 $user_openid_trustroot->user_id=$user->id;
204 if($user_openid_trustroot->find()) {
205 while($user_openid_trustroot->fetch()) {
206 $this->elementStart('li');
207 $this->element('input', array('name' => 'openid_trustroot[]',
208 'type' => 'checkbox',
209 'class' => 'checkbox',
210 'value' => $user_openid_trustroot->trustroot,
211 'id' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot)));
212 $this->element('label', array('class'=>'checkbox', 'for' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot)),
213 $user_openid_trustroot->trustroot);
214 $this->elementEnd('li');
217 $this->elementEnd('ul');
218 $this->element('input', array('type' => 'submit',
219 'id' => 'settings_openid_trustroots_action-submit',
220 'name' => 'remove_trustroots',
222 // TRANS: Button text to remove an OpenID trustroot.
223 'value' => _m('BUTTON','Remove')));
224 $this->elementEnd('fieldset');
226 $prefs = User_openid_prefs::getKV('user_id', $user->id);
228 $this->elementStart('fieldset');
229 $this->element('legend', null, _m('LEGEND','Preferences'));
230 $this->elementStart('ul', 'form_data');
231 $this->checkBox('hide_profile_link', "Hide OpenID links from my profile", !empty($prefs) && $prefs->hide_profile_link);
232 $this->element('input', array('type' => 'submit',
233 'id' => 'settings_openid_prefs_save',
234 'name' => 'save_prefs',
236 // TRANS: Button text to save OpenID prefs
237 'value' => _m('BUTTON','Save')));
238 $this->elementEnd('ul');
239 $this->elementEnd('fieldset');
241 $this->elementEnd('form');
245 * Handle a POST request
247 * Muxes to different sub-functions based on which button was pushed
251 function handlePost()
254 $token = $this->trimmed('token');
255 if (!$token || $token != common_session_token()) {
256 // TRANS: Client error displayed when the session token does not match or is not given.
257 $this->showForm(_m('There was a problem with your session token. '.
258 'Try again, please.'));
262 if ($this->arg('add')) {
263 if (common_config('openid', 'trusted_provider')) {
264 // TRANS: Form validation error if no OpenID providers can be added.
265 $this->showForm(_m('Cannot add new providers.'));
267 $result = oid_authenticate($this->trimmed('openid_url'),
269 if (is_string($result)) { // error message
270 $this->showForm($result);
273 } else if ($this->arg('remove')) {
274 $this->removeOpenid();
275 } else if($this->arg('remove_trustroots')) {
276 $this->removeTrustroots();
277 } else if($this->arg('save_prefs')) {
280 // TRANS: Unexpected form validation error.
281 $this->showForm(_m('Something weird happened.'));
286 * Handles a request to remove OpenID trustroots from the user's account
288 * Validates input and, if everything is OK, deletes the trustroots.
289 * Reloads the form with a success or error notification.
293 function removeTrustroots()
295 $user = common_current_user();
296 $trustroots = $this->arg('openid_trustroot');
298 foreach($trustroots as $trustroot) {
299 $user_openid_trustroot = User_openid_trustroot::pkeyGet(
300 array('user_id'=>$user->id, 'trustroot'=>$trustroot));
301 if($user_openid_trustroot) {
302 $user_openid_trustroot->delete();
304 // TRANS: Form validation error when trying to remove a non-existing trustroot.
305 $this->showForm(_m('No such OpenID trustroot.'));
309 // TRANS: Success message after removing trustroots.
310 $this->showForm(_m('Trustroots removed.'), true);
318 * Handles a request to remove an OpenID from the user's account
320 * Validates input and, if everything is OK, deletes the OpenID.
321 * Reloads the form with a success or error notification.
325 function removeOpenid()
327 $openid_url = $this->trimmed('openid_url');
329 $oid = User_openid::getKV('canonical', $openid_url);
332 // TRANS: Form validation error for a non-existing OpenID.
333 $this->showForm(_m('No such OpenID.'));
336 $cur = common_current_user();
337 if (!$cur || $oid->user_id != $cur->id) {
338 // TRANS: Form validation error if OpenID is connected to another user.
339 $this->showForm(_m('That OpenID does not belong to you.'));
343 // TRANS: Success message after removing an OpenID.
344 $this->showForm(_m('OpenID removed.'), true);
349 * Handles a request to save preferences
351 * Validates input and, if everything is OK, deletes the OpenID.
352 * Reloads the form with a success or error notification.
358 $cur = common_current_user();
361 throw new ClientException(_("Not logged in."));
365 $prefs = User_openid_prefs::getKV('user_id', $cur->id);
368 $prefs = new User_openid_prefs();
369 $prefs->user_id = $cur->id;
370 $prefs->created = common_sql_now();
372 $orig = clone($prefs);
375 $prefs->hide_profile_link = $this->boolean('hide_profile_link');
380 $prefs->update($orig);
383 $this->showForm(_m('OpenID preferences saved.'), true);