3 * StatusNet, the distributed open-source microblogging tool
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@status.net>
25 * @copyright 2008-2009 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
34 require_once INSTALLDIR.'/plugins/OpenID/openid.php';
39 * Lets users add, edit and delete OpenIDs from their account
43 * @author Evan Prodromou <evan@status.net>
44 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
45 * @link http://status.net/
48 class OpenidsettingsAction extends AccountSettingsAction
53 * @return string Page title
58 return _m('OpenID settings');
62 * Instructions for use
64 * @return string Instructions for use
67 function getInstructions()
69 return _m('[OpenID](%%doc.openid%%) lets you log into many sites' .
70 ' with the same user account.'.
71 ' Manage your associated OpenIDs from here.');
74 function showScripts()
76 parent::showScripts();
77 $this->autofocus('openid_url');
81 * Show the form for OpenID management
83 * We have one form with a few different submit buttons to do different things.
88 function showContent()
90 $user = common_current_user();
92 if (!common_config('openid', 'trusted_provider')) {
93 $this->elementStart('form', array('method' => 'post',
94 'id' => 'form_settings_openid_add',
95 'class' => 'form_settings',
97 common_local_url('openidsettings')));
98 $this->elementStart('fieldset', array('id' => 'settings_openid_add'));
100 $this->element('legend', null, _m('Add OpenID'));
101 $this->hidden('token', common_session_token());
102 $this->element('p', 'form_guide',
103 _m('If you want to add an OpenID to your account, ' .
104 'enter it in the box below and click "Add".'));
105 $this->elementStart('ul', 'form_data');
106 $this->elementStart('li');
107 $this->element('label', array('for' => 'openid_url'),
109 $this->element('input', array('name' => 'openid_url',
111 'id' => 'openid_url'));
112 $this->elementEnd('li');
113 $this->elementEnd('ul');
114 $this->element('input', array('type' => 'submit',
115 'id' => 'settings_openid_add_action-submit',
118 'value' => _m('Add')));
119 $this->elementEnd('fieldset');
120 $this->elementEnd('form');
122 $oid = new User_openid();
124 $oid->user_id = $user->id;
130 $this->element('h2', null, _m('Remove OpenID'));
132 if ($cnt == 1 && !$user->password) {
134 $this->element('p', 'form_guide',
135 _m('Removing your only OpenID '.
136 'would make it impossible to log in! ' .
137 'If you need to remove it, '.
138 'add another OpenID first.'));
141 $this->elementStart('p');
142 $this->element('a', array('href' => $oid->canonical),
144 $this->elementEnd('p');
149 $this->element('p', 'form_guide',
150 _m('You can remove an OpenID from your account '.
151 'by clicking the button marked "Remove".'));
154 while ($oid->fetch()) {
155 $this->elementStart('form',
156 array('method' => 'POST',
157 'id' => 'form_settings_openid_delete' . $idx,
158 'class' => 'form_settings',
160 common_local_url('openidsettings')));
161 $this->elementStart('fieldset');
162 $this->hidden('token', common_session_token());
163 $this->element('a', array('href' => $oid->canonical),
165 $this->element('input', array('type' => 'hidden',
166 'id' => 'openid_url'.$idx,
167 'name' => 'openid_url',
168 'value' => $oid->canonical));
169 $this->element('input', array('type' => 'submit',
170 'id' => 'remove'.$idx,
172 'class' => 'submit remove',
173 'value' => _m('Remove')));
174 $this->elementEnd('fieldset');
175 $this->elementEnd('form');
181 $this->elementStart('form', array('method' => 'post',
182 'id' => 'form_settings_openid_trustroots',
183 'class' => 'form_settings',
185 common_local_url('openidsettings')));
186 $this->elementStart('fieldset', array('id' => 'settings_openid_trustroots'));
187 $this->element('legend', null, _m('OpenID Trusted Sites'));
188 $this->hidden('token', common_session_token());
189 $this->element('p', 'form_guide',
190 _m('The following sites are allowed to access your ' .
191 'identity and log you in. You can remove a site from ' .
192 'this list to deny it access to your OpenID.'));
193 $this->elementStart('ul', 'form_data');
194 $user_openid_trustroot = new User_openid_trustroot();
195 $user_openid_trustroot->user_id=$user->id;
196 if($user_openid_trustroot->find()) {
197 while($user_openid_trustroot->fetch()) {
198 $this->elementStart('li');
199 $this->element('input', array('name' => 'openid_trustroot[]',
200 'type' => 'checkbox',
201 'class' => 'checkbox',
202 'value' => $user_openid_trustroot->trustroot,
203 'id' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot)));
204 $this->element('label', array('class'=>'checkbox', 'for' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot)),
205 $user_openid_trustroot->trustroot);
206 $this->elementEnd('li');
209 $this->elementEnd('ul');
210 $this->element('input', array('type' => 'submit',
211 'id' => 'settings_openid_trustroots_action-submit',
212 'name' => 'remove_trustroots',
214 'value' => _m('Remove')));
215 $this->elementEnd('fieldset');
216 $this->elementEnd('form');
220 * Handle a POST request
222 * Muxes to different sub-functions based on which button was pushed
227 function handlePost()
230 $token = $this->trimmed('token');
231 if (!$token || $token != common_session_token()) {
232 $this->showForm(_m('There was a problem with your session token. '.
233 'Try again, please.'));
237 if ($this->arg('add')) {
238 if (common_config('openid', 'trusted_provider')) {
239 $this->showForm(_m("Can't add new providers."));
241 $result = oid_authenticate($this->trimmed('openid_url'),
243 if (is_string($result)) { // error message
244 $this->showForm($result);
247 } else if ($this->arg('remove')) {
248 $this->removeOpenid();
249 } else if($this->arg('remove_trustroots')) {
250 $this->removeTrustroots();
252 $this->showForm(_m('Something weird happened.'));
257 * Handles a request to remove OpenID trustroots from the user's account
259 * Validates input and, if everything is OK, deletes the trustroots.
260 * Reloads the form with a success or error notification.
265 function removeTrustroots()
267 $user = common_current_user();
268 $trustroots = $this->arg('openid_trustroot');
270 foreach($trustroots as $trustroot) {
271 $user_openid_trustroot = User_openid_trustroot::pkeyGet(
272 array('user_id'=>$user->id, 'trustroot'=>$trustroot));
273 if($user_openid_trustroot) {
274 $user_openid_trustroot->delete();
276 $this->showForm(_m('No such OpenID trustroot.'));
280 $this->showForm(_m('Trustroots removed'), true);
288 * Handles a request to remove an OpenID from the user's account
290 * Validates input and, if everything is OK, deletes the OpenID.
291 * Reloads the form with a success or error notification.
296 function removeOpenid()
298 $openid_url = $this->trimmed('openid_url');
300 $oid = User_openid::staticGet('canonical', $openid_url);
303 $this->showForm(_m('No such OpenID.'));
306 $cur = common_current_user();
307 if (!$cur || $oid->user_id != $cur->id) {
308 $this->showForm(_m('That OpenID does not belong to you.'));
312 $this->showForm(_m('OpenID removed.'), true);