]> git.mxchange.org Git - friendica.git/commitdiff
Move mod/delegate to src/Module/Settings/Delegation
authorHypolite Petovan <hypolite@mrpetovan.com>
Thu, 10 Oct 2019 02:17:09 +0000 (22:17 -0400)
committerHypolite Petovan <hypolite@mrpetovan.com>
Thu, 10 Oct 2019 02:17:09 +0000 (22:17 -0400)
- Move templates/delegate to templates/settings/delegation

doc/Forums.md
doc/de/Forums.md
mod/delegate.php [deleted file]
mod/settings.php
src/Content/Nav.php
src/Module/BaseSettingsModule.php
src/Module/Settings/Delegation.php [new file with mode: 0644]
static/routes.config.php
view/templates/delegate.tpl [deleted file]
view/templates/settings/delegation.tpl [new file with mode: 0644]

index add1601c506dac6c9a9581f46fbede50f9da3af2..03657b6afe78037aca637c9f24abe284cae3b82c 100644 (file)
@@ -40,7 +40,7 @@ You are not required to do this, but the alternative is to log out and log back
 This could get cumbersome if you manage several different forums/identities. 
 
 You may also appoint a delegate to manage your forum.
-Do this by visiting the [Delegation Setup Page](delegate).
+Do this by visiting the [Delegation Setup Page](settings/delegation).
 This will provide you with a list of contacts on this system under "Potential Delegates".
 Selecting one or more persons will give them access to manage your forum.
 They will be able to edit contacts, profiles, and all content for this account/page.
index ec3ad1400c86da7884934562a043eabe5819db6f..a6ddf2efde0434a074aa926d56a5e07d6fcf80ce 100644 (file)
@@ -38,7 +38,7 @@ Du musst das nicht machen, die Alternative ist allerdings, Dich immer wieder aus
 Und das kann umständlich sein, wenn Du mehrere verschiedene Foren/Identitäten verwaltest.
 
 Du kannst ebenso jemanden wählen, der Dein Forum verwaltet. 
-Mach das, indem Du die [Delegations-Setup-Seite](/delegate) besuchst. 
+Mach das, indem Du die [Delegations-Setup-Seite](/settings/delegation) besuchst. 
 Dort wird Dir eine Liste an "Potentiellen Bevollmächtigen" angezeigt. 
 Die Auswahl einer oder mehrerer Personen gibt diesen die Möglichkeit, Dein Forum zu verwalten. 
 Sie können Kontakte, Profile und alle Inhalte Deines Accounts/deiner Seite bearbeiten. 
diff --git a/mod/delegate.php b/mod/delegate.php
deleted file mode 100644 (file)
index 4560784..0000000
+++ /dev/null
@@ -1,191 +0,0 @@
-<?php
-/**
- * @file mod/delegate.php
- */
-
-use Friendica\App;
-use Friendica\BaseModule;
-use Friendica\Core\L10n;
-use Friendica\Core\Protocol;
-use Friendica\Core\Renderer;
-use Friendica\Core\System;
-use Friendica\Database\DBA;
-use Friendica\Model\User;
-use Friendica\Util\Strings;
-
-require_once 'mod/settings.php';
-
-function delegate_init(App $a)
-{
-       settings_init($a);
-}
-
-function delegate_post(App $a)
-{
-       if (!local_user()) {
-               return;
-       }
-
-       if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
-               notice(L10n::t('Permission denied.') . EOL);
-               return;
-       }
-
-       BaseModule::checkFormSecurityTokenRedirectOnError('/delegate', 'delegate');
-
-       $parent_uid = defaults($_POST, 'parent_user', 0);
-       $parent_password = defaults($_POST, 'parent_password', '');
-
-       if ($parent_uid != 0) {
-               $user = DBA::selectFirst('user', ['nickname'], ['uid' => $parent_uid]);
-               if (!DBA::isResult($user)) {
-                       notice(L10n::t('Parent user not found.') . EOL);
-                       return;
-               }
-
-               $success = User::authenticate($user['nickname'], trim($parent_password));
-               if (!$success) {
-                       notice(L10n::t('Permission denied.') . EOL);
-                       return;
-               }
-       }
-
-       DBA::update('user', ['parent-uid' => $parent_uid], ['uid' => local_user()]);
-}
-
-function delegate_content(App $a)
-{
-       if (!local_user()) {
-               notice(L10n::t('Permission denied.') . EOL);
-               return;
-       }
-
-       if ($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) {
-               // delegated admins can view but not change delegation permissions
-               if (!empty($_SESSION['submanage'])) {
-                       $a->internalRedirect('delegate');
-               }
-
-               $user_id = $a->argv[2];
-
-               $user = DBA::selectFirst('user', ['nickname'], ['uid' => $user_id]);
-               if (DBA::isResult($user)) {
-                       $condition = [
-                               'uid' => local_user(),
-                               'nurl' => Strings::normaliseLink(System::baseUrl() . '/profile/' . $user['nickname'])
-                       ];
-                       if (DBA::exists('contact', $condition)) {
-                               DBA::insert('manage', ['uid' => $user_id, 'mid' => local_user()]);
-                       }
-               }
-               $a->internalRedirect('delegate');
-       }
-
-       if ($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) {
-               // delegated admins can view but not change delegation permissions
-               if (!empty($_SESSION['submanage'])) {
-                       $a->internalRedirect('delegate');
-               }
-
-               DBA::delete('manage', ['uid' => $a->argv[2], 'mid' => local_user()]);
-               $a->internalRedirect('delegate');
-       }
-
-       // find everybody that currently has delegated management to this account/page
-       $delegates = [];
-       $r = q("SELECT * FROM `user` WHERE `uid` IN (SELECT `uid` FROM `manage` WHERE `mid` = %d)",
-               intval(local_user())
-       );
-       if (DBA::isResult($r)) {
-               $delegates = $r;
-       }
-
-       $uids = [];
-       foreach ($delegates as $rr) {
-               $uids[] = $rr['uid'];
-       }
-
-       // find every contact who might be a candidate for delegation
-       $potentials = [];
-
-       $r = q("SELECT `nurl`
-               FROM `contact`
-               WHERE `self` = 0
-               AND SUBSTRING_INDEX(`nurl`, '/', 3) = '%s'
-               AND `uid` = %d
-               AND `network` = '%s' ",
-               DBA::escape(Strings::normaliseLink(System::baseUrl())),
-               intval(local_user()),
-               DBA::escape(Protocol::DFRN)
-       );
-       if (DBA::isResult($r)) {
-               $nicknames = [];
-               foreach ($r as $rr) {
-                       $nicknames[] = "'" . DBA::escape(basename($rr['nurl'])) . "'";
-               }
-
-               $nicks = implode(',', $nicknames);
-
-               // get user records for all potential page delegates who are not already delegates or managers
-               $r = q("SELECT `uid`, `username`, `nickname` FROM `user` WHERE `nickname` IN ($nicks)");
-               if (DBA::isResult($r)) {
-                       foreach ($r as $rr) {
-                               if (!in_array($rr['uid'], $uids)) {
-                                       $potentials[] = $rr;
-                               }
-                       }
-               }
-       }
-
-       settings_init($a);
-
-       $user = DBA::selectFirst('user', ['parent-uid', 'email'], ['uid' => local_user()]);
-
-       $parent_user = null;
-
-       if (DBA::isResult($user)) {
-               if (!DBA::exists('user', ['parent-uid' => local_user()])) {
-                       $parent_uid = $user['parent-uid'];
-                       $parents = [0 => L10n::t('No parent user')];
-
-                       $fields = ['uid', 'username', 'nickname'];
-                       $condition = ['email' => $user['email'], 'verified' => true, 'blocked' => false, 'parent-uid' => 0];
-                       $parent_users = DBA::select('user', $fields, $condition);
-                       while ($parent = DBA::fetch($parent_users)) {
-                               if ($parent['uid'] != local_user()) {
-                                       $parents[$parent['uid']] = sprintf('%s (%s)', $parent['username'], $parent['nickname']);
-                               }
-                       }
-                       $parent_user = ['parent_user', '', $parent_uid, '', $parents];
-               }
-       }
-
-       if (!is_null($parent_user)) {
-               $parent_password = ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')];
-       } else {
-               $parent_password = '';
-       }
-
-       $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegate.tpl'), [
-               '$form_security_token' => BaseModule::getFormSecurityToken('delegate'),
-               '$parent_header' => L10n::t('Parent User'),
-               '$parent_user' => $parent_user,
-               '$parent_password' => $parent_password,
-               '$parent_desc' => L10n::t('Parent users have total control about this account, including the account settings. Please double check whom you give this access.'),
-               '$submit' => L10n::t('Save Settings'),
-               '$header' => L10n::t('Delegate Page Management'),
-               '$delegates_header' => L10n::t('Delegates'),
-               '$base' => System::baseUrl(),
-               '$desc' => L10n::t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'),
-               '$head_delegates' => L10n::t('Existing Page Delegates'),
-               '$delegates' => $delegates,
-               '$head_potentials' => L10n::t('Potential Delegates'),
-               '$potentials' => $potentials,
-               '$remove' => L10n::t('Remove'),
-               '$add' => L10n::t('Add'),
-               '$none' => L10n::t('No entries.')
-       ]);
-
-
-       return $o;
-}
index cdc43ac222e55101928ac5f31c3b51b009c03726..0d519e5a073ac3d26dbc3b14f02e06989c08d24b 100644 (file)
@@ -115,8 +115,8 @@ function settings_init(App $a)
 
        $tabs[] =       [
                'label' => L10n::t('Delegations'),
-               'url'   => 'delegate',
-               'selected'      => (($a->argc == 1) && ($a->argv[0] === 'delegate')?'active':''),
+               'url'   => 'settings/delegation',
+               'selected'      => (($a->argc > 1) && ($a->argv[1] === 'delegation')?'active':''),
                'accesskey' => 'd',
        ];
 
index 8140c5f3c13780a77da77160e95a264b7b4c86ef..e81214cee062b196ca0e244804549ade1d144eae 100644 (file)
@@ -260,7 +260,7 @@ class Nav
                                $nav['manage'] = ['manage', L10n::t('Manage'), '', L10n::t('Manage other pages')];
                        }
 
-                       $nav['delegations'] = ['delegate', L10n::t('Delegations'), '', L10n::t('Delegate Page Management')];
+                       $nav['delegations'] = ['settings/delegation', L10n::t('Delegations'), '', L10n::t('Delegate Page Management')];
 
                        $nav['settings'] = ['settings', L10n::t('Settings'), '', L10n::t('Account settings')];
 
index fdf3c8166427ed5cfe14c65bf0f8196b17e3cccd..4c9173db79d9c0e96d879e43f2fadb15ac4c0939 100644 (file)
@@ -73,8 +73,8 @@ class BaseSettingsModule extends BaseModule
 
                $tabs[] = [
                        'label' => L10n::t('Delegations'),
-                       'url' => 'delegate',
-                       'selected' => (($a->argc == 1) && ($a->argv[0] === 'delegate') ? 'active' : ''),
+                       'url' => 'settings/delegation',
+                       'selected' => (($a->argc > 1) && ($a->argv[1] === 'delegation') ? 'active' : ''),
                        'accesskey' => 'd',
                ];
 
diff --git a/src/Module/Settings/Delegation.php b/src/Module/Settings/Delegation.php
new file mode 100644 (file)
index 0000000..4e077b9
--- /dev/null
@@ -0,0 +1,175 @@
+<?php
+
+namespace Friendica\Module\Settings;
+
+use Friendica\App\Arguments;
+use Friendica\BaseModule;
+use Friendica\Core\L10n;
+use Friendica\Core\Protocol;
+use Friendica\Core\Renderer;
+use Friendica\Core\Session;
+use Friendica\Core\System;
+use Friendica\Database\DBA;
+use Friendica\Model\User;
+use Friendica\Module\BaseSettingsModule;
+use Friendica\Network\HTTPException;
+use Friendica\Util\Strings;
+
+class Delegation extends BaseSettingsModule
+{
+       public static function post()
+       {
+               if (!local_user() || !empty(self::getApp()->user['uid']) && self::getApp()->user['uid'] != local_user()) {
+                       throw new HTTPException\ForbiddenException(L10n::t('Permission denied.'));
+               }
+
+               BaseModule::checkFormSecurityTokenRedirectOnError('settings/delegation', 'delegate');
+
+               $parent_uid = $_POST['parent_user'] ?? 0;
+               $parent_password = $_POST['parent_password'] ?? '';
+
+               if ($parent_uid != 0) {
+                       $user = DBA::selectFirst('user', ['nickname'], ['uid' => $parent_uid]);
+                       if (!DBA::isResult($user)) {
+                               notice(L10n::t('Parent user not found.'));
+                               return;
+                       }
+
+                       try {
+                               User::getIdFromPasswordAuthentication($user['nickname'], $parent_password);
+                               info(L10n::t('Delegation successfully granted.'));
+                       } catch (\Throwable $ex) {
+                               notice(L10n::t('Parent user password doesn\'t match.'));
+                               return;
+                       }
+               } else {
+                       info(L10n::t('Delegation successfully revoked.'));
+               }
+
+               DBA::update('user', ['parent-uid' => $parent_uid], ['uid' => local_user()]);
+       }
+
+       public static function content()
+       {
+               parent::content();
+
+               if (!local_user()) {
+                       throw new HTTPException\ForbiddenException(L10n::t('Permission denied.'));
+               }
+
+               /** @var Arguments $args */
+               $args = self::getClass(Arguments::class);
+
+               $action = $args->get(2);
+               $user_id = $args->get(3);
+               if ($action === 'add' && $user_id) {
+                       if (Session::get('submanage')) {
+                               notice(L10n::t('Delegated administrators can view but not change delegation permissions.'));
+                               self::getApp()->internalRedirect('settings/delegation');
+                       }
+
+                       $user = DBA::selectFirst('user', ['nickname'], ['uid' => $user_id]);
+                       if (DBA::isResult($user)) {
+                               $condition = [
+                                       'uid' => local_user(),
+                                       'nurl' => Strings::normaliseLink(System::baseUrl() . '/profile/' . $user['nickname'])
+                               ];
+                               if (DBA::exists('contact', $condition)) {
+                                       DBA::insert('manage', ['uid' => $user_id, 'mid' => local_user()]);
+                               }
+                       } else {
+                               notice(L10n::t('Delegate user not found.'));
+                       }
+
+                       self::getApp()->internalRedirect('settings/delegation');
+               }
+
+               if ($action === 'remove' && $user_id) {
+                       if (Session::get('submanage')) {
+                               notice(L10n::t('Delegated administrators can view but not change delegation permissions.'));
+                               self::getApp()->internalRedirect('settings/delegation');
+                       }
+
+                       DBA::delete('manage', ['uid' => $user_id, 'mid' => local_user()]);
+                       self::getApp()->internalRedirect('settings/delegation');
+               }
+
+               // find everybody that currently has delegated management to this account/page
+               $delegates = DBA::selectToArray('user', [], ['`uid` IN (SELECT `uid` FROM `manage` WHERE `mid` = ?)', local_user()]);
+
+               $uids = [];
+               foreach ($delegates as $user) {
+                       $uids[] = $user['uid'];
+               }
+
+               // find every contact who might be a candidate for delegation
+               $potentials = [];
+
+               $contacts = DBA::selectToArray(
+                       'contact',
+                       ['nurl'],
+                       [
+                               "`self` = 0 AND SUBSTRING_INDEX(`nurl`, '/', 3) = ? AND `uid` = ? AND `network` = ?",
+                               Strings::normaliseLink(System::baseUrl()),
+                               local_user(),
+                               Protocol::DFRN,
+                       ]
+               );
+               if ($contacts) {
+                       $nicknames = [];
+                       foreach ($contacts as $contact) {
+                               $nicknames[] = "'" . DBA::escape(basename($contact['nurl'])) . "'";
+                       }
+
+                       // get user records for all potential page delegates who are not already delegates or managers
+                       $potentialDelegateUsers = DBA::selectToArray('user', ['uid', 'username', 'nickname'], ['nickname' => $nicknames]);
+                       foreach ($potentialDelegateUsers as $user) {
+                               if (!in_array($user['uid'], $uids)) {
+                                       $potentials[] = $user;
+                               }
+                       }
+               }
+
+               $parent_user = null;
+               $parent_password = null;
+               $user = DBA::selectFirst('user', ['parent-uid', 'email'], ['uid' => local_user()]);
+               if (DBA::isResult($user) && !DBA::exists('user', ['parent-uid' => local_user()])) {
+                       $parent_uid = $user['parent-uid'];
+                       $parents = [0 => L10n::t('No parent user')];
+
+                       $fields = ['uid', 'username', 'nickname'];
+                       $condition = ['email' => $user['email'], 'verified' => true, 'blocked' => false, 'parent-uid' => 0];
+                       $parent_users = DBA::selectToArray('user', $fields, $condition);
+                       foreach($parent_users as $parent) {
+                               if ($parent['uid'] != local_user()) {
+                                       $parents[$parent['uid']] = sprintf('%s (%s)', $parent['username'], $parent['nickname']);
+                               }
+                       }
+
+                       $parent_user = ['parent_user', '', $parent_uid, '', $parents];
+                       $parent_password = ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')];
+               }
+
+               $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('settings/delegation.tpl'), [
+                       '$form_security_token' => BaseModule::getFormSecurityToken('delegate'),
+                       '$parent_header' => L10n::t('Parent User'),
+                       '$parent_user' => $parent_user,
+                       '$parent_password' => $parent_password,
+                       '$parent_desc' => L10n::t('Parent users have total control about this account, including the account settings. Please double check whom you give this access.'),
+                       '$submit' => L10n::t('Save Settings'),
+                       '$header' => L10n::t('Delegate Page Management'),
+                       '$delegates_header' => L10n::t('Delegates'),
+                       '$base' => System::baseUrl(),
+                       '$desc' => L10n::t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'),
+                       '$head_delegates' => L10n::t('Existing Page Delegates'),
+                       '$delegates' => $delegates,
+                       '$head_potentials' => L10n::t('Potential Delegates'),
+                       '$potentials' => $potentials,
+                       '$remove' => L10n::t('Remove'),
+                       '$add' => L10n::t('Add'),
+                       '$none' => L10n::t('No entries.')
+               ]);
+
+               return $o;
+       }
+}
index 73ac54991f08109efd0c623e2a7fbdb7aaade643..23a6bf99825f338bbac2955b9b22a8e49a304d35 100644 (file)
@@ -199,6 +199,7 @@ return [
                        '/app_specific' => [Module\Settings\TwoFactor\AppSpecific::class, [R::GET, R::POST]],
                        '/verify'       => [Module\Settings\TwoFactor\Verify::class,      [R::GET, R::POST]],
                ],
+               '/delegation[/{action}/{user_id}]' => [Module\Settings\Delegation::class,       [R::GET, R::POST]],
        ],
 
        '/randprof'                      => [Module\RandomProfile::class,         [R::GET]],
diff --git a/view/templates/delegate.tpl b/view/templates/delegate.tpl
deleted file mode 100644 (file)
index 0a87551..0000000
+++ /dev/null
@@ -1,55 +0,0 @@
-<h3>{{$header}}</h3>
-
-{{if $parent_user}}
-<h4>{{$parent_header}}</h4>
-<div id="delegate-parent-desc" class="delegate-parent-desc">{{$parent_desc}}</div>
-<div id="delegate-parent" class="delegate-parent">
-<form action="{{$baseurl}}/delegate" method="post">
-<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
-{{include file="field_select.tpl" field=$parent_user}}
-{{include file="field_password.tpl" field=$parent_password}}
-<div class="submit"><input type="submit" name="delegate" value="{{$submit}}" /></div>
-</form>
-</div>
-{{/if}}
-
-<h4>{{$delegates_header}}</h4>
-
-<div id="delegate-desc" class="delegate-desc">{{$desc nofilter}}</div>
-
-<h4>{{$head_delegates}}</h4>
-
-{{if $delegates}}
-{{foreach $delegates as $x}}
-
-<div class="contact-block-div">
-<a class="contact-block-link" href="{{$base}}/delegate/remove/{{$x.uid}}" >
-<img class="contact-block-img" src="{{$base}}/photo/thumb/{{$x.uid}}" title="{{$x.username}} ({{$x.nickname}})" />
-</a>
-</div>
-
-{{/foreach}}
-<div class="clear"></div>
-{{else}}
-{{$none}}
-{{/if}}
-<hr />
-
-
-<h4>{{$head_potentials}}</h4>
-{{if $potentials}}
-{{foreach $potentials as $x}}
-
-<div class="contact-block-div">
-<a class="contact-block-link" href="{{$base}}/delegate/add/{{$x.uid}}" >
-<img class="contact-block-img" src="{{$base}}/photo/thumb/{{$x.uid}}" title="{{$x.username}} ({{$x.nickname}})" />
-</a>
-</div>
-
-{{/foreach}}
-<div class="clear"></div>
-{{else}}
-{{$none}}
-{{/if}}
-<hr />
-
diff --git a/view/templates/settings/delegation.tpl b/view/templates/settings/delegation.tpl
new file mode 100644 (file)
index 0000000..9e7242d
--- /dev/null
@@ -0,0 +1,48 @@
+<h3>{{$header}}</h3>
+
+{{if $parent_user}}
+<h4>{{$parent_header}}</h4>
+<div id="delegate-parent-desc" class="delegate-parent-desc">{{$parent_desc}}</div>
+<div id="delegate-parent" class="delegate-parent">
+       <form action="settings/delegation" method="post">
+               <input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
+        {{include file="field_select.tpl" field=$parent_user}}
+        {{include file="field_password.tpl" field=$parent_password}}
+               <div class="submit"><input type="submit" name="delegate" value="{{$submit}}"/></div>
+       </form>
+</div>
+{{/if}}
+
+<h4>{{$delegates_header}}</h4>
+
+<div id="delegate-desc" class="delegate-desc">{{$desc nofilter}}</div>
+
+<h4>{{$head_delegates}}</h4>
+
+{{if $delegates}}
+    {{foreach $delegates as $x}}
+<div class="contact-block-div">
+       <a class="contact-block-link" href="settings/delegation/remove/{{$x.uid}}">
+               <img class="contact-block-img" src="photo/thumb/{{$x.uid}}" title="{{$x.username}} ({{$x.nickname}})">
+       </a>
+</div>
+    {{/foreach}}
+<div class="clear"></div>
+{{else}}
+    {{$none}}
+{{/if}}
+<hr/>
+
+<h4>{{$head_potentials}}</h4>
+{{if $potentials}}
+    {{foreach $potentials as $x}}
+<div class="contact-block-div">
+       <a class="contact-block-link" href="settings/delegation/add/{{$x.uid}}">
+               <img class="contact-block-img" src="photo/thumb/{{$x.uid}}" title="{{$x.username}} ({{$x.nickname}})">
+       </a>
+</div>
+    {{/foreach}}
+<div class="clear"></div>
+{{else}}
+    {{$none}}
+{{/if}}