Skip to content
Snippets Groups Projects
Commit 6fddbb6d authored by Peter Rotich's avatar Peter Rotich Committed by Jared Hancock
Browse files

Add user account registration and management

parent 6dc0bb7f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
include/ajax.users.php
+ 97
4
View file @ 6fddbb6d
......@@ -110,6 +110,91 @@ class UsersAjaxAPI extends AjaxController {
include(STAFFINC_DIR . 'templates/user.tmpl.php');
}
function register($id) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, 'Login Required');
elseif (!($user = User::lookup($id)))
Http::response(404, 'Unknown user');
$errors = $info = array();
if ($_POST) {
// Register user on post
if ($user->getAccount())
$info['error'] = 'User already registered';
elseif ($user->register($_POST, $errors))
Http::response(201, 'Account created successfully');
// Unable to create user.
$info = Format::htmlchars($_POST);
if ($errors['err'])
$info['error'] = $errors['err'];
else
$info['error'] = 'Unable to register user - try again!';
}
include(STAFFINC_DIR . 'templates/user-register.tmpl.php');
}
function manage($id, $target) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, 'Login Required');
elseif (!($user = User::lookup($id)))
Http::response(404, 'Unknown user');
if (!($account = $user->getAccount()))
return self::register($id);
$errors = array();
$info = $account->getInfo();
if ($_POST) {
if ($account->update($_POST, $errors))
Http::response(201, 'Account updated successfully');
// Unable to update account
$info = Format::htmlchars($_POST);
if ($errors['err'])
$info['error'] = $errors['err'];
else
$info['error'] = 'Unable to update account - try again!';
}
$info['_target'] = $target;
include(STAFFINC_DIR . 'templates/user-account.tmpl.php');
}
function delete($id) {
global $thisstaff;
if (!$thisstaff)
Http::response(403, 'Login Required');
elseif (!($user = User::lookup($id)))
Http::response(404, 'Unknown user');
//Switch to end user so we can get ticket stats
// fixme: use orm to get ticket count at the user model level.
$user = new EndUser($user);
$info = array();
if ($_SERVER['REQUEST_METHOD'] == 'DELETE') {
if ($user->getNumTickets())
$info['error'] = 'You cannot delete a user with tickets!';
elseif ($user->delete())
Http::response(204, 'User deleted successfully');
else
$info['error'] = 'Unable to delete user - try again!';
}
include(STAFFINC_DIR . 'templates/user-delete.tmpl.php');
}
function getUser($id=false) {
if(($user=User::lookup(($id) ? $id : $_REQUEST['id'])))
......@@ -122,11 +207,19 @@ class UsersAjaxAPI extends AjaxController {
function addUser() {
$form = UserForm::getUserForm()->getForm($_POST);
if (($user = User::fromForm($form)))
Http::response(201, $user->to_json());
$info = array();
if ($_POST) {
$info = array('error' =>'Error adding user - try again!');
$form = UserForm::getUserForm()->getForm($_POST);
if (($user = User::fromForm($form)))
Http::response(201, $user->to_json());
$info = array('error' =>'Error adding user - try again!');
} else {
$info['lookuptype'] = remote;
$info['title'] = 'Add New User';
}
return self::_lookupform($form, $info);
}
......
include/staff/templates/user-account.tmpl.php 0 → 100644
+ 162
0
View file @ 6fddbb6d
<?php
$account = $user->getAccount();
$access = (isset($info['_target']) && $info['_target'] == 'access');
if (!$info['title'])
$info['title'] = Format::htmlchars($user->getName());
?>
<h3><?php echo $info['title']; ?></h3>
<b><a class="close" href="#"><i class="icon-remove-circle"></i></a></b>
<div class="clear"></div>
<hr/>
<?php
if ($info['error']) {
echo sprintf('<p id="msg_error">%s</p>', $info['error']);
} elseif ($info['msg']) {
echo sprintf('<p id="msg_notice">%s</p>', $info['msg']);
} ?>
<ul class="tabs">
<li><a href="#user-account" <?php echo !$access? 'class="active"' : ''; ?>
><i class="icon-user"></i>&nbsp;User Information</a></li>
<li><a href="#user-access" <?php echo $access? 'class="active"' : ''; ?>
><i class="icon-fixed-width icon-lock faded"></i>&nbsp;Manage Access</a></li>
</ul>
<form method="post" class="user" action="#users/<?php echo $user->getId(); ?>/manage" >
<input type="hidden" name="id" value="<?php echo $user->getId(); ?>" />
<div class="tab_content" id="user-account" style="display:<?php echo $access? 'none' : 'block'; ?>; margin:5px;">
<form method="post" class="user" action="#users/<?php echo $user->getId(); ?>/manage" >
<input type="hidden" name="id" value="<?php echo $user->getId(); ?>" />
<table width="100%">
<tbody>
<tr>
<th colspan="2">
<em><strong>User Information</strong></em>
</th>
</tr>
<tr>
<td width="180">
Name:
</td>
<td> <?php echo $user->getName(); ?> </td>
</tr>
<tr>
<td width="180">
Email:
</td>
<td> <?php echo $user->getEmail(); ?> </td>
</tr>
<tr>
<td width="180">
Organization:
</td>
<td>
<input type="text" size="35" name="org" value="<?php echo $info['org']; ?>">
&nbsp;<span class="error">&nbsp;<?php echo $errors['org']; ?></span>
</td>
</tr>
</tbody>
<tbody>
<tr>
<th colspan="2"><em><strong>User Preferences</strong></em></th>
</tr>
<td>Time Zone:</td>
<td>
<select name="timezone_id" id="timezone_id">
<?php
$sql='SELECT id, offset,timezone FROM '.TIMEZONE_TABLE.' ORDER BY id';
if(($res=db_query($sql)) && db_num_rows($res)){
while(list($id,$offset, $tz)=db_fetch_row($res)){
$sel=($info['timezone_id']==$id)?'selected="selected"':'';
echo sprintf('<option value="%d" %s>GMT %s - %s</option>',$id,$sel,$offset,$tz);
}
}
?>
</select>
&nbsp;<span class="error"><?php echo $errors['timezone_id']; ?></span>
</td>
</tr>
<tr>
<td width="180">
Daylight Saving:
</td>
<td>
<input type="checkbox" name="dst" value="1" <?php echo $info['dst']?'checked="checked"':''; ?>>
Observe daylight saving
</td>
</tr>
</tbody>
</table>
</div>
<div class="tab_content" id="user-access" style="display:<?php echo $access? 'block' : 'none'; ?>; margin:5px;">
<table width="100%">
<tbody>
<tr>
<th colspan="2"><em><strong>Account Access</strong></em></th>
</tr>
<tr>
<td width="180">
Username:
</td>
<td>
<input type="text" size="35" name="username" value="<?php echo $info['username'] ?: $user->getEmail(); ?>">
&nbsp;<span class="error">&nbsp;<?php echo $errors['username']; ?></span>
</td>
</tr>
<tr>
<td width="180">
New Password:
</td>
<td>
<input type="password" size="35" name="passwd1" value="<?php echo $info['passwd1']; ?>">
&nbsp;<span class="error">&nbsp;<?php echo
$errors['passwd1']; ?></span>
</td>
</tr>
<tr>
<td width="180">
Confirm Password:
</td>
<td>
<input type="password" size="35" name="passwd2" value="<?php echo $info['passwd2']; ?>">
&nbsp;<span class="error">&nbsp;<?php echo $errors['passwd2']; ?></span>
</td>
</tr>
</tbody>
<tbody>
<tr>
<th colspan="2"><em><strong>Account Flags</strong></em></th>
</tr>
<tr>
<td colspan="2">
<div><input type="checkbox" name="flags[]" value="locked"> Locked (reason here) </div>
<div><input type="checkbox" name="flags[]" value="locked"> Require Password Reset</div>
</td>
</tr>
</tbody>
</table>
</div>
<hr>
<p class="full-width">
<span class="buttons" style="float:left">
<input type="reset" value="Reset">
<input type="button" name="cancel" class="close" value="Cancel">
</span>
<span class="buttons" style="float:right">
<input type="submit"
value="Save Changes">
</span>
</p>
</form>
<div class="clear"></div>
<script type="text/javascript">
$(function() {
$(document).on('click', 'input#sendemail', function(e) {
if ($(this).prop('checked'))
$('tbody#password').hide();
else
$('tbody#password').show();
});
});
</script>
include/staff/templates/user-delete.tmpl.php 0 → 100644
+ 93
0
View file @ 6fddbb6d
<?php
if (!$info['title'])
$info['title'] = 'Delete User: '.Format::htmlchars($user->getName());
$info['warn'] = 'Deleted users and tickets CANNOT be recovered';
?>
<h3><?php echo $info['title']; ?></h3>
<b><a class="close" href="#"><i class="icon-remove-circle"></i></a></b>
<hr/>
<?php
if ($info['error']) {
echo sprintf('<p id="msg_error">%s</p>', $info['error']);
} elseif ($info['warn']) {
echo sprintf('<p id="msg_warning">%s</p>', $info['warn']);
} elseif ($info['msg']) {
echo sprintf('<p id="msg_notice">%s</p>', $info['msg']);
} ?>
<div id="user-profile" style="margin:5px;">
<i class="icon-user icon-4x pull-left icon-border"></i>
<?php
// TODO: Implement change of ownership
if (0 && $user->getNumTickets()) { ?>
<a class="action-button pull-right change-user" style="overflow:inherit"
href="#users/<?php echo $user->getId(); ?>/replace" ><i
class="icon-user"></i> Change Tickets Ownership</a>
<?php
} ?>
<div><b> <?php echo Format::htmlchars($user->getName()->getOriginal()); ?></b></div>
<div>&lt;<?php echo $user->getEmail(); ?>&gt;</div>
<table style="margin-top: 1em;">
<?php foreach ($user->getDynamicData() as $entry) {
?>
<tr><td colspan="2" style="border-bottom: 1px dotted black"><strong><?php
echo $entry->getForm()->get('title'); ?></strong></td></tr>
<?php foreach ($entry->getAnswers() as $a) { ?>
<tr style="vertical-align:top"><td style="width:30%;border-bottom: 1px dotted #ccc"><?php echo Format::htmlchars($a->getField()->get('label'));
?>:</td>
<td style="border-bottom: 1px dotted #ccc"><?php echo $a->display(); ?></td>
</tr>
<?php }
}
?>
</table>
<div class="clear"></div>
<hr>
<?php
if ($user->getNumTickets()) {
echo sprintf('<div><input type="checkbox" name="deletetickets" value="1" >
<strong>Delete <a href="tickets.php?a=search&uid=%d" target="_blank">%d
%s</a> and any associated attachments and data.</strong></div><hr>',
$user->getId(),
$user->getNumTickets(),
($user->getNumTickets() >1) ? 'tickets' : 'ticket'
);
}
?>
<form method="delete" class="user"
action="#users/<?php echo $user->getId(); ?>/delete">
<input type="hidden" name="id" value="<?php echo $user->getId(); ?>" />
<p class="full-width">
<span class="buttons" style="float:left">
<input type="reset" value="Reset">
<input type="button" name="cancel" class="close"
value="No, Cancel">
</span>
<span class="buttons" style="float:right">
<input type="submit" value="Yes, Delete User">
</span>
</p>
</form>
</div>
<div class="clear"></div>
<script type="text/javascript">
$(function() {
$('a#edituser').click( function(e) {
e.preventDefault();
$('div#user-profile').hide();
$('div#user-form').fadeIn();
return false;
});
$(document).on('click', 'form.user input.cancel', function (e) {
e.preventDefault();
$('div#user-form').hide();
$('div#user-profile').fadeIn();
return false;
});
});
</script>
include/staff/templates/user-lookup.tmpl.php
+ 7
2
View file @ 6fddbb6d
......@@ -3,7 +3,11 @@
<b><a class="close" href="#"><i class="icon-remove-circle"></i></a></b>
<hr/>
<div><p id="msg_info"><i class="icon-info-sign"></i>&nbsp; Search existing users or add a new user.</p></div>
<div style="margin-bottom:10px;"><input type="text" class="search-input" style="width:100%;" placeholder="Search by email, phone or name" id="user-search" autocorrect="off" autocomplete="off"/></div>
<div style="margin-bottom:10px;">
<input type="text" class="search-input" style="width:100%;"
placeholder="Search by email, phone or name" id="user-search"
autocorrect="off" autocomplete="off"/>
</div>
<?php
if ($info['error']) {
echo sprintf('<p id="msg_error">%s</p>', $info['error']);
......@@ -73,7 +77,8 @@ $(function() {
source: function (typeahead, query) {
if (last_req) last_req.abort();
last_req = $.ajax({
url: "ajax.php/users?q="+query,
url: "ajax.php/users<?php
echo $info['lookuptype'] ? "/{$info['lookuptype']}" : '' ?>?q="+query,
dataType: 'json',
success: function (data) {
typeahead.process(data);
......
include/staff/templates/user-register.tmpl.php 0 → 100644
+ 131
0
View file @ 6fddbb6d
<?php
if (!$info['title'])
$info['title'] = 'Register: '.Format::htmlchars($user->getName());
// TODO: Set defaults
if (!$_POST) {
$info['sendemail'] = true; // send email confirmation.
}
?>
<h3><?php echo $info['title']; ?></h3>
<b><a class="close" href="#"><i class="icon-remove-circle"></i></a></b>
<div class="clear"></div>
<hr/>
<?php
if ($info['error']) {
echo sprintf('<p id="msg_error">%s</p>', $info['error']);
} elseif ($info['msg']) {
echo sprintf('<p id="msg_notice">%s</p>', $info['msg']);
} ?>
<div><p id="msg_info"><i class="icon-info-sign"></i>&nbsp;Complete the form
below to create a user account for <b><?php echo
$user->getName()->getOriginal(); ?></b>.</p></div>
<div id="user-registration" style="display:block; margin:5px;">
<form method="post" class="user"
action="#users/<?php echo $user->getId(); ?>/register">
<input type="hidden" name="id" value="<?php echo $user->getId(); ?>" />
<table width="100%">
<tbody>
<tr>
<th colspan="2">
<em><strong>User Account Login</strong></em>
</th>
</tr>
<tr>
<td width="180">
Status:
</td>
<td>
<input type="checkbox" id="sendemail" name="sendemail" value="1"
<?php echo $info['sendemail'] ? 'checked="checked"' : ''; ?> >
Send account confirmation email to user.
</td>
</tr>
<tr>
<td width="180">
Username:
</td>
<td>
<input type="text" size="35" name="username" value="<?php echo $info['username'] ?: $user->getEmail(); ?>">
&nbsp;<span class="error">&nbsp;<?php echo $errors['username']; ?></span>
</td>
</tr>
</tbody>
<tbody id="password"
style="<?php echo $info['sendemail'] ? 'display:none;' : ''; ?>"
>
<tr>
<td width="180">
Temp. Password:
</td>
<td>
<input type="password" size="35" name="passwd1" value="<?php echo $info['passwd1']; ?>">
&nbsp;<span class="error">&nbsp;<?php echo
$errors['passwd1']; ?></span>
</td>
</tr>
<tr>
<td width="180">
Confirm Password:
</td>
<td>
<input type="password" size="35" name="passwd2" value="<?php echo $info['passwd2']; ?>">
&nbsp;<span class="error">&nbsp;<?php echo $errors['passwd2']; ?></span>
</td>
</tr>
</tbody>
<tbody>
<tr>
<th colspan="2"><em><strong>User Preferences</strong></em></th>
</tr>
<td>Time Zone:</td>
<td>
<select name="timezone_id" id="timezone_id">
<?php
$sql='SELECT id, offset,timezone FROM '.TIMEZONE_TABLE.' ORDER BY id';
if(($res=db_query($sql)) && db_num_rows($res)){
while(list($id,$offset, $tz)=db_fetch_row($res)){
$sel=($info['timezone_id']==$id)?'selected="selected"':'';
echo sprintf('<option value="%d" %s>GMT %s - %s</option>',$id,$sel,$offset,$tz);
}
}
?>
</select>
&nbsp;<span class="error"><?php echo $errors['timezone_id']; ?></span>
</td>
</tr>
<tr>
<td width="180">
Daylight Saving:
</td>
<td>
<input type="checkbox" name="dst" value="1" <?php echo $info['dst'] ? 'checked="checked"' : ''; ?>>
Observe daylight saving
</td>
</tr>
</tbody>
</table>
<hr>
<p class="full-width">
<span class="buttons" style="float:left">
<input type="reset" value="Reset">
<input type="button" name="cancel" class="close" value="Cancel">
</span>
<span class="buttons" style="float:right">
<input type="submit" value="Create Account">
</span>
</p>
</form>
</div>
<div class="clear"></div>
<script type="text/javascript">
$(function() {
$(document).on('click', 'input#sendemail', function(e) {
if ($(this).prop('checked'))
$('tbody#password').hide();
else
$('tbody#password').show();
});
});
</script>
scp/ajax.php
+ 7
0
View file @ 6fddbb6d
......@@ -72,9 +72,16 @@ $dispatcher = patterns('',
url('^/lookup$', 'getUser'),
url_get('^/lookup/form$', 'getLookupForm'),
url_post('^/lookup/form$', 'addUser'),
url_get('^/add$', 'addUser'),
url_get('^/select$', 'selectUser'),
url_get('^/select/(?P<id>\d+)$', 'selectUser'),
url_get('^/select/auth:(?P<bk>\w+):(?P<id>.+)$', 'addRemoteUser'),
url_get('^/(?P<id>\d+)/register$', 'register'),
url_post('^/(?P<id>\d+)/register$', 'register'),
url_get('^/(?P<id>\d+)/delete$', 'delete'),
url_delete('^/(?P<id>\d+)/delete$', 'delete'),
url_get('^/(?P<id>\d+)/manage(?:/(?P<target>\w+))?$', 'manage'),
url_post('^/(?P<id>\d+)/manage(?:/(?P<target>\w+))?$', 'manage'),
url_get('^/staff$', 'searchStaff')
)),
url('^/tickets/', patterns('ajax.tickets.php:TicketsAjaxAPI',
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment