Add User Directory

Initial concept for user directory

include/class.nav.php

@@ -96,9 +96,10 @@ class StaffNav {
 
         if(!$this->tabs) {
             $this->tabs=array();
-            $this->tabs['dashboard']=array('desc'=>'Dashboard','href'=>'dashboard.php','title'=>'Staff Dashboard');
-            $this->tabs['tickets']=array('desc'=>'Tickets','href'=>'tickets.php','title'=>'Ticket Queue');
-            $this->tabs['kbase']=array('desc'=>'Knowledgebase','href'=>'kb.php','title'=>'Knowledgebase');
+            $this->tabs['dashboard'] = array('desc'=>'Dashboard','href'=>'dashboard.php','title'=>'Staff Dashboard');
+            $this->tabs['users'] = array('desc' => 'Users', 'href' => 'users.php', 'title' => 'User Directory');
+            $this->tabs['tickets'] = array('desc'=>'Tickets','href'=>'tickets.php','title'=>'Ticket Queue');
+            $this->tabs['kbase'] = array('desc'=>'Knowledgebase','href'=>'kb.php','title'=>'Knowledgebase');
         }
 
         return $this->tabs;
@@ -134,6 +135,10 @@ class StaffNav {
                     $subnav[]=array('desc'=>'Staff Directory','href'=>'directory.php','iconclass'=>'teams');
                     $subnav[]=array('desc'=>'My Profile','href'=>'profile.php','iconclass'=>'users');
                     break;
+                case 'users':
+                    $subnav[] = array('desc' => 'User Directory', 'href' => 'users.php', 'iconclass' => 'teams');
+                    $subnav[] = array('desc' => 'Organizations', 'href' => 'orgs.php', 'iconclass' => 'departments');
+                    break;
                 case 'kbase':
                     $subnav[]=array('desc'=>'FAQs','href'=>'kb.php', 'urls'=>array('faq.php'), 'iconclass'=>'kb');
                     if($staff) {

include/staff/user-view.inc.php

+<?php
+if(!defined('OSTSCPINC') || !$thisstaff || !is_object($user)) die('Invalid path');
+
+?>
+<table width="940" cellpadding="2" cellspacing="0" border="0">
+    <tr>
+        <td width="50%" class="has_bottom_border">
+             <h2><a href="users.php?id=<?php echo $user->getId(); ?>"
+             title="Reload"><i class="icon-refresh"></i> <?php echo $user->getName(); ?></a></h2>
+        </td>
+        <td width="50%" class="right_align has_bottom_border">
+            <span class="action-button" data-dropdown="#action-dropdown-more">
+                <span ><i class="icon-cog"></i> More</span>
+                <i class="icon-caret-down"></i>
+            </span>
+            <a id="user-delete" class="action-button user-action"
+            href="#users/<?php echo $user->getId(); ?>/delete"><i class="icon-trash"></i> Delete User</a>
+            <?php
+            if ($user->getAccount()) { ?>
+            <a id="user-manage" class="action-button user-action"
+            href="#users/<?php echo $user->getId(); ?>/manage"><i class="icon-edit"></i> Manage Account</a>
+            <?php
+            } else { ?>
+            <a id="user-register" class="action-button user-action"
+            href="#users/<?php echo $user->getId(); ?>/register"><i class="icon-edit"></i> Register</a>
+            <?php
+            } ?>
+            <div id="action-dropdown-more" class="action-dropdown anchor-right">
+              <ul>
+                <li><a class="user-action"
+                    href="#users/<?php echo $user->getId(); ?>/manage/access"><i
+                class="icon-lock"></i> Manage Account Access</a></li>
+                <li><a class="user-action"
+                    href="#users/<?php echo $user->getId(); ?>/manage/access"><i
+                class="icon-lock"></i> Change Account Password</a></li>
+              </ul>
+            </div>
+        </td>
+    </tr>
+</table>
+<table class="ticket_info" cellspacing="0" cellpadding="0" width="940" border="0">
+    <tr>
+        <td width="50">
+            <table border="0" cellspacing="" cellpadding="4" width="100%">
+                <tr>
+                    <th width="100">Name:</th>
+                    <td><b><a href="#users/<?php echo $user->getId();
+                    ?>/edit" class="user-action"><i
+                    class="icon-edit"></i>&nbsp;<?php echo
+                    $user->getName()->getOriginal();
+                    ?></a></td>
+                </tr>
+                <tr>
+                    <th>Email:</th>
+                    <td>
+                        <span id="user-<?php echo $user->getId(); ?>-email"><?php echo $user->getEmail(); ?></span>
+                    </td>
+                </tr>
+                <tr>
+                    <th>Company:</th>
+                    <td>
+                        <span id="user-<?php echo $user->getId();
+                        ?>-org"><?php echo $user->getOrg(); ?></span>
+                    </td>
+                </tr>
+            </table>
+        </td>
+        <td width="50%" style="vertical-align:top">
+            <table border="0" cellspacing="" cellpadding="4" width="100%">
+                <tr>
+                    <th>Status:</th>
+                    <td> <span id="user-<?php echo $user->getId();
+                    ?>-status"><?php echo $user->getAccountStatus(); ?></span></td>
+                </tr>
+                <tr>
+                    <th>Created:</th>
+                    <td><?php echo Format::db_datetime($user->getCreateDate()); ?></td>
+                </tr>
+                <tr>
+                    <th>Updated:</th>
+                    <td><?php echo Format::db_datetime($user->getUpdateDate()); ?></td>
+                </tr>
+            </table>
+        </td>
+    </tr>
+</table>
+<br>
+<div class="clear"></div>
+<ul class="tabs">
+    <li><a class="active" id="tickets_tab" href="#tickets"><i
+    class="icon-list-alt"></i>&nbsp;User Tickets</a></li>
+</ul>
+<div id="tickets">
+<?php
+//List all tickets the user
+
+$select ='SELECT ticket.ticket_id,ticket.`number`,ticket.dept_id,ticket.staff_id,ticket.team_id '
+        .' ,dept.dept_name,ticket.status,ticket.source,ticket.isoverdue,ticket.isanswered,ticket.created '
+        .' ,CAST(GREATEST(IFNULL(ticket.lastmessage, 0), IFNULL(ticket.reopened, 0), ticket.created) as datetime) as effective_date '
+        .' ,CONCAT_WS(" ", staff.firstname, staff.lastname) as staff, team.name as team '
+        .' ,IF(staff.staff_id IS NULL,team.name,CONCAT_WS(" ", staff.lastname, staff.firstname)) as assigned '
+        .' ,IF(ptopic.topic_pid IS NULL, topic.topic, CONCAT_WS(" / ", ptopic.topic, topic.topic)) as helptopic '
+        .' ,cdata.priority_id, cdata.subject, pri.priority_desc, pri.priority_color';
+
+$from =' FROM '.TICKET_TABLE.' ticket '
+      .' LEFT JOIN '.DEPT_TABLE.' dept ON ticket.dept_id=dept.dept_id '
+      .' LEFT JOIN '.STAFF_TABLE.' staff ON (ticket.staff_id=staff.staff_id) '
+      .' LEFT JOIN '.TEAM_TABLE.' team ON (ticket.team_id=team.team_id) '
+      .' LEFT JOIN '.TOPIC_TABLE.' topic ON (ticket.topic_id=topic.topic_id) '
+      .' LEFT JOIN '.TOPIC_TABLE.' ptopic ON (ptopic.topic_id=topic.topic_pid) '
+      .' LEFT JOIN '.TABLE_PREFIX.'ticket__cdata cdata ON (cdata.ticket_id = ticket.ticket_id) '
+      .' LEFT JOIN '.PRIORITY_TABLE.' pri ON (pri.priority_id = cdata.priority_id)';
+
+$where = 'WHERE ticket.user_id = '.db_input($user->getId());
+
+TicketForm::ensureDynamicDataView();
+
+$query ="$select $from $where ORDER BY ticket.created DESC";
+
+// Fetch the results
+$results = array();
+$res = db_query($query);
+while ($row = db_fetch_array($res))
+    $results[$row['ticket_id']] = $row;
+
+if ($results) {
+    $counts_sql = 'SELECT ticket.ticket_id,
+        count(DISTINCT attach.attach_id) as attachments,
+        count(DISTINCT thread.id) as thread_count,
+        count(DISTINCT collab.id) as collaborators
+        FROM '.TICKET_TABLE.' ticket
+        LEFT JOIN '.TICKET_ATTACHMENT_TABLE.' attach ON (ticket.ticket_id=attach.ticket_id) '
+     .' LEFT JOIN '.TICKET_THREAD_TABLE.' thread ON ( ticket.ticket_id=thread.ticket_id) '
+     .' LEFT JOIN '.TICKET_COLLABORATOR_TABLE.' collab
+            ON ( ticket.ticket_id=collab.ticket_id) '
+     .' WHERE ticket.ticket_id IN ('.implode(',', db_input(array_keys($results))).')
+        GROUP BY ticket.ticket_id';
+    $ids_res = db_query($counts_sql);
+    while ($row = db_fetch_array($ids_res)) {
+        $results[$row['ticket_id']] += $row;
+    }
+}
+?>
+<div style="width:700px; float:left;">
+   <?php
+    if ($results) {
+        echo  sprintf('<strong>Showing 1 - %d of %s</strong>',
+            count($results), count($results));
+    } else {
+        echo sprintf('%s does not have any tickets', $user->getName());
+    }
+   ?>
+</div>
+<div style="float:right;text-align:right;padding-right:5px;">
+    <b><a class="Icon newTicket" href="tickets.php?a=open&uid=<?php echo $user->getId(); ?>"> Create New Ticket</a></b>
+</div>
+<br/>
+<?php
+if ($results) { ?>
+<form action="users.php" method="POST" name='tickets' style="padding-top:10px;">
+<?php csrf_token(); ?>
+ <input type="hidden" name="a" value="mass_process" >
+ <input type="hidden" name="do" id="action" value="" >
+ <table class="list" border="0" cellspacing="1" cellpadding="2" width="940">
+    <thead>
+        <tr>
+            <?php
+            if (0) {?>
+            <th width="8px">&nbsp;</th>
+            <?php
+            } ?>
+            <th width="70">Ticket</th>
+            <th width="100">Date</th>
+            <th width="100">Status</th>
+            <th width="250">Subject</th>
+            <th width="100">Priority</th>
+            <th width="250">Department</th>
+            <th width="200">Assignee</th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+    foreach($results as $row) {
+        $flag=null;
+        if ($row['lock_id'])
+            $flag='locked';
+        elseif ($row['isoverdue'])
+            $flag='overdue';
+
+        $assigned='';
+        if ($row['staff_id'])
+            $assigned=sprintf('<span class="Icon staffAssigned">%s</span>',Format::truncate($row['staff'],40));
+        elseif ($row['team_id'])
+            $assigned=sprintf('<span class="Icon teamAssigned">%s</span>',Format::truncate($row['team'],40));
+        else
+            $assigned=' ';
+
+        $status = ucfirst($row['status']);
+        if(!strcasecmp($row['status'], 'open'))
+            $status = "<b>$status</b>";
+
+        $tid=$row['number'];
+        $subject = Format::htmlchars(Format::truncate($row['subject'],40));
+        $threadcount=$row['thread_count'];
+        ?>
+        <tr id="<?php echo $row['ticket_id']; ?>">
+            <?php
+            //Implement mass  action....if need be.
+            if (0) { ?>
+            <td align="center" class="nohover">
+                <input class="ckb" type="checkbox" name="tids[]" value="<?php echo $row['ticket_id']; ?>" <?php echo $sel?'checked="checked"':''; ?>>
+            </td>
+            <?php
+            } ?>
+            <td align="center" nowrap>
+              <a class="Icon <?php echo strtolower($row['source']); ?>Ticket ticketPreview" title="Preview Ticket"
+                href="tickets.php?id=<?php echo $row['ticket_id']; ?>"><?php echo $tid; ?></a></td>
+            <td align="center" nowrap><?php echo Format::db_datetime($row['effective_date']); ?></td>
+            <td><?php echo $status; ?></td>
+            <td><a <?php if ($flag) { ?> class="Icon <?php echo $flag; ?>Ticket" title="<?php echo ucfirst($flag); ?> Ticket" <?php } ?>
+                href="tickets.php?id=<?php echo $row['ticket_id']; ?>"><?php echo $subject; ?></a>
+                 <?php
+                    if ($threadcount>1)
+                        echo "<small>($threadcount)</small>&nbsp;".'<i
+                            class="icon-fixed-width icon-comments-alt"></i>&nbsp;';
+                    if ($row['collaborators'])
+                        echo '<i class="icon-fixed-width icon-group faded"></i>&nbsp;';
+                    if ($row['attachments'])
+                        echo '<i class="icon-fixed-width icon-paperclip"></i>&nbsp;';
+                ?>
+            </td>
+            <td class="nohover" align="center" style="background-color:<?php echo $row['priority_color']; ?>;">
+                <?php echo $row['priority_desc']; ?></td>
+            <td><?php echo Format::truncate($row['dept_name'], 40); ?></td>
+            <td>&nbsp;<?php echo $assigned; ?></td>
+        </tr>
+   <?php
+    }
+    ?>
+    </tbody>
+</table>
+</form>
+<?php
+ } ?>
+</div>
+
+<script type="text/javascript">
+$(function() {
+    $(document).on('click', 'a.user-action', function(e) {
+        e.preventDefault();
+        var url = 'ajax.php/'+$(this).attr('href').substr(1);
+        $.dialog(url, [201, 204], function (xhr) {
+            if (xhr.status == 204)
+                window.location.href = 'users.php';
+            else
+                window.location.href = window.location.href;
+         }, {
+            onshow: function() { $('#user-search').focus(); }
+         });
+        return false;
+    });
+});
+</script>

include/staff/users.inc.php

+<?php
+if(!defined('OSTSCPINC') || !$thisstaff) die('Access Denied');
+
+$qstr='';
+
+$select = 'SELECT user.*, email.address as email ';
+
+$from = 'FROM '.USER_TABLE.' user '
+      . 'JOIN '.USER_EMAIL_TABLE.' email ON (user.id = email.user_id) ';
+
+$where='WHERE 1 ';
+
+
+if ($_REQUEST['query']) {
+
+    $from .=' LEFT JOIN '.FORM_ENTRY_TABLE.' entry
+                ON (entry.object_type=\'U\' AND entry.object_id = user.id)
+              LEFT JOIN '.FORM_ANSWER_TABLE.' value
+                ON (value.entry_id=entry.id) ';
+
+    $search = db_input(strtolower($_REQUEST['query']), false);
+    $where .= ' AND (
+                    email.address LIKE \'%'.$search.'%\'
+                    OR user.name LIKE \'%'.$search.'%\'
+                    OR value.value LIKE \'%'.$search.'%\'
+                )';
+
+    $qstr.='&query='.urlencode($_REQUEST['query']);
+}
+
+$sortOptions = array('name' => 'user.name',
+                     'email' => 'email.address',
+                     'create' => 'user.created',
+                     'update' => 'user.updated');
+$orderWays = array('DESC'=>'DESC','ASC'=>'ASC');
+$sort= ($_REQUEST['sort'] && $sortOptions[strtolower($_REQUEST['sort'])]) ? strtolower($_REQUEST['sort']) : 'name';
+//Sorting options...
+if ($sort && $sortOptions[$sort])
+    $order_column =$sortOptions[$sort];
+
+$order_column = $order_column ?: 'user.name';
+
+if ($_REQUEST['order'] && $orderWays[strtoupper($_REQUEST['order'])])
+    $order = $orderWays[strtoupper($_REQUEST['order'])];
+
+$order=$order ?: 'ASC';
+if ($order_column && strpos($order_column,','))
+    $order_column = str_replace(','," $order,",$order_column);
+
+$x=$sort.'_sort';
+$$x=' class="'.strtolower($order).'" ';
+$order_by="$order_column $order ";
+
+$total=db_count('SELECT count(DISTINCT user.id) '.$from.' '.$where);
+$page=($_GET['p'] && is_numeric($_GET['p']))?$_GET['p']:1;
+$pageNav=new Pagenate($total,$page,PAGE_LIMIT);
+$pageNav->setURL('users.php',$qstr.'&sort='.urlencode($_REQUEST['sort']).'&order='.urlencode($_REQUEST['order']));
+//Ok..lets roll...create the actual query
+$qstr.='&order='.($order=='DESC'?'ASC':'DESC');
+
+$select .= ', count(DISTINCT ticket.ticket_id) as tickets ';
+
+$from .= ' LEFT JOIN '.TICKET_TABLE.' ticket ON (ticket.user_id = user.id) ';
+
+
+$query="$select $from $where GROUP BY user.id ORDER BY $order_by LIMIT ".$pageNav->getStart().",".$pageNav->getLimit();
+//echo $query;
+?>
+<h2>User Directory</h2>
+<div style="width:700px; float:left;">
+    <form action="users.php" method="get">
+        <?php csrf_token(); ?>
+        <input type="hidden" name="a" value="search">
+        <table>
+            <tr>
+                <td><input type="text" id="basic-user-search" name="query" size=30 value="<?php echo Format::htmlchars($_REQUEST['query']); ?>"
+                autocomplete="off" autocorrect="off" autocapitalize="off"></td>
+                <td><input type="submit" name="basic_search" class="button" value="Search"></td>
+                <!-- <td>&nbsp;&nbsp;<a href="" id="advanced-user-search">[advanced]</a></td> -->
+            </tr>
+        </table>
+    </form>
+ </div>
+ <div style="float:right;text-align:right;padding-right:5px;">
+    <b><a href="#users/add" class="Icon newstaff add-user">Add New User</a></b></div>
+<div class="clear"></div>
+<?php
+$showing = $search ? 'Search Results: ' : '';
+$res = db_query($query);
+if($res && ($num=db_num_rows($res)))
+    $showing .= $pageNav->showing();
+else
+    $showing .= 'No users found!';
+?>
+<form action="users.php" method="POST" name="staff" >
+ <?php csrf_token(); ?>
+ <input type="hidden" name="do" value="mass_process" >
+ <input type="hidden" id="action" name="a" value="" >
+ <table class="list" border="0" cellspacing="1" cellpadding="0" width="940">
+    <caption><?php echo $showing; ?></caption>
+    <thead>
+        <tr>
+            <th width="300"><a <?php echo $name_sort; ?> href="users.php?<?php echo $qstr; ?>&sort=name">Name</a></th>
+            <th width="300"><a <?php echo $email_sort; ?> href="users.php?<?php echo $qstr; ?>&sort=email">Email</a></th>
+            <th width="100"><a  <?php echo $status_sort; ?> href="users.php?<?php echo $qstr; ?>&sort=status">Status</a></th>
+            <th width="100"><a <?php echo $create_sort; ?> href="users.php?<?php echo $qstr; ?>&sort=create">Created</a></th>
+            <th width="145"><a <?php echo $update_sort; ?> href="users.php?<?php echo $qstr; ?>&sort=update">Updated</a></th>
+        </tr>
+    </thead>
+    <tbody>
+    <?php
+        if($res && db_num_rows($res)):
+            $ids=($errors && is_array($_POST['ids']))?$_POST['ids']:null;
+            while ($row = db_fetch_array($res)) {
+
+                $name = new PersonsName($row['name']);
+                $status = 'Active';
+                $sel=false;
+                if($ids && in_array($row['id'], $ids))
+                    $sel=true;
+                ?>
+               <tr id="<?php echo $row['id']; ?>">
+                <td>&nbsp;
+                    <a href="users.php?id=<?php echo $row['id']; ?>"><?php echo $name; ?></a>
+                    &nbsp;
+                    <?php
+                    if ($row['tickets'])
+                         echo sprintf('<i class="icon-fixed-width icon-file-text-alt"></i>
+                             <small>(%d)</small>', $row['tickets']);
+                    ?>
+                </td>
+                <td><?php echo $row['email']; ?></td>
+                <td><?php echo $status; ?></td>
+                <td><?php echo Format::db_date($row['created']); ?></td>
+                <td><?php echo Format::db_datetime($row['updated']); ?>&nbsp;</td>
+               </tr>
+            <?php
+            } //end of while.
+        endif; ?>
+    <tfoot>
+     <tr>
+        <td colspan="5"> &nbsp; </td>
+     </tr>
+    </tfoot>
+</table>
+<?php
+if($res && $num): //Show options..
+    echo '<div>&nbsp;Page:'.$pageNav->getPageLinks().'&nbsp;</div>';
+endif;
+?>
+</form>
+
+<script type="text/javascript">
+$(function() {
+    $('input#basic-user-search').typeahead({
+        source: function (typeahead, query) {
+            $.ajax({
+                url: "ajax.php/users/local?q="+query,
+                dataType: 'json',
+                success: function (data) {
+                    typeahead.process(data);
+                }
+            });
+        },
+        onselect: function (obj) {
+            window.location.href = 'users.php?id='+obj.id;
+        },
+        property: "/bin/true"
+    });
+
+    $(document).on('click', 'a.add-user', function(e) {
+        e.preventDefault();
+        $.userLookup('ajax.php/users/add', function (user) {
+            window.location.href = 'users.php?id='+user.id;
+         });
+
+        return false;
+     });
+});
+</script>
+

scp/users.php

+<?php
+/*********************************************************************
+    users.php
+
+    Peter Rotich <peter@osticket.com>
+    Jared Hancock <jared@osticket.com>
+    Copyright (c)  2006-2014 osTicket
+    http://www.osticket.com
+
+    Released under the GNU General Public License WITHOUT ANY WARRANTY.
+    See LICENSE.TXT for details.
+
+    vim: expandtab sw=4 ts=4 sts=4:
+**********************************************************************/
+require('staff.inc.php');
+$user = null;
+if ($_REQUEST['id'] && !($user=User::lookup($_REQUEST['id'])))
+    $errors['err'] = 'Unknown or invalid user ID.';
+
+if ($_POST) {
+    switch(strtolower($_POST['do'])) {
+        case 'update':
+            if (!$user) {
+                $errors['err']='Unknown or invalid user.';
+            } elseif(($acct = $user->getAccount())
+                    && !$acct->update($_POST, $errors)) {
+                 $errors['err']='Unable to update user account information';
+            } elseif($user->updateInfo($_POST, $errors)) {
+                $msg='User updated successfully';
+                $_REQUEST['a'] = null;
+            } elseif(!$errors['err']) {
+                $errors['err']='Unable to update user profile. Correct any error(s) below and try again!';
+            }
+            break;
+        case 'create':
+            $form = UserForm::getUserForm()->getForm($_POST);
+            if (($user = User::fromForm($form))) {
+                $msg = Format::htmlchars($user->getName()).' added successfully';
+                $_REQUEST['a'] = null;
+            } elseif (!$errors['err']) {
+                $errors['err'] = 'Unable to add user. Correct any error(s) below and try again.';
+            }
+            break;
+        case 'mass_process':
+            if (!$_POST['ids'] || !is_array($_POST['ids']) || !count($_POST['ids'])) {
+                $errors['err'] = 'You must select at least one user member.';
+            } else {
+                $errors['err'] = "Coming soon!";
+            }
+            break;
+        default:
+            $errors['err'] = 'Unknown action/command';
+            break;
+    }
+}
+
+$page = $user? 'user-view.inc.php' : 'users.inc.php';
+
+$nav->setTabActive('users');
+require(STAFFINC_DIR.'header.inc.php');
+require(STAFFINC_DIR.$page);
+include(STAFFINC_DIR.'footer.inc.php');
+?>