search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* Linktrail
[mediawiki.git] / includes / SpecialUserrights.php
blobef65f165870983ece6f216ffb05daa82030fc242
1 <?php
2 /**
3 * Provide an administration interface
4 * DO NOT USE: INSECURE.
5 *
6 * TODO : remove everything related to group editing (SpecialGrouplevels.php)
7 * @package MediaWiki
8 * @subpackage SpecialPage
9 */
10
11 /** */
12 require_once('HTMLForm.php');
13
14 /** Entry point */
15 function wfSpecialUserrights() {
16 global $wgRequest;
17 $form = new UserrightsForm($wgRequest);
18 $form->execute();
19 }
20
21 /**
22 * A class to manage user levels rights.
23 * @package MediaWiki
24 * @subpackage SpecialPage
25 */
26 class UserrightsForm extends HTMLForm {
27 var $mPosted, $mRequest, $mSaveprefs;
28 /** Escaped local url name*/
29 var $action;
30
31 /** Constructor*/
32 function UserrightsForm ( &$request ) {
33 $this->mPosted = $request->wasPosted();
34 $this->mRequest =& $request;
35 $this->mName = 'userrights';
36
37 $titleObj = Title::makeTitle( NS_SPECIAL, 'Userrights' );
38 $this->action = $titleObj->escapeLocalURL();
39 }
40
41 /**
42 * Manage forms to be shown according to posted data.
43 * Depending on the submit button used, call a form or a save function.
44 */
45 function execute() {
46 // show the general form
47 $this->switchForm();
48 if( $this->mPosted ) {
49 // show some more forms
50 if( $this->mRequest->getCheck( 'ssearchuser' ) ) {
51 $this->editUserGroupsForm( $this->mRequest->getVal( 'user-editname' ) );
52 }
53
54 // save settings
55 if( $this->mRequest->getCheck( 'saveusergroups' ) ) {
56 global $wgUser;
57 $username = $this->mRequest->getVal( 'user-editname' );
58 if( $wgUser->matchEditToken( $this->mRequest->getVal( 'wpEditToken' ), $username ) ) {
59 $this->saveUserGroups( $username,
60 $this->mRequest->getArray( 'member' ),
61 $this->mRequest->getArray( 'available' ) );
62 }
63 }
64 }
65 }
66
67 /**
68 * Save user groups changes in the database.
69 * Data comes from the editUserGroupsForm() form function
70 *
71 * @param string $username Username to apply changes to.
72 * @param array $removegroup id of groups to be removed.
73 * @param array $addgroup id of groups to be added.
74 *
75 */
76 function saveUserGroups( $username, $removegroup, $addgroup) {
77 global $wgOut;
78 $u = User::newFromName($username);
79
80 if(is_null($u)) {
81 $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );
82 return;
83 }
84
85 if($u->getID() == 0) {
86 $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );
87 return;
88 }
89
90 $oldGroups = $u->getGroups();
91 $newGroups = $oldGroups;
92 $logcomment = ' ';
93 // remove then add groups
94 if(isset($removegroup)) {
95 $newGroups = array_diff($newGroups, $removegroup);
96 foreach( $removegroup as $group ) {
97 $u->removeGroup( $group );
98 }
99 }
100 if(isset($addgroup)) {
101 $newGroups = array_merge($newGroups, $addgroup);
102 foreach( $addgroup as $group ) {
103 $u->addGroup( $group );
104 }
105 }
106 $newGroups = array_unique( $newGroups );
107
108 wfDebug( 'oldGroups: ' . print_r( $oldGroups, true ) );
109 wfDebug( 'newGroups: ' . print_r( $newGroups, true ) );
110
111 wfRunHooks( 'UserRights', array( &$u, $addgroup, $removegroup ) );
112 $log = new LogPage( 'rights' );
113 $log->addEntry( 'rights', Title::makeTitle( NS_USER, $u->getName() ), '', array( $this->makeGroupNameList( $oldGroups ),
114 $this->makeGroupNameList( $newGroups ) ) );
115 }
116
117 function makeGroupNameList( $ids ) {
118 return implode( ', ', $ids );
119 }
120
121 /**
122 * The entry form
123 * It allows a user to look for a username and edit its groups membership
124 */
125 function switchForm() {
126 global $wgOut;
127
128 // user selection
129 $wgOut->addHTML( "<form name=\"uluser\" action=\"$this->action\" method=\"post\">\n" );
130 $wgOut->addHTML( $this->fieldset( 'lookup-user',
131 $this->textbox( 'user-editname' ) .
132 wfElement( 'input', array(
133 'type' => 'submit',
134 'name' => 'ssearchuser',
135 'value' => wfMsg( 'editusergroup' ) ) )
136 ));
137 $wgOut->addHTML( "</form>\n" );
138 }
139
140 /**
141 * Edit user groups membership
142 * @param string $username Name of the user.
143 */
144 function editUserGroupsForm($username) {
145 global $wgOut, $wgUser;
146
147 $user = User::newFromName($username);
148 if( is_null( $user ) || $user->getID() == 0 ) {
149 $wgOut->addWikiText( wfMsg( 'nosuchusershort', wfEscapeWikiText( $username ) ) );
150 return;
151 }
152
153 $groups = $user->getGroups();
154
155 $wgOut->addHTML( "<form name=\"editGroup\" action=\"$this->action\" method=\"post\">\n".
156 wfElement( 'input', array(
157 'type' => 'hidden',
158 'name' => 'user-editname',
159 'value' => $username ) ) .
160 wfElement( 'input', array(
161 'type' => 'hidden',
162 'name' => 'wpEditToken',
163 'value' => $wgUser->editToken( $username ) ) ) .
164 $this->fieldset( 'editusergroup',
165 $wgOut->parse( wfMsg('editing', $username ) ) .
166 '<table border="0" align="center"><tr><td>'.
167 HTMLSelectGroups('member', $this->mName.'-groupsmember', $groups,true,6).
168 '</td><td>'.
169 HTMLSelectGroups('available', $this->mName.'-groupsavailable', $groups,true,6,true).
170 '</td></tr></table>'."\n".
171 $wgOut->parse( wfMsg('userrights-groupshelp') ) .
172 wfElement( 'input', array(
173 'type' => 'submit',
174 'name' => 'saveusergroups',
175 'value' => wfMsg( 'saveusergroups' ) ) )
176 ));
177 $wgOut->addHTML( "</form>\n" );
178 }
179 } // end class UserrightsForm
180 ?>
MediaWiki Core