edit.php 19.8 KB
Newer Older
1
2
<?php
/**
3
 * Mahara: Electronic portfolio, weblog, resume builder and social networking
4
5
 * Copyright (C) 2006-2009 Catalyst IT Ltd and others; see:
 *                         http://wiki.mahara.org/Contributors
6
 *
7
8
9
10
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
11
 *
12
13
14
15
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
16
 *
17
18
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
19
20
21
 *
 * @package    mahara
 * @subpackage admin
22
 * @author     Catalyst IT Ltd
23
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
24
 * @copyright  (C) 2006-2009 Catalyst IT Ltd http://catalyst.net.nz
25
26
27
28
 *
 */

define('INTERNAL', 1);
29
define('INSTITUTIONALADMIN', 1);
30
define('MENUITEM', 'configusers/usersearch');
31
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
32
define('TITLE', get_string('accountsettings', 'admin'));
33
34
35
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
require_once('pieforms/pieform.php');
36
require_once('activity.php');
37
38

$id = param_integer('id');
39
40
$user = new User;
$user->find_by_id($id);
41

42
if (!$USER->is_admin_for_user($user)) {
43
44
    $SESSION->add_error_msg(get_string('youcannotadministerthisuser', 'admin'));
    redirect('/user/view.php?id=' . $id);
45
}
46
47
48


// Site-wide account settings
49
$currentdate = getdate();
Richard Mansfield's avatar
Richard Mansfield committed
50
$elements = array();
51
52
53
54
55
56
57
58
$elements['id'] = array(
    'type'    => 'hidden',
    'rules'   => array('integer' => true),
    'value'   => $id,
);
$elements['password'] = array(
    'type'         => 'text',
    'title'        => get_string('resetpassword','admin'),
59
    'description'  => get_string('resetpassworddescription','admin'),
60
61
62
63
);
$elements['passwordchange'] = array(
    'type'         => 'checkbox',
    'title'        => get_string('forcepasswordchange','admin'),
64
    'description'  => get_string('forcepasswordchangedescription','admin'),
65
66
    'defaultvalue' => $user->passwordchange,
);
67
68
69
70
71
if ($USER->get('admin')) {
    $elements['staff'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('sitestaff','admin'),
        'defaultvalue' => $user->staff,
72
        'help'         => true,
73
74
75
76
77
    );
    $elements['admin'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('siteadmin','admin'),
        'defaultvalue' => $user->admin,
78
        'help'         => true,
79
80
    );
}
81
82
83
84
85
86
87
88
89
90
91
$elements['maildisabled'] = array(
    'type' => 'radio',
    'defaultvalue' => get_account_preference($user->id, 'maildisabled'),
    'title' => get_string('email'),
    'separator' => '<br>',
    'options' => array(
        0 => get_string('enabled', 'account'),
        1 => get_string('disabled', 'account'),
    ),
    'help' => true,
);
92
93
94
95
96
97
98
99
$elements['expiry'] = array(
    'type'         => 'date',
    'title'        => get_string('accountexpiry', 'admin'),
    'description'  => get_string('accountexpirydescription', 'admin'),
    'minyear'      => $currentdate['year'] - 2,
    'maxyear'      => $currentdate['year'] + 20,
    'defaultvalue' => $user->expiry
);
100
$elements['quota'] = array(
101
    'type'         => 'bytes',
102
    'title'        => get_string('filequota','admin'),
103
    'description'  => get_string('filequotadescription','admin'),
104
    'rules'        => array('integer' => true),
105
    'defaultvalue' => $user->quota,
106
);
107
108
109
110
111

$authinstances = auth_get_auth_instances();
if (count($authinstances) > 1) {
    $options = array();

112
113
114
115
116
117
118
119
    // NOTE: This is a little broken at the moment. The "username in the remote 
    // system" setting is only actively used by the XMLRPC authentication 
    // plugin, and thus only makes sense when the user is authenticating in 
    // this manner.
    //
    // We hope to one day make it possible for users to get into accounts via 
    // multiple methods, at which time we can tie the username-in-remote-system 
    // setting to the XMLRPC plugin only, making the UI a bit more consistent
120
    $external = false;
121
    foreach ($authinstances as $authinstance) {
Richard Mansfield's avatar
Richard Mansfield committed
122
        if ($USER->can_edit_institution($authinstance->name)) {
123
            $options[$authinstance->id] = $authinstance->instancename . ' (' . $authinstance->displayname . ')';
124
125
126
            if ($authinstance->authname != 'internal') {
                $external = true;
            }
127
        }
128
129
    }

130
131
    if (isset($options[$user->authinstance])) {
        $elements['authinstance'] = array(
132
133
            'type'         => 'select',
            'title'        => get_string('authenticatedby', 'admin'),
134
            'description'  => get_string('authenticatedbydescription', 'admin'),
135
            'options'      => $options,
136
            'defaultvalue' => $user->authinstance,
137
            'help'         => true,
138
        );
139
140
141
        if ($external) {
            $un = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
            $elements['remoteusername'] = array(
142
143
                'type'         => 'text',
                'title'        => get_string('remoteusername', 'admin'),
144
                'description'  => get_string('remoteusernamedescription', 'admin', hsc(get_config('sitename'))),
145
146
147
                'defaultvalue' => $un ? $un : $user->username,
            );
        }
148
    }
149

150
151
}

152
153
154
155
156
$elements['submit'] = array(
    'type'  => 'submit',
    'value' => get_string('savechanges','admin'),
);

Richard Mansfield's avatar
Richard Mansfield committed
157
158
$siteform = pieform(array(
    'name'       => 'edituser_site',
159
160
161
162
163
164
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));

165
166
167
168
169
170
171
172
173
function edituser_site_validate(Pieform $form, $values) {
    global $USER, $SESSION;
    $maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
    $maxquota = get_config_plugin('artefact', 'file', 'maxquota');
    if ($maxquotaenabled && $values['quota'] > $maxquota) {
        $form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
        $SESSION->add_error_msg(get_string('maxquotaexceeded', 'artefact.file', display_size($maxquota)));
    }
}
174

Richard Mansfield's avatar
Richard Mansfield committed
175
function edituser_site_submit(Pieform $form, $values) {
176
177
178
179
180
181
    if (!$user = get_record('usr', 'id', $values['id'])) {
        return false;
    }

    if (isset($values['password']) && $values['password'] !== '') {
        $user->password = $values['password'];
182
        $user->salt = '';
183
184
    }
    $user->passwordchange = (int) ($values['passwordchange'] == 'on');
185
    $user->quota = $values['quota'];
186
    $user->expiry = db_format_timestamp($values['expiry']);
187
188
189
190
191

    global $USER;
    if ($USER->get('admin')) {  // Not editable by institutional admins
        $user->staff = (int) ($values['staff'] == 'on');
        $user->admin = (int) ($values['admin'] == 'on');
192
193
194
        if ($user->admin) {
            activity_add_admin_defaults(array($user->id));
        }
195
196
    }

197
198
199
200
    if ($values['maildisabled'] == 0 && get_account_preference($user->id, 'maildisabled') == 1) {
        // Reset the sent and bounce counts otherwise mail will be disabled
        // on the next send attempt
        $u = new StdClass;
201
202
        $u->email = $user->email;
        $u->id = $user->id;
203
204
205
206
207
        update_bounce_count($u,true);
        update_send_count($u,true);
    }
    set_account_preference($user->id, 'maildisabled', $values['maildisabled']);

208
209
    // Authinstance can be changed by institutional admins if both the
    // old and new authinstances belong to the admin's institutions
210
211
212
213
    $remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
    if (!$remotename) {
        $remotename = $user->username;
    }
214
215
216
    if (isset($values['authinstance'])
        && ($values['authinstance'] != $user->authinstance
            || (isset($values['remoteusername']) && $values['remoteusername'] != $remotename))) {
217
218
219
220
221
        $authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', 
                                             array($values['authinstance'], $user->authinstance));
        if ($USER->get('admin') || 
            ($USER->is_institutional_admin($authinst[$values['authinstance']]->institution) &&
             $USER->is_institutional_admin($authinst[$user->authinstance]->institution))) {
222
            delete_records('auth_remote_user', 'localusr', $user->id);
223
            if ($authinst[$values['authinstance']]->authname != 'internal') {
224
225
226
227
228
229
                if (isset($values['remoteusername']) && strlen($values['remoteusername']) > 0) {
                    $un = $values['remoteusername'];
                }
                else {
                    $un = $remotename;
                }
230
231
                insert_record('auth_remote_user', (object) array(
                    'authinstance'   => $values['authinstance'],
232
                    'remoteusername' => $un,
233
234
235
236
237
                    'localusr'       => $user->id,
                ));
            }
            $user->authinstance = $values['authinstance'];
        }
238
    }
239
240
241
242
243
244
245

    update_record('usr', $user);

    redirect('/admin/users/edit.php?id='.$user->id);
}


246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
// Suspension/deletion controls
$suspended = $user->get('suspendedcusr');
if (empty($suspended)) {
    $suspendform = pieform(array(
        'name'       => 'edituser_suspend',
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'reason' => array(
                'type'        => 'textarea',
                'rows'        => 5,
                'cols'        => 60,
                'title'       => get_string('reason'),
                'description' => get_string('suspendedreasondescription', 'admin'),
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('suspenduser','admin'),
            ),
        )
    ));
}
else {
    $suspendformdef = array(
        'name'       => 'edituser_unsuspend',
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'renderer'   => 'oneline',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('unsuspenduser','admin'),
            ),
        )
    );

    // Create two forms for unsuspension - one in the suspend message and the 
    // other where the 'suspend' button normally goes. This keeps the HTML IDs 
    // unique
    $suspendform  = pieform($suspendformdef);
    $suspendformdef['name'] = 'edituser_suspend2';
    $suspendformdef['successcallback'] = 'edituser_unsuspend_submit';
    $suspendform2 = pieform($suspendformdef);

    $suspender = display_name(get_record('usr', 'id', $suspended));
}

function edituser_suspend_submit(Pieform $form, $values) {
302
303
304
305
306
307
308
309
310
    global $SESSION, $USER, $user;
    if (!$USER->get('admin') && ($user->get('admin') || $user->get('staff'))) {
        $SESSION->add_error_msg(get_string('errorwhilesuspending', 'admin'));
    }
    else {
        suspend_user($user->get('id'), $values['reason']);
        $SESSION->add_ok_msg(get_string('usersuspended', 'admin'));
    }
    redirect('/admin/users/edit.php?id=' . $user->get('id'));
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
}

function edituser_unsuspend_submit(Pieform $form, $values) {
    global $SESSION;
    unsuspend_user($values['id']);
    $SESSION->add_ok_msg(get_string('userunsuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}

$deleteform = pieform(array(
    'name' => 'edituser_delete',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'renderer' => 'oneline',
    'elements'   => array(
        'id' => array(
            'type' => 'hidden',
            'value' => $id,
        ),
        'submit' => array(
            'type' => 'submit',
            'value' => get_string('deleteuser', 'admin'),
            'confirm' => get_string('confirmdeleteuser', 'admin'),
        ),
    ),
));

338
339
340
341
342
343
344
345
function edituser_delete_validate(Pieform $form, $values) {
    global $USER, $SESSION;
    if (!$USER->get('admin')) {
        $form->set_error('submit', get_string('deletefailed', 'admin'));
        $SESSION->add_error_msg(get_string('deletefailed', 'admin'));
    }
}

346
function edituser_delete_submit(Pieform $form, $values) {
347
348
349
350
351
    global $SESSION, $USER;
    if ($USER->get('admin')) {
        delete_user($values['id']);
        $SESSION->add_ok_msg(get_string('userdeletedsuccessfully', 'admin'));
    }
352
353
354
    redirect('/admin/users/search.php');
}

Richard Mansfield's avatar
Richard Mansfield committed
355

356
// Institution settings form
Richard Mansfield's avatar
Richard Mansfield committed
357
358
359
360
361
362
363
$elements = array(
    'id' => array(
         'type'    => 'hidden',
         'value'   => $id,
     ),
);

364
$allinstitutions = get_records_assoc('institution', '', '', 'displayname');
365
366
367
368
369
370
371
foreach ($user->get('institutions') as $i) {
    $elements[$i->institution.'_settings'] = array(
        'type' => 'fieldset',
        'legend' => $allinstitutions[$i->institution]->displayname,
        'elements' => array(
            $i->institution.'_expiry' => array(
                'type'         => 'date',
372
373
                'title'        => get_string('membershipexpiry', 'admin'),
                'description'  => get_string('membershipexpirydescription', 'admin'),
374
375
                'minyear'      => $currentdate['year'],
                'maxyear'      => $currentdate['year'] + 20,
376
                'defaultvalue' => $i->membership_expiry
377
378
379
            ),
            $i->institution.'_studentid' => array(
                'type'         => 'text',
380
381
                'title'        => get_string('studentid', 'admin'),
                'description'  => get_string('institutionstudentiddescription', 'admin'),
382
383
                'defaultvalue' => $i->studentid,
            ),
384
            $i->institution.'_staff' => array(
385
386
387
                'type'         => 'checkbox',
                'title'        => get_string('institutionstaff','admin'),
                'defaultvalue' => $i->staff,
388
            ),
389
390
391
            $i->institution.'_admin' => array(
                'type'         => 'checkbox',
                'title'        => get_string('institutionadmin','admin'),
392
                'description'  => get_string('institutionadmindescription','admin'),
393
394
395
396
397
398
                'defaultvalue' => $i->admin,
            ),
            $i->institution.'_submit' => array(
                'type'  => 'submit',
                'value' => get_string('update'),
            ),
399
400
401
402
403
            $i->institution.'_remove' => array(
                'type'  => 'submit',
                'value' => get_string('removeuserfrominstitution', 'admin'),
                'confirm' => get_string('confirmremoveuserfrominstitution', 'admin'),
            ),
404
        ),
Richard Mansfield's avatar
Richard Mansfield committed
405
406
    );
}
407

408
409
410
411
412
413
414
415
416
417
// Only site admins can add institutions; institutional admins must invite
if ($USER->get('admin') 
    && (get_config('usersallowedmultipleinstitutions') || count($user->institutions) == 0)) {
    $options = array();
    foreach ($allinstitutions as $i) {
        if (!$user->in_institution($i->name) && $i->name != 'mahara') {
            $options[$i->name] = $i->displayname;
        }
    }
    if (!empty($options)) {
418
419
420
421
        $elements['addinstitutionheader'] = array(
            'type'  => 'markup',
            'value' => '<tr><td colspan="2"><h4>' . get_string('addusertoinstitution', 'admin') . '</h4></td></tr>',
        );
422
423
        $elements['addinstitution'] = array(
            'type'         => 'select',
424
            'title'        => get_string('institution'),
425
426
427
428
            'options'      => $options,
        );
        $elements['add'] = array(
            'type'  => 'submit',
429
            'value' => get_string('addusertoinstitution', 'admin'),
430
431
432
433
        );
    }
}

Richard Mansfield's avatar
Richard Mansfield committed
434
435
436
437
438
439
440
441
442
$institutionform = pieform(array(
    'name'       => 'edituser_institution',
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));

function edituser_institution_submit(Pieform $form, $values) {
443
444
    $user = new User;
    if (!$user->find_by_id($values['id'])) {
Richard Mansfield's avatar
Richard Mansfield committed
445
446
        return false;
    }
447
    $userinstitutions = $user->get('institutions');
Richard Mansfield's avatar
Richard Mansfield committed
448

449
    global $USER;
450
    foreach ($userinstitutions as $i) {
Richard Mansfield's avatar
Richard Mansfield committed
451
        if ($USER->can_edit_institution($i->institution)) {
452
453
454
455
            if (isset($values[$i->institution.'_submit'])) {
                $newuser = (object) array(
                    'usr'         => $user->id,
                    'institution' => $i->institution,
456
                    'ctime'       => db_format_timestamp($i->ctime),
457
                    'studentid'   => $values[$i->institution . '_studentid'],
458
                    'staff'       => (int) ($values[$i->institution . '_staff'] == 'on'),
459
460
461
462
463
464
465
466
                    'admin'       => (int) ($values[$i->institution . '_admin'] == 'on'),
                );
                if ($values[$i->institution . '_expiry']) {
                    $newuser->expiry = db_format_timestamp($values[$i->institution . '_expiry']);
                }
                db_begin();
                delete_records('usr_institution', 'usr', $user->id, 'institution', $i->institution);
                insert_record('usr_institution', $newuser);
467
468
469
                if ($newuser->admin) {
                    activity_add_admin_defaults(array($user->id));
                }
470
471
472
473
                handle_event('updateuser', $user->id);
                db_commit();
                break;
            } else if (isset($values[$i->institution.'_remove'])) {
474
475
476
477
478
                if ($user->id == $USER->id) {
                    $USER->leave_institution($i->institution);
                } else {
                    $user->leave_institution($i->institution);
                }
479
480
481
482
                // Institutional admins can no longer access this page
                // if they remove the user from the institution, so
                // send them back to user search.
                if (!$USER->get('admin')) {
483
484
485
                    if (!$USER->is_institutional_admin()) {
                        redirect(get_config('wwwroot'));
                    }
486
487
488
489
490
                    redirect('/admin/users/search.php');
                }
                break;
            }
        }
491
492
    }

493
494
    if (isset($values['add']) && $USER->get('admin')
        && (empty($userinstitutions) || get_config('usersallowedmultipleinstitutions'))) {
495
496
497
498
499
500
501
        if ($user->id == $USER->id) {
            $USER->join_institution($values['addinstitution']);
            $USER->commit();
        }
        else {
            $user->join_institution($values['addinstitution']);
        }
Richard Mansfield's avatar
Richard Mansfield committed
502
503
504
505
    }

    redirect('/admin/users/edit.php?id='.$user->id);
}
506
507
508

$smarty = smarty();
$smarty->assign('user', $user);
509
510
511
512
$smarty->assign('suspended', $suspended);
if ($suspended) {
    $smarty->assign('suspendedby', get_string('suspendedby', 'admin', $suspender));
}
513
$smarty->assign('suspendform', $suspendform);
514
515
516
517
if (isset($suspendform2)) {
    $smarty->assign('suspendform2', $suspendform2);
}
$smarty->assign('deleteform', $deleteform);
Richard Mansfield's avatar
Richard Mansfield committed
518
$smarty->assign('siteform', $siteform);
519
$smarty->assign('institutions', count($allinstitutions) > 1);
Richard Mansfield's avatar
Richard Mansfield committed
520
$smarty->assign('institutionform', $institutionform);
Richard Mansfield's avatar
Richard Mansfield committed
521
522

if ($id != $USER->get('id') && is_null($USER->get('parentuser'))) {
523
    $loginas = get_string('loginasuser', 'admin', $user->username);
Richard Mansfield's avatar
Richard Mansfield committed
524
525
526
527
} else {
    $loginas = null;
}
$smarty->assign('loginas', $loginas);
528
$smarty->assign('PAGEHEADING', TITLE . ': ' . display_name($user));
529
530
531
532
533
534
535
536
537

# Only allow deletion and suspension of a user if the viewed user is not
# the current user; or if they are the current user, they're not the only
# admin
if ($id != $USER->get('id') || count_records('usr', 'admin', 1, 'deleted', 0) > 1) {
    $smarty->assign('suspendable', ($USER->get('admin') || !$user->get('admin') && !$user->get('staff')));
    $smarty->assign('deletable', $USER->get('admin'));
}

538
539
540
$smarty->display('admin/users/edit.tpl');

?>