Let admins bulk-edit users' spam probation status

Bug 1252101 Change-Id: Id576efdb352156a5e70a03c319e47f23cfdbc558

Let admins bulk-edit users' spam probation status
Bug 1252101 Change-Id: Id576efdb352156a5e70a03c319e47f23cfdbc558
4bc3364a · Aaron Wells · 95970220 · 4bc3364a · 4bc3364a · 4bc3364a
Commit 4bc3364a authored Mar 05, 2014 by Aaron Wells
--- a/htdocs/admin/users/bulk.php
+++ b/htdocs/admin/users/bulk.php
@@ -13,6 +13,7 @@ define('INTERNAL', 1);
 define('INSTITUTIONALADMIN', 1);
 define('MENUITEM', 'configusers');
 require(dirname(dirname(dirname(__FILE__))) . '/init.php');
+require_once(get_config('docroot') . 'lib/antispam.php');

 define('TITLE', get_string('bulkactions', 'admin'));

@@ -34,7 +35,8 @@ if (!$USER->get('admin')) {
 $users = get_records_sql_assoc('
    SELECT
        u.id, u.username, u.email, u.firstname, u.lastname, u.suspendedcusr, u.authinstance, u.studentid,
-        u.preferredname, CHAR_LENGTH(u.password) AS haspassword, aru.remoteusername AS remoteuser, u.lastlogin
+        u.preferredname, CHAR_LENGTH(u.password) AS haspassword, aru.remoteusername AS remoteuser, u.lastlogin,
+        u.probation
    FROM {usr} u
        LEFT JOIN {auth_remote_user} aru ON u.id = aru.localusr AND u.authinstance = aru.authinstance
    WHERE id IN (' . join(',', array_fill(0, count($userids), '?')) . ')
@@ -80,6 +82,25 @@ foreach ($authinstances as $authinstance) {
    }
 }

+// Suspend users
+$suspendform = pieform(array(
+    'name'     => 'suspend',
+    'class'    => 'bulkactionform',
+    'renderer' => 'oneline',
+    'elements' => array(
+        'users' => $userelement,
+        'reason' => array(
+            'type'        => 'text',
+            'title'       => get_string('suspendedreason', 'admin') . ': ',
+        ),
+        'suspend' => array(
+            'type'        => 'submit',
+            'value'       => get_string('Suspend', 'admin'),
+        ),
+    ),
+));
+
+// Change authentication method
 $changeauthform = null;
 if (count($options) > 1) {
    $changeauthform = pieform(array(
@@ -107,23 +128,29 @@ if (count($options) > 1) {
    ));
 }

-// Suspend users
-$suspendform = pieform(array(
-    'name'     => 'suspend',
-    'class'    => 'bulkactionform',
-    'renderer' => 'oneline',
-    'elements' => array(
-        'users' => $userelement,
-        'reason' => array(
-            'type'        => 'text',
-            'title'       => get_string('suspendedreason', 'admin') . ': ',
-        ),
-        'suspend' => array(
-            'type'        => 'submit',
-            'value'       => get_string('Suspend', 'admin'),
+// Set probation points
+$probationform = null;
+if (is_using_probation()) {
+    $probationform = pieform(array(
+        'name' => 'probation',
+        'class' => 'bulkactionform',
+        'renderer' => 'oneline',
+        'elements' => array(
+            'users' => $userelement,
+            'probationpoints' => array(
+                'type' => 'select',
+                'title' => get_string('probationbulksetspamprobation', 'admin') . ': ',
+                'options' => probation_form_options(),
+                'defaultvalue' => '0',
+            ),
+            'setprobation' => array(
+                'type' => 'submit',
+                'confirm' => get_string('probationbulkconfirm', 'admin'),
+                'value' => get_string('probationbulkset', 'admin'),
+            )
        ),
-    ),
-));
+    ));
+}

 // Delete users
 $deleteform = pieform(array(
@@ -151,6 +178,7 @@ $smarty->assign('users', $users);
 $smarty->assign('changeauthform', $changeauthform);
 $smarty->assign('suspendform', $suspendform);
 $smarty->assign('deleteform', $deleteform);
+$smarty->assign('probationform', $probationform);
 $smarty->display('admin/users/bulk.tpl');

 function changeauth_validate(Pieform $form, $values) {
@@ -268,3 +296,23 @@ function delete_submit(Pieform $form, $values) {
    $SESSION->add_ok_msg(get_string('bulkdeleteuserssuccess', 'admin', count($users)));
    redirect('/admin/users/search.php');
 }
+
+function probation_submit(Pieform $form, $values) {
+    global $SESSION, $users;
+
+    $newpoints = ensure_valid_probation_points($values['probationpoints']);
+    $paramlist = array($newpoints);
+
+    $sql = '';
+    foreach ($users as $user) {
+        $paramlist[] = $user->id;
+        $sql .= '?,';
+    }
+    // Drop the last comma
+    $sql = substr($sql, 0, -1);
+
+    execute_sql('update {usr} set probation = ? where id in (' . $sql . ')', $paramlist);
+
+    $SESSION->add_ok_msg(get_string('bulkprobationpointssuccess', 'admin', count($users), $newpoints));
+    redirect('/admin/users/search.php');
+}
--- a/htdocs/admin/users/edit.php
+++ b/htdocs/admin/users/edit.php
@@ -124,17 +124,12 @@ else {

 // Probation points
 if (is_using_probation($user->id)) {
-    $options = array();
-    $options[0] = get_string('probationzeropoints', 'admin');
-    for ($i = 1; $i <= PROBATION_MAX_POINTS; $i++ ) {
-        $options[$i] = get_string('probationxpoints', 'admin', $i);
-    }
    $elements['probationpoints'] = array(
        'type' => 'select',
        'title' => get_string('probationtitle', 'admin'),
        'help' => true,
-        'options' => $options,
-        'defaultvalue' => min(max((int) $user->probation, 0), PROBATION_MAX_POINTS),
+        'options' => probation_form_options(),
+        'defaultvalue' => ensure_valid_probation_points($user->probation),
    );
 }

@@ -348,7 +343,7 @@ function edituser_site_submit(Pieform $form, $values) {

    if (is_using_probation()) {
        // Value should be between 0 and 10 inclusive
-        $user->probation = min(max((int) $values['probationpoints'], 0), PROBATION_MAX_POINTS);
+        $user->probation = ensure_valid_probation_points($values['probationpoints']);
    }

    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {

--- a/htdocs/admin/users/report.php
+++ b/htdocs/admin/users/report.php
@@ -13,6 +13,7 @@ define('INTERNAL', 1);
 define('INSTITUTIONALSTAFF', 1);
 define('MENUITEM', 'configusers');
 require(dirname(dirname(dirname(__FILE__))) . '/init.php');
+require(get_config('docroot') . 'lib/antispam.php');

 define('TITLE', get_string('userreports', 'admin'));

@@ -61,7 +62,7 @@ if (!$USER->get('admin') && !$USER->get('staff')) {
 $users = get_records_sql_assoc('
    SELECT
        u.id, u.username, u.email, u.firstname, u.lastname, u.studentid, u.preferredname, u.urlid,
-        aru.remoteusername AS remoteuser, u.lastlogin
+        aru.remoteusername AS remoteuser, u.lastlogin, u.probation
    FROM {usr} u
        LEFT JOIN {auth_remote_user} aru ON u.id = aru.localusr AND u.authinstance = aru.authinstance
    WHERE id IN (' . join(',', array_fill(0, count($userids), '?')) . ')

--- a/htdocs/lang/en.utf8/admin.php
+++ b/htdocs/lang/en.utf8/admin.php
@@ -748,12 +748,16 @@ $string['confirmdeleteuser'] = 'Are you sure you want to delete this user?';
 $string['filequota1'] = 'File quota';
 $string['quotaused'] = 'Quota used';
 $string['filequotadescription'] = 'Total storage available in the user\'s files area.';
+$string['probationbulkconfirm'] = 'Are you sure you want to change these users\' spam probation status?';
+$string['probationbulksetspamprobation'] = 'Set spam probation: ';
+$string['probationbulkset'] = 'Set';
 $string['probationtitle'] = 'Spammer probation status';
 $string['probationzeropoints'] = 'Not on probation';
 $string['probationxpoints'] = array(
    0 => '%d point',
    1 => '%d points',
 );
+$string['probationreportcolumn'] = 'Probation';
 $string['addusertoinstitution'] = 'Add user to institution';
 $string['removeuserfrominstitution'] = 'Remove user from this institution';
 $string['confirmremoveuserfrominstitution'] = 'Are you sure you want to remove the user from this institution?';
@@ -1026,6 +1030,10 @@ $string['someusersnotinauthinstanceinstitution'] = 'Some of the users you have s
 $string['bulkchangeauthmethodsuccess'] = 'Reset authentication method for %d user(s)';
 $string['bulkchangeauthmethodresetpassword'] = 'You have chosen an authentication method that requires a password. %d user(s) do not have a password and will not be able to log in until their passwords are reset.';
 $string['bulkdeleteuserssuccess'] = 'Deleted %d user(s)';
+$string['bulkprobationpointssuccess'] = array(
+    0 => 'Set probation points to %2$d for %1$d user',
+    1 => 'Set probation points to %2$d for %1$d users'
+);
 $string['selectedusers'] = 'Selected users';
 $string['remoteuser'] = 'Remote username';
 $string['userreports'] = 'User reports';

--- a/htdocs/lib/antispam.php
+++ b/htdocs/lib/antispam.php
@@ -162,3 +162,35 @@ function has_external_links_or_images($text) {
    // (We do this first, in order to avoid any unnecessary hits to the DB
    return (boolean) preg_match('#(://)|(<a\b)#i', $text);
 }
+
+/**
+ * For creating a drop-down menu to set a user's probation points.
+ * @return array Suitable for use in a pieform select element's "options" attribute
+ */
+function probation_form_options() {
+    $options = array();
+    $options[0] = get_string('probationzeropoints', 'admin');
+    for ($i = 1; $i <= PROBATION_MAX_POINTS; $i++ ) {
+        $options[$i] = get_string('probationxpoints', 'admin', $i);
+    }
+    return $options;
+}
+
+/**
+ * Ensures that a number is in the valid range of probation points (from 0 to PROBATION_MAX_POINTS).
+ * It's used primarily in cleaning & validating user input when setting user probation points.
+ *
+ * @param int $points The number of probation points supplied from the UI
+ * @return int A legal number of probation points
+ */
+function ensure_valid_probation_points($points) {
+    if ($points < 0) {
+        return 0;
+    }
+    else if ($points > PROBATION_MAX_POINTS) {
+        return PROBATION_MAX_POINTS;
+    }
+    else {
+        return (int) $points;
+    }
+}
\ No newline at end of file
--- a/htdocs/theme/raw/static/style/admin.css
+++ b/htdocs/theme/raw/static/style/admin.css
@@ -431,6 +431,15 @@ form#changeauth {
    border-radius: 5px;
    display: inline-block;
 }
+form#probation {
+    margin: 0 5px 10px 0;
+    padding: 5px 5px 5px 10px;
+    background: #EEEEEE;
+    -webkit-border-radius: 5px;
+    -moz-border-radius: 5px;
+    border-radius: 5px;
+    display: inline-block;
+}
 form#delete {
    margin: 0 0 10px 0;
    padding: 5px 5px 5px 10px;

--- a/htdocs/theme/raw/templates/admin/users/bulk.tpl
+++ b/htdocs/theme/raw/templates/admin/users/bulk.tpl
@@ -5,6 +5,7 @@
 <div>
  {$suspendform|safe}
  {$changeauthform|safe}
+  {$probationform|safe}
  {$deleteform|safe}
 </div>


--- a/htdocs/theme/raw/templates/admin/users/userlist.tpl
+++ b/htdocs/theme/raw/templates/admin/users/userlist.tpl
@@ -9,6 +9,7 @@
      <th>{str tag=preferredname}</th>
      {if $USER->get('admin') || $USER->is_institutional_admin()}<th>{str tag=remoteuser section=admin}</th>{/if}
      <th>{str tag=lastlogin section=admin}</th>
+      {if is_using_probation()}<th>{str tag=probationreportcolumn section=admin}</th>{/if}
    </tr>
  </thead>
  <tbody>
@@ -22,6 +23,7 @@
      <td>{$user->preferredname}</td>
      {if $USER->get('admin') || $USER->is_institutional_admin()}<td>{if $user->hideemail}<span class="dull">({str tag=hidden})</span>{else}{$user->remoteuser}{/if}</td>{/if}
      <td>{if $user->lastlogin}{$user->lastlogin|strtotime|format_date:'strftimedatetime'}{/if}</td>
+      {if is_using_probation()}<td>{$user->probation}</td>{/if}
    </tr>
  {/foreach}
  </tbody>