user.admin.inc

You are here

  1. 7 modules/user/user.admin.inc
  2. 6 modules/user/user.admin.inc
  3. 8 core/modules/user/user.admin.inc

Admin page callback file for the user module.

Functions

Namesort descending Description
theme_user_admin_account Theme user administration overview.
theme_user_admin_new_role Theme the new-role form.
theme_user_admin_perm Theme the administer permissions page.
theme_user_filters Theme user administration filter selector.
theme_user_filter_form Theme user administration filter form.
user_admin Page callback: Generates the appropriate user administration form.
user_admin_access Menu callback: list all access rules
user_admin_access_add Menu callback: add an access rule.
user_admin_access_check Menu callback: list all access rules
user_admin_access_check_submit
user_admin_access_check_validate
user_admin_access_delete_confirm Menu callback: delete an access rule
user_admin_access_delete_confirm_submit
user_admin_access_edit Menu callback: edit an access rule.
user_admin_access_form Form builder; Configure access rules.
user_admin_access_form_submit Submit callback for user_admin_access_form().
user_admin_account Form builder; User administration page.
user_admin_account_submit Submit the user administration update form.
user_admin_account_validate
user_admin_check_host
user_admin_check_mail
user_admin_check_user
user_admin_perm Menu callback: administer permissions.
user_admin_perm_submit
user_admin_role Menu callback: administer roles.
user_admin_role_submit
user_admin_role_validate
user_admin_settings Form builder; Configure user settings for this site.
user_filter_form Form builder; Return form for user administration filters.
user_filter_form_submit Process result from user administration filter form.

File

modules/user/user.admin.inc
View source
  1. <?php
  2. /**
  3. * @file
  4. * Admin page callback file for the user module.
  5. */
  6. /**
  7. * Page callback: Generates the appropriate user administration form.
  8. *
  9. * This function generates the user registration, multiple user cancellation,
  10. * or filtered user list admin form, depending on the argument and the POST
  11. * form values.
  12. *
  13. * @param string $callback_arg
  14. * (optional) Indicates which form to build. Defaults to '', which will
  15. * trigger the user filter form. If the POST value 'op' is present, this
  16. * function uses that value as the callback argument.
  17. *
  18. * @return string
  19. * A renderable form array for the respective request.
  20. */
  21. function user_admin($callback_arg = '') {
  22. $op = isset($_POST['op']) ? $_POST['op'] : $callback_arg;
  23. switch ($op) {
  24. case t('Create new account'):
  25. case 'create':
  26. $output = drupal_get_form('user_register');
  27. break;
  28. default:
  29. if (!empty($_POST['accounts']) && isset($_POST['operation']) && ($_POST['operation'] == 'delete')) {
  30. $output = drupal_get_form('user_multiple_delete_confirm');
  31. }
  32. else {
  33. $output = drupal_get_form('user_filter_form');
  34. $output .= drupal_get_form('user_admin_account');
  35. }
  36. }
  37. return $output;
  38. }
  39. /**
  40. * Form builder; Return form for user administration filters.
  41. *
  42. * @ingroup forms
  43. * @see user_filter_form_submit()
  44. */
  45. function user_filter_form() {
  46. $session = &$_SESSION['user_overview_filter'];
  47. $session = is_array($session) ? $session : array();
  48. $filters = user_filters();
  49. $i = 0;
  50. $form['filters'] = array(
  51. '#type' => 'fieldset',
  52. '#title' => t('Show only users where'),
  53. '#theme' => 'user_filters',
  54. );
  55. foreach ($session as $filter) {
  56. list($type, $value) = $filter;
  57. // Merge an array of arrays into one if necessary.
  58. $options = $type == 'permission' ? call_user_func_array('array_merge', $filters[$type]['options']) : $filters[$type]['options'];
  59. $params = array('%property' => $filters[$type]['title'] , '%value' => $options[$value]);
  60. if ($i++ > 0) {
  61. $form['filters']['current'][] = array('#value' => t('<em>and</em> where <strong>%property</strong> is <strong>%value</strong>', $params));
  62. }
  63. else {
  64. $form['filters']['current'][] = array('#value' => t('<strong>%property</strong> is <strong>%value</strong>', $params));
  65. }
  66. }
  67. foreach ($filters as $key => $filter) {
  68. $names[$key] = $filter['title'];
  69. $form['filters']['status'][$key] = array(
  70. '#type' => 'select',
  71. '#options' => $filter['options'],
  72. );
  73. }
  74. $form['filters']['filter'] = array(
  75. '#type' => 'radios',
  76. '#options' => $names,
  77. );
  78. $form['filters']['buttons']['submit'] = array(
  79. '#type' => 'submit',
  80. '#value' => (count($session) ? t('Refine') : t('Filter')),
  81. );
  82. if (count($session)) {
  83. $form['filters']['buttons']['undo'] = array(
  84. '#type' => 'submit',
  85. '#value' => t('Undo'),
  86. );
  87. $form['filters']['buttons']['reset'] = array(
  88. '#type' => 'submit',
  89. '#value' => t('Reset'),
  90. );
  91. }
  92. drupal_add_js('misc/form.js', 'core');
  93. return $form;
  94. }
  95. /**
  96. * Process result from user administration filter form.
  97. */
  98. function user_filter_form_submit($form, &$form_state) {
  99. $op = $form_state['values']['op'];
  100. $filters = user_filters();
  101. switch ($op) {
  102. case t('Filter'): case t('Refine'):
  103. if (isset($form_state['values']['filter'])) {
  104. $filter = $form_state['values']['filter'];
  105. // Merge an array of arrays into one if necessary.
  106. $options = $filter == 'permission' ? call_user_func_array('array_merge', $filters[$filter]['options']) : $filters[$filter]['options'];
  107. if (isset($options[$form_state['values'][$filter]])) {
  108. $_SESSION['user_overview_filter'][] = array($filter, $form_state['values'][$filter]);
  109. }
  110. }
  111. break;
  112. case t('Undo'):
  113. array_pop($_SESSION['user_overview_filter']);
  114. break;
  115. case t('Reset'):
  116. $_SESSION['user_overview_filter'] = array();
  117. break;
  118. case t('Update'):
  119. return;
  120. }
  121. $form_state['redirect'] = 'admin/user/user';
  122. return;
  123. }
  124. /**
  125. * Form builder; User administration page.
  126. *
  127. * @ingroup forms
  128. * @see user_admin_account_validate()
  129. * @see user_admin_account_submit()
  130. */
  131. function user_admin_account() {
  132. $filter = user_build_filter_query();
  133. $header = array(
  134. array(),
  135. array('data' => t('Username'), 'field' => 'u.name'),
  136. array('data' => t('Status'), 'field' => 'u.status'),
  137. t('Roles'),
  138. array('data' => t('Member for'), 'field' => 'u.created', 'sort' => 'desc'),
  139. array('data' => t('Last access'), 'field' => 'u.access'),
  140. t('Operations')
  141. );
  142. if ($filter['join'] != "") {
  143. $sql = 'SELECT DISTINCT u.uid, u.name, u.status, u.created, u.access FROM {users} u LEFT JOIN {users_roles} ur ON u.uid = ur.uid '. $filter['join'] .' WHERE u.uid != 0 '. $filter['where'];
  144. $query_count = 'SELECT COUNT(DISTINCT u.uid) FROM {users} u LEFT JOIN {users_roles} ur ON u.uid = ur.uid '. $filter['join'] .' WHERE u.uid != 0 '. $filter['where'];
  145. }
  146. else {
  147. $sql = 'SELECT u.uid, u.name, u.status, u.created, u.access FROM {users} u WHERE u.uid != 0 '. $filter['where'];
  148. $query_count = 'SELECT COUNT(u.uid) FROM {users} u WHERE u.uid != 0 '. $filter['where'];
  149. }
  150. $sql .= tablesort_sql($header);
  151. $result = pager_query($sql, 50, 0, $query_count, $filter['args']);
  152. $form['options'] = array(
  153. '#type' => 'fieldset',
  154. '#title' => t('Update options'),
  155. '#prefix' => '<div class="container-inline">',
  156. '#suffix' => '</div>',
  157. );
  158. $options = array();
  159. foreach (module_invoke_all('user_operations') as $operation => $array) {
  160. $options[$operation] = $array['label'];
  161. }
  162. $form['options']['operation'] = array(
  163. '#type' => 'select',
  164. '#options' => $options,
  165. '#default_value' => 'unblock',
  166. );
  167. $form['options']['submit'] = array(
  168. '#type' => 'submit',
  169. '#value' => t('Update'),
  170. );
  171. $destination = drupal_get_destination();
  172. $status = array(t('blocked'), t('active'));
  173. $roles = user_roles(TRUE);
  174. $accounts = array();
  175. while ($account = db_fetch_object($result)) {
  176. $accounts[$account->uid] = '';
  177. $form['name'][$account->uid] = array('#value' => theme('username', $account));
  178. $form['status'][$account->uid] = array('#value' => $status[$account->status]);
  179. $users_roles = array();
  180. $roles_result = db_query('SELECT rid FROM {users_roles} WHERE uid = %d', $account->uid);
  181. while ($user_role = db_fetch_object($roles_result)) {
  182. $users_roles[] = $roles[$user_role->rid];
  183. }
  184. asort($users_roles);
  185. $form['roles'][$account->uid][0] = array('#value' => theme('item_list', $users_roles));
  186. $form['member_for'][$account->uid] = array('#value' => format_interval(time() - $account->created));
  187. $form['last_access'][$account->uid] = array('#value' => $account->access ? t('@time ago', array('@time' => format_interval(time() - $account->access))) : t('never'));
  188. $form['operations'][$account->uid] = array('#value' => l(t('edit'), "user/$account->uid/edit", array('query' => $destination)));
  189. }
  190. $form['accounts'] = array(
  191. '#type' => 'checkboxes',
  192. '#options' => $accounts
  193. );
  194. $form['pager'] = array('#value' => theme('pager', NULL, 50, 0));
  195. return $form;
  196. }
  197. /**
  198. * Submit the user administration update form.
  199. */
  200. function user_admin_account_submit($form, &$form_state) {
  201. $operations = module_invoke_all('user_operations', $form_state);
  202. $operation = $operations[$form_state['values']['operation']];
  203. // Filter out unchecked accounts.
  204. $accounts = array_filter($form_state['values']['accounts']);
  205. if ($function = $operation['callback']) {
  206. // Add in callback arguments if present.
  207. if (isset($operation['callback arguments'])) {
  208. $args = array_merge(array($accounts), $operation['callback arguments']);
  209. }
  210. else {
  211. $args = array($accounts);
  212. }
  213. call_user_func_array($function, $args);
  214. drupal_set_message(t('The update has been performed.'));
  215. }
  216. }
  217. function user_admin_account_validate($form, &$form_state) {
  218. $form_state['values']['accounts'] = array_filter($form_state['values']['accounts']);
  219. if (count($form_state['values']['accounts']) == 0) {
  220. form_set_error('', t('No users selected.'));
  221. }
  222. }
  223. /**
  224. * Form builder; Configure user settings for this site.
  225. *
  226. * @ingroup forms
  227. * @see system_settings_form()
  228. */
  229. function user_admin_settings() {
  230. // User registration settings.
  231. $form['registration'] = array('#type' => 'fieldset', '#title' => t('User registration settings'));
  232. $form['registration']['user_register'] = array('#type' => 'radios', '#title' => t('Public registrations'), '#default_value' => variable_get('user_register', 1), '#options' => array(t('Only site administrators can create new user accounts.'), t('Visitors can create accounts and no administrator approval is required.'), t('Visitors can create accounts but administrator approval is required.')));
  233. $form['registration']['user_email_verification'] = array('#type' => 'checkbox', '#title' => t('Require e-mail verification when a visitor creates an account'), '#default_value' => variable_get('user_email_verification', TRUE), '#description' => t('If this box is checked, new users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With it unchecked, users will be logged in immediately upon registering, and may select their own passwords during registration.'));
  234. $form['registration']['user_registration_help'] = array('#type' => 'textarea', '#title' => t('User registration guidelines'), '#default_value' => variable_get('user_registration_help', ''), '#description' => t('This text is displayed at the top of the user registration form and is useful for helping or instructing your users.'));
  235. // User e-mail settings.
  236. $form['email'] = array(
  237. '#type' => 'fieldset',
  238. '#title' => t('User e-mail settings'),
  239. '#description' => t('Drupal sends emails whenever new users register on your site, and optionally, may also notify users after other account actions. Using a simple set of content templates, notification e-mails can be customized to fit the specific needs of your site.'),
  240. );
  241. // These email tokens are shared for all settings, so just define
  242. // the list once to help ensure they stay in sync.
  243. $email_token_help = t('Available variables are:') .' !username, !site, !password, !uri, !uri_brief, !mailto, !date, !login_uri, !edit_uri, !login_url.';
  244. $form['email']['admin_created'] = array(
  245. '#type' => 'fieldset',
  246. '#title' => t('Welcome, new user created by administrator'),
  247. '#collapsible' => TRUE,
  248. '#collapsed' => (variable_get('user_register', 1) != 0),
  249. '#description' => t('Customize welcome e-mail messages sent to new member accounts created by an administrator.') .' '. $email_token_help,
  250. );
  251. $form['email']['admin_created']['user_mail_register_admin_created_subject'] = array(
  252. '#type' => 'textfield',
  253. '#title' => t('Subject'),
  254. '#default_value' => _user_mail_text('register_admin_created_subject'),
  255. '#maxlength' => 180,
  256. );
  257. $form['email']['admin_created']['user_mail_register_admin_created_body'] = array(
  258. '#type' => 'textarea',
  259. '#title' => t('Body'),
  260. '#default_value' => _user_mail_text('register_admin_created_body'),
  261. '#rows' => 15,
  262. );
  263. $form['email']['no_approval_required'] = array(
  264. '#type' => 'fieldset',
  265. '#title' => t('Welcome, no approval required'),
  266. '#collapsible' => TRUE,
  267. '#collapsed' => (variable_get('user_register', 1) != 1),
  268. '#description' => t('Customize welcome e-mail messages sent to new members upon registering, when no administrator approval is required.') .' '. $email_token_help
  269. );
  270. $form['email']['no_approval_required']['user_mail_register_no_approval_required_subject'] = array(
  271. '#type' => 'textfield',
  272. '#title' => t('Subject'),
  273. '#default_value' => _user_mail_text('register_no_approval_required_subject'),
  274. '#maxlength' => 180,
  275. );
  276. $form['email']['no_approval_required']['user_mail_register_no_approval_required_body'] = array(
  277. '#type' => 'textarea',
  278. '#title' => t('Body'),
  279. '#default_value' => _user_mail_text('register_no_approval_required_body'),
  280. '#rows' => 15,
  281. );
  282. $form['email']['pending_approval'] = array(
  283. '#type' => 'fieldset',
  284. '#title' => t('Welcome, awaiting administrator approval'),
  285. '#collapsible' => TRUE,
  286. '#collapsed' => (variable_get('user_register', 1) != 2),
  287. '#description' => t('Customize welcome e-mail messages sent to new members upon registering, when administrative approval is required.') .' '. $email_token_help,
  288. );
  289. $form['email']['pending_approval']['user_mail_register_pending_approval_subject'] = array(
  290. '#type' => 'textfield',
  291. '#title' => t('Subject'),
  292. '#default_value' => _user_mail_text('register_pending_approval_subject'),
  293. '#maxlength' => 180,
  294. );
  295. $form['email']['pending_approval']['user_mail_register_pending_approval_body'] = array(
  296. '#type' => 'textarea',
  297. '#title' => t('Body'),
  298. '#default_value' => _user_mail_text('register_pending_approval_body'),
  299. '#rows' => 8,
  300. );
  301. $form['email']['password_reset'] = array(
  302. '#type' => 'fieldset',
  303. '#title' => t('Password recovery email'),
  304. '#collapsible' => TRUE,
  305. '#collapsed' => TRUE,
  306. '#description' => t('Customize e-mail messages sent to users who request a new password.') .' '. $email_token_help,
  307. );
  308. $form['email']['password_reset']['user_mail_password_reset_subject'] = array(
  309. '#type' => 'textfield',
  310. '#title' => t('Subject'),
  311. '#default_value' => _user_mail_text('password_reset_subject'),
  312. '#maxlength' => 180,
  313. );
  314. $form['email']['password_reset']['user_mail_password_reset_body'] = array(
  315. '#type' => 'textarea',
  316. '#title' => t('Body'),
  317. '#default_value' => _user_mail_text('password_reset_body'),
  318. '#rows' => 12,
  319. );
  320. $form['email']['activated'] = array(
  321. '#type' => 'fieldset',
  322. '#title' => t('Account activation email'),
  323. '#collapsible' => TRUE,
  324. '#collapsed' => TRUE,
  325. '#description' => t('Enable and customize e-mail messages sent to users upon account activation (when an administrator activates an account of a user who has already registered, on a site where administrative approval is required).') .' '. $email_token_help,
  326. );
  327. $form['email']['activated']['user_mail_status_activated_notify'] = array(
  328. '#type' => 'checkbox',
  329. '#title' => t('Notify user when account is activated.'),
  330. '#default_value' => variable_get('user_mail_status_activated_notify', TRUE),
  331. );
  332. $form['email']['activated']['user_mail_status_activated_subject'] = array(
  333. '#type' => 'textfield',
  334. '#title' => t('Subject'),
  335. '#default_value' => _user_mail_text('status_activated_subject'),
  336. '#maxlength' => 180,
  337. );
  338. $form['email']['activated']['user_mail_status_activated_body'] = array(
  339. '#type' => 'textarea',
  340. '#title' => t('Body'),
  341. '#default_value' => _user_mail_text('status_activated_body'),
  342. '#rows' => 15,
  343. );
  344. $form['email']['blocked'] = array(
  345. '#type' => 'fieldset',
  346. '#title' => t('Account blocked email'),
  347. '#collapsible' => TRUE,
  348. '#collapsed' => TRUE,
  349. '#description' => t('Enable and customize e-mail messages sent to users when their accounts are blocked.') .' '. $email_token_help,
  350. );
  351. $form['email']['blocked']['user_mail_status_blocked_notify'] = array(
  352. '#type' => 'checkbox',
  353. '#title' => t('Notify user when account is blocked.'),
  354. '#default_value' => variable_get('user_mail_status_blocked_notify', FALSE),
  355. );
  356. $form['email']['blocked']['user_mail_status_blocked_subject'] = array(
  357. '#type' => 'textfield',
  358. '#title' => t('Subject'),
  359. '#default_value' => _user_mail_text('status_blocked_subject'),
  360. '#maxlength' => 180,
  361. );
  362. $form['email']['blocked']['user_mail_status_blocked_body'] = array(
  363. '#type' => 'textarea',
  364. '#title' => t('Body'),
  365. '#default_value' => _user_mail_text('status_blocked_body'),
  366. '#rows' => 3,
  367. );
  368. $form['email']['deleted'] = array(
  369. '#type' => 'fieldset',
  370. '#title' => t('Account deleted email'),
  371. '#collapsible' => TRUE,
  372. '#collapsed' => TRUE,
  373. '#description' => t('Enable and customize e-mail messages sent to users when their accounts are deleted.') .' '. $email_token_help,
  374. );
  375. $form['email']['deleted']['user_mail_status_deleted_notify'] = array(
  376. '#type' => 'checkbox',
  377. '#title' => t('Notify user when account is deleted.'),
  378. '#default_value' => variable_get('user_mail_status_deleted_notify', FALSE),
  379. );
  380. $form['email']['deleted']['user_mail_status_deleted_subject'] = array(
  381. '#type' => 'textfield',
  382. '#title' => t('Subject'),
  383. '#default_value' => _user_mail_text('status_deleted_subject'),
  384. '#maxlength' => 180,
  385. );
  386. $form['email']['deleted']['user_mail_status_deleted_body'] = array(
  387. '#type' => 'textarea',
  388. '#title' => t('Body'),
  389. '#default_value' => _user_mail_text('status_deleted_body'),
  390. '#rows' => 3,
  391. );
  392. // User signatures.
  393. $form['signatures'] = array(
  394. '#type' => 'fieldset',
  395. '#title' => t('Signatures'),
  396. );
  397. $form['signatures']['user_signatures'] = array(
  398. '#type' => 'radios',
  399. '#title' => t('Signature support'),
  400. '#default_value' => variable_get('user_signatures', 0),
  401. '#options' => array(t('Disabled'), t('Enabled')),
  402. );
  403. // If picture support is enabled, check whether the picture directory exists:
  404. if (variable_get('user_pictures', 0)) {
  405. $picture_path = file_create_path(variable_get('user_picture_path', 'pictures'));
  406. file_check_directory($picture_path, 1, 'user_picture_path');
  407. }
  408. $form['pictures'] = array(
  409. '#type' => 'fieldset',
  410. '#title' => t('Pictures'),
  411. );
  412. $picture_support = variable_get('user_pictures', 0);
  413. $form['pictures']['user_pictures'] = array(
  414. '#type' => 'radios',
  415. '#title' => t('Picture support'),
  416. '#default_value' => $picture_support,
  417. '#options' => array(t('Disabled'), t('Enabled')),
  418. '#prefix' => '<div class="user-admin-picture-radios">',
  419. '#suffix' => '</div>',
  420. );
  421. drupal_add_js(drupal_get_path('module', 'user') .'/user.js');
  422. // If JS is enabled, and the radio is defaulting to off, hide all
  423. // the settings on page load via .css using the js-hide class so
  424. // that there's no flicker.
  425. $css_class = 'user-admin-picture-settings';
  426. if (!$picture_support) {
  427. $css_class .= ' js-hide';
  428. }
  429. $form['pictures']['settings'] = array(
  430. '#prefix' => '<div class="'. $css_class .'">',
  431. '#suffix' => '</div>',
  432. );
  433. $form['pictures']['settings']['user_picture_path'] = array(
  434. '#type' => 'textfield',
  435. '#title' => t('Picture image path'),
  436. '#default_value' => variable_get('user_picture_path', 'pictures'),
  437. '#size' => 30,
  438. '#maxlength' => 255,
  439. '#description' => t('Subdirectory in the directory %dir where pictures will be stored.', array('%dir' => file_directory_path() .'/')),
  440. );
  441. $form['pictures']['settings']['user_picture_default'] = array(
  442. '#type' => 'textfield',
  443. '#title' => t('Default picture'),
  444. '#default_value' => variable_get('user_picture_default', ''),
  445. '#size' => 30,
  446. '#maxlength' => 255,
  447. '#description' => t('URL of picture to display for users with no custom picture selected. Leave blank for none.'),
  448. );
  449. $form['pictures']['settings']['user_picture_dimensions'] = array(
  450. '#type' => 'textfield',
  451. '#title' => t('Picture maximum dimensions'),
  452. '#default_value' => variable_get('user_picture_dimensions', '85x85'),
  453. '#size' => 15,
  454. '#maxlength' => 10,
  455. '#description' => t('Maximum dimensions for pictures, in pixels.'),
  456. );
  457. $form['pictures']['settings']['user_picture_file_size'] = array(
  458. '#type' => 'textfield',
  459. '#title' => t('Picture maximum file size'),
  460. '#default_value' => variable_get('user_picture_file_size', '30'),
  461. '#size' => 15,
  462. '#maxlength' => 10,
  463. '#description' => t('Maximum file size for pictures, in kB.'),
  464. );
  465. $form['pictures']['settings']['user_picture_guidelines'] = array(
  466. '#type' => 'textarea',
  467. '#title' => t('Picture guidelines'),
  468. '#default_value' => variable_get('user_picture_guidelines', ''),
  469. '#description' => t("This text is displayed at the picture upload form in addition to the default guidelines. It's useful for helping or instructing your users."),
  470. );
  471. return system_settings_form($form);
  472. }
  473. /**
  474. * Menu callback: administer permissions.
  475. *
  476. * @ingroup forms
  477. * @see user_admin_perm_submit()
  478. * @see theme_user_admin_perm()
  479. */
  480. function user_admin_perm($form_state, $rid = NULL) {
  481. if (is_numeric($rid)) {
  482. $result = db_query('SELECT r.rid, p.perm FROM {role} r LEFT JOIN {permission} p ON r.rid = p.rid WHERE r.rid = %d', $rid);
  483. }
  484. else {
  485. $result = db_query('SELECT r.rid, p.perm FROM {role} r LEFT JOIN {permission} p ON r.rid = p.rid ORDER BY name');
  486. }
  487. // Compile role array:
  488. // Add a comma at the end so when searching for a permission, we can
  489. // always search for "$perm," to make sure we do not confuse
  490. // permissions that are substrings of each other.
  491. while ($role = db_fetch_object($result)) {
  492. $role_permissions[$role->rid] = $role->perm .',';
  493. }
  494. // Retrieve role names for columns.
  495. $role_names = user_roles();
  496. if (is_numeric($rid)) {
  497. $role_names = array($rid => $role_names[$rid]);
  498. }
  499. // Render role/permission overview:
  500. $options = array();
  501. foreach (module_list(FALSE, FALSE, TRUE) as $module) {
  502. if ($permissions = module_invoke($module, 'perm')) {
  503. $form['permission'][] = array(
  504. '#value' => $module,
  505. );
  506. asort($permissions);
  507. foreach ($permissions as $perm) {
  508. $options[$perm] = '';
  509. $form['permission'][$perm] = array('#value' => t($perm));
  510. foreach ($role_names as $rid => $name) {
  511. // Builds arrays for checked boxes for each role
  512. if (strpos($role_permissions[$rid], $perm .',') !== FALSE) {
  513. $status[$rid][] = $perm;
  514. }
  515. }
  516. }
  517. }
  518. }
  519. // Have to build checkboxes here after checkbox arrays are built
  520. foreach ($role_names as $rid => $name) {
  521. $form['checkboxes'][$rid] = array('#type' => 'checkboxes', '#options' => $options, '#default_value' => isset($status[$rid]) ? $status[$rid] : array());
  522. $form['role_names'][$rid] = array('#value' => $name, '#tree' => TRUE);
  523. }
  524. $form['submit'] = array('#type' => 'submit', '#value' => t('Save permissions'));
  525. return $form;
  526. }
  527. function user_admin_perm_submit($form, &$form_state) {
  528. // Save permissions:
  529. $result = db_query('SELECT * FROM {role}');
  530. while ($role = db_fetch_object($result)) {
  531. if (isset($form_state['values'][$role->rid])) {
  532. // Delete, so if we clear every checkbox we reset that role;
  533. // otherwise permissions are active and denied everywhere.
  534. db_query('DELETE FROM {permission} WHERE rid = %d', $role->rid);
  535. $form_state['values'][$role->rid] = array_filter($form_state['values'][$role->rid]);
  536. if (count($form_state['values'][$role->rid])) {
  537. db_query("INSERT INTO {permission} (rid, perm) VALUES (%d, '%s')", $role->rid, implode(', ', array_keys($form_state['values'][$role->rid])));
  538. }
  539. }
  540. }
  541. drupal_set_message(t('The changes have been saved.'));
  542. // Clear the cached pages
  543. cache_clear_all();
  544. }
  545. /**
  546. * Theme the administer permissions page.
  547. *
  548. * @ingroup themeable
  549. */
  550. function theme_user_admin_perm($form) {
  551. $roles = user_roles();
  552. foreach (element_children($form['permission']) as $key) {
  553. // Don't take form control structures
  554. if (is_array($form['permission'][$key])) {
  555. $row = array();
  556. // Module name
  557. if (is_numeric($key)) {
  558. $row[] = array('data' => t('@module module', array('@module' => drupal_render($form['permission'][$key]))), 'class' => 'module', 'id' => 'module-'. $form['permission'][$key]['#value'], 'colspan' => count($form['role_names']) + 1);
  559. }
  560. else {
  561. $row[] = array('data' => drupal_render($form['permission'][$key]), 'class' => 'permission');
  562. foreach (element_children($form['checkboxes']) as $rid) {
  563. if (is_array($form['checkboxes'][$rid])) {
  564. $row[] = array('data' => drupal_render($form['checkboxes'][$rid][$key]), 'class' => 'checkbox', 'title' => $roles[$rid] .' : '. t($key));
  565. }
  566. }
  567. }
  568. $rows[] = $row;
  569. }
  570. }
  571. $header[] = (t('Permission'));
  572. foreach (element_children($form['role_names']) as $rid) {
  573. if (is_array($form['role_names'][$rid])) {
  574. $header[] = array('data' => drupal_render($form['role_names'][$rid]), 'class' => 'checkbox');
  575. }
  576. }
  577. $output = theme('table', $header, $rows, array('id' => 'permissions'));
  578. $output .= drupal_render($form);
  579. return $output;
  580. }
  581. /**
  582. * Menu callback: administer roles.
  583. *
  584. * @ingroup forms
  585. * @see user_admin_role_validate()
  586. * @see user_admin_role_submit()
  587. * @see theme_user_admin_new_role()
  588. */
  589. function user_admin_role() {
  590. $rid = arg(4);
  591. if ($rid) {
  592. if ($rid == DRUPAL_ANONYMOUS_RID || $rid == DRUPAL_AUTHENTICATED_RID) {
  593. drupal_goto('admin/user/roles');
  594. }
  595. // Display the edit role form.
  596. $role = db_fetch_object(db_query('SELECT * FROM {role} WHERE rid = %d', $rid));
  597. $form['name'] = array(
  598. '#type' => 'textfield',
  599. '#title' => t('Role name'),
  600. '#default_value' => $role->name,
  601. '#size' => 30,
  602. '#required' => TRUE,
  603. '#maxlength' => 64,
  604. '#description' => t('The name for this role. Example: "moderator", "editorial board", "site architect".'),
  605. );
  606. $form['rid'] = array(
  607. '#type' => 'value',
  608. '#value' => $rid,
  609. );
  610. $form['submit'] = array(
  611. '#type' => 'submit',
  612. '#value' => t('Save role'),
  613. );
  614. $form['delete'] = array(
  615. '#type' => 'submit',
  616. '#value' => t('Delete role'),
  617. );
  618. }
  619. else {
  620. $form['name'] = array(
  621. '#type' => 'textfield',
  622. '#size' => 32,
  623. '#maxlength' => 64,
  624. );
  625. $form['submit'] = array(
  626. '#type' => 'submit',
  627. '#value' => t('Add role'),
  628. );
  629. $form['#submit'][] = 'user_admin_role_submit';
  630. $form['#validate'][] = 'user_admin_role_validate';
  631. }
  632. return $form;
  633. }
  634. function user_admin_role_validate($form, &$form_state) {
  635. if ($form_state['values']['name']) {
  636. if ($form_state['values']['op'] == t('Save role')) {
  637. if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = '%s' AND rid != %d", $form_state['values']['name'], $form_state['values']['rid']))) {
  638. form_set_error('name', t('The role name %name already exists. Please choose another role name.', array('%name' => $form_state['values']['name'])));
  639. }
  640. }
  641. else if ($form_state['values']['op'] == t('Add role')) {
  642. if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = '%s'", $form_state['values']['name']))) {
  643. form_set_error('name', t('The role name %name already exists. Please choose another role name.', array('%name' => $form_state['values']['name'])));
  644. }
  645. }
  646. }
  647. else {
  648. form_set_error('name', t('You must specify a valid role name.'));
  649. }
  650. }
  651. function user_admin_role_submit($form, &$form_state) {
  652. if ($form_state['values']['op'] == t('Save role')) {
  653. db_query("UPDATE {role} SET name = '%s' WHERE rid = %d", $form_state['values']['name'], $form_state['values']['rid']);
  654. drupal_set_message(t('The role has been renamed.'));
  655. }
  656. else if ($form_state['values']['op'] == t('Delete role')) {
  657. db_query('DELETE FROM {role} WHERE rid = %d', $form_state['values']['rid']);
  658. db_query('DELETE FROM {permission} WHERE rid = %d', $form_state['values']['rid']);
  659. // Update the users who have this role set:
  660. db_query('DELETE FROM {users_roles} WHERE rid = %d', $form_state['values']['rid']);
  661. drupal_set_message(t('The role has been deleted.'));
  662. }
  663. else if ($form_state['values']['op'] == t('Add role')) {
  664. db_query("INSERT INTO {role} (name) VALUES ('%s')", $form_state['values']['name']);
  665. drupal_set_message(t('The role has been added.'));
  666. }
  667. $form_state['redirect'] = 'admin/user/roles';
  668. return;
  669. }
  670. /**
  671. * Menu callback: list all access rules
  672. */
  673. function user_admin_access_check() {
  674. $output = drupal_get_form('user_admin_check_user');
  675. $output .= drupal_get_form('user_admin_check_mail');
  676. $output .= drupal_get_form('user_admin_check_host');
  677. return $output;
  678. }
  679. /**
  680. * Menu callback: add an access rule.
  681. */
  682. function user_admin_access_add($mask = NULL, $type = NULL) {
  683. $edit = array();
  684. $edit['aid'] = 0;
  685. $edit['mask'] = $mask;
  686. $edit['type'] = $type;
  687. return drupal_get_form('user_admin_access_add_form', $edit, t('Add rule'));
  688. }
  689. /**
  690. * Menu callback: edit an access rule.
  691. */
  692. function user_admin_access_edit($aid = 0) {
  693. $edit = db_fetch_array(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid));
  694. return drupal_get_form('user_admin_access_edit_form', $edit, t('Save rule'));
  695. }
  696. /**
  697. * Form builder; Configure access rules.
  698. *
  699. * @ingroup forms
  700. */
  701. function user_admin_access_form(&$form_state, $edit, $submit) {
  702. $form = array();
  703. $form['aid'] = array(
  704. '#type' => 'value',
  705. '#value' => $edit['aid'],
  706. );
  707. $form['status'] = array(
  708. '#type' => 'radios',
  709. '#title' => t('Access type'),
  710. '#default_value' => isset($edit['status']) ? $edit['status'] : 0,
  711. '#options' => array('1' => t('Allow'), '0' => t('Deny')),
  712. );
  713. $type_options = array('user' => t('Username'), 'mail' => t('E-mail'), 'host' => t('Host'));
  714. $form['type'] = array(
  715. '#type' => 'radios',
  716. '#title' => t('Rule type'),
  717. '#default_value' => (isset($type_options[$edit['type']]) ? $edit['type'] : 'user'),
  718. '#options' => $type_options,
  719. );
  720. $form['mask'] = array(
  721. '#type' => 'textfield',
  722. '#title' => t('Mask'),
  723. '#size' => 30,
  724. '#maxlength' => 64,
  725. '#default_value' => $edit['mask'],
  726. '#description' => '%: '. t('Matches any number of characters, even zero characters') .'.<br />_: '. t('Matches exactly one character.'),
  727. '#required' => TRUE,
  728. );
  729. $form['submit'] = array('#type' => 'submit', '#value' => $submit);
  730. $form['#submit'] = array('user_admin_access_form_submit');
  731. return $form;
  732. }
  733. /**
  734. * Submit callback for user_admin_access_form().
  735. */
  736. function user_admin_access_form_submit($form, &$form_state) {
  737. $edit = $form_state['values'];
  738. if ($edit['aid']) {
  739. db_query("UPDATE {access} SET mask = '%s', type = '%s', status = '%s' WHERE aid = %d", $edit['mask'], $edit['type'], $edit['status'], $edit['aid']);
  740. drupal_set_message(t('The access rule has been saved.'));
  741. }
  742. else {
  743. db_query("INSERT INTO {access} (mask, type, status) VALUES ('%s', '%s', %d)", $edit['mask'], $edit['type'], $edit['status']);
  744. drupal_set_message(t('The access rule has been added.'));
  745. }
  746. $form_state['redirect'] = 'admin/user/rules';
  747. }
  748. function user_admin_access_check_validate($form, &$form_state) {
  749. if (empty($form_state['values']['test'])) {
  750. form_set_error($form_state['values']['type'], t('No value entered. Please enter a test string and try again.'));
  751. }
  752. }
  753. function user_admin_check_user() {
  754. $form['user'] = array('#type' => 'fieldset', '#title' => t('Username'));
  755. $form['user']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a username to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => USERNAME_MAX_LENGTH);
  756. $form['user']['type'] = array('#type' => 'hidden', '#value' => 'user');
  757. $form['user']['submit'] = array('#type' => 'submit', '#value' => t('Check username'));
  758. $form['#submit'][] = 'user_admin_access_check_submit';
  759. $form['#validate'][] = 'user_admin_access_check_validate';
  760. $form['#theme'] = 'user_admin_access_check';
  761. return $form;
  762. }
  763. function user_admin_check_mail() {
  764. $form['mail'] = array('#type' => 'fieldset', '#title' => t('E-mail'));
  765. $form['mail']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter an e-mail address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => EMAIL_MAX_LENGTH);
  766. $form['mail']['type'] = array('#type' => 'hidden', '#value' => 'mail');
  767. $form['mail']['submit'] = array('#type' => 'submit', '#value' => t('Check e-mail'));
  768. $form['#submit'][] = 'user_admin_access_check_submit';
  769. $form['#validate'][] = 'user_admin_access_check_validate';
  770. $form['#theme'] = 'user_admin_access_check';
  771. return $form;
  772. }
  773. function user_admin_check_host() {
  774. $form['host'] = array('#type' => 'fieldset', '#title' => t('Hostname'));
  775. $form['host']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a hostname or IP address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => 64);
  776. $form['host']['type'] = array('#type' => 'hidden', '#value' => 'host');
  777. $form['host']['submit'] = array('#type' => 'submit', '#value' => t('Check hostname'));
  778. $form['#submit'][] = 'user_admin_access_check_submit';
  779. $form['#validate'][] = 'user_admin_access_check_validate';
  780. $form['#theme'] = 'user_admin_access_check';
  781. return $form;
  782. }
  783. function user_admin_access_check_submit($form, &$form_state) {
  784. switch ($form_state['values']['type']) {
  785. case 'user':
  786. if (drupal_is_denied('user', $form_state['values']['test'])) {
  787. drupal_set_message(t('The username %name is not allowed.', array('%name' => $form_state['values']['test'])));
  788. }
  789. else {
  790. drupal_set_message(t('The username %name is allowed.', array('%name' => $form_state['values']['test'])));
  791. }
  792. break;
  793. case 'mail':
  794. if (drupal_is_denied('mail', $form_state['values']['test'])) {
  795. drupal_set_message(t('The e-mail address %mail is not allowed.', array('%mail' => $form_state['values']['test'])));
  796. }
  797. else {
  798. drupal_set_message(t('The e-mail address %mail is allowed.', array('%mail' => $form_state['values']['test'])));
  799. }
  800. break;
  801. case 'host':
  802. if (drupal_is_denied('host', $form_state['values']['test'])) {
  803. drupal_set_message(t('The hostname %host is not allowed.', array('%host' => $form_state['values']['test'])));
  804. }
  805. else {
  806. drupal_set_message(t('The hostname %host is allowed.', array('%host' => $form_state['values']['test'])));
  807. }
  808. break;
  809. default:
  810. break;
  811. }
  812. }
  813. /**
  814. * Menu callback: delete an access rule
  815. *
  816. * @ingroup forms
  817. * @see user_admin_access_delete_confirm_submit()
  818. */
  819. function user_admin_access_delete_confirm($form_state, $aid = 0) {
  820. $access_types = array('user' => t('username'), 'mail' => t('e-mail'), 'host' => t('host'));
  821. $edit = db_fetch_object(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid));
  822. $form = array();
  823. $form['aid'] = array('#type' => 'hidden', '#value' => $aid);
  824. $output = confirm_form($form,
  825. t('Are you sure you want to delete the @type rule for %rule?', array('@type' => $access_types[$edit->type], '%rule' => $edit->mask)),
  826. 'admin/user/rules',
  827. t('This action cannot be undone.'),
  828. t('Delete'),
  829. t('Cancel'));
  830. return $output;
  831. }
  832. function user_admin_access_delete_confirm_submit($form, &$form_state) {
  833. db_query('DELETE FROM {access} WHERE aid = %d', $form_state['values']['aid']);
  834. drupal_set_message(t('The access rule has been deleted.'));
  835. $form_state['redirect'] = 'admin/user/rules';
  836. return;
  837. }
  838. /**
  839. * Menu callback: list all access rules
  840. */
  841. function user_admin_access() {
  842. $header = array(array('data' => t('Access type'), 'field' => 'status'), array('data' => t('Rule type'), 'field' => 'type'), array('data' => t('Mask'), 'field' => 'mask'), array('data' => t('Operations'), 'colspan' => 2));
  843. $result = db_query("SELECT aid, type, status, mask FROM {access}". tablesort_sql($header));
  844. $access_types = array('user' => t('username'), 'mail' => t('e-mail'), 'host' => t('host'));
  845. $rows = array();
  846. while ($rule = db_fetch_object($result)) {
  847. $rows[] = array($rule->status ? t('allow') : t('deny'), $access_types[$rule->type], $rule->mask, l(t('edit'), 'admin/user/rules/edit/'. $rule->aid), l(t('delete'), 'admin/user/rules/delete/'. $rule->aid));
  848. }
  849. if (empty($rows)) {
  850. $rows[] = array(array('data' => '<em>'. t('There are currently no access rules.') .'</em>', 'colspan' => 5));
  851. }
  852. return theme('table', $header, $rows);
  853. }
  854. /**
  855. * Theme user administration overview.
  856. *
  857. * @ingroup themeable
  858. */
  859. function theme_user_admin_account($form) {
  860. // Overview table:
  861. $header = array(
  862. theme('table_select_header_cell'),
  863. array('data' => t('Username'), 'field' => 'u.name'),
  864. array('data' => t('Status'), 'field' => 'u.status'),
  865. t('Roles'),
  866. array('data' => t('Member for'), 'field' => 'u.created', 'sort' => 'desc'),
  867. array('data' => t('Last access'), 'field' => 'u.access'),
  868. t('Operations')
  869. );
  870. $output = drupal_render($form['options']);
  871. if (isset($form['name']) && is_array($form['name'])) {
  872. foreach (element_children($form['name']) as $key) {
  873. $rows[] = array(
  874. drupal_render($form['accounts'][$key]),
  875. drupal_render($form['name'][$key]),
  876. drupal_render($form['status'][$key]),
  877. drupal_render($form['roles'][$key]),
  878. drupal_render($form['member_for'][$key]),
  879. drupal_render($form['last_access'][$key]),
  880. drupal_render($form['operations'][$key]),
  881. );
  882. }
  883. }
  884. else {
  885. $rows[] = array(array('data' => t('No users available.'), 'colspan' => '7'));
  886. }
  887. $output .= theme('table', $header, $rows);
  888. if ($form['pager']['#value']) {
  889. $output .= drupal_render($form['pager']);
  890. }
  891. $output .= drupal_render($form);
  892. return $output;
  893. }
  894. /**
  895. * Theme the new-role form.
  896. *
  897. * @ingroup themeable
  898. */
  899. function theme_user_admin_new_role($form) {
  900. $header = array(t('Name'), array('data' => t('Operations'), 'colspan' => 2));
  901. foreach (user_roles() as $rid => $name) {
  902. $edit_permissions = l(t('edit permissions'), 'admin/user/permissions/'. $rid);
  903. if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
  904. $rows[] = array($name, l(t('edit role'), 'admin/user/roles/edit/'. $rid), $edit_permissions);
  905. }
  906. else {
  907. $rows[] = array($name, t('locked'), $edit_permissions);
  908. }
  909. }
  910. $rows[] = array(drupal_render($form['name']), array('data' => drupal_render($form['submit']), 'colspan' => 2));
  911. $output = drupal_render($form);
  912. $output .= theme('table', $header, $rows);
  913. return $output;
  914. }
  915. /**
  916. * Theme user administration filter form.
  917. *
  918. * @ingroup themeable
  919. */
  920. function theme_user_filter_form($form) {
  921. $output = '<div id="user-admin-filter">';
  922. $output .= drupal_render($form['filters']);
  923. $output .= '</div>';
  924. $output .= drupal_render($form);
  925. return $output;
  926. }
  927. /**
  928. * Theme user administration filter selector.
  929. *
  930. * @ingroup themeable
  931. */
  932. function theme_user_filters($form) {
  933. $output = '<ul class="clear-block">';
  934. if (!empty($form['current'])) {
  935. foreach (element_children($form['current']) as $key) {
  936. $output .= '<li>'. drupal_render($form['current'][$key]) .'</li>';
  937. }
  938. }
  939. $output .= '<li><dl class="multiselect">'. (!empty($form['current']) ? '<dt><em>'. t('and') .'</em> '. t('where') .'</dt>' : '') .'<dd class="a">';
  940. foreach (element_children($form['filter']) as $key) {
  941. $output .= drupal_render($form['filter'][$key]);
  942. }
  943. $output .= '</dd>';
  944. $output .= '<dt>'. t('is') .'</dt><dd class="b">';
  945. foreach (element_children($form['status']) as $key) {
  946. $output .= drupal_render($form['status'][$key]);
  947. }
  948. $output .= '</dd>';
  949. $output .= '</dl>';
  950. $output .= '<div class="container-inline" id="user-admin-buttons">'. drupal_render($form['buttons']) .'</div>';
  951. $output .= '</li></ul>';
  952. return $output;
  953. }