pjs/webtools/litmus/edit_users.cgi

172 строки
5.4 KiB
Perl
Executable File

#!/usr/bin/perl -w
# -*- Mode: perl; indent-tabs-mode: nil -*-
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is Litmus.
#
# The Initial Developer of the Original Code is
# the Mozilla Corporation.
# Portions created by the Initial Developer are Copyright (C) 2006
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
# Chris Cooper <ccooper@deadsquid.com>
# Zach Lipton <zach@zachlipton.com>
#
# ***** END LICENSE BLOCK *****
use strict;
use Litmus;
use Litmus::Error;
use Litmus::DB::Product;
use Litmus::Auth;
use Litmus::Utils;
use CGI;
use Time::Piece::MySQL;
Litmus->init();
my $c = Litmus->cgi();
Litmus::Auth::requireLogin("edit_users.cgi");
# Only trusted users can edit other users.
my $cookie = Litmus::Auth::getCookie();
if (Litmus::Auth::istrusted($cookie)) {
if ($c->param('search_string')) {
# search for users:
my @users = Litmus::DB::User->search_FullTextMatches(
$c->param('search_string'),
$c->param('search_string'),
$c->param('search_string'));
my $vars = {
users => \@users,
search_string => $c->param('search_string'),
};
print $c->header();
Litmus->template()->process("admin/edit_users/search_results.html.tmpl", $vars) ||
internalError(Litmus->template()->error());
} elsif ($c->param('id')) {
# lookup a given user
my $uid = $c->param('id');
my $user = Litmus::DB::User->retrieve($uid);
print $c->header();
if (! $user) {
invalidInputError("Invalid user ID: $uid");
}
my $vars = {
user => $user,
};
Litmus->template()->process("admin/edit_users/edit_user.html.tmpl", $vars) ||
internalError(Litmus->template()->error());
} elsif ($c->param('user_id')) {
# process changes to a user:
my $user = Litmus::DB::User->retrieve($c->param('user_id'));
print $c->header();
if (! $user) {
invalidInputError("Invalid user ID: " . $c->param('user_id'));
}
$user->bugzilla_uid($c->param('bugzilla_uid'));
$user->email($c->param('edit_email'));
if ($c->param('edit_password') ne '' and
$c->param('edit_password') eq $c->param('edit_confirm_password')) {
# they changed the password, so let the auth folks know:
Litmus::Auth::changePassword($user, $c->param('edit_password'));
}
$user->realname($c->param('realname'));
$user->irc_nickname($c->param('irc_nickname'));
if ($c->param('enabled')) {
$user->enabled(1);
}
if ($c->param('is_admin')) {
$user->is_admin(1);
}
$user->authtoken($c->param('authtoken'));
$user->update();
my $vars = {
user => $user,
onload => "toggleMessage('success','User information updated successfully.');"
};
Litmus->template()->process("admin/edit_users/search_users.html.tmpl", $vars) ||
internalError(Litmus->template()->error());
} else {
# we're here for the first time, so display the search form
my $vars = {
};
print $c->header();
Litmus->template()->process("admin/edit_users/search_users.html.tmpl", $vars) ||
internalError(Litmus->template()->error());
}
} else {
my $uid = $cookie->user_id;
# Process user-submited changes.
if ($c->param('user_id')) {
# Check for the user_id param, but don't trust its contents.
my $user = Litmus::DB::User->retrieve($uid);
print $c->header();
if (! $user) {
invalidInputError("Invalid user ID: $uid");
}
if (!Litmus::Auth::checkPassword($user,$c->param('current_password'))) {
invalidInputError("The current password you supplied was invalid.");
}
$user->email($c->param('edit_email'));
$user->realname($c->param('realname'));
$user->irc_nickname($c->param('irc_nickname'));
$user->update();
my $template_file = "admin/edit_users/edit_user.html.tmpl";
if ($c->param('edit_password') ne '' and
$c->param('edit_password') eq $c->param('edit_confirm_password')) {
# they changed the password, so let the auth folks know:
Litmus::Auth::changePassword($user, $c->param('edit_password'));
$template_file = "auth/login.html.tmpl";
}
my $vars = {
user => $user,
onload => "toggleMessage('success','User information updated successfully.');"
};
Litmus->template()->process($template_file, $vars) ||
internalError(Litmus->template()->error());
} else {
# Lookup details for non-admin user.
my $user = Litmus::DB::User->retrieve($uid);
print $c->header();
if (! $user) {
invalidInputError("Invalid user ID: $uid");
}
my $vars = {
user => $user,
};
Litmus->template()->process("admin/edit_users/edit_user.html.tmpl", $vars) ||
internalError(Litmus->template()->error());
}
}