14c3563c0SGreg Roach<?php 24c3563c0SGreg Roach 34c3563c0SGreg Roach/** 44c3563c0SGreg Roach * webtrees: online genealogy 5*d11be702SGreg Roach * Copyright (C) 2023 webtrees development team 64c3563c0SGreg Roach * This program is free software: you can redistribute it and/or modify 74c3563c0SGreg Roach * it under the terms of the GNU General Public License as published by 84c3563c0SGreg Roach * the Free Software Foundation, either version 3 of the License, or 94c3563c0SGreg Roach * (at your option) any later version. 104c3563c0SGreg Roach * This program is distributed in the hope that it will be useful, 114c3563c0SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of 124c3563c0SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 134c3563c0SGreg Roach * GNU General Public License for more details. 144c3563c0SGreg Roach * You should have received a copy of the GNU General Public License 1589f7189bSGreg Roach * along with this program. If not, see <https://www.gnu.org/licenses/>. 164c3563c0SGreg Roach */ 174c3563c0SGreg Roach 184c3563c0SGreg Roachdeclare(strict_types=1); 194c3563c0SGreg Roach 204c3563c0SGreg Roachnamespace Fisharebest\Webtrees\Http\RequestHandlers; 214c3563c0SGreg Roach 224c3563c0SGreg Roachuse Fisharebest\Webtrees\Auth; 234c3563c0SGreg Roachuse Fisharebest\Webtrees\Contracts\UserInterface; 244c3563c0SGreg Roachuse Fisharebest\Webtrees\FlashMessages; 2581b729d3SGreg Roachuse Fisharebest\Webtrees\Http\Exceptions\HttpNotFoundException; 264c3563c0SGreg Roachuse Fisharebest\Webtrees\I18N; 274c3563c0SGreg Roachuse Fisharebest\Webtrees\Services\EmailService; 284c3563c0SGreg Roachuse Fisharebest\Webtrees\Services\TreeService; 294c3563c0SGreg Roachuse Fisharebest\Webtrees\Services\UserService; 304c3563c0SGreg Roachuse Fisharebest\Webtrees\SiteUser; 314c3563c0SGreg Roachuse Fisharebest\Webtrees\User; 32b55cbc6bSGreg Roachuse Fisharebest\Webtrees\Validator; 334c3563c0SGreg Roachuse Psr\Http\Message\ResponseInterface; 344c3563c0SGreg Roachuse Psr\Http\Message\ServerRequestInterface; 354c3563c0SGreg Roachuse Psr\Http\Server\RequestHandlerInterface; 364c3563c0SGreg Roach 374c3563c0SGreg Roachuse function route; 384c3563c0SGreg Roach 394c3563c0SGreg Roach/** 404c3563c0SGreg Roach * Edit a user. 414c3563c0SGreg Roach */ 424c3563c0SGreg Roachclass UserEditAction implements RequestHandlerInterface 434c3563c0SGreg Roach{ 44c4943cffSGreg Roach private EmailService $email_service; 454c3563c0SGreg Roach 46c4943cffSGreg Roach private UserService $user_service; 474c3563c0SGreg Roach 48c4943cffSGreg Roach private TreeService $tree_service; 494c3563c0SGreg Roach 504c3563c0SGreg Roach /** 514c3563c0SGreg Roach * @param EmailService $email_service 524c3563c0SGreg Roach * @param TreeService $tree_service 534c3563c0SGreg Roach * @param UserService $user_service 544c3563c0SGreg Roach */ 554c3563c0SGreg Roach public function __construct( 564c3563c0SGreg Roach EmailService $email_service, 574c3563c0SGreg Roach TreeService $tree_service, 584c3563c0SGreg Roach UserService $user_service 594c3563c0SGreg Roach ) { 604c3563c0SGreg Roach $this->email_service = $email_service; 614c3563c0SGreg Roach $this->tree_service = $tree_service; 624c3563c0SGreg Roach $this->user_service = $user_service; 634c3563c0SGreg Roach } 644c3563c0SGreg Roach 654c3563c0SGreg Roach /** 664c3563c0SGreg Roach * @param ServerRequestInterface $request 674c3563c0SGreg Roach * 684c3563c0SGreg Roach * @return ResponseInterface 694c3563c0SGreg Roach */ 704c3563c0SGreg Roach public function handle(ServerRequestInterface $request): ResponseInterface 714c3563c0SGreg Roach { 72b55cbc6bSGreg Roach $user = Validator::attributes($request)->user(); 73748dbe15SGreg Roach $user_id = Validator::parsedBody($request)->integer('user_id'); 74748dbe15SGreg Roach $username = Validator::parsedBody($request)->string('username'); 75748dbe15SGreg Roach $real_name = Validator::parsedBody($request)->string('real_name'); 76748dbe15SGreg Roach $email = Validator::parsedBody($request)->string('email'); 77748dbe15SGreg Roach $password = Validator::parsedBody($request)->string('password'); 78748dbe15SGreg Roach $theme = Validator::parsedBody($request)->string('theme'); 79748dbe15SGreg Roach $language = Validator::parsedBody($request)->string('language'); 80748dbe15SGreg Roach $timezone = Validator::parsedBody($request)->string('timezone'); 81748dbe15SGreg Roach $contact_method = Validator::parsedBody($request)->string('contact-method'); 82748dbe15SGreg Roach $comment = Validator::parsedBody($request)->string('comment'); 83748dbe15SGreg Roach $auto_accept = Validator::parsedBody($request)->boolean('auto_accept', false); 84748dbe15SGreg Roach $canadmin = Validator::parsedBody($request)->boolean('canadmin', false); 85748dbe15SGreg Roach $visible_online = Validator::parsedBody($request)->boolean('visible-online', false); 86748dbe15SGreg Roach $verified = Validator::parsedBody($request)->boolean('verified', false); 87748dbe15SGreg Roach $approved = Validator::parsedBody($request)->boolean('approved', false); 884c3563c0SGreg Roach 894c3563c0SGreg Roach $edit_user = $this->user_service->find($user_id); 904c3563c0SGreg Roach 914c3563c0SGreg Roach if ($edit_user === null) { 924566681eSGreg Roach throw new HttpNotFoundException(I18N::translate('%s does not exist.', 'user_id:' . $user_id)); 934c3563c0SGreg Roach } 944c3563c0SGreg Roach 954c3563c0SGreg Roach // We have just approved a user. Tell them 964c3563c0SGreg Roach if ($approved && $edit_user->getPreference(UserInterface::PREF_IS_ACCOUNT_APPROVED) !== '1') { 974c3563c0SGreg Roach I18N::init($edit_user->getPreference(UserInterface::PREF_LANGUAGE)); 984c3563c0SGreg Roach 99b55cbc6bSGreg Roach $base_url = Validator::attributes($request)->string('base_url'); 1004c3563c0SGreg Roach 1014c3563c0SGreg Roach $this->email_service->send( 1024c3563c0SGreg Roach new SiteUser(), 1034c3563c0SGreg Roach $edit_user, 1044c3563c0SGreg Roach Auth::user(), 1054c3563c0SGreg Roach /* I18N: %s is a server name/URL */ 1064c3563c0SGreg Roach I18N::translate('New user at %s', $base_url), 1074c3563c0SGreg Roach view('emails/approve-user-text', ['user' => $edit_user, 'base_url' => $base_url]), 1084c3563c0SGreg Roach view('emails/approve-user-html', ['user' => $edit_user, 'base_url' => $base_url]) 1094c3563c0SGreg Roach ); 1104c3563c0SGreg Roach } 1114c3563c0SGreg Roach 1124c3563c0SGreg Roach $edit_user->setRealName($real_name); 1134c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_THEME, $theme); 1144c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_LANGUAGE, $language); 1154c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_TIME_ZONE, $timezone); 1164c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_CONTACT_METHOD, $contact_method); 1174c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_NEW_ACCOUNT_COMMENT, $comment); 1184c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_AUTO_ACCEPT_EDITS, (string) $auto_accept); 1194c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_IS_VISIBLE_ONLINE, (string) $visible_online); 1204c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_IS_EMAIL_VERIFIED, (string) $verified); 1214c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_IS_ACCOUNT_APPROVED, (string) $approved); 1224c3563c0SGreg Roach 1234c3563c0SGreg Roach if ($password !== '') { 1244c3563c0SGreg Roach $edit_user->setPassword($password); 1254c3563c0SGreg Roach } 1264c3563c0SGreg Roach 1274c3563c0SGreg Roach // We cannot change our own admin status. Another admin will need to do it. 1284c3563c0SGreg Roach if ($edit_user->id() !== $user->id()) { 1294c3563c0SGreg Roach $edit_user->setPreference(UserInterface::PREF_IS_ADMINISTRATOR, $canadmin ? '1' : ''); 1304c3563c0SGreg Roach } 1314c3563c0SGreg Roach 1324c3563c0SGreg Roach foreach ($this->tree_service->all() as $tree) { 133748dbe15SGreg Roach $path_length = Validator::parsedBody($request)->integer('RELATIONSHIP_PATH_LENGTH' . $tree->id(), 0); 134748dbe15SGreg Roach $gedcom_id = Validator::parsedBody($request)->string('gedcomid' . $tree->id(), ''); 135748dbe15SGreg Roach $can_edit = Validator::parsedBody($request)->string('canedit' . $tree->id(), ''); 1364c3563c0SGreg Roach 1374c3563c0SGreg Roach // Do not allow a path length to be set if the individual ID is not 1384c3563c0SGreg Roach if ($gedcom_id === '') { 1394c3563c0SGreg Roach $path_length = 0; 1404c3563c0SGreg Roach } 1414c3563c0SGreg Roach 1424c3563c0SGreg Roach $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_ACCOUNT_XREF, $gedcom_id); 1434c3563c0SGreg Roach $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_ROLE, $can_edit); 1444c3563c0SGreg Roach $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_PATH_LENGTH, (string) $path_length); 1454c3563c0SGreg Roach } 1464c3563c0SGreg Roach 1474c3563c0SGreg Roach if ($edit_user->email() !== $email && $this->user_service->findByEmail($email) instanceof User) { 1484c3563c0SGreg Roach FlashMessages::addMessage(I18N::translate('Duplicate email address. A user with that email already exists.') . $email, 'danger'); 1494c3563c0SGreg Roach 1504c3563c0SGreg Roach return redirect(route('admin-users-edit', ['user_id' => $edit_user->id()])); 1514c3563c0SGreg Roach } 1524c3563c0SGreg Roach 1534c3563c0SGreg Roach if ($edit_user->userName() !== $username && $this->user_service->findByUserName($username) instanceof User) { 1544c3563c0SGreg Roach FlashMessages::addMessage(I18N::translate('Duplicate username. A user with that username already exists. Please choose another username.'), 'danger'); 1554c3563c0SGreg Roach 1564c3563c0SGreg Roach return redirect(route(UserEditPage::class, ['user_id' => $edit_user->id()])); 1574c3563c0SGreg Roach } 1584c3563c0SGreg Roach 1594c3563c0SGreg Roach $edit_user 1604c3563c0SGreg Roach ->setEmail($email) 1614c3563c0SGreg Roach ->setUserName($username); 1624c3563c0SGreg Roach 1634c3563c0SGreg Roach return redirect(route(UserListPage::class)); 1644c3563c0SGreg Roach } 1654c3563c0SGreg Roach} 166