xref: /webtrees/app/Http/RequestHandlers/UserEditAction.php (revision 1270d2767576ed4a83917769b0ee3613e3b010bf) 
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2023 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Http\RequestHandlers;
21
22use Fisharebest\Webtrees\Auth;
23use Fisharebest\Webtrees\Contracts\UserInterface;
24use Fisharebest\Webtrees\FlashMessages;
25use Fisharebest\Webtrees\Http\Exceptions\HttpNotFoundException;
26use Fisharebest\Webtrees\I18N;
27use Fisharebest\Webtrees\Services\EmailService;
28use Fisharebest\Webtrees\Services\TreeService;
29use Fisharebest\Webtrees\Services\UserService;
30use Fisharebest\Webtrees\SiteUser;
31use Fisharebest\Webtrees\User;
32use Fisharebest\Webtrees\Validator;
33use Psr\Http\Message\ResponseInterface;
34use Psr\Http\Message\ServerRequestInterface;
35use Psr\Http\Server\RequestHandlerInterface;
36
37use function route;
38
39/**
40 * Edit a user.
41 */
42class UserEditAction implements RequestHandlerInterface
43{
44    private EmailService $email_service;
45
46    private UserService $user_service;
47
48    private TreeService $tree_service;
49
50    /**
51     * @param EmailService $email_service
52     * @param TreeService  $tree_service
53     * @param UserService  $user_service
54     */
55    public function __construct(
56        EmailService $email_service,
57        TreeService $tree_service,
58        UserService $user_service
59    ) {
60        $this->email_service = $email_service;
61        $this->tree_service  = $tree_service;
62        $this->user_service  = $user_service;
63    }
64
65    /**
66     * @param ServerRequestInterface $request
67     *
68     * @return ResponseInterface
69     */
70    public function handle(ServerRequestInterface $request): ResponseInterface
71    {
72        $user           = Validator::attributes($request)->user();
73        $user_id        = Validator::parsedBody($request)->integer('user_id');
74        $username       = Validator::parsedBody($request)->string('username');
75        $real_name      = Validator::parsedBody($request)->string('real_name');
76        $email          = Validator::parsedBody($request)->string('email');
77        $password       = Validator::parsedBody($request)->string('password');
78        $theme          = Validator::parsedBody($request)->string('theme');
79        $language       = Validator::parsedBody($request)->string('language');
80        $timezone       = Validator::parsedBody($request)->string('timezone');
81        $contact_method = Validator::parsedBody($request)->string('contact-method');
82        $comment        = Validator::parsedBody($request)->string('comment');
83        $auto_accept    = Validator::parsedBody($request)->boolean('auto_accept', false);
84        $canadmin       = Validator::parsedBody($request)->boolean('canadmin', false);
85        $visible_online = Validator::parsedBody($request)->boolean('visible-online', false);
86        $verified       = Validator::parsedBody($request)->boolean('verified', false);
87        $approved       = Validator::parsedBody($request)->boolean('approved', false);
88
89        $edit_user = $this->user_service->find($user_id);
90
91        if ($edit_user === null) {
92            throw new HttpNotFoundException(I18N::translate('%s does not exist.', 'user_id:' . $user_id));
93        }
94
95        // We have just approved a user.  Tell them
96        if ($approved && $edit_user->getPreference(UserInterface::PREF_IS_ACCOUNT_APPROVED) !== '1') {
97            I18N::init($edit_user->getPreference(UserInterface::PREF_LANGUAGE));
98
99            $base_url = Validator::attributes($request)->string('base_url');
100
101            $this->email_service->send(
102                new SiteUser(),
103                $edit_user,
104                Auth::user(),
105                /* I18N: %s is a server name/URL */
106                I18N::translate('New user at %s', $base_url),
107                view('emails/approve-user-text', ['user' => $edit_user, 'base_url' => $base_url]),
108                view('emails/approve-user-html', ['user' => $edit_user, 'base_url' => $base_url])
109            );
110        }
111
112        $edit_user->setRealName($real_name);
113        $edit_user->setPreference(UserInterface::PREF_THEME, $theme);
114        $edit_user->setPreference(UserInterface::PREF_LANGUAGE, $language);
115        $edit_user->setPreference(UserInterface::PREF_TIME_ZONE, $timezone);
116        $edit_user->setPreference(UserInterface::PREF_CONTACT_METHOD, $contact_method);
117        $edit_user->setPreference(UserInterface::PREF_NEW_ACCOUNT_COMMENT, $comment);
118        $edit_user->setPreference(UserInterface::PREF_AUTO_ACCEPT_EDITS, (string) $auto_accept);
119        $edit_user->setPreference(UserInterface::PREF_IS_VISIBLE_ONLINE, (string) $visible_online);
120        $edit_user->setPreference(UserInterface::PREF_IS_EMAIL_VERIFIED, (string) $verified);
121        $edit_user->setPreference(UserInterface::PREF_IS_ACCOUNT_APPROVED, (string) $approved);
122
123        if ($password !== '') {
124            $edit_user->setPassword($password);
125        }
126
127        // We cannot change our own admin status. Another admin will need to do it.
128        if ($edit_user->id() !== $user->id()) {
129            $edit_user->setPreference(UserInterface::PREF_IS_ADMINISTRATOR, $canadmin ? '1' : '');
130        }
131
132        foreach ($this->tree_service->all() as $tree) {
133            $path_length = Validator::parsedBody($request)->integer('RELATIONSHIP_PATH_LENGTH' . $tree->id(), 0);
134            $gedcom_id   = Validator::parsedBody($request)->string('gedcomid' . $tree->id(), '');
135            $can_edit    = Validator::parsedBody($request)->string('canedit' . $tree->id(), '');
136
137            // Do not allow a path length to be set if the individual ID is not
138            if ($gedcom_id === '') {
139                $path_length = 0;
140            }
141
142            $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_ACCOUNT_XREF, $gedcom_id);
143            $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_ROLE, $can_edit);
144            $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_PATH_LENGTH, (string) $path_length);
145        }
146
147        if ($edit_user->email() !== $email && $this->user_service->findByEmail($email) instanceof User) {
148            FlashMessages::addMessage(I18N::translate('Duplicate email address. A user with that email already exists.') . $email, 'danger');
149
150            return redirect(route('admin-users-edit', ['user_id' => $edit_user->id()]));
151        }
152
153        if ($edit_user->userName() !== $username && $this->user_service->findByUserName($username) instanceof User) {
154            FlashMessages::addMessage(I18N::translate('Duplicate username. A user with that username already exists. Please choose another username.'), 'danger');
155
156            return redirect(route(UserEditPage::class, ['user_id' => $edit_user->id()]));
157        }
158
159        $edit_user
160            ->setEmail($email)
161            ->setUserName($username);
162
163        return redirect(route(UserListPage::class));
164    }
165}
166