xref: /webtrees/app/Http/RequestHandlers/UserEditAction.php (revision b6017f990d38d8c56e04c0096ce9a7e8745ad4ba)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2021 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Http\RequestHandlers;
21
22use Fisharebest\Webtrees\Auth;
23use Fisharebest\Webtrees\Contracts\UserInterface;
24use Fisharebest\Webtrees\Exceptions\HttpNotFoundException;
25use Fisharebest\Webtrees\FlashMessages;
26use Fisharebest\Webtrees\I18N;
27use Fisharebest\Webtrees\Services\EmailService;
28use Fisharebest\Webtrees\Services\TreeService;
29use Fisharebest\Webtrees\Services\UserService;
30use Fisharebest\Webtrees\SiteUser;
31use Fisharebest\Webtrees\User;
32use Psr\Http\Message\ResponseInterface;
33use Psr\Http\Message\ServerRequestInterface;
34use Psr\Http\Server\RequestHandlerInterface;
35
36use function route;
37
38/**
39 * Edit a user.
40 */
41class UserEditAction implements RequestHandlerInterface
42{
43    /** @var EmailService */
44    private $email_service;
45
46    /** @var UserService */
47    private $user_service;
48
49    /** @var TreeService */
50    private $tree_service;
51
52    /**
53     * UserEditAction constructor.
54     *
55     * @param EmailService $email_service
56     * @param TreeService  $tree_service
57     * @param UserService  $user_service
58     */
59    public function __construct(
60        EmailService $email_service,
61        TreeService $tree_service,
62        UserService $user_service
63    ) {
64        $this->email_service = $email_service;
65        $this->tree_service  = $tree_service;
66        $this->user_service  = $user_service;
67    }
68
69    /**
70     * @param ServerRequestInterface $request
71     *
72     * @return ResponseInterface
73     */
74    public function handle(ServerRequestInterface $request): ResponseInterface
75    {
76        $user = $request->getAttribute('user');
77
78        $params = (array) $request->getParsedBody();
79
80        $user_id        = (int) $params['user_id'];
81        $username       = $params['username'] ?? '';
82        $real_name      = $params['real_name'] ?? '';
83        $email          = $params['email'] ?? '';
84        $password       = $params['password'] ?? '';
85        $theme          = $params['theme'] ?? '';
86        $language       = $params['language'] ?? '';
87        $timezone       = $params['timezone'] ?? '';
88        $contact_method = $params['contact-method'] ?? '';
89        $comment        = $params['comment'] ?? '';
90        $auto_accept    = (bool) ($params[UserInterface::PREF_AUTO_ACCEPT_EDITS] ?? '');
91        $canadmin       = (bool) ($params[UserInterface::PREF_IS_ADMINISTRATOR] ?? '');
92        $visible_online = (bool) ($params['visible-online'] ?? '');
93        $verified       = (bool) ($params[UserInterface::PREF_IS_EMAIL_VERIFIED] ?? '');
94        $approved       = (bool) ($params['approved'] ?? '');
95
96        $edit_user = $this->user_service->find($user_id);
97
98        if ($edit_user === null) {
99            throw new HttpNotFoundException(I18N::translate('%1$s does not exist', 'user_id:' . $user_id));
100        }
101
102        // We have just approved a user.  Tell them
103        if ($approved && $edit_user->getPreference(UserInterface::PREF_IS_ACCOUNT_APPROVED) !== '1') {
104            I18N::init($edit_user->getPreference(UserInterface::PREF_LANGUAGE));
105
106            $base_url = $request->getAttribute('base_url');
107
108            $this->email_service->send(
109                new SiteUser(),
110                $edit_user,
111                Auth::user(),
112                /* I18N: %s is a server name/URL */
113                I18N::translate('New user at %s', $base_url),
114                view('emails/approve-user-text', ['user' => $edit_user, 'base_url' => $base_url]),
115                view('emails/approve-user-html', ['user' => $edit_user, 'base_url' => $base_url])
116            );
117        }
118
119        $edit_user->setRealName($real_name);
120        $edit_user->setPreference(UserInterface::PREF_THEME, $theme);
121        $edit_user->setPreference(UserInterface::PREF_LANGUAGE, $language);
122        $edit_user->setPreference(UserInterface::PREF_TIME_ZONE, $timezone);
123        $edit_user->setPreference(UserInterface::PREF_CONTACT_METHOD, $contact_method);
124        $edit_user->setPreference(UserInterface::PREF_NEW_ACCOUNT_COMMENT, $comment);
125        $edit_user->setPreference(UserInterface::PREF_AUTO_ACCEPT_EDITS, (string) $auto_accept);
126        $edit_user->setPreference(UserInterface::PREF_IS_VISIBLE_ONLINE, (string) $visible_online);
127        $edit_user->setPreference(UserInterface::PREF_IS_EMAIL_VERIFIED, (string) $verified);
128        $edit_user->setPreference(UserInterface::PREF_IS_ACCOUNT_APPROVED, (string) $approved);
129
130        if ($password !== '') {
131            $edit_user->setPassword($password);
132        }
133
134        // We cannot change our own admin status. Another admin will need to do it.
135        if ($edit_user->id() !== $user->id()) {
136            $edit_user->setPreference(UserInterface::PREF_IS_ADMINISTRATOR, $canadmin ? '1' : '');
137        }
138
139        foreach ($this->tree_service->all() as $tree) {
140            $path_length = (int) $params['RELATIONSHIP_PATH_LENGTH' . $tree->id()];
141            $gedcom_id   = $params['gedcomid' . $tree->id()] ?? '';
142            $can_edit    = $params['canedit' . $tree->id()] ?? '';
143
144            // Do not allow a path length to be set if the individual ID is not
145            if ($gedcom_id === '') {
146                $path_length = 0;
147            }
148
149            $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_ACCOUNT_XREF, $gedcom_id);
150            $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_ROLE, $can_edit);
151            $tree->setUserPreference($edit_user, UserInterface::PREF_TREE_PATH_LENGTH, (string) $path_length);
152        }
153
154        if ($edit_user->email() !== $email && $this->user_service->findByEmail($email) instanceof User) {
155            FlashMessages::addMessage(I18N::translate('Duplicate email address. A user with that email already exists.') . $email, 'danger');
156
157            return redirect(route('admin-users-edit', ['user_id' => $edit_user->id()]));
158        }
159
160        if ($edit_user->userName() !== $username && $this->user_service->findByUserName($username) instanceof User) {
161            FlashMessages::addMessage(I18N::translate('Duplicate username. A user with that username already exists. Please choose another username.'), 'danger');
162
163            return redirect(route(UserEditPage::class, ['user_id' => $edit_user->id()]));
164        }
165
166        $edit_user
167            ->setEmail($email)
168            ->setUserName($username);
169
170        return redirect(route(UserListPage::class));
171    }
172}
173