adminpanelaction.php 6.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Superclass for admin panel actions
  6. *
  7. * PHP version 5
  8. *
  9. * LICENCE: This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. *
  22. * @category UI
  23. * @package StatusNet
  24. * @author Evan Prodromou <evan@status.net>
  25. * @copyright 2009 StatusNet, Inc.
  26. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  27. * @link http://status.net/
  28. */
  29. if (!defined('STATUSNET')) {
  30. exit(1);
  31. }
  32. /**
  33. * superclass for admin panel actions
  34. *
  35. * Common code for all admin panel actions.
  36. *
  37. * @category UI
  38. * @package StatusNet
  39. * @author Evan Prodromou <evan@status.net>
  40. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  41. * @link http://status.net/
  42. *
  43. * @todo Find some commonalities with SettingsAction and combine
  44. */
  45. class AdminPanelAction extends Action
  46. {
  47. var $success = true;
  48. var $msg = null;
  49. /**
  50. * Prepare for the action
  51. *
  52. * We check to see that the user is logged in, has
  53. * authenticated in this session, and has the right
  54. * to configure the site.
  55. *
  56. * @param array $args Array of arguments from Web driver
  57. *
  58. * @return boolean success flag
  59. */
  60. function prepare(array $args = array())
  61. {
  62. parent::prepare($args);
  63. // User must be logged in.
  64. if (!common_logged_in()) {
  65. // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
  66. $this->clientError(_('Not logged in.'));
  67. }
  68. $user = common_current_user();
  69. // ...because they're logged in
  70. assert(!empty($user));
  71. // It must be a "real" login, not saved cookie login
  72. if (!common_is_real_login()) {
  73. // Cookie theft is too easy; we require automatic
  74. // logins to re-authenticate before admining the site
  75. common_set_returnto($this->selfUrl());
  76. if (Event::handle('RedirectToLogin', array($this, $user))) {
  77. common_redirect(common_local_url('login'), 303);
  78. }
  79. }
  80. // User must have the right to change admin settings
  81. if (!$user->hasRight(Right::CONFIGURESITE)) {
  82. // TRANS: Client error message thrown when a user tries to change admin settings but has no access rights.
  83. $this->clientError(_('You cannot make changes to this site.'));
  84. }
  85. // This panel must be enabled
  86. $name = $this->trimmed('action');
  87. $name = mb_substr($name, 0, -10);
  88. if (!self::canAdmin($name)) {
  89. // TRANS: Client error message throw when a certain panel's settings cannot be changed.
  90. $this->clientError(_('Changes to that panel are not allowed.'), 403);
  91. }
  92. return true;
  93. }
  94. /**
  95. * handle the action
  96. *
  97. * Check session token and try to save the settings if this is a
  98. * POST. Otherwise, show the form.
  99. *
  100. * @param array $args unused.
  101. *
  102. * @return void
  103. */
  104. function handle()
  105. {
  106. if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  107. $this->checkSessionToken();
  108. try {
  109. $this->saveSettings();
  110. // Reload settings
  111. Config::loadSettings();
  112. $this->success = true;
  113. // TRANS: Message after successful saving of administrative settings.
  114. $this->msg = _('Settings saved.');
  115. } catch (Exception $e) {
  116. $this->success = false;
  117. $this->msg = $e->getMessage();
  118. }
  119. }
  120. $this->showPage();
  121. }
  122. /**
  123. * Show tabset for this page
  124. *
  125. * Uses the AdminPanelNav widget
  126. *
  127. * @return void
  128. * @see AdminPanelNav
  129. */
  130. function showLocalNav()
  131. {
  132. $nav = new AdminPanelNav($this);
  133. $nav->show();
  134. }
  135. /**
  136. * Show the content section of the page
  137. *
  138. * Here, we show the admin panel's form.
  139. *
  140. * @return void.
  141. */
  142. function showContent()
  143. {
  144. $this->showForm();
  145. }
  146. /**
  147. * Show content block. Overrided just to add a special class
  148. * to the content div to allow styling.
  149. *
  150. * @return nothing
  151. */
  152. function showContentBlock()
  153. {
  154. $this->elementStart('div', array('id' => 'content', 'class' => 'admin'));
  155. $this->showPageTitle();
  156. $this->showPageNoticeBlock();
  157. $this->elementStart('div', array('id' => 'content_inner'));
  158. // show the actual content (forms, lists, whatever)
  159. $this->showContent();
  160. $this->elementEnd('div');
  161. $this->elementEnd('div');
  162. }
  163. /**
  164. * show human-readable instructions for the page, or
  165. * a success/failure on save.
  166. *
  167. * @return void
  168. */
  169. function showPageNotice()
  170. {
  171. if ($this->msg) {
  172. $this->element('div', ($this->success) ? 'success' : 'error',
  173. $this->msg);
  174. } else {
  175. $inst = $this->getInstructions();
  176. $output = common_markup_to_html($inst);
  177. $this->elementStart('div', 'instructions');
  178. $this->raw($output);
  179. $this->elementEnd('div');
  180. }
  181. }
  182. /**
  183. * Show the admin panel form
  184. *
  185. * Sub-classes should overload this.
  186. *
  187. * @return void
  188. */
  189. function showForm()
  190. {
  191. // TRANS: Client error message.
  192. $this->clientError(_('showForm() not implemented.'));
  193. }
  194. /**
  195. * Instructions for using this form.
  196. *
  197. * String with instructions for using the form.
  198. *
  199. * Subclasses should overload this.
  200. *
  201. * @return void
  202. */
  203. function getInstructions()
  204. {
  205. return '';
  206. }
  207. /**
  208. * Save settings from the form
  209. *
  210. * Validate and save the settings from the user.
  211. *
  212. * @return void
  213. */
  214. function saveSettings()
  215. {
  216. // TRANS: Client error message
  217. $this->clientError(_('saveSettings() not implemented.'));
  218. }
  219. static function canAdmin($name)
  220. {
  221. $isOK = false;
  222. if (Event::handle('AdminPanelCheck', array($name, &$isOK))) {
  223. $isOK = in_array($name, common_config('admin', 'panels'));
  224. }
  225. return $isOK;
  226. }
  227. function showProfileBlock()
  228. {
  229. }
  230. }