Store the subscription requests (Closes #823)

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>

diff --git a/modules/xnetgrp.php b/modules/xnetgrp.php
index 550e0a1..a9a9815 100644 (file)
--- a/modules/xnetgrp.php
+++ b/modules/xnetgrp.php
@@ -86,6 +86,7 @@ class XnetGrpModule extends PLModule
             '%grp/trombi'         => $this->make_hook('trombi',    AUTH_MDP, 'groupannu'),
             '%grp/geoloc'         => $this->make_hook('geoloc',    AUTH_MDP, 'groupannu'),
             '%grp/subscribe'      => $this->make_hook('subscribe', AUTH_MDP),
+            '%grp/subscribe/valid' => $this->make_hook('subscribe_valid', AUTH_MDP, 'groupadmin'),
             '%grp/unsubscribe'    => $this->make_hook('unsubscribe', AUTH_MDP, 'groupmember'),
 
             '%grp/change_rights'  => $this->make_hook('change_rights', AUTH_MDP),
@@ -165,6 +166,13 @@ class XnetGrpModule extends PLModule
                                           AND FIND_IN_SET('public', u.flags)",
                                   $globals->asso('id'));
         }
+        if (may_update()) {
+            $subs_valid = XDB::query("SELECT  uid
+                                        FROM  groupex.membres_sub_requests
+                                       WHERE  asso_id = {?}",
+                                     $globals->asso('id'));
+            $page->assign('requests', $subs_valid->numRows());
+        }
 
         if (!S::has('core_rss_hash')) {
             $page->setRssLink("Polytechnique.net :: {$globals->asso("nom")} :: News publiques",
@@ -502,6 +510,38 @@ class XnetGrpModule extends PLModule
         $page->assign('ann', $ann);
     }
 
+    private function removeSubscriptionRequest($uid)
+    {
+        global $globals;
+        XDB::execute("DELETE FROM groupex.membres_sub_requests
+                            WHERE asso_id = {?} AND uid = {?}",
+                     $globals->asso('id'), $uid);
+    }
+
+    private function validSubscription($nom, $prenom, $sexe, $uid, $forlife)
+    {
+        global $globals;
+        $this->removeSubscriptionRequest($uid);
+        XDB::execute("INSERT INTO  groupex.membres (asso_id, uid)
+                           VALUES  ({?}, {?})",
+                     $globals->asso('id'), $uid);
+        $mailer = new PlMailer();
+        $mailer->addTo("$forlife@polytechnique.org");
+        $mailer->setFrom('"' . S::v('prenom') . ' ' . S::v('nom')
+                         . '" <' . S::v('forlife') . '@polytechnique.org>');
+        $mailer->setSubject('[' . $globals->asso('nom') . '] Demande d\'inscription');
+        $message = ($sexe ? 'Chère' : 'Cher') . " Camarade,\n"
+                 . "\n"
+                 . "  Suite à ta demande d'adhésion à " . $globals->asso('nom') . ",\n"
+                 . "j'ai le plaisir de t'annoncer que ton inscription a été validée !\n"
+                 . "\n"
+                 . "Bien cordialement,\n"
+                 . "-- \n"
+                 . S::s('prenom') . ' ' . S::s('nom') . '.';
+        $mailer->setTxtBody($message);
+        $mailer->send();
+    }
+
     function handler_subscribe(&$page, $u = null)
     {
         global $globals;
@@ -514,12 +554,13 @@ class XnetGrpModule extends PLModule
 
         if (!is_null($u) && may_update()) {
             $page->assign('u', $u);
-            $res = XDB::query("SELECT  u.nom, u.prenom, u.promo, u.user_id, FIND_IN_SET('femme', u.flags)
+            $res = XDB::query("SELECT  u.nom, u.prenom, u.promo, u.user_id, FIND_IN_SET('femme', u.flags), s.reason
                                  FROM  auth_user_md5 AS u
                            INNER JOIN  aliases AS al ON (al.id = u.user_id AND al.type != 'liste')
-                                WHERE  al.alias = {?}", $u);
+                            LEFT JOIN  groupex.membres_sub_requests AS s ON (u.user_id = s.uid AND s.asso_id = {?})
+                                WHERE  al.alias = {?}", $globals->asso('id'), $u);
 
-            if (list($nom, $prenom, $promo, $uid, $sexe) = $res->fetchOneRow()) {
+            if (list($nom, $prenom, $promo, $uid, $sexe, $reason) = $res->fetchOneRow()) {
                 $res = XDB::query("SELECT  COUNT(*)
                                      FROM  groupex.membres AS m
                                INNER JOIN  aliases  AS a ON (m.uid = a.id AND a.type != 'homonyme')
@@ -527,33 +568,18 @@ class XnetGrpModule extends PLModule
                                   $u, $globals->asso('id'));
                 $n   = $res->fetchOneCell();
                 if ($n) {
+                    $this->removeSubscriptionRequest($uid);
                     $page->kill("$prenom $nom est déjà membre du groupe !");
                     return;
                 }
                 elseif (Env::has('accept'))
                 {
-                    XDB::execute("INSERT INTO  groupex.membres (asso_id, uid)
-                                       VALUES  ({?}, {?})",
-                                            $globals->asso('id'), $uid);
-                    $mailer = new PlMailer();
-                    $mailer->addTo("$u@polytechnique.org");
-                    $mailer->setFrom('"'.S::v('prenom').' '.S::v('nom')
-                                     .'" <'.S::v('forlife').'@polytechnique.org>');
-                    $mailer->setSubject('['.$globals->asso('nom').'] Demande d\'inscription');
-                    $message = ($sexe ? 'Chère' : 'Cher') . " Camarade,\n"
-                             . "\n"
-                             . "  Suite à ta demande d'adhésion à ".$globals->asso('nom').",\n"
-                             . "j'ai le plaisir de t'annoncer que ton inscription a été validée !\n"
-                             . "\n"
-                             . "Bien cordialement,\n"
-                             . "-- \n"
-                             . "{$_SESSION["prenom"]} {$_SESSION["nom"]}.";
-                    $mailer->setTxtBody($message);
-                    $mailer->send();
+                    $this->validSubscription($nom, $prenom, $sexe, $uid, $u);
                     pl_redirect("member/$u");
                 }
                 elseif (Env::has('refuse'))
                 {
+                    $this->removeSubscriptionRequest($uid);
                     $mailer = new PlMailer();
                     $mailer->addTo("$u@polytechnique.org");
                     $mailer->setFrom('"'.S::v('prenom').' '.S::v('nom')
@@ -568,6 +594,7 @@ class XnetGrpModule extends PLModule
                     $page->assign('nom', $nom);
                     $page->assign('promo', $promo);
                     $page->assign('uid', $uid);
+                    $page->assign('reason', $reason);
                 }
                 return;
             }
@@ -579,15 +606,27 @@ class XnetGrpModule extends PLModule
             return;
         }
 
+        $res = XDB::query("SELECT  uid
+                             FROM  groupex.membres_sub_requests
+                            WHERE  uid = {?} AND asso_id = {?}",
+                         S::i('uid'), $globals->asso('id'));
+        if ($res->numRows() != 0) {
+            $page->kill("Tu as déjà demandé ton inscription à ce groupe. Cette demande est actuellement en attente de validation.");
+            return;
+        }
+
         if (Post::has('inscrire')) {
+            XDB::execute("INSERT INTO  groupex.membres_sub_requests (asso_id, uid, ts, reason)
+                               VALUES  ({?}, {?}, NOW(), {?})",
+                         $globals->asso('id'), S::i('uid'), Post::v('message'));
             $res = XDB::query('SELECT  IF(m.email IS NULL,
-                                                    CONCAT(al.alias,"@polytechnique.org"),
-                                                    m.email)
-                                           FROM  groupex.membres AS m
-                                     INNER JOIN  aliases         AS al ON (al.type = "a_vie"
-                                                                           AND al.id = m.uid)
-                                          WHERE  perms="admin" AND m.asso_id = {?}',
-                                         $globals->asso('id'));
+                                          CONCAT(al.alias,"@polytechnique.org"),
+                                           m.email)
+                                 FROM  groupex.membres AS m
+                           INNER JOIN  aliases         AS al ON (al.type = "a_vie"
+                                                                 AND al.id = m.uid)
+                                WHERE  perms="admin" AND m.asso_id = {?}',
+                             $globals->asso('id'));
             $emails = $res->fetchColumn();
             $to     = implode(',', $emails);
 
@@ -622,6 +661,45 @@ class XnetGrpModule extends PLModule
         }
     }
 
+    function handler_subscribe_valid(&$page)
+    {
+        global $globals;
+
+        if (Post::has('valid')) {
+            S::assert_xsrf_token();
+            $subs = Post::v('subs');
+            if (is_array($subs)) {
+                $users = array();
+                foreach ($subs as $forlife => $val) {
+                    if ($val == '1') {
+                        $res = XDB::query("SELECT  IF(u.nom_usage != '', u.nom_usage, u.nom) AS u,
+                                                   u.prenom, FIND_IN_SET('femme', u.flags) AS sexe,
+                                                   u.user_id
+                                             FROM  auth_user_md5 AS u
+                                       INNER JOIN  aliases AS a ON (a.id = u.user_id)
+                                            WHERE  a.alias = {?}", $forlife);
+                        if ($res->numRows() == 1) {
+                            list($nom, $prenom, $sexe, $uid) = $res->fetchOneRow();
+                            $this->validSubscription($nom, $prenom, $sexe, $uid, $forlife);
+                        }
+                    }
+                }
+            }
+        }
+
+        $it = XDB::iterator("SELECT  IF(u.nom_usage != '', u.nom_usage, u.nom) AS nom,
+                                     u.prenom, u.promo, a.alias AS forlife, s.ts AS date
+                               FROM  groupex.membres_sub_requests AS s
+                         INNER JOIN  auth_user_md5 AS u ON (s.uid = u.user_id)
+                         INNER JOIN  aliases AS a ON (a.id = s.uid AND a.type = 'a_vie')
+                              WHERE  asso_id = {?}
+                           ORDER BY  nom, prenom",
+                           $globals->asso('id'));
+
+        $page->changeTpl('xnetgrp/subscribe-valid.tpl');
+        $page->assign('valid', $it);
+    }
+
     function handler_change_rights(&$page)
     {
         if (Env::has('right') && (may_update() || S::has('suid'))) {
@@ -747,6 +825,7 @@ class XnetGrpModule extends PLModule
                         XDB::execute('INSERT INTO groupex.membres (uid, asso_id, origine, email)
                                            VALUES ({?}, {?}, "X", {?})',
                                      $uid, $globals->asso('id'), $email);
+                        $this->removeSubscriptionRequest($uid);
                         pl_redirect("member/$email");
                     }
                     $page->trigError("Utilisateur invalide");

diff --git a/templates/xnetgrp/asso.tpl b/templates/xnetgrp/asso.tpl
index 4175ea8..537fac3 100644 (file)
--- a/templates/xnetgrp/asso.tpl
+++ b/templates/xnetgrp/asso.tpl
@@ -86,6 +86,14 @@
     </td>
   </tr>
   {/if}
+
+  {if $is_admin && $requests}
+  <tr>
+    <td class="titre center" colspan="2">
+      <a href="{$platal->ns}subscribe/valid">{$requests} demande{if $requests gt 1}s{/if} d'inscription en attente</a>
+    </td>
+  </tr>
+  {/if}
 </table>
 
 <br />

diff --git a/templates/xnetgrp/inscrire.tpl b/templates/xnetgrp/inscrire.tpl
index 6306877..0d0787d 100644 (file)
--- a/templates/xnetgrp/inscrire.tpl
+++ b/templates/xnetgrp/inscrire.tpl
@@ -25,19 +25,37 @@
 {if $u && $is_admin && $show_form}
 
 <h2>
-  Demande de la part de&nbsp;: {$prenom} {$nom} (X{$promo})
-  <a href="https://www.polytechnique.org/profile/{$u}">Voir sa fiche</a>
+  Demande de la part de&nbsp;: <a href="profile/{$u}" class="popup2">{$prenom} {$nom} (X{$promo})</a>
 </h2>
+
+{if $reason}
+<fieldset>
+  <legend>Motif de la demande</legend>
+  {$reason|nl2br}
+</fieldset>
+{/if}
+
 <form action="{$platal->ns}subscribe/{$u}" method="post">
-  <input type="submit" value="Accepter" name="accept" />
-  <br />
-  ou bien
-  <br />
-  <input type="submit" value="Refuser avec le motif ci-dessous" name="refuse" />
-  <textarea cols="70" rows="8" name="motif"></textarea>
-  <br />
+  <table class="bicol">
+    <tr>
+      <td>Raison (en cas de refus)&nbsp;:</td>
+    </tr>
+    <tr>
+      <td>
+        <textarea cols="70" rows="8" name="motif"></textarea>
+      </td>
+    </tr>
+    <tr>
+      <td class="center">
+        <input type="submit" value="Accepter" name="accept" />
+        <input type="submit" value="Refuser" name="refuse" />
+      </td>
+    </tr>
+  </table>
 </form>
 
+<div><a href="{$platal->ns}/subscribe/valid">Revenir à la liste des validations en attente</a></div>
+
 {elseif $smarty.post.inscrire}
 
 <p class="descr">

diff --git a/templates/xnetgrp/subscribe-valid.tpl b/templates/xnetgrp/subscribe-valid.tpl
new file mode 100644 (file)
index 0000000..521bae3
--- /dev/null
+++ b/templates/xnetgrp/subscribe-valid.tpl
@@ -0,0 +1,70 @@
+{**************************************************************************}
+{*                                                                        *}
+{*  Copyright (C) 2003-2008 Polytechnique.org                             *}
+{*  http://opensource.polytechnique.org/                                  *}
+{*                                                                        *}
+{*  This program is free software; you can redistribute it and/or modify  *}
+{*  it under the terms of the GNU General Public License as published by  *}
+{*  the Free Software Foundation; either version 2 of the License, or     *}
+{*  (at your option) any later version.                                   *}
+{*                                                                        *}
+{*  This program is distributed in the hope that it will be useful,       *}
+{*  but WITHOUT ANY WARRANTY; without even the implied warranty of        *}
+{*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *}
+{*  GNU General Public License for more details.                          *}
+{*                                                                        *}
+{*  You should have received a copy of the GNU General Public License     *}
+{*  along with this program; if not, write to the Free Software           *}
+{*  Foundation, Inc.,                                                     *}
+{*  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA               *}
+{*                                                                        *}
+{**************************************************************************}
+
+<h1>{$asso.nom}&nbsp;: Validation des inscriptions</h1>
+
+<script type="text/javascript">//<![CDATA[
+{literal}
+  var toggleState = false;
+  function toggleSelection()
+  {
+    toggleState = !toggleState;
+    var boxes = $(':checkbox.select_sub');
+    if (toggleState) {
+      boxes.attr("checked", "checked");
+    } else {
+      boxes.removeAttr("checked");
+    }
+    return true;
+  }
+{/literal}
+//]]></script>
+
+<form action="{$platal->ns}subscribe/valid" method="post">
+  <table class="tinybicol">
+    <tr>
+      <th><a href="javascript:toggleSelection()">{icon name="arrow_refresh" title="Inverser la sélection"}</a></th> 
+      <th>Prénom Nom</th>
+      <th>Date de demande</th>
+      <th></th>
+    </tr>
+    {iterate from=$valid item=user}
+    <tr>
+      <td><input type="checkbox" name="subs[{$user.forlife}]" value="1" class="select_sub" /></td>
+      <td><a href="profile/{$user.forlife}" class="popup2">{$user.prenom} {$user.nom} (X{$user.promo})</a></td>
+      <td>{$user.date|date_format}</td>
+      <td><a href="{$platal->ns}subscribe/{$user.forlife}">{icon name=magnifier title="Détails"}</a></td>
+    </tr>
+    {/iterate}
+  </table>
+
+  <div class="center">
+    {xsrf_token_field}
+    <input type="submit" name="valid" value="Accepter" />
+  </div>
+
+  <div>
+    Pour voir le détail sur une demande, clique sur le lien {icon name=magnifier title="Détails"}.<br />
+    Pour refuser une demande, tu dois aller consulter les détails et remplir la raison du refus.
+  </div>
+</form>
+{* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}

diff --git a/upgrade/0.9.17/03_xnetgrp.sql b/upgrade/0.9.17/03_xnetgrp.sql
index 7f25048..bf012cf 100644 (file)
--- a/upgrade/0.9.17/03_xnetgrp.sql
+++ b/upgrade/0.9.17/03_xnetgrp.sql
@@ -2,6 +2,15 @@ use groupex;
 
 alter table asso change column flags flags set('wiki_desc', 'notif_unsub') not null;
 
+create table membres_sub_requests (
+  asso_id smallint(5) unsigned not null,
+  uid int(11) not null,
+  ts timestamp not null default NOW(),
+  reason text default null,
+
+  primary key sub (asso_id, uid)
+) charset=utf8;
+
 use x4dat;
 
 # vim:set syntax=mysql: