From f9743cf19cc339b12c8570742e082c6836f102c1 Mon Sep 17 00:00:00 2001
From: Florent Bruneau <florent.bruneau@polytechnique.org>
Date: Sun, 4 Jan 2009 23:43:30 +0100
Subject: [PATCH] Add a form to manage the profiles associated with an account.

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
---
 modules/admin.php                | 34 ++++++++++++++++++++++-
 templates/admin/utilisateurs.tpl | 59 +++++++++++++++++++++++++++++++++++-----
 2 files changed, 85 insertions(+), 8 deletions(-)

diff --git a/modules/admin.php b/modules/admin.php
index de8381f..17f2474 100644
--- a/modules/admin.php
+++ b/modules/admin.php
@@ -368,7 +368,7 @@ class AdminModule extends PLModule
     {
         global $globals;
         $page->changeTpl('admin/utilisateurs.tpl');
-        $page->setTitle('Administration - Edit/Su/Log');
+        $page->setTitle('Administration - Compte');
         require_once("emails.inc.php");
 
         if (S::suid()) {
@@ -407,6 +407,7 @@ class AdminModule extends PLModule
         // Fetches user data.
         $redirect = ($registered ? new Redirect($user) : null);
 
+        // Account Form {{{
         $to_update = array();
         if (Env::has('disable_weak_access')) {
             S::assert_xsrf_token();
@@ -465,6 +466,33 @@ class AdminModule extends PLModule
             $page->trigSuccess('Données du compte mise à jour avec succès');
             $user = User::getWithUID($user->id());
         }
+        // }}}
+        // Profile form {{{
+        if (Env::has('add_profile') || Env::has('del_profile') || Env::has('owner')) {
+            S::assert_xsrf_token();
+            if (Env::i('del_profile', 0) != 0) {
+                XDB::execute('DELETE FROM  account_profiles
+                                    WHERE  uid = {?} AND pid = {?}',
+                             $user->id(), Env::i('del_profile'));
+            } else if (!Env::blank('new_profile')) {
+                $profile = Profile::get(Env::t('new_profile'));
+                if (!$profile) {
+                    $page->trigError('Le profil ' . Env::t('new_profile') . ' n\'existe pas');
+                } else {
+                    XDB::execute('INSERT IGNORE INTO  account_profiles (uid, pid)
+                                              VALUES  ({?}, {?})',
+                                 $user->id(), $profile->id());
+                }
+            }
+            XDB::execute('UPDATE  account_profiles
+                             SET  perms = IF(pid = {?}, CONCAT(perms, \',owner\'), REPLACE(perms, \'owner\', \'\'))
+                           WHERE  uid = {?}',
+                         Env::i('owner'), $user->id());
+        }
+
+
+        // }}}
+
         $page->addJsLink('ui.core.js');
         $page->addJsLink('ui.tabs.js');
 
@@ -730,6 +758,10 @@ class AdminModule extends PLModule
                ORDER BY  type != 'a_vie'", $user->id()));
         $page->assign('account_types', XDB::iterator('SELECT * FROM account_types ORDER BY type'));
         $page->assign('skins', XDB::iterator('SELECT id, name FROM skins ORDER BY name'));
+        $page->assign('profiles', XDB::iterator('SELECT  p.pid, p.hrpid, FIND_IN_SET(\'owner\', ap.perms) AS owner
+                                                   FROM  account_profiles AS ap
+                                             INNER JOIN  profiles AS p ON (ap.pid = p.pid)
+                                                  WHERE  ap.uid = {?}', $user->id()));
 
         // Displays email redirection and the general profile.
         if ($registered && $redirect) {
diff --git a/templates/admin/utilisateurs.tpl b/templates/admin/utilisateurs.tpl
index 94d0662..53f5def 100644
--- a/templates/admin/utilisateurs.tpl
+++ b/templates/admin/utilisateurs.tpl
@@ -46,6 +46,11 @@ function del_alias(alias) {
   document.forms.alias.submit();
 }
 
+function del_profile(pid) {
+  document.forms.profiles.del_profile.value = pid;
+  document.forms.profiles.submit();
+}
+
 function del_fwd(fwd) {
   document.forms.fwds.del_fwd.value = fwd;
   document.forms.fwds.submit();
@@ -88,7 +93,7 @@ $(document).ready(function() {
 </ul>
 
 <div id="account">
-<form id="auth" method="post" action="admin/user/{$user->login()}">
+<form id="auth" method="post" action="admin/user/{$user->login()}#account">
   {xsrf_token_field}
   <h1>Informations sur le compte</h1>
   <p class="smaller">
@@ -188,7 +193,7 @@ $(document).ready(function() {
           <option value="{$type.type}" {if $user->type eq $type.type}selected="selected"{/if}>{$type.type} ({$type.perms})</option>
           {/iterate}
         </select>
-        <a href="admin/account/types">gérer</a>
+        <a href="admin/account/types">{icon name=wrench title=Gérer} gérer</a>
       </td>
     </tr>
     <tr class="pair">
@@ -217,6 +222,46 @@ $(document).ready(function() {
     <input type="submit" name="log_account" value="Consulter les logs" />
   </div>
 </form>
+
+<h1>Fiches associées au compte</h1>
+
+<form id="profiles" method="post" action="admin/user/{$user->login()}#account">
+  {xsrf_token_field}
+  <table class="tinybicol">
+    <tr>
+      <th></th>
+      <th>Identifiant de la fiche</th>
+      <th></th>
+    </tr>
+    {iterate from=$profiles item=profile}
+    <tr>
+      <td><input type="radio" name="owner" value="{$profile.pid}" {if $profile.owner}checked="checked"{/if}
+                 onclick="this.form.submit()" /></td>
+      <td>{$profile.hrpid}</td>
+      <td class="right">
+        <a href="profile/edit/{$profile.hrpid}">{icon name=user_edit}</a>
+        <a href="profile/{$profile.hrpid}" class="popup2">{icon name=user_suit}</a>
+        <a href="javascript:del_profile({$profile.pid})">{icon name=cross}</a>
+      </td>
+    </tr>
+    {/iterate}
+    <tr>
+      <td>
+        <input type="radio" name="owner" value="0" onclick="this.form.submit()" />
+      </td>
+      <td>None</td>
+      <td></td>
+    </tr>
+    <tr class="pair">
+      <td colspan="3">
+        <input type="hidden" name="del_profile" value="" />
+        <input type="text" maxlength="64" name="new_profile" />
+        <input type="submit" name="add_profile" value="Ajouter" />
+      </td>
+    </tr>
+  </table>
+</form>
+
 </div>
 
 <!--
@@ -351,7 +396,7 @@ Pour ceci changer ses permissions en 'disabled'.
 <div id="emails">
 <h1>Gestion de l'adresse X.org {$user->login()}</h1>
 
-<form id="alias" method="post" action="admin/user">
+<form id="alias" method="post" action="admin/user/{$user->login()}#emails">
   {xsrf_token_field}
   <table class="tinybicol" cellpadding="2" cellspacing="0">
     <tr>
@@ -372,7 +417,7 @@ Pour ceci changer ses permissions en 'disabled'.
       <td>garanti à vie*</td>
       {else}
       <td class="action">
-        <a href="javascript:del_alias('{$a.alias}')">delete</a>
+        <a href="javascript:del_alias('{$a.alias}')">{icon name=cross}</a>
       </td>
       {/if}
     </tr>
@@ -397,7 +442,7 @@ Pour ceci changer ses permissions en 'disabled'.
 
 <br />
 
-<form id="fwds" method="post" action="admin/user/{$user->login()}#fwds">
+<form id="fwds" method="post" action="admin/user/{$user->login()}#emails">
   {xsrf_token_field}
   <table class="bicol" cellpadding="2" cellspacing="0">
     <tr>
@@ -436,7 +481,7 @@ Pour ceci changer ses permissions en 'disabled'.
       </td>
       <td class="action">
         {if $mail->is_removable()}
-        <a href="javascript:del_fwd('{$mail->email}')">delete</a>
+        <a href="javascript:del_fwd('{$mail->email}')">{icon name=cross}</a>
         {/if}
       </td>
     </tr>
@@ -503,7 +548,7 @@ Pour ceci changer ses permissions en 'disabled'.
 
 <h1>Gestion de l'accès au forums de {$user->login()}</h1>
 
-<form id="bans" method="post" action="admin/user/{$user->login()}">
+<form id="bans" method="post" action="admin/user/{$user->login()}#forums">
   {xsrf_token_field}
   <table cellspacing="0" cellpadding="2" class="tinybicol">
     <tr>
-- 
2.1.4