From 8cdb0dd187451b617bf9240376412b1a09de0340 Mon Sep 17 00:00:00 2001 From: Azareal Date: Tue, 5 Nov 2019 09:32:25 +1000 Subject: [PATCH] Add Show Email button to the User Editor and fix some problems too. --- routes/panel/users.go | 62 +++++++++++++++++++--------------- templates/panel_user_edit.html | 23 +++++++------ 2 files changed, 48 insertions(+), 37 deletions(-) diff --git a/routes/panel/users.go b/routes/panel/users.go index 093f0023..4bd9225a 100644 --- a/routes/panel/users.go +++ b/routes/panel/users.go @@ -13,7 +13,6 @@ func Users(w http.ResponseWriter, r *http.Request, user c.User) c.RouteError { if ferr != nil { return ferr } - page, _ := strconv.Atoi(r.FormValue("page")) perPage := 15 offset, page, lastPage := c.PageOffset(basePage.Stats.Users, page, perPage) @@ -25,7 +24,7 @@ func Users(w http.ResponseWriter, r *http.Request, user c.User) c.RouteError { pageList := c.Paginate(page, lastPage, 5) pi := c.PanelUserPage{basePage, users, c.Paginator{pageList, page, lastPage}} - return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage,"","","panel_users",&pi}) + return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage, "", "", "panel_users", &pi}) } func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string) c.RouteError { @@ -41,7 +40,6 @@ func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string) if err != nil { return c.LocalError("The provided UserID is not a valid number.", w, r, user) } - targetUser, err := c.Users.Get(uid) if err == sql.ErrNoRows { return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user) @@ -58,7 +56,7 @@ func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string) return c.InternalError(err, w, r) } - var groupList []interface{} + var groupList []*c.Group for _, group := range groups { if !user.Perms.EditUserGroupAdmin && group.IsAdmin { continue @@ -72,9 +70,10 @@ func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string) if r.FormValue("updated") == "1" { basePage.AddNotice("panel_user_updated") } + showEmail := r.FormValue("show-email") == "1" - pi := c.PanelPage{basePage, groupList, targetUser} - return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage,"","","panel_user_edit",&pi}) + pi := c.PanelUserEditPage{basePage, groupList, targetUser, showEmail} + return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage, "", "", "panel_user_edit", &pi}) } func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid string) c.RouteError { @@ -90,7 +89,6 @@ func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid s if err != nil { return c.LocalError("The provided UserID is not a valid number.", w, r, user) } - targetUser, err := c.Users.Get(uid) if err == sql.ErrNoRows { return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user) @@ -101,38 +99,39 @@ func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid s return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user) } - newname := c.SanitiseSingleLine(r.PostFormValue("user-name")) + newname := c.SanitiseSingleLine(r.PostFormValue("name")) if newname == "" { - return c.LocalError("You didn't put in a username.", w, r, user) + return c.LocalError("You didn't put in a name.", w, r, user) } // TODO: How should activation factor into admin set emails? // TODO: How should we handle secondary emails? Do we even have secondary emails implemented? - newemail := c.SanitiseSingleLine(r.PostFormValue("user-email")) - if newemail == "" { + newemail := c.SanitiseSingleLine(r.PostFormValue("email")) + if newemail == "" && targetUser.Email != "" { return c.LocalError("You didn't put in an email address.", w, r, user) } + if newemail == "-1" { + newemail = targetUser.Email + } if (newemail != targetUser.Email) && !user.Perms.EditUserEmail { return c.LocalError("You need the EditUserEmail permission to edit the email address of a user.", w, r, user) } - newpassword := r.PostFormValue("user-password") + newpassword := r.PostFormValue("password") if newpassword != "" && !user.Perms.EditUserPassword { return c.LocalError("You need the EditUserPassword permission to edit the password of a user.", w, r, user) } - newgroup, err := strconv.Atoi(r.PostFormValue("user-group")) + newgroup, err := strconv.Atoi(r.PostFormValue("group")) if err != nil { return c.LocalError("You need to provide a whole number for the group ID", w, r, user) } - group, err := c.Groups.Get(newgroup) if err == sql.ErrNoRows { return c.LocalError("The group you're trying to place this user in doesn't exist.", w, r, user) } else if err != nil { return c.InternalError(err, w, r) } - if !user.Perms.EditUserGroupAdmin && group.IsAdmin { return c.LocalError("You need the EditUserGroupAdmin permission to assign someone to an administrator group.", w, r, user) } @@ -145,18 +144,24 @@ func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid s return c.InternalError(err, w, r) } + red := false if newpassword != "" { c.SetPassword(targetUser.ID, newpassword) // Log the user out as a safety precaution c.Auth.ForceLogout(targetUser.ID) + red = true } targetUser.CacheRemove() // If we're changing our own password, redirect to the index rather than to a noperms error due to the force logout - if targetUser.ID == user.ID { + if targetUser.ID == user.ID && red { http.Redirect(w, r, "/", http.StatusSeeOther) } else { - http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1", http.StatusSeeOther) + var se string + if r.PostFormValue("show-email") == "1" { + se = "&show-email=1" + } + http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1"+se, http.StatusSeeOther) } return nil } @@ -175,7 +180,6 @@ func UsersAvatarSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid if err != nil { return c.LocalError("The provided UserID is not a valid number.", w, r, user) } - targetUser, err := c.Users.Get(uid) if err == sql.ErrNoRows { return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user) @@ -186,23 +190,25 @@ func UsersAvatarSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user) } - ext, ferr := c.UploadAvatar(w,r,user,targetUser.ID) + ext, ferr := c.UploadAvatar(w, r, user, targetUser.ID) if ferr != nil { return ferr } - - ferr = c.ChangeAvatar("." + ext, w, r, *targetUser) + ferr = c.ChangeAvatar("."+ext, w, r, *targetUser) if ferr != nil { return ferr } - // TODO: Only schedule a resize if the avatar isn't tiny err = targetUser.ScheduleAvatarResize() if err != nil { return c.InternalError(err, w, r) } - http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1", http.StatusSeeOther) + var se string + if r.PostFormValue("show-email") == "1" { + se = "&show-email=1" + } + http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1"+se, http.StatusSeeOther) return nil } @@ -219,7 +225,6 @@ func UsersAvatarRemoveSubmit(w http.ResponseWriter, r *http.Request, user c.User if err != nil { return c.LocalError("The provided UserID is not a valid number.", w, r, user) } - targetUser, err := c.Users.Get(uid) if err == sql.ErrNoRows { return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user) @@ -229,12 +234,15 @@ func UsersAvatarRemoveSubmit(w http.ResponseWriter, r *http.Request, user c.User if targetUser.IsAdmin && !user.IsAdmin { return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user) } - ferr = c.ChangeAvatar("", w, r, *targetUser) if ferr != nil { return ferr } - http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1", http.StatusSeeOther) + var se string + if r.PostFormValue("show-email") == "1" { + se = "&show-email=1" + } + http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1"+se, http.StatusSeeOther) return nil -} \ No newline at end of file +} diff --git a/templates/panel_user_edit.html b/templates/panel_user_edit.html index 03ff22c4..0b00303a 100644 --- a/templates/panel_user_edit.html +++ b/templates/panel_user_edit.html @@ -2,39 +2,42 @@

{{lang "panel_user_head"}}

-
-
-
+
+
+
- {{if .Something.RawAvatar}}{{end}} + {{if .User.RawAvatar}}{{end}}
- {{if .Something.RawAvatar}}{{end}} + {{if .User.RawAvatar}}{{end}}
{{if .CurrentUser.Perms.EditUserPassword}}{{end}} {{if .CurrentUser.Perms.EditUserEmail}}
-
+
+ {{if .ShowEmail}} + {{else}}{{end}} +
{{end}} {{if .CurrentUser.Perms.EditUserGroup}}
- + {{range .Groups}}{{.Name}}{{end}}
{{end}}