Add Show Email button to the User Editor and fix some problems too.
This commit is contained in:
parent
5635a54d7a
commit
8cdb0dd187
|
@ -13,7 +13,6 @@ func Users(w http.ResponseWriter, r *http.Request, user c.User) c.RouteError {
|
||||||
if ferr != nil {
|
if ferr != nil {
|
||||||
return ferr
|
return ferr
|
||||||
}
|
}
|
||||||
|
|
||||||
page, _ := strconv.Atoi(r.FormValue("page"))
|
page, _ := strconv.Atoi(r.FormValue("page"))
|
||||||
perPage := 15
|
perPage := 15
|
||||||
offset, page, lastPage := c.PageOffset(basePage.Stats.Users, page, perPage)
|
offset, page, lastPage := c.PageOffset(basePage.Stats.Users, page, perPage)
|
||||||
|
@ -25,7 +24,7 @@ func Users(w http.ResponseWriter, r *http.Request, user c.User) c.RouteError {
|
||||||
|
|
||||||
pageList := c.Paginate(page, lastPage, 5)
|
pageList := c.Paginate(page, lastPage, 5)
|
||||||
pi := c.PanelUserPage{basePage, users, c.Paginator{pageList, page, lastPage}}
|
pi := c.PanelUserPage{basePage, users, c.Paginator{pageList, page, lastPage}}
|
||||||
return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage,"","","panel_users",&pi})
|
return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage, "", "", "panel_users", &pi})
|
||||||
}
|
}
|
||||||
|
|
||||||
func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string) c.RouteError {
|
func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string) c.RouteError {
|
||||||
|
@ -41,7 +40,6 @@ func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
targetUser, err := c.Users.Get(uid)
|
targetUser, err := c.Users.Get(uid)
|
||||||
if err == sql.ErrNoRows {
|
if err == sql.ErrNoRows {
|
||||||
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
||||||
|
@ -58,7 +56,7 @@ func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string)
|
||||||
return c.InternalError(err, w, r)
|
return c.InternalError(err, w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
var groupList []interface{}
|
var groupList []*c.Group
|
||||||
for _, group := range groups {
|
for _, group := range groups {
|
||||||
if !user.Perms.EditUserGroupAdmin && group.IsAdmin {
|
if !user.Perms.EditUserGroupAdmin && group.IsAdmin {
|
||||||
continue
|
continue
|
||||||
|
@ -72,9 +70,10 @@ func UsersEdit(w http.ResponseWriter, r *http.Request, user c.User, suid string)
|
||||||
if r.FormValue("updated") == "1" {
|
if r.FormValue("updated") == "1" {
|
||||||
basePage.AddNotice("panel_user_updated")
|
basePage.AddNotice("panel_user_updated")
|
||||||
}
|
}
|
||||||
|
showEmail := r.FormValue("show-email") == "1"
|
||||||
|
|
||||||
pi := c.PanelPage{basePage, groupList, targetUser}
|
pi := c.PanelUserEditPage{basePage, groupList, targetUser, showEmail}
|
||||||
return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage,"","","panel_user_edit",&pi})
|
return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage, "", "", "panel_user_edit", &pi})
|
||||||
}
|
}
|
||||||
|
|
||||||
func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid string) c.RouteError {
|
func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid string) c.RouteError {
|
||||||
|
@ -90,7 +89,6 @@ func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid s
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
targetUser, err := c.Users.Get(uid)
|
targetUser, err := c.Users.Get(uid)
|
||||||
if err == sql.ErrNoRows {
|
if err == sql.ErrNoRows {
|
||||||
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
||||||
|
@ -101,38 +99,39 @@ func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid s
|
||||||
return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user)
|
return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
newname := c.SanitiseSingleLine(r.PostFormValue("user-name"))
|
newname := c.SanitiseSingleLine(r.PostFormValue("name"))
|
||||||
if newname == "" {
|
if newname == "" {
|
||||||
return c.LocalError("You didn't put in a username.", w, r, user)
|
return c.LocalError("You didn't put in a name.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: How should activation factor into admin set emails?
|
// TODO: How should activation factor into admin set emails?
|
||||||
// TODO: How should we handle secondary emails? Do we even have secondary emails implemented?
|
// TODO: How should we handle secondary emails? Do we even have secondary emails implemented?
|
||||||
newemail := c.SanitiseSingleLine(r.PostFormValue("user-email"))
|
newemail := c.SanitiseSingleLine(r.PostFormValue("email"))
|
||||||
if newemail == "" {
|
if newemail == "" && targetUser.Email != "" {
|
||||||
return c.LocalError("You didn't put in an email address.", w, r, user)
|
return c.LocalError("You didn't put in an email address.", w, r, user)
|
||||||
}
|
}
|
||||||
|
if newemail == "-1" {
|
||||||
|
newemail = targetUser.Email
|
||||||
|
}
|
||||||
if (newemail != targetUser.Email) && !user.Perms.EditUserEmail {
|
if (newemail != targetUser.Email) && !user.Perms.EditUserEmail {
|
||||||
return c.LocalError("You need the EditUserEmail permission to edit the email address of a user.", w, r, user)
|
return c.LocalError("You need the EditUserEmail permission to edit the email address of a user.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
newpassword := r.PostFormValue("user-password")
|
newpassword := r.PostFormValue("password")
|
||||||
if newpassword != "" && !user.Perms.EditUserPassword {
|
if newpassword != "" && !user.Perms.EditUserPassword {
|
||||||
return c.LocalError("You need the EditUserPassword permission to edit the password of a user.", w, r, user)
|
return c.LocalError("You need the EditUserPassword permission to edit the password of a user.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
newgroup, err := strconv.Atoi(r.PostFormValue("user-group"))
|
newgroup, err := strconv.Atoi(r.PostFormValue("group"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.LocalError("You need to provide a whole number for the group ID", w, r, user)
|
return c.LocalError("You need to provide a whole number for the group ID", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
group, err := c.Groups.Get(newgroup)
|
group, err := c.Groups.Get(newgroup)
|
||||||
if err == sql.ErrNoRows {
|
if err == sql.ErrNoRows {
|
||||||
return c.LocalError("The group you're trying to place this user in doesn't exist.", w, r, user)
|
return c.LocalError("The group you're trying to place this user in doesn't exist.", w, r, user)
|
||||||
} else if err != nil {
|
} else if err != nil {
|
||||||
return c.InternalError(err, w, r)
|
return c.InternalError(err, w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !user.Perms.EditUserGroupAdmin && group.IsAdmin {
|
if !user.Perms.EditUserGroupAdmin && group.IsAdmin {
|
||||||
return c.LocalError("You need the EditUserGroupAdmin permission to assign someone to an administrator group.", w, r, user)
|
return c.LocalError("You need the EditUserGroupAdmin permission to assign someone to an administrator group.", w, r, user)
|
||||||
}
|
}
|
||||||
|
@ -145,18 +144,24 @@ func UsersEditSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid s
|
||||||
return c.InternalError(err, w, r)
|
return c.InternalError(err, w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
red := false
|
||||||
if newpassword != "" {
|
if newpassword != "" {
|
||||||
c.SetPassword(targetUser.ID, newpassword)
|
c.SetPassword(targetUser.ID, newpassword)
|
||||||
// Log the user out as a safety precaution
|
// Log the user out as a safety precaution
|
||||||
c.Auth.ForceLogout(targetUser.ID)
|
c.Auth.ForceLogout(targetUser.ID)
|
||||||
|
red = true
|
||||||
}
|
}
|
||||||
targetUser.CacheRemove()
|
targetUser.CacheRemove()
|
||||||
|
|
||||||
// If we're changing our own password, redirect to the index rather than to a noperms error due to the force logout
|
// If we're changing our own password, redirect to the index rather than to a noperms error due to the force logout
|
||||||
if targetUser.ID == user.ID {
|
if targetUser.ID == user.ID && red {
|
||||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||||
} else {
|
} else {
|
||||||
http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1", http.StatusSeeOther)
|
var se string
|
||||||
|
if r.PostFormValue("show-email") == "1" {
|
||||||
|
se = "&show-email=1"
|
||||||
|
}
|
||||||
|
http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1"+se, http.StatusSeeOther)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -175,7 +180,6 @@ func UsersAvatarSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
targetUser, err := c.Users.Get(uid)
|
targetUser, err := c.Users.Get(uid)
|
||||||
if err == sql.ErrNoRows {
|
if err == sql.ErrNoRows {
|
||||||
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
||||||
|
@ -186,23 +190,25 @@ func UsersAvatarSubmit(w http.ResponseWriter, r *http.Request, user c.User, suid
|
||||||
return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user)
|
return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
ext, ferr := c.UploadAvatar(w,r,user,targetUser.ID)
|
ext, ferr := c.UploadAvatar(w, r, user, targetUser.ID)
|
||||||
if ferr != nil {
|
if ferr != nil {
|
||||||
return ferr
|
return ferr
|
||||||
}
|
}
|
||||||
|
ferr = c.ChangeAvatar("."+ext, w, r, *targetUser)
|
||||||
ferr = c.ChangeAvatar("." + ext, w, r, *targetUser)
|
|
||||||
if ferr != nil {
|
if ferr != nil {
|
||||||
return ferr
|
return ferr
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Only schedule a resize if the avatar isn't tiny
|
// TODO: Only schedule a resize if the avatar isn't tiny
|
||||||
err = targetUser.ScheduleAvatarResize()
|
err = targetUser.ScheduleAvatarResize()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.InternalError(err, w, r)
|
return c.InternalError(err, w, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1", http.StatusSeeOther)
|
var se string
|
||||||
|
if r.PostFormValue("show-email") == "1" {
|
||||||
|
se = "&show-email=1"
|
||||||
|
}
|
||||||
|
http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1"+se, http.StatusSeeOther)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -219,7 +225,6 @@ func UsersAvatarRemoveSubmit(w http.ResponseWriter, r *http.Request, user c.User
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
return c.LocalError("The provided UserID is not a valid number.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
targetUser, err := c.Users.Get(uid)
|
targetUser, err := c.Users.Get(uid)
|
||||||
if err == sql.ErrNoRows {
|
if err == sql.ErrNoRows {
|
||||||
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
return c.LocalError("The user you're trying to edit doesn't exist.", w, r, user)
|
||||||
|
@ -229,12 +234,15 @@ func UsersAvatarRemoveSubmit(w http.ResponseWriter, r *http.Request, user c.User
|
||||||
if targetUser.IsAdmin && !user.IsAdmin {
|
if targetUser.IsAdmin && !user.IsAdmin {
|
||||||
return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user)
|
return c.LocalError("Only administrators can edit the account of other administrators.", w, r, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
ferr = c.ChangeAvatar("", w, r, *targetUser)
|
ferr = c.ChangeAvatar("", w, r, *targetUser)
|
||||||
if ferr != nil {
|
if ferr != nil {
|
||||||
return ferr
|
return ferr
|
||||||
}
|
}
|
||||||
|
|
||||||
http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1", http.StatusSeeOther)
|
var se string
|
||||||
|
if r.PostFormValue("show-email") == "1" {
|
||||||
|
se = "&show-email=1"
|
||||||
|
}
|
||||||
|
http.Redirect(w, r, "/panel/users/edit/"+strconv.Itoa(targetUser.ID)+"?updated=1"+se, http.StatusSeeOther)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
|
@ -2,39 +2,42 @@
|
||||||
<div class="rowitem"><h1>{{lang "panel_user_head"}}</h1></div>
|
<div class="rowitem"><h1>{{lang "panel_user_head"}}</h1></div>
|
||||||
</div>
|
</div>
|
||||||
<div id="panel_user" class="colstack_item the_form">
|
<div id="panel_user" class="colstack_item the_form">
|
||||||
<form id="user_form" action="/panel/users/edit/submit/{{.Something.ID}}?s={{.CurrentUser.Session}}" method="post"></form>
|
<form id="user_form" action="/panel/users/edit/submit/{{.User.ID}}?s={{.CurrentUser.Session}}" method="post"></form>
|
||||||
<form id="avatar_form" enctype="multipart/form-data" action="/panel/users/avatar/submit/{{.Something.ID}}?s={{.CurrentUser.Session}}" method="post"></form>
|
<form id="avatar_form" enctype="multipart/form-data" action="/panel/users/avatar/submit/{{.User.ID}}?s={{.CurrentUser.Session}}" method="post"></form>
|
||||||
<form id="remove_avatar_form" action="/panel/users/avatar/remove/submit/{{.Something.ID}}?s={{.CurrentUser.Session}}" method="post"></form>
|
<form id="remove_avatar_form" action="/panel/users/avatar/remove/submit/{{.User.ID}}?s={{.CurrentUser.Session}}" method="post"></form>
|
||||||
<div class="formrow">
|
<div class="formrow">
|
||||||
<div class="formitem formlabel"><a>{{lang "panel_user_avatar"}}</a></div>
|
<div class="formitem formlabel"><a>{{lang "panel_user_avatar"}}</a></div>
|
||||||
<div class="formitem avataritem">
|
<div class="formitem avataritem">
|
||||||
{{if .Something.RawAvatar}}<img src="{{.Something.Avatar}}" height=56 width=56 />{{end}}
|
{{if .User.RawAvatar}}<img src="{{.User.Avatar}}" height=56 width=56 />{{end}}
|
||||||
<div class="avatarbuttons">
|
<div class="avatarbuttons">
|
||||||
<input form="avatar_form" id="select_avatar" name="avatar_file" type="file" required class="auto_hide" />
|
<input form="avatar_form" id="select_avatar" name="avatar_file" type="file" required class="auto_hide" />
|
||||||
<label for="select_avatar" class="formbutton">{{lang "panel_user_avatar_select"}}</label>
|
<label for="select_avatar" class="formbutton">{{lang "panel_user_avatar_select"}}</label>
|
||||||
<button form="avatar_form" name="avatar_action" value=0>{{lang "panel_user_avatar_upload"}}</button>
|
<button form="avatar_form" name="avatar_action" value=0>{{lang "panel_user_avatar_upload"}}</button>
|
||||||
{{if .Something.RawAvatar}}<button form="remove_avatar_form" name="avatar_action" value=1>{{lang "panel_user_avatar_remove"}}</button>{{end}}
|
{{if .User.RawAvatar}}<button form="remove_avatar_form" name="avatar_action" value=1>{{lang "panel_user_avatar_remove"}}</button>{{end}}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="formrow">
|
<div class="formrow">
|
||||||
<div class="formitem formlabel"><a>{{lang "panel_user_name"}}</a></div>
|
<div class="formitem formlabel"><a>{{lang "panel_user_name"}}</a></div>
|
||||||
<div class="formitem"><input form="user_form" name="user-name" type="text" value="{{.Something.Name}}" placeholder="{{lang "panel_user_name_placeholder"}}" autocomplete="off" /></div>
|
<div class="formitem"><input form="user_form" name="name" type="text" value="{{.User.Name}}" placeholder="{{lang "panel_user_name_placeholder"}}" autocomplete="off" /></div>
|
||||||
</div>
|
</div>
|
||||||
{{if .CurrentUser.Perms.EditUserPassword}}<div class="formrow">
|
{{if .CurrentUser.Perms.EditUserPassword}}<div class="formrow">
|
||||||
<div class="formitem formlabel"><a>{{lang "panel_user_password"}}</a></div>
|
<div class="formitem formlabel"><a>{{lang "panel_user_password"}}</a></div>
|
||||||
<div class="formitem"><input form="user_form" name="user-password" type="password" placeholder="*****" autocomplete="off" /></div>
|
<div class="formitem"><input form="user_form" name="password" type="password" placeholder="*****" autocomplete="off" /></div>
|
||||||
</div>{{end}}
|
</div>{{end}}
|
||||||
{{if .CurrentUser.Perms.EditUserEmail}}<div class="formrow">
|
{{if .CurrentUser.Perms.EditUserEmail}}<div class="formrow">
|
||||||
<div class="formitem formlabel"><a>{{lang "panel_user_email"}}</a></div>
|
<div class="formitem formlabel"><a>{{lang "panel_user_email"}}</a></div>
|
||||||
<div class="formitem"><input form="user_form" name="user-email" type="email" value="{{.Something.Email}}" placeholder="example@localhost" /></div>
|
<div class="formitem">
|
||||||
|
{{if .ShowEmail}}<input form="user_form" name="show-email" value=1 type="hidden" />
|
||||||
|
<input form="user_form" name="email" type="email" value="{{.User.Email}}" placeholder="example@localhost"/>{{else}}<input form="user_form" name="email" value="-1" type="hidden"/><a href="/panel/users/edit/{{.User.ID}}?show-email=1"><button>{{lang "panel_user_show_email"}}</button></a>{{end}}
|
||||||
|
</div>
|
||||||
</div>{{end}}
|
</div>{{end}}
|
||||||
{{if .CurrentUser.Perms.EditUserGroup}}
|
{{if .CurrentUser.Perms.EditUserGroup}}
|
||||||
<div class="formrow">
|
<div class="formrow">
|
||||||
<div class="formitem formlabel"><a>{{lang "panel_user_group"}}</a></div>
|
<div class="formitem formlabel"><a>{{lang "panel_user_group"}}</a></div>
|
||||||
<div class="formitem">
|
<div class="formitem">
|
||||||
<select form="user_form" name="user-group">
|
<select form="user_form" name="group">
|
||||||
{{range .ItemList}}<option{{if eq .ID $.Something.Group}} selected{{end}} value="{{.ID}}">{{.Name}}</option>{{end}}
|
{{range .Groups}}<option{{if eq .ID $.User.Group}} selected{{end}} value={{.ID}}>{{.Name}}</option>{{end}}
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
</div>{{end}}
|
</div>{{end}}
|
||||||
|
|
Loading…
Reference in New Issue