user.admin.inc 39 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053
  1. <?php
  2. /**
  3. * @file
  4. * Admin page callback file for the user module.
  5. */
  6. /**
  7. * Page callback: Generates the appropriate user administration form.
  8. *
  9. * This function generates the user registration, multiple user cancellation,
  10. * or filtered user list admin form, depending on the argument and the POST
  11. * form values.
  12. *
  13. * @param string $callback_arg
  14. * (optional) Indicates which form to build. Defaults to '', which will
  15. * trigger the user filter form. If the POST value 'op' is present, this
  16. * function uses that value as the callback argument.
  17. *
  18. * @return string
  19. * A renderable form array for the respective request.
  20. */
  21. function user_admin($callback_arg = '') {
  22. $op = isset($_POST['op']) ? $_POST['op'] : $callback_arg;
  23. switch ($op) {
  24. case t('Create new account'):
  25. case 'create':
  26. $build['user_register'] = drupal_get_form('user_register_form');
  27. break;
  28. default:
  29. if (!empty($_POST['accounts']) && isset($_POST['operation']) && ($_POST['operation'] == 'cancel')) {
  30. $build['user_multiple_cancel_confirm'] = drupal_get_form('user_multiple_cancel_confirm');
  31. }
  32. else {
  33. $build['user_filter_form'] = drupal_get_form('user_filter_form');
  34. $build['user_admin_account'] = drupal_get_form('user_admin_account');
  35. }
  36. }
  37. return $build;
  38. }
  39. /**
  40. * Form builder; Return form for user administration filters.
  41. *
  42. * @ingroup forms
  43. * @see user_filter_form_submit()
  44. */
  45. function user_filter_form() {
  46. $session = isset($_SESSION['user_overview_filter']) ? $_SESSION['user_overview_filter'] : array();
  47. $filters = user_filters();
  48. $i = 0;
  49. $form['filters'] = array(
  50. '#type' => 'fieldset',
  51. '#title' => t('Show only users where'),
  52. '#theme' => 'exposed_filters__user',
  53. );
  54. foreach ($session as $filter) {
  55. list($type, $value) = $filter;
  56. if ($type == 'permission') {
  57. // Merge arrays of module permissions into one.
  58. // Slice past the first element '[any]' whose value is not an array.
  59. $options = call_user_func_array('array_merge', array_slice($filters[$type]['options'], 1));
  60. $value = $options[$value];
  61. }
  62. else {
  63. $value = $filters[$type]['options'][$value];
  64. }
  65. $t_args = array('%property' => $filters[$type]['title'], '%value' => $value);
  66. if ($i++) {
  67. $form['filters']['current'][] = array('#markup' => t('and where %property is %value', $t_args));
  68. }
  69. else {
  70. $form['filters']['current'][] = array('#markup' => t('%property is %value', $t_args));
  71. }
  72. }
  73. $form['filters']['status'] = array(
  74. '#type' => 'container',
  75. '#attributes' => array('class' => array('clearfix')),
  76. '#prefix' => ($i ? '<div class="additional-filters">' . t('and where') . '</div>' : ''),
  77. );
  78. $form['filters']['status']['filters'] = array(
  79. '#type' => 'container',
  80. '#attributes' => array('class' => array('filters')),
  81. );
  82. foreach ($filters as $key => $filter) {
  83. $form['filters']['status']['filters'][$key] = array(
  84. '#type' => 'select',
  85. '#options' => $filter['options'],
  86. '#title' => $filter['title'],
  87. '#default_value' => '[any]',
  88. );
  89. }
  90. $form['filters']['status']['actions'] = array(
  91. '#type' => 'actions',
  92. '#attributes' => array('class' => array('container-inline')),
  93. );
  94. $form['filters']['status']['actions']['submit'] = array(
  95. '#type' => 'submit',
  96. '#value' => (count($session) ? t('Refine') : t('Filter')),
  97. );
  98. if (count($session)) {
  99. $form['filters']['status']['actions']['undo'] = array(
  100. '#type' => 'submit',
  101. '#value' => t('Undo'),
  102. );
  103. $form['filters']['status']['actions']['reset'] = array(
  104. '#type' => 'submit',
  105. '#value' => t('Reset'),
  106. );
  107. }
  108. drupal_add_library('system', 'drupal.form');
  109. return $form;
  110. }
  111. /**
  112. * Process result from user administration filter form.
  113. */
  114. function user_filter_form_submit($form, &$form_state) {
  115. $op = $form_state['values']['op'];
  116. $filters = user_filters();
  117. switch ($op) {
  118. case t('Filter'):
  119. case t('Refine'):
  120. // Apply every filter that has a choice selected other than 'any'.
  121. foreach ($filters as $filter => $options) {
  122. if (isset($form_state['values'][$filter]) && $form_state['values'][$filter] != '[any]') {
  123. // Merge an array of arrays into one if necessary.
  124. $options = ($filter == 'permission') ? form_options_flatten($filters[$filter]['options']) : $filters[$filter]['options'];
  125. // Only accept valid selections offered on the dropdown, block bad input.
  126. if (isset($options[$form_state['values'][$filter]])) {
  127. $_SESSION['user_overview_filter'][] = array($filter, $form_state['values'][$filter]);
  128. }
  129. }
  130. }
  131. break;
  132. case t('Undo'):
  133. array_pop($_SESSION['user_overview_filter']);
  134. break;
  135. case t('Reset'):
  136. $_SESSION['user_overview_filter'] = array();
  137. break;
  138. case t('Update'):
  139. return;
  140. }
  141. $form_state['redirect'] = 'admin/people';
  142. return;
  143. }
  144. /**
  145. * Form builder; User administration page.
  146. *
  147. * @ingroup forms
  148. * @see user_admin_account_validate()
  149. * @see user_admin_account_submit()
  150. */
  151. function user_admin_account() {
  152. $header = array(
  153. 'username' => array('data' => t('Username'), 'field' => 'u.name'),
  154. 'status' => array('data' => t('Status'), 'field' => 'u.status'),
  155. 'roles' => array('data' => t('Roles')),
  156. 'member_for' => array('data' => t('Member for'), 'field' => 'u.created', 'sort' => 'desc'),
  157. 'access' => array('data' => t('Last access'), 'field' => 'u.access'),
  158. 'operations' => array('data' => t('Operations')),
  159. );
  160. $query = db_select('users', 'u');
  161. $query->condition('u.uid', 0, '<>');
  162. user_build_filter_query($query);
  163. $count_query = clone $query;
  164. $count_query->addExpression('COUNT(u.uid)');
  165. $query = $query->extend('PagerDefault')->extend('TableSort');
  166. $query
  167. ->fields('u', array('uid', 'name', 'status', 'created', 'access'))
  168. ->limit(50)
  169. ->orderByHeader($header)
  170. ->setCountQuery($count_query);
  171. $result = $query->execute();
  172. $form['options'] = array(
  173. '#type' => 'fieldset',
  174. '#title' => t('Update options'),
  175. '#attributes' => array('class' => array('container-inline')),
  176. );
  177. $options = array();
  178. foreach (module_invoke_all('user_operations') as $operation => $array) {
  179. $options[$operation] = $array['label'];
  180. }
  181. $form['options']['operation'] = array(
  182. '#type' => 'select',
  183. '#title' => t('Operation'),
  184. '#title_display' => 'invisible',
  185. '#options' => $options,
  186. '#default_value' => 'unblock',
  187. );
  188. $options = array();
  189. $form['options']['submit'] = array(
  190. '#type' => 'submit',
  191. '#value' => t('Update'),
  192. );
  193. $destination = drupal_get_destination();
  194. $status = array(t('blocked'), t('active'));
  195. $roles = array_map('check_plain', user_roles(TRUE));
  196. $accounts = array();
  197. foreach ($result as $account) {
  198. $users_roles = array();
  199. $roles_result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
  200. foreach ($roles_result as $user_role) {
  201. $users_roles[] = $roles[$user_role->rid];
  202. }
  203. asort($users_roles);
  204. $options[$account->uid] = array(
  205. 'username' => theme('username', array('account' => $account)),
  206. 'status' => $status[$account->status],
  207. 'roles' => theme('item_list', array('items' => $users_roles)),
  208. 'member_for' => format_interval(REQUEST_TIME - $account->created),
  209. 'access' => $account->access ? t('@time ago', array('@time' => format_interval(REQUEST_TIME - $account->access))) : t('never'),
  210. 'operations' => array('data' => array('#type' => 'link', '#title' => t('edit'), '#href' => "user/$account->uid/edit", '#options' => array('query' => $destination))),
  211. );
  212. }
  213. $form['accounts'] = array(
  214. '#type' => 'tableselect',
  215. '#header' => $header,
  216. '#options' => $options,
  217. '#empty' => t('No people available.'),
  218. );
  219. $form['pager'] = array('#markup' => theme('pager'));
  220. return $form;
  221. }
  222. /**
  223. * Submit the user administration update form.
  224. */
  225. function user_admin_account_submit($form, &$form_state) {
  226. $operations = module_invoke_all('user_operations', $form, $form_state);
  227. $operation = $operations[$form_state['values']['operation']];
  228. // Filter out unchecked accounts.
  229. $accounts = array_filter($form_state['values']['accounts']);
  230. if ($function = $operation['callback']) {
  231. // Add in callback arguments if present.
  232. if (isset($operation['callback arguments'])) {
  233. $args = array_merge(array($accounts), $operation['callback arguments']);
  234. }
  235. else {
  236. $args = array($accounts);
  237. }
  238. call_user_func_array($function, $args);
  239. drupal_set_message(t('The update has been performed.'));
  240. }
  241. }
  242. function user_admin_account_validate($form, &$form_state) {
  243. $form_state['values']['accounts'] = array_filter($form_state['values']['accounts']);
  244. if (count($form_state['values']['accounts']) == 0) {
  245. form_set_error('', t('No users selected.'));
  246. }
  247. }
  248. /**
  249. * Form builder; Configure user settings for this site.
  250. *
  251. * @ingroup forms
  252. * @see system_settings_form()
  253. */
  254. function user_admin_settings() {
  255. // Settings for anonymous users.
  256. $form['anonymous_settings'] = array(
  257. '#type' => 'fieldset',
  258. '#title' => t('Anonymous users'),
  259. );
  260. $form['anonymous_settings']['anonymous'] = array(
  261. '#type' => 'textfield',
  262. '#title' => t('Name'),
  263. '#default_value' => variable_get('anonymous', t('Anonymous')),
  264. '#description' => t('The name used to indicate anonymous users.'),
  265. '#required' => TRUE,
  266. );
  267. // Administrative role option.
  268. $form['admin_role'] = array(
  269. '#type' => 'fieldset',
  270. '#title' => t('Administrator role'),
  271. );
  272. // Do not allow users to set the anonymous or authenticated user roles as the
  273. // administrator role.
  274. $roles = user_roles();
  275. unset($roles[DRUPAL_ANONYMOUS_RID]);
  276. unset($roles[DRUPAL_AUTHENTICATED_RID]);
  277. $roles[0] = t('disabled');
  278. $form['admin_role']['user_admin_role'] = array(
  279. '#type' => 'select',
  280. '#title' => t('Administrator role'),
  281. '#default_value' => variable_get('user_admin_role', 0),
  282. '#options' => $roles,
  283. '#description' => t('This role will be automatically assigned new permissions whenever a module is enabled. Changing this setting will not affect existing permissions.'),
  284. );
  285. // User registration settings.
  286. $form['registration_cancellation'] = array(
  287. '#type' => 'fieldset',
  288. '#title' => t('Registration and cancellation'),
  289. );
  290. $form['registration_cancellation']['user_register'] = array(
  291. '#type' => 'radios',
  292. '#title' => t('Who can register accounts?'),
  293. '#default_value' => variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL),
  294. '#options' => array(
  295. USER_REGISTER_ADMINISTRATORS_ONLY => t('Administrators only'),
  296. USER_REGISTER_VISITORS => t('Visitors'),
  297. USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL => t('Visitors, but administrator approval is required'),
  298. )
  299. );
  300. $form['registration_cancellation']['user_email_verification'] = array(
  301. '#type' => 'checkbox',
  302. '#title' => t('Require e-mail verification when a visitor creates an account.'),
  303. '#default_value' => variable_get('user_email_verification', TRUE),
  304. '#description' => t('New users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.')
  305. );
  306. module_load_include('inc', 'user', 'user.pages');
  307. $form['registration_cancellation']['user_cancel_method'] = array(
  308. '#type' => 'item',
  309. '#title' => t('When cancelling a user account'),
  310. '#description' => t('Users with the %select-cancel-method or %administer-users <a href="@permissions-url">permissions</a> can override this default method.', array('%select-cancel-method' => t('Select method for cancelling account'), '%administer-users' => t('Administer users'), '@permissions-url' => url('admin/people/permissions'))),
  311. );
  312. $form['registration_cancellation']['user_cancel_method'] += user_cancel_methods();
  313. foreach (element_children($form['registration_cancellation']['user_cancel_method']) as $element) {
  314. // Remove all account cancellation methods that have #access defined, as
  315. // those cannot be configured as default method.
  316. if (isset($form['registration_cancellation']['user_cancel_method'][$element]['#access'])) {
  317. $form['registration_cancellation']['user_cancel_method'][$element]['#access'] = FALSE;
  318. }
  319. // Remove the description (only displayed on the confirmation form).
  320. else {
  321. unset($form['registration_cancellation']['user_cancel_method'][$element]['#description']);
  322. }
  323. }
  324. // Account settings.
  325. $form['personalization'] = array(
  326. '#type' => 'fieldset',
  327. '#title' => t('Personalization'),
  328. );
  329. $form['personalization']['user_signatures'] = array(
  330. '#type' => 'checkbox',
  331. '#title' => t('Enable signatures.'),
  332. '#default_value' => variable_get('user_signatures', 0),
  333. );
  334. // If picture support is enabled, check whether the picture directory exists.
  335. if (variable_get('user_pictures', 0)) {
  336. $picture_path = file_default_scheme() . '://' . variable_get('user_picture_path', 'pictures');
  337. if (!file_prepare_directory($picture_path, FILE_CREATE_DIRECTORY)) {
  338. form_set_error('user_picture_path', t('The directory %directory does not exist or is not writable.', array('%directory' => $picture_path)));
  339. watchdog('file system', 'The directory %directory does not exist or is not writable.', array('%directory' => $picture_path), WATCHDOG_ERROR);
  340. }
  341. }
  342. $picture_support = variable_get('user_pictures', 0);
  343. $form['personalization']['user_pictures'] = array(
  344. '#type' => 'checkbox',
  345. '#title' => t('Enable user pictures.'),
  346. '#default_value' => $picture_support,
  347. );
  348. drupal_add_js(drupal_get_path('module', 'user') . '/user.js');
  349. $form['personalization']['pictures'] = array(
  350. '#type' => 'container',
  351. '#states' => array(
  352. // Hide the additional picture settings when user pictures are disabled.
  353. 'invisible' => array(
  354. 'input[name="user_pictures"]' => array('checked' => FALSE),
  355. ),
  356. ),
  357. );
  358. $form['personalization']['pictures']['user_picture_path'] = array(
  359. '#type' => 'textfield',
  360. '#title' => t('Picture directory'),
  361. '#default_value' => variable_get('user_picture_path', 'pictures'),
  362. '#size' => 30,
  363. '#maxlength' => 255,
  364. '#description' => t('Subdirectory in the file upload directory where pictures will be stored.'),
  365. );
  366. $form['personalization']['pictures']['user_picture_default'] = array(
  367. '#type' => 'textfield',
  368. '#title' => t('Default picture'),
  369. '#default_value' => variable_get('user_picture_default', ''),
  370. '#size' => 30,
  371. '#maxlength' => 255,
  372. '#description' => t('URL of picture to display for users with no custom picture selected. Leave blank for none.'),
  373. );
  374. if (module_exists('image')) {
  375. $form['personalization']['pictures']['settings']['user_picture_style'] = array(
  376. '#type' => 'select',
  377. '#title' => t('Picture display style'),
  378. '#options' => image_style_options(TRUE, PASS_THROUGH),
  379. '#default_value' => variable_get('user_picture_style', ''),
  380. '#description' => t('The style selected will be used on display, while the original image is retained. Styles may be configured in the <a href="!url">Image styles</a> administration area.', array('!url' => url('admin/config/media/image-styles'))),
  381. );
  382. }
  383. $form['personalization']['pictures']['user_picture_dimensions'] = array(
  384. '#type' => 'textfield',
  385. '#title' => t('Picture upload dimensions'),
  386. '#default_value' => variable_get('user_picture_dimensions', '85x85'),
  387. '#size' => 10,
  388. '#maxlength' => 10,
  389. '#field_suffix' => ' ' . t('pixels'),
  390. '#description' => t('Pictures larger than this will be scaled down to this size.'),
  391. );
  392. $form['personalization']['pictures']['user_picture_file_size'] = array(
  393. '#type' => 'textfield',
  394. '#title' => t('Picture upload file size'),
  395. '#default_value' => variable_get('user_picture_file_size', '30'),
  396. '#size' => 10,
  397. '#maxlength' => 10,
  398. '#field_suffix' => ' ' . t('KB'),
  399. '#description' => t('Maximum allowed file size for uploaded pictures. Upload size is normally limited only by the PHP maximum post and file upload settings, and images are automatically scaled down to the dimensions specified above.'),
  400. '#element_validate' => array('element_validate_integer_positive'),
  401. );
  402. $form['personalization']['pictures']['user_picture_guidelines'] = array(
  403. '#type' => 'textarea',
  404. '#title' => t('Picture guidelines'),
  405. '#default_value' => variable_get('user_picture_guidelines', ''),
  406. '#description' => t("This text is displayed at the picture upload form in addition to the default guidelines. It's useful for helping or instructing your users."),
  407. );
  408. $form['email_title'] = array(
  409. '#type' => 'item',
  410. '#title' => t('E-mails'),
  411. );
  412. $form['email'] = array(
  413. '#type' => 'vertical_tabs',
  414. );
  415. // These email tokens are shared for all settings, so just define
  416. // the list once to help ensure they stay in sync.
  417. $email_token_help = t('Available variables are: [site:name], [site:url], [user:name], [user:mail], [site:login-url], [site:url-brief], [user:edit-url], [user:one-time-login-url], [user:cancel-url].');
  418. $form['email_admin_created'] = array(
  419. '#type' => 'fieldset',
  420. '#title' => t('Welcome (new user created by administrator)'),
  421. '#collapsible' => TRUE,
  422. '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_ADMINISTRATORS_ONLY),
  423. '#description' => t('Edit the welcome e-mail messages sent to new member accounts created by an administrator.') . ' ' . $email_token_help,
  424. '#group' => 'email',
  425. );
  426. $form['email_admin_created']['user_mail_register_admin_created_subject'] = array(
  427. '#type' => 'textfield',
  428. '#title' => t('Subject'),
  429. '#default_value' => _user_mail_text('register_admin_created_subject', NULL, array(), FALSE),
  430. '#maxlength' => 180,
  431. );
  432. $form['email_admin_created']['user_mail_register_admin_created_body'] = array(
  433. '#type' => 'textarea',
  434. '#title' => t('Body'),
  435. '#default_value' => _user_mail_text('register_admin_created_body', NULL, array(), FALSE),
  436. '#rows' => 15,
  437. );
  438. $form['email_pending_approval'] = array(
  439. '#type' => 'fieldset',
  440. '#title' => t('Welcome (awaiting approval)'),
  441. '#collapsible' => TRUE,
  442. '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL),
  443. '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when administrative approval is required.') . ' ' . $email_token_help,
  444. '#group' => 'email',
  445. );
  446. $form['email_pending_approval']['user_mail_register_pending_approval_subject'] = array(
  447. '#type' => 'textfield',
  448. '#title' => t('Subject'),
  449. '#default_value' => _user_mail_text('register_pending_approval_subject', NULL, array(), FALSE),
  450. '#maxlength' => 180,
  451. );
  452. $form['email_pending_approval']['user_mail_register_pending_approval_body'] = array(
  453. '#type' => 'textarea',
  454. '#title' => t('Body'),
  455. '#default_value' => _user_mail_text('register_pending_approval_body', NULL, array(), FALSE),
  456. '#rows' => 8,
  457. );
  458. $form['email_no_approval_required'] = array(
  459. '#type' => 'fieldset',
  460. '#title' => t('Welcome (no approval required)'),
  461. '#collapsible' => TRUE,
  462. '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_VISITORS),
  463. '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when no administrator approval is required.') . ' ' . $email_token_help,
  464. '#group' => 'email',
  465. );
  466. $form['email_no_approval_required']['user_mail_register_no_approval_required_subject'] = array(
  467. '#type' => 'textfield',
  468. '#title' => t('Subject'),
  469. '#default_value' => _user_mail_text('register_no_approval_required_subject', NULL, array(), FALSE),
  470. '#maxlength' => 180,
  471. );
  472. $form['email_no_approval_required']['user_mail_register_no_approval_required_body'] = array(
  473. '#type' => 'textarea',
  474. '#title' => t('Body'),
  475. '#default_value' => _user_mail_text('register_no_approval_required_body', NULL, array(), FALSE),
  476. '#rows' => 15,
  477. );
  478. $form['email_password_reset'] = array(
  479. '#type' => 'fieldset',
  480. '#title' => t('Password recovery'),
  481. '#collapsible' => TRUE,
  482. '#collapsed' => TRUE,
  483. '#description' => t('Edit the e-mail messages sent to users who request a new password.') . ' ' . $email_token_help,
  484. '#group' => 'email',
  485. '#weight' => 10,
  486. );
  487. $form['email_password_reset']['user_mail_password_reset_subject'] = array(
  488. '#type' => 'textfield',
  489. '#title' => t('Subject'),
  490. '#default_value' => _user_mail_text('password_reset_subject', NULL, array(), FALSE),
  491. '#maxlength' => 180,
  492. );
  493. $form['email_password_reset']['user_mail_password_reset_body'] = array(
  494. '#type' => 'textarea',
  495. '#title' => t('Body'),
  496. '#default_value' => _user_mail_text('password_reset_body', NULL, array(), FALSE),
  497. '#rows' => 12,
  498. );
  499. $form['email_activated'] = array(
  500. '#type' => 'fieldset',
  501. '#title' => t('Account activation'),
  502. '#collapsible' => TRUE,
  503. '#collapsed' => TRUE,
  504. '#description' => t('Enable and edit e-mail messages sent to users upon account activation (when an administrator activates an account of a user who has already registered, on a site where administrative approval is required).') . ' ' . $email_token_help,
  505. '#group' => 'email',
  506. );
  507. $form['email_activated']['user_mail_status_activated_notify'] = array(
  508. '#type' => 'checkbox',
  509. '#title' => t('Notify user when account is activated.'),
  510. '#default_value' => variable_get('user_mail_status_activated_notify', TRUE),
  511. );
  512. $form['email_activated']['settings'] = array(
  513. '#type' => 'container',
  514. '#states' => array(
  515. // Hide the additional settings when this email is disabled.
  516. 'invisible' => array(
  517. 'input[name="user_mail_status_activated_notify"]' => array('checked' => FALSE),
  518. ),
  519. ),
  520. );
  521. $form['email_activated']['settings']['user_mail_status_activated_subject'] = array(
  522. '#type' => 'textfield',
  523. '#title' => t('Subject'),
  524. '#default_value' => _user_mail_text('status_activated_subject', NULL, array(), FALSE),
  525. '#maxlength' => 180,
  526. );
  527. $form['email_activated']['settings']['user_mail_status_activated_body'] = array(
  528. '#type' => 'textarea',
  529. '#title' => t('Body'),
  530. '#default_value' => _user_mail_text('status_activated_body', NULL, array(), FALSE),
  531. '#rows' => 15,
  532. );
  533. $form['email_blocked'] = array(
  534. '#type' => 'fieldset',
  535. '#title' => t('Account blocked'),
  536. '#collapsible' => TRUE,
  537. '#collapsed' => TRUE,
  538. '#description' => t('Enable and edit e-mail messages sent to users when their accounts are blocked.') . ' ' . $email_token_help,
  539. '#group' => 'email',
  540. );
  541. $form['email_blocked']['user_mail_status_blocked_notify'] = array(
  542. '#type' => 'checkbox',
  543. '#title' => t('Notify user when account is blocked.'),
  544. '#default_value' => variable_get('user_mail_status_blocked_notify', FALSE),
  545. );
  546. $form['email_blocked']['settings'] = array(
  547. '#type' => 'container',
  548. '#states' => array(
  549. // Hide the additional settings when the blocked email is disabled.
  550. 'invisible' => array(
  551. 'input[name="user_mail_status_blocked_notify"]' => array('checked' => FALSE),
  552. ),
  553. ),
  554. );
  555. $form['email_blocked']['settings']['user_mail_status_blocked_subject'] = array(
  556. '#type' => 'textfield',
  557. '#title' => t('Subject'),
  558. '#default_value' => _user_mail_text('status_blocked_subject', NULL, array(), FALSE),
  559. '#maxlength' => 180,
  560. );
  561. $form['email_blocked']['settings']['user_mail_status_blocked_body'] = array(
  562. '#type' => 'textarea',
  563. '#title' => t('Body'),
  564. '#default_value' => _user_mail_text('status_blocked_body', NULL, array(), FALSE),
  565. '#rows' => 3,
  566. );
  567. $form['email_cancel_confirm'] = array(
  568. '#type' => 'fieldset',
  569. '#title' => t('Account cancellation confirmation'),
  570. '#collapsible' => TRUE,
  571. '#collapsed' => TRUE,
  572. '#description' => t('Edit the e-mail messages sent to users when they attempt to cancel their accounts.') . ' ' . $email_token_help,
  573. '#group' => 'email',
  574. );
  575. $form['email_cancel_confirm']['user_mail_cancel_confirm_subject'] = array(
  576. '#type' => 'textfield',
  577. '#title' => t('Subject'),
  578. '#default_value' => _user_mail_text('cancel_confirm_subject', NULL, array(), FALSE),
  579. '#maxlength' => 180,
  580. );
  581. $form['email_cancel_confirm']['user_mail_cancel_confirm_body'] = array(
  582. '#type' => 'textarea',
  583. '#title' => t('Body'),
  584. '#default_value' => _user_mail_text('cancel_confirm_body', NULL, array(), FALSE),
  585. '#rows' => 3,
  586. );
  587. $form['email_canceled'] = array(
  588. '#type' => 'fieldset',
  589. '#title' => t('Account canceled'),
  590. '#collapsible' => TRUE,
  591. '#collapsed' => TRUE,
  592. '#description' => t('Enable and edit e-mail messages sent to users when their accounts are canceled.') . ' ' . $email_token_help,
  593. '#group' => 'email',
  594. );
  595. $form['email_canceled']['user_mail_status_canceled_notify'] = array(
  596. '#type' => 'checkbox',
  597. '#title' => t('Notify user when account is canceled.'),
  598. '#default_value' => variable_get('user_mail_status_canceled_notify', FALSE),
  599. );
  600. $form['email_canceled']['settings'] = array(
  601. '#type' => 'container',
  602. '#states' => array(
  603. // Hide the settings when the cancel notify checkbox is disabled.
  604. 'invisible' => array(
  605. 'input[name="user_mail_status_canceled_notify"]' => array('checked' => FALSE),
  606. ),
  607. ),
  608. );
  609. $form['email_canceled']['settings']['user_mail_status_canceled_subject'] = array(
  610. '#type' => 'textfield',
  611. '#title' => t('Subject'),
  612. '#default_value' => _user_mail_text('status_canceled_subject', NULL, array(), FALSE),
  613. '#maxlength' => 180,
  614. );
  615. $form['email_canceled']['settings']['user_mail_status_canceled_body'] = array(
  616. '#type' => 'textarea',
  617. '#title' => t('Body'),
  618. '#default_value' => _user_mail_text('status_canceled_body', NULL, array(), FALSE),
  619. '#rows' => 3,
  620. );
  621. return system_settings_form($form);
  622. }
  623. /**
  624. * Menu callback: administer permissions.
  625. *
  626. * @ingroup forms
  627. * @see user_admin_permissions_submit()
  628. * @see theme_user_admin_permissions()
  629. */
  630. function user_admin_permissions($form, $form_state, $rid = NULL) {
  631. // Retrieve role names for columns.
  632. $role_names = user_roles();
  633. if (is_numeric($rid)) {
  634. $role_names = array($rid => $role_names[$rid]);
  635. }
  636. // Fetch permissions for all roles or the one selected role.
  637. $role_permissions = user_role_permissions($role_names);
  638. // Store $role_names for use when saving the data.
  639. $form['role_names'] = array(
  640. '#type' => 'value',
  641. '#value' => $role_names,
  642. );
  643. // Render role/permission overview:
  644. $options = array();
  645. $module_info = system_get_info('module');
  646. $hide_descriptions = system_admin_compact_mode();
  647. // Get a list of all the modules implementing a hook_permission() and sort by
  648. // display name.
  649. $modules = array();
  650. foreach (module_implements('permission') as $module) {
  651. $modules[$module] = $module_info[$module]['name'];
  652. }
  653. asort($modules);
  654. foreach ($modules as $module => $display_name) {
  655. if ($permissions = module_invoke($module, 'permission')) {
  656. $form['permission'][] = array(
  657. '#markup' => $module_info[$module]['name'],
  658. '#id' => $module,
  659. );
  660. foreach ($permissions as $perm => $perm_item) {
  661. // Fill in default values for the permission.
  662. $perm_item += array(
  663. 'description' => '',
  664. 'restrict access' => FALSE,
  665. 'warning' => !empty($perm_item['restrict access']) ? t('Warning: Give to trusted roles only; this permission has security implications.') : '',
  666. );
  667. $options[$perm] = '';
  668. $form['permission'][$perm] = array(
  669. '#type' => 'item',
  670. '#markup' => $perm_item['title'],
  671. '#description' => theme('user_permission_description', array('permission_item' => $perm_item, 'hide' => $hide_descriptions)),
  672. );
  673. foreach ($role_names as $rid => $name) {
  674. // Builds arrays for checked boxes for each role
  675. if (isset($role_permissions[$rid][$perm])) {
  676. $status[$rid][] = $perm;
  677. }
  678. }
  679. }
  680. }
  681. }
  682. // Have to build checkboxes here after checkbox arrays are built
  683. foreach ($role_names as $rid => $name) {
  684. $form['checkboxes'][$rid] = array(
  685. '#type' => 'checkboxes',
  686. '#options' => $options,
  687. '#default_value' => isset($status[$rid]) ? $status[$rid] : array(),
  688. '#attributes' => array('class' => array('rid-' . $rid)),
  689. );
  690. $form['role_names'][$rid] = array('#markup' => check_plain($name), '#tree' => TRUE);
  691. }
  692. $form['actions'] = array('#type' => 'actions');
  693. $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Save permissions'));
  694. $form['#attached']['js'][] = drupal_get_path('module', 'user') . '/user.permissions.js';
  695. return $form;
  696. }
  697. /**
  698. * Save permissions selected on the administer permissions page.
  699. *
  700. * @see user_admin_permissions()
  701. */
  702. function user_admin_permissions_submit($form, &$form_state) {
  703. foreach ($form_state['values']['role_names'] as $rid => $name) {
  704. user_role_change_permissions($rid, $form_state['values'][$rid]);
  705. }
  706. drupal_set_message(t('The changes have been saved.'));
  707. // Clear the cached pages and blocks.
  708. cache_clear_all();
  709. }
  710. /**
  711. * Returns HTML for the administer permissions page.
  712. *
  713. * @param $variables
  714. * An associative array containing:
  715. * - form: A render element representing the form.
  716. *
  717. * @ingroup themeable
  718. */
  719. function theme_user_admin_permissions($variables) {
  720. $form = $variables['form'];
  721. $roles = user_roles();
  722. foreach (element_children($form['permission']) as $key) {
  723. $row = array();
  724. // Module name
  725. if (is_numeric($key)) {
  726. $row[] = array('data' => drupal_render($form['permission'][$key]), 'class' => array('module'), 'id' => 'module-' . $form['permission'][$key]['#id'], 'colspan' => count($form['role_names']['#value']) + 1);
  727. }
  728. else {
  729. // Permission row.
  730. $row[] = array(
  731. 'data' => drupal_render($form['permission'][$key]),
  732. 'class' => array('permission'),
  733. );
  734. foreach (element_children($form['checkboxes']) as $rid) {
  735. $form['checkboxes'][$rid][$key]['#title'] = $roles[$rid] . ': ' . $form['permission'][$key]['#markup'];
  736. $form['checkboxes'][$rid][$key]['#title_display'] = 'invisible';
  737. $row[] = array('data' => drupal_render($form['checkboxes'][$rid][$key]), 'class' => array('checkbox'));
  738. }
  739. }
  740. $rows[] = $row;
  741. }
  742. $header[] = (t('Permission'));
  743. foreach (element_children($form['role_names']) as $rid) {
  744. $header[] = array('data' => drupal_render($form['role_names'][$rid]), 'class' => array('checkbox'));
  745. }
  746. $output = theme('system_compact_link');
  747. $output .= theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'permissions')));
  748. $output .= drupal_render_children($form);
  749. return $output;
  750. }
  751. /**
  752. * Returns HTML for an individual permission description.
  753. *
  754. * @param $variables
  755. * An associative array containing:
  756. * - permission_item: An associative array representing the permission whose
  757. * description is being themed. Useful keys include:
  758. * - description: The text of the permission description.
  759. * - warning: A security-related warning message about the permission (if
  760. * there is one).
  761. * - hide: A boolean indicating whether or not the permission description was
  762. * requested to be hidden rather than shown.
  763. *
  764. * @ingroup themeable
  765. */
  766. function theme_user_permission_description($variables) {
  767. if (!$variables['hide']) {
  768. $description = array();
  769. $permission_item = $variables['permission_item'];
  770. if (!empty($permission_item['description'])) {
  771. $description[] = $permission_item['description'];
  772. }
  773. if (!empty($permission_item['warning'])) {
  774. $description[] = '<em class="permission-warning">' . $permission_item['warning'] . '</em>';
  775. }
  776. if (!empty($description)) {
  777. return implode(' ', $description);
  778. }
  779. }
  780. }
  781. /**
  782. * Form to re-order roles or add a new one.
  783. *
  784. * @ingroup forms
  785. * @see theme_user_admin_roles()
  786. */
  787. function user_admin_roles($form, $form_state) {
  788. $roles = user_roles();
  789. $form['roles'] = array(
  790. '#tree' => TRUE,
  791. );
  792. $order = 0;
  793. foreach ($roles as $rid => $name) {
  794. $form['roles'][$rid]['#role'] = (object) array(
  795. 'rid' => $rid,
  796. 'name' => $name,
  797. 'weight' => $order,
  798. );
  799. $form['roles'][$rid]['#weight'] = $order;
  800. $form['roles'][$rid]['weight'] = array(
  801. '#type' => 'textfield',
  802. '#title' => t('Weight for @title', array('@title' => $name)),
  803. '#title_display' => 'invisible',
  804. '#size' => 4,
  805. '#default_value' => $order,
  806. '#attributes' => array('class' => array('role-weight')),
  807. );
  808. $order++;
  809. }
  810. $form['name'] = array(
  811. '#type' => 'textfield',
  812. '#title' => t('Name'),
  813. '#title_display' => 'invisible',
  814. '#size' => 32,
  815. '#maxlength' => 64,
  816. );
  817. $form['add'] = array(
  818. '#type' => 'submit',
  819. '#value' => t('Add role'),
  820. '#validate' => array('user_admin_role_validate'),
  821. '#submit' => array('user_admin_role_submit'),
  822. );
  823. $form['actions'] = array('#type' => 'actions');
  824. $form['actions']['submit'] = array(
  825. '#type' => 'submit',
  826. '#value' => t('Save order'),
  827. '#submit' => array('user_admin_roles_order_submit'),
  828. );
  829. return $form;
  830. }
  831. /**
  832. * Form submit function. Update the role weights.
  833. */
  834. function user_admin_roles_order_submit($form, &$form_state) {
  835. foreach ($form_state['values']['roles'] as $rid => $role_values) {
  836. $role = $form['roles'][$rid]['#role'];
  837. $role->weight = $role_values['weight'];
  838. user_role_save($role);
  839. }
  840. drupal_set_message(t('The role settings have been updated.'));
  841. }
  842. /**
  843. * Returns HTML for the role order and new role form.
  844. *
  845. * @param $variables
  846. * An associative array containing:
  847. * - form: A render element representing the form.
  848. *
  849. * @ingroup themeable
  850. */
  851. function theme_user_admin_roles($variables) {
  852. $form = $variables['form'];
  853. $header = array(t('Name'), t('Weight'), array('data' => t('Operations'), 'colspan' => 2));
  854. foreach (element_children($form['roles']) as $rid) {
  855. $name = $form['roles'][$rid]['#role']->name;
  856. $row = array();
  857. if (in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
  858. $row[] = t('@name <em>(locked)</em>', array('@name' => $name));
  859. $row[] = drupal_render($form['roles'][$rid]['weight']);
  860. $row[] = '';
  861. $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid);
  862. }
  863. else {
  864. $row[] = check_plain($name);
  865. $row[] = drupal_render($form['roles'][$rid]['weight']);
  866. $row[] = l(t('edit role'), 'admin/people/permissions/roles/edit/' . $rid);
  867. $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid);
  868. }
  869. $rows[] = array('data' => $row, 'class' => array('draggable'));
  870. }
  871. $rows[] = array(array('data' => drupal_render($form['name']) . drupal_render($form['add']), 'colspan' => 4, 'class' => 'edit-name'));
  872. drupal_add_tabledrag('user-roles', 'order', 'sibling', 'role-weight');
  873. $output = theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'user-roles')));
  874. $output .= drupal_render_children($form);
  875. return $output;
  876. }
  877. /**
  878. * Form to configure a single role.
  879. *
  880. * @ingroup forms
  881. * @see user_admin_role_validate()
  882. * @see user_admin_role_submit()
  883. */
  884. function user_admin_role($form, $form_state, $role) {
  885. if ($role->rid == DRUPAL_ANONYMOUS_RID || $role->rid == DRUPAL_AUTHENTICATED_RID) {
  886. drupal_goto('admin/people/permissions/roles');
  887. }
  888. // Display the edit role form.
  889. $form['name'] = array(
  890. '#type' => 'textfield',
  891. '#title' => t('Role name'),
  892. '#default_value' => $role->name,
  893. '#size' => 30,
  894. '#required' => TRUE,
  895. '#maxlength' => 64,
  896. '#description' => t('The name for this role. Example: "moderator", "editorial board", "site architect".'),
  897. );
  898. $form['rid'] = array(
  899. '#type' => 'value',
  900. '#value' => $role->rid,
  901. );
  902. $form['weight'] = array(
  903. '#type' => 'value',
  904. '#value' => $role->weight,
  905. );
  906. $form['actions'] = array('#type' => 'actions');
  907. $form['actions']['submit'] = array(
  908. '#type' => 'submit',
  909. '#value' => t('Save role'),
  910. );
  911. $form['actions']['delete'] = array(
  912. '#type' => 'submit',
  913. '#value' => t('Delete role'),
  914. '#submit' => array('user_admin_role_delete_submit'),
  915. );
  916. return $form;
  917. }
  918. /**
  919. * Form validation handler for the user_admin_role() form.
  920. */
  921. function user_admin_role_validate($form, &$form_state) {
  922. if (!empty($form_state['values']['name'])) {
  923. if ($form_state['values']['op'] == t('Save role')) {
  924. $role = user_role_load_by_name($form_state['values']['name']);
  925. if ($role && $role->rid != $form_state['values']['rid']) {
  926. form_set_error('name', t('The role name %name already exists. Choose another role name.', array('%name' => $form_state['values']['name'])));
  927. }
  928. }
  929. elseif ($form_state['values']['op'] == t('Add role')) {
  930. if (user_role_load_by_name($form_state['values']['name'])) {
  931. form_set_error('name', t('The role name %name already exists. Choose another role name.', array('%name' => $form_state['values']['name'])));
  932. }
  933. }
  934. }
  935. else {
  936. form_set_error('name', t('You must specify a valid role name.'));
  937. }
  938. }
  939. /**
  940. * Form submit handler for the user_admin_role() form.
  941. */
  942. function user_admin_role_submit($form, &$form_state) {
  943. $role = (object) $form_state['values'];
  944. if ($form_state['values']['op'] == t('Save role')) {
  945. user_role_save($role);
  946. drupal_set_message(t('The role has been renamed.'));
  947. }
  948. elseif ($form_state['values']['op'] == t('Add role')) {
  949. user_role_save($role);
  950. drupal_set_message(t('The role has been added.'));
  951. }
  952. $form_state['redirect'] = 'admin/people/permissions/roles';
  953. return;
  954. }
  955. /**
  956. * Form submit handler for the user_admin_role() form.
  957. */
  958. function user_admin_role_delete_submit($form, &$form_state) {
  959. $form_state['redirect'] = 'admin/people/permissions/roles/delete/' . $form_state['values']['rid'];
  960. }
  961. /**
  962. * Form to confirm role delete operation.
  963. */
  964. function user_admin_role_delete_confirm($form, &$form_state, $role) {
  965. $form['rid'] = array(
  966. '#type' => 'value',
  967. '#value' => $role->rid,
  968. );
  969. return confirm_form($form, t('Are you sure you want to delete the role %name ?', array('%name' => $role->name)), 'admin/people/permissions/roles', t('This action cannot be undone.'), t('Delete'));
  970. }
  971. /**
  972. * Form submit handler for user_admin_role_delete_confirm().
  973. */
  974. function user_admin_role_delete_confirm_submit($form, &$form_state) {
  975. user_role_delete((int) $form_state['values']['rid']);
  976. drupal_set_message(t('The role has been deleted.'));
  977. $form_state['redirect'] = 'admin/people/permissions/roles';
  978. }