From cfd296bc06c0d1e947000e7d7530f6175e935a6c Mon Sep 17 00:00:00 2001
From: Alexander Purr <purr@ub.uni-leipzig.de>
Date: Wed, 22 Jun 2022 10:44:56 +0200
Subject: [PATCH] refs #20926 [fid] allow admin to flag users for deletion
* copied nearly complete functionality introduced to adlr in ticket 16184 to fid branch
* adapt admins form for editing users
* set deleted flag to false on user registration (as default)
* show deleted info in admin user view
* configurable
* switch auth error message order
** dispay deleted account message before check on blocked account
** accounts can be blocked without flagging for removal
---
fid/config/vufind/fid.ini | 1 +
fid/languages/fid/de.ini | 6 ++-
fid/languages/fid/en.ini | 4 +-
module/fid/config/admin-edit-form.php | 39 ++++++++++++++++++-
.../InputFilter/UserCreateFormInputFilter.php | 6 ++-
module/fid/src/VuFind/Auth/Authenticator.php | 10 ++---
themes/fid/templates/fid/admin/edit.phtml | 14 +++++++
.../fid/templates/fid/admin/list-entry.phtml | 2 +
8 files changed, 71 insertions(+), 11 deletions(-)
diff --git a/fid/config/vufind/fid.ini b/fid/config/vufind/fid.ini
index b2afda51e23..20d0e6e943d 100644
--- a/fid/config/vufind/fid.ini
+++ b/fid/config/vufind/fid.ini
@@ -22,6 +22,7 @@ overview_fields[] = 'UserName'
overview_fields[] = 'Firstname'
overview_fields[] = 'Lastname'
overview_fields[] = 'Permissions'
+overview_fields[] = 'Deleted'
; List of all available user permissions
permission_options[] = 'basic_access'
diff --git a/fid/languages/fid/de.ini b/fid/languages/fid/de.ini
index 69dd4b1f2c9..13aab2df6ac 100644
--- a/fid/languages/fid/de.ini
+++ b/fid/languages/fid/de.ini
@@ -197,5 +197,7 @@ order_label_due_date = "Leihfrist"
order_list = "Liste aller Bestellungen"
edit_order_error = "Bestellung kann nicht bearbeitet werden"
order_update_success = "Bestellung aktualisiert"
-order_update_error = "Fehler beim Aktualisierne der Bestellung"
-order_type = "Typ"
\ No newline at end of file
+order_update_error = "Fehler beim Aktualisieren der Bestellung"
+order_type = "Typ"
+
+label_deleted = Zur Löschung vorgemerkt
\ No newline at end of file
diff --git a/fid/languages/fid/en.ini b/fid/languages/fid/en.ini
index 6e12cc06afe..5747e2a7641 100644
--- a/fid/languages/fid/en.ini
+++ b/fid/languages/fid/en.ini
@@ -194,4 +194,6 @@ order_list = "List of all orders"
edit_order_error = "Order cannot be processed"
order_update_success = "Order updated"
order_update_error = "Error on updating order"
-order_type = "Type"
\ No newline at end of file
+order_type = "Type"
+
+label_deleted = Flagged for deletion
diff --git a/module/fid/config/admin-edit-form.php b/module/fid/config/admin-edit-form.php
index ecc3a00d29d..04ef501802b 100644
--- a/module/fid/config/admin-edit-form.php
+++ b/module/fid/config/admin-edit-form.php
@@ -20,6 +20,8 @@
*/
use fid\Hydrator\UserHydrator;
use fid\InputFilter\RootAwareBaseInputFilter;
+use Zend\Filter\Boolean;
+use Zend\Form\Element\Checkbox;
use Zend\Form\Element\Collection;
use Zend\Form\Element\Hidden;
use Zend\Form\Element\Radio;
@@ -28,6 +30,7 @@ use Zend\Form\Element\Submit;
use Zend\Form\Element\Text;
use Zend\Form\Fieldset;
use Zend\Form\InputFilterProviderFieldset;
+use Zend\Validator\NotEmpty;
return [
'name' => 'user-update-form',
@@ -35,7 +38,10 @@ return [
'validation_group' => [
'id',
'job_title',
- 'permissions'
+ 'permissions',
+ 'data' => [
+ 'deleted'
+ ],
],
'elements' => [
'id' => [
@@ -247,6 +253,37 @@ return [
'spec' => [
'name' => 'data',
'type' => InputFilterProviderFieldset::class,
+ 'elements' => [
+ 'deleted' => [
+ 'spec' => [
+ 'name' => 'deleted',
+ 'type' => Checkbox::class,
+ 'options' => [
+ 'label' => 'label_deleted',
+ ],
+ ],
+ ],
+ ],
+ 'options' => [
+ 'input_filter_spec' => [
+ 'deleted' => [
+ 'name' => 'deleted',
+ 'filters' => [
+ Boolean::class => [
+ 'name' => Boolean::class,
+ ],
+ ],
+ 'validators' => [
+ NotEmpty::class => [
+ 'name' => NotEmpty::class,
+ 'options' => [
+ 'type' => NotEmpty::NULL,
+ ],
+ ],
+ ],
+ ],
+ ],
+ ],
],
],
'submit' => [
diff --git a/module/fid/src/InputFilter/UserCreateFormInputFilter.php b/module/fid/src/InputFilter/UserCreateFormInputFilter.php
index 4bdb9e93f8e..8860604e101 100644
--- a/module/fid/src/InputFilter/UserCreateFormInputFilter.php
+++ b/module/fid/src/InputFilter/UserCreateFormInputFilter.php
@@ -49,10 +49,12 @@ class UserCreateFormInputFilter extends RootAwareBaseInputFilter
*/
public function getValues()
{
- $permissions = [
+ $values = parent::getValues();
+ $values['data']['deleted'] = false;
+ $values['permissions'] = [
'basic_access' => 'granted',
'limited_access' => 'granted'
];
- return compact('permissions') + parent::getValues();
+ return $values;
}
}
diff --git a/module/fid/src/VuFind/Auth/Authenticator.php b/module/fid/src/VuFind/Auth/Authenticator.php
index c019c2da59d..c020615c0a8 100644
--- a/module/fid/src/VuFind/Auth/Authenticator.php
+++ b/module/fid/src/VuFind/Auth/Authenticator.php
@@ -116,17 +116,17 @@ class Authenticator extends AbstractBase
}
}
- if (!$this->client->isAuthorized('basic_access')) {
- $this->client->logoff();
- throw new AuthException(self::AUTH_ERROR_ACCOUNT_BLOCKED);
- }
-
/* @var User $user */
$user = $this->client->requestUserDetails();
if ($user->isDeleted()) {
$this->client->logoff();
throw new AuthException(self::AUTH_ERROR_ACCOUNT_DELETED);
}
+
+ if (!$this->client->isAuthorized('basic_access')) {
+ $this->client->logoff();
+ throw new AuthException(self::AUTH_ERROR_ACCOUNT_BLOCKED);
+ }
if ($ownerId = $logon->getOwnerId()) {
/* @var VuFindUser $userRow */
diff --git a/themes/fid/templates/fid/admin/edit.phtml b/themes/fid/templates/fid/admin/edit.phtml
index 1acfdfedafe..20131662f20 100644
--- a/themes/fid/templates/fid/admin/edit.phtml
+++ b/themes/fid/templates/fid/admin/edit.phtml
@@ -169,6 +169,20 @@ foreach ($permissions as $permission) {
<?php /* addresses */ ?>
<?= $this->render('fid/user/address-collection.phtml') ?>
+<? /* deletion */ ?>
+<?php
+ /** @var Checkbox $elemDeleted */
+ $elemDeleted = $form->get('data')->get('deleted');
+ $elemDeleted->setAttribute('id', 'deleted');
+?>
+<div class="form-group eula">
+ <div>
+ <?= $this->formElement($elemDeleted) ?>
+ <?= $this->formLabel($elemDeleted) ?>
+ </div>
+ <?= $this->formElementErrors($elemDeleted) ?>
+</div>
+
<?php /* submit button */ ?>
<?php
/** @var Submit $elemSubmit */
diff --git a/themes/fid/templates/fid/admin/list-entry.phtml b/themes/fid/templates/fid/admin/list-entry.phtml
index db2b5611242..e2c216f1e87 100644
--- a/themes/fid/templates/fid/admin/list-entry.phtml
+++ b/themes/fid/templates/fid/admin/list-entry.phtml
@@ -12,6 +12,8 @@ foreach ($this->fields as $field):
?>
<?php if ($field === 'Permissions'): ?>
<td><?=implode(', ', $permissions)?></td>
+<?php elseif ($field === 'Deleted'): ?>
+ <td><?= $user->isDeleted() ? $this->translate("fid::label_deleted") : '' ?></td>
<?php else: ?>
<td><?=$this->escapeHtml($user->$field)?></td>
<?php endif; ?>
--
GitLab