mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-05-19 13:54:44 -04:00
Code Issues Packages Projects Releases Wiki Activity

Reorganize user pages

Browse Source 
Three pages:

- User profil
- User management
- Authentication
This commit is contained in:
Marien Fressinaud
2014-10-16 15:25:46 +02:00
parent 1283e73d08
commit c5fe3bd659
8 changed files with 325 additions and 259 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
app/Controllers/authController.php
View File

@@ -4,6 +4,66 @@
* This controller handles action about authentication.
*/
class FreshRSS_auth_Controller extends Minz_ActionController {
/**
* This action handles authentication management page.
*
* Parameters are:
* - token (default: current token)
* - anon_access (default: false)
* - anon_refresh (default: false)
* - auth_type (default: none)
* - unsafe_autologin (default: false)
* - api_enabled (default: false)
*
* @todo move unsafe_autologin in an extension.
*/
public function indexAction() {
if (!FreshRSS_Auth::hasAccess('admin')) {
Minz_Error::error(403,
array('error' => array(_t('access_denied'))));
}
if (Minz_Request::isPost()) {
$ok = true;
$current_token = $this->view->conf->token;
$token = Minz_Request::param('token', $current_token);
$this->view->conf->_token($token);
$ok &= $this->view->conf->save();
$anon = Minz_Request::param('anon_access', false);
$anon = ((bool)$anon) && ($anon !== 'no');
$anon_refresh = Minz_Request::param('anon_refresh', false);
$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
$auth_type = Minz_Request::param('auth_type', 'none');
$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
$api_enabled = Minz_Request::param('api_enabled', false);
if ($anon != Minz_Configuration::allowAnonymous() ||
$auth_type != Minz_Configuration::authType() ||
$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
$api_enabled != Minz_Configuration::apiEnabled()) {
Minz_Configuration::_authType($auth_type);
Minz_Configuration::_allowAnonymous($anon);
Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
Minz_Configuration::_enableAutologin($unsafe_autologin);
Minz_Configuration::_enableApi($api_enabled);
$ok &= Minz_Configuration::writeFile();
}
invalidateHttpCache();
if ($ok) {
Minz_Request::good('configuration_updated',
array('c' => 'auth', 'a' => 'index'));
} else {
Minz_Request::bad('error_occurred',
array('c' => 'auth', 'a' => 'index'));
}
}
}
/**
* This action handles the login page.
*

78
app/Controllers/usersController.php → app/Controllers/userController.php
View File

@@ -1,9 +1,18 @@
<?php
class FreshRSS_users_Controller extends Minz_ActionController {
const BCRYPT_COST = 9; //Will also have to be computed client side on mobile devices, so do not use a too high cost
/**
* Controller to handle user actions.
*/
class FreshRSS_user_Controller extends Minz_ActionController {
// Will also have to be computed client side on mobile devices,
// so do not use a too high cost
const BCRYPT_COST = 9;
/**
* This action is called before every other action in that class. It is
* the common boiler plate for every action. It is triggered by the
* underlying framework.
*/
public function firstAction() {
if (!FreshRSS_Auth::hasAccess()) {
Minz_Error::error(
@@ -14,13 +23,11 @@ class FreshRSS_users_Controller extends Minz_ActionController {
}
/**
* This action display the user configuration page
* This action displays the user profil page.
*/
public function indexAction() {
Minz_View::prependTitle(_t('users') . ' · ');
}
public function profilAction() {
Minz_View::prependTitle(_t('users.profil') . ' · ');
public function authAction() {
if (Minz_Request::isPost()) {
$ok = true;
@@ -51,6 +58,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
$this->view->conf->_apiPasswordHash($passwordHash);
}
// TODO: why do we need of hasAccess here?
if (FreshRSS_Auth::hasAccess('admin')) {
$this->view->conf->_mail_login(Minz_Request::param('mail_login', '', true));
}
@@ -65,43 +73,21 @@ class FreshRSS_users_Controller extends Minz_ActionController {
$ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false);
}
if (FreshRSS_Auth::hasAccess('admin')) {
$current_token = $this->view->conf->token;
$token = Minz_Request::param('token', $current_token);
$this->view->conf->_token($token);
$ok &= $this->view->conf->save();
$anon = Minz_Request::param('anon_access', false);
$anon = ((bool)$anon) && ($anon !== 'no');
$anon_refresh = Minz_Request::param('anon_refresh', false);
$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
$auth_type = Minz_Request::param('auth_type', 'none');
$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
$api_enabled = Minz_Request::param('api_enabled', false);
if ($anon != Minz_Configuration::allowAnonymous() ||
$auth_type != Minz_Configuration::authType() ||
$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
$api_enabled != Minz_Configuration::apiEnabled()) {
Minz_Configuration::_authType($auth_type);
Minz_Configuration::_allowAnonymous($anon);
Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
Minz_Configuration::_enableAutologin($unsafe_autologin);
Minz_Configuration::_enableApi($api_enabled);
$ok &= Minz_Configuration::writeFile();
}
if ($ok) {
Minz_Request::good('users.profil.updated',
array('c' => 'user', 'a' => 'profil'));
} else {
Minz_Request::bad('error_occurred',
array('c' => 'user', 'a' => 'profil'));
}
invalidateHttpCache();
$notif = array(
'type' => $ok ? 'good' : 'bad',
'content' => _t($ok ? 'configuration_updated' : 'error_occurred')
);
Minz_Session::_param('notification', $notif);
}
Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
}
/**
* This action displays the user management page.
*/
public function manageAction() {
Minz_View::prependTitle(_t('users.manage') . ' · ');
}
public function createAction() {
@@ -173,7 +159,8 @@ class FreshRSS_users_Controller extends Minz_ActionController {
);
Minz_Session::_param('notification', $notif);
}
Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true);
}
public function deleteAction() {
@@ -205,6 +192,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
);
Minz_Session::_param('notification', $notif);
}
Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true);
}
}

12
app/layout/aside_configure.phtml
View File

@@ -19,10 +19,18 @@
<a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a>
</li>
<li class="separator"></li>
<li class="item<?php echo Minz_Request::controllerName() === 'users' ? ' active' : ''; ?>">
<a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a>
<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
Minz_Request::actionName() === 'profil'? ' active' : ''; ?>">
<a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a>
</li>
<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
Minz_Request::actionName() === 'manage' ? ' active' : ''; ?>">
<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a>
</li>
<li class="item<?php echo Minz_Request::controllerName() === 'auth' ? ' active' : ''; ?>">
<a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a>
</li>
<li class="item<?php echo Minz_Request::controllerName() === 'update' ? ' active' : ''; ?>">
<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a>
</li>

4
app/layout/header.phtml
View File

@@ -63,8 +63,10 @@ if (Minz_Configuration::canLogIn()) {
<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
<li class="separator"></li>
<li class="item"><a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a></li>
<li class="item"><a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a></li>
<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a></li>
<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a></li>
<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
<?php } ?>
<li class="separator"></li>

84
app/views/auth/index.phtml Normal file
View File

@@ -0,0 +1,84 @@
<?php $this->partial('aside_configure'); ?>
<div class="post">
<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
<form method="post" action="<?php echo _url('auth', 'index'); ?>">
<legend><?php echo _t('auth_type'); ?></legend>
<div class="form-group">
<label class="group-name" for="auth_type"><?php echo _t('auth_type'); ?></label>
<div class="group-controls">
<select id="auth_type" name="auth_type" required="required">
<?php if (!in_array(Minz_Configuration::authType(), array('form', 'persona', 'http_auth', 'none'))) { ?>
<option selected="selected"></option>
<?php } ?>
<option value="form"<?php echo Minz_Configuration::authType() === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('auth_form'); ?></option>
<option value="persona"<?php echo Minz_Configuration::authType() === 'persona' ? ' selected="selected"' : '', $this->conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('auth_persona'); ?></option>
<option value="http_auth"<?php echo Minz_Configuration::authType() === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('http_auth'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
<option value="none"<?php echo Minz_Configuration::authType() === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_none'); ?></option>
</select>
</div>
</div>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="anon_access">
<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo Minz_Configuration::allowAnonymous() ? ' checked="checked"' : '',
Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('allow_anonymous', Minz_Configuration::defaultUser()); ?>
</label>
</div>
</div>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="anon_refresh">
<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo Minz_Configuration::allowAnonymousRefresh() ? ' checked="checked"' : '',
Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('allow_anonymous_refresh'); ?>
</label>
</div>
</div>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="unsafe_autologin">
<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo Minz_Configuration::unsafeAutologinEnabled() ? ' checked="checked"' : '',
Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('unsafe_autologin'); ?>
<kbd>p/i/?a=formLogin&amp;u=Alice&amp;p=1234</kbd>
</label>
</div>
</div>
<?php if (Minz_Configuration::canLogIn()) { ?>
<div class="form-group">
<label class="group-name" for="token"><?php echo _t('auth_token'); ?></label>
<?php $token = $this->conf->token; ?>
<div class="group-controls">
<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('blank_to_disable'); ?>"<?php
echo Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _i('help'); ?> <?php echo _t('explain_token', Minz_Url::display(null, 'html', true), $token); ?>
</div>
</div>
<?php } ?>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="api_enabled">
<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo Minz_Configuration::apiEnabled() ? ' checked="checked"' : '',
Minz_Configuration::needsLogin() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('api_enabled'); ?>
</label>
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
</div>
</div>
</form>
</div>

76
app/views/user/manage.phtml Normal file
View File

@@ -0,0 +1,76 @@
<?php $this->partial('aside_configure'); ?>
<div class="post">
<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
<form method="post" action="<?php echo _url('user', 'delete'); ?>">
<legend><?php echo _t('users'); ?></legend>
<div class="form-group">
<label class="group-name" for="users_list"><?php echo _t('users_list'); ?></label>
<div class="group-controls">
<select id="users_list" name="username"><?php
foreach (listUsers() as $user) {
echo '<option>', $user, '</option>';
}
?></select>
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-attention confirm"><?php echo _t('delete'); ?></button>
</div>
</div>
</form>
<form method="post" action="<?php echo _url('user', 'create'); ?>">
<legend><?php echo _t('create_user'); ?></legend>
<div class="form-group">
<label class="group-name" for="new_user_language"><?php echo _t('language'); ?></label>
<div class="group-controls">
<select name="new_user_language" id="new_user_language">
<?php $languages = $this->conf->availableLanguages(); ?>
<?php foreach ($languages as $short => $lib) { ?>
<option value="<?php echo $short; ?>"<?php echo $this->conf->language === $short ? ' selected="selected"' : ''; ?>><?php echo $lib; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label class="group-name" for="new_user_name"><?php echo _t('username'); ?></label>
<div class="group-controls">
<input id="new_user_name" name="new_user_name" type="text" size="16" required="required" maxlength="16" autocomplete="off" pattern="[0-9a-zA-Z]{1,16}" placeholder="demo" />
</div>
</div>
<div class="form-group">
<label class="group-name" for="new_user_passwordPlain"><?php echo _t('password_form'); ?></label>
<div class="group-controls">
<div class="stick">
<input type="password" id="new_user_passwordPlain" name="new_user_passwordPlain" autocomplete="off" pattern=".{7,}" />
<a class="btn toggle-password"><?php echo _i('key'); ?></a>
</div>
<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
</div>
</div>
<div class="form-group">
<label class="group-name" for="new_user_email"><?php echo _t('persona_connection_email'); ?></label>
<?php $mail = $this->conf->mail_login; ?>
<div class="group-controls">
<input type="email" id="new_user_email" name="new_user_email" class="extend" autocomplete="off" placeholder="alice@example.net" />
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-important"><?php echo _t('create'); ?></button>
<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
</div>
</div>
</form>
</div>

59
app/views/user/profil.phtml Normal file
View File

@@ -0,0 +1,59 @@
<?php $this->partial('aside_configure'); ?>
<div class="post">
<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
<form method="post" action="<?php echo _url('user', 'profil'); ?>">
<legend><?php echo _t('login_configuration'); ?></legend>
<div class="form-group">
<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
<div class="group-controls">
<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
<label class="checkbox" for="is_admin">
<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
<?php echo _t('is_admin'); ?>
</label>
</div>
</div>
<div class="form-group">
<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
<div class="group-controls">
<div class="stick">
<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
<a class="btn toggle-password"><?php echo _i('key'); ?></a>
</div>
<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
</div>
</div>
<?php if (Minz_Configuration::apiEnabled()) { ?>
<div class="form-group">
<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
<div class="group-controls">
<div class="stick">
<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
<a class="btn toggle-password"><?php echo _i('key'); ?></a>
</div>
</div>
</div>
<?php } ?>
<div class="form-group">
<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
<?php $mail = $this->conf->mail_login; ?>
<div class="group-controls">
<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
</div>
</div>
</form>
</div>

211
app/views/users/index.phtml
View File

@@ -1,211 +0,0 @@
<?php $this->partial('aside_configure'); ?>
<div class="post">
<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
<form method="post" action="<?php echo _url('users', 'auth'); ?>">
<legend><?php echo _t('login_configuration'); ?></legend>
<div class="form-group">
<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
<div class="group-controls">
<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
<label class="checkbox" for="is_admin">
<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
<?php echo _t('is_admin'); ?>
</label>
</div>
</div>
<div class="form-group">
<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
<div class="group-controls">
<div class="stick">
<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
<a class="btn toggle-password"><?php echo _i('key'); ?></a>
</div>
<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
</div>
</div>
<?php if (Minz_Configuration::apiEnabled()) { ?>
<div class="form-group">
<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
<div class="group-controls">
<div class="stick">
<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
<a class="btn toggle-password"><?php echo _i('key'); ?></a>
</div>
</div>
</div>
<?php } ?>
<div class="form-group">
<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
<?php $mail = $this->conf->mail_login; ?>
<div class="group-controls">
<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
</div>
</div>
<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
<legend><?php echo _t('auth_type'); ?></legend>
<div class="form-group">
<label class="group-name" for="auth_type"><?php echo _t('auth_type'); ?></label>
<div class="group-controls">
<select id="auth_type" name="auth_type" required="required">
<?php if (!in_array(Minz_Configuration::authType(), array('form', 'persona', 'http_auth', 'none'))) { ?>
<option selected="selected"></option>
<?php } ?>
<option value="form"<?php echo Minz_Configuration::authType() === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('auth_form'); ?></option>
<option value="persona"<?php echo Minz_Configuration::authType() === 'persona' ? ' selected="selected"' : '', $this->conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('auth_persona'); ?></option>
<option value="http_auth"<?php echo Minz_Configuration::authType() === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('http_auth'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
<option value="none"<?php echo Minz_Configuration::authType() === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_none'); ?></option>
</select>
</div>
</div>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="anon_access">
<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo Minz_Configuration::allowAnonymous() ? ' checked="checked"' : '',
Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('allow_anonymous', Minz_Configuration::defaultUser()); ?>
</label>
</div>
</div>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="anon_refresh">
<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo Minz_Configuration::allowAnonymousRefresh() ? ' checked="checked"' : '',
Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('allow_anonymous_refresh'); ?>
</label>
</div>
</div>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="unsafe_autologin">
<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo Minz_Configuration::unsafeAutologinEnabled() ? ' checked="checked"' : '',
Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('unsafe_autologin'); ?>
<kbd>p/i/?a=formLogin&amp;u=Alice&amp;p=1234</kbd>
</label>
</div>
</div>
<?php if (Minz_Configuration::canLogIn()) { ?>
<div class="form-group">
<label class="group-name" for="token"><?php echo _t('auth_token'); ?></label>
<?php $token = $this->conf->token; ?>
<div class="group-controls">
<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('blank_to_disable'); ?>"<?php
echo Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
<?php echo _i('help'); ?> <?php echo _t('explain_token', Minz_Url::display(null, 'html', true), $token); ?>
</div>
</div>
<?php } ?>
<div class="form-group">
<div class="group-controls">
<label class="checkbox" for="api_enabled">
<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo Minz_Configuration::apiEnabled() ? ' checked="checked"' : '',
Minz_Configuration::needsLogin() ? '' : ' disabled="disabled"'; ?> />
<?php echo _t('api_enabled'); ?>
</label>
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
</div>
</div>
</form>
<form method="post" action="<?php echo _url('users', 'delete'); ?>">
<legend><?php echo _t('users'); ?></legend>
<div class="form-group">
<label class="group-name" for="users_list"><?php echo _t('users_list'); ?></label>
<div class="group-controls">
<select id="users_list" name="username"><?php
foreach (listUsers() as $user) {
echo '<option>', $user, '</option>';
}
?></select>
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-attention confirm"><?php echo _t('delete'); ?></button>
</div>
</div>
</form>
<form method="post" action="<?php echo _url('users', 'create'); ?>">
<legend><?php echo _t('create_user'); ?></legend>
<div class="form-group">
<label class="group-name" for="new_user_language"><?php echo _t('language'); ?></label>
<div class="group-controls">
<select name="new_user_language" id="new_user_language">
<?php $languages = $this->conf->availableLanguages(); ?>
<?php foreach ($languages as $short => $lib) { ?>
<option value="<?php echo $short; ?>"<?php echo $this->conf->language === $short ? ' selected="selected"' : ''; ?>><?php echo $lib; ?></option>
<?php } ?>
</select>
</div>
</div>
<div class="form-group">
<label class="group-name" for="new_user_name"><?php echo _t('username'); ?></label>
<div class="group-controls">
<input id="new_user_name" name="new_user_name" type="text" size="16" required="required" maxlength="16" autocomplete="off" pattern="[0-9a-zA-Z]{1,16}" placeholder="demo" />
</div>
</div>
<div class="form-group">
<label class="group-name" for="new_user_passwordPlain"><?php echo _t('password_form'); ?></label>
<div class="group-controls">
<div class="stick">
<input type="password" id="new_user_passwordPlain" name="new_user_passwordPlain" autocomplete="off" pattern=".{7,}" />
<a class="btn toggle-password"><?php echo _i('key'); ?></a>
</div>
<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
</div>
</div>
<div class="form-group">
<label class="group-name" for="new_user_email"><?php echo _t('persona_connection_email'); ?></label>
<?php $mail = $this->conf->mail_login; ?>
<div class="group-controls">
<input type="email" id="new_user_email" name="new_user_email" class="extend" autocomplete="off" placeholder="alice@example.net" />
</div>
</div>
<div class="form-group form-actions">
<div class="group-controls">
<button type="submit" class="btn btn-important"><?php echo _t('create'); ?></button>
<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
</div>
</div>
</form>
<?php } ?>
</div>