user.admin.inc 37.5 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13
<?php

/**
 * @file
 * Admin page callback file for the user module.
 */

function user_admin($callback_arg = '') {
  $op = isset($_POST['op']) ? $_POST['op'] : $callback_arg;

  switch ($op) {
    case t('Create new account'):
    case 'create':
14
      $build['user_register'] = drupal_get_form('user_register_form');
15 16
      break;
    default:
17
      if (!empty($_POST['accounts']) && isset($_POST['operation']) && ($_POST['operation'] == 'cancel')) {
18
        $build['user_multiple_cancel_confirm'] = drupal_get_form('user_multiple_cancel_confirm');
19 20
      }
      else {
21 22
        $build['user_filter_form'] = drupal_get_form('user_filter_form');
        $build['user_admin_account'] = drupal_get_form('user_admin_account');
23 24
      }
  }
25
  return $build;
26 27 28 29
}

/**
 * Form builder; Return form for user administration filters.
30
 *
31
 * @ingroup forms
32
 * @see user_filter_form_submit()
33 34
 */
function user_filter_form() {
35
  $session = isset($_SESSION['user_overview_filter']) ? $_SESSION['user_overview_filter'] : array();
36 37 38
  $filters = user_filters();

  $i = 0;
39 40 41
  $form['filters'] = array(
    '#type' => 'fieldset',
    '#title' => t('Show only users where'),
42
    '#theme' => 'exposed_filters__user',
43
  );
44 45
  foreach ($session as $filter) {
    list($type, $value) = $filter;
46 47 48 49 50 51 52 53 54
    if ($type == 'permission') {
      // Merge arrays of module permissions into one.
      // Slice past the first element '[any]' whose value is not an array.
      $options = call_user_func_array('array_merge', array_slice($filters[$type]['options'], 1));
      $value = $options[$value];
    }
    else {
      $value = $filters[$type]['options'][$value];
    }
55
    $t_args = array('%property' => $filters[$type]['title'], '%value' => $value);
56
    if ($i++) {
57
      $form['filters']['current'][] = array('#markup' => t('and where %property is %value', $t_args));
58 59
    }
    else {
60
      $form['filters']['current'][] = array('#markup' => t('%property is %value', $t_args));
61
    }
62 63
  }

64 65 66 67 68 69 70 71 72
  $form['filters']['status'] = array(
    '#type' => 'container',
    '#attributes' => array('class' => array('clearfix')),
    '#prefix' => ($i ? '<div class="additional-filters">' . t('and where') . '</div>' : ''),
  );
  $form['filters']['status']['filters'] = array(
    '#type' => 'container',
    '#attributes' => array('class' => array('filters')),
  );
73
  foreach ($filters as $key => $filter) {
74
    $form['filters']['status']['filters'][$key] = array(
75 76
      '#type' => 'select',
      '#options' => $filter['options'],
77 78
      '#title' => $filter['title'],
      '#default_value' => '[any]',
79
    );
80 81
  }

82
  $form['filters']['status']['actions'] = array(
83 84
    '#type' => 'actions',
    '#attributes' => array('class' => array('container-inline')),
85
  );
86
  $form['filters']['status']['actions']['submit'] = array(
87 88 89
    '#type' => 'submit',
    '#value' => (count($session) ? t('Refine') : t('Filter')),
  );
90
  if (count($session)) {
91
    $form['filters']['status']['actions']['undo'] = array(
92 93 94
      '#type' => 'submit',
      '#value' => t('Undo'),
    );
95
    $form['filters']['status']['actions']['reset'] = array(
96 97 98
      '#type' => 'submit',
      '#value' => t('Reset'),
    );
99 100
  }

101
  drupal_add_library('system', 'drupal.form');
102

103 104 105 106 107 108 109 110 111 112
  return $form;
}

/**
 * Process result from user administration filter form.
 */
function user_filter_form_submit($form, &$form_state) {
  $op = $form_state['values']['op'];
  $filters = user_filters();
  switch ($op) {
113 114 115 116 117
    case t('Filter'):
    case t('Refine'):
      // Apply every filter that has a choice selected other than 'any'.
      foreach ($filters as $filter => $options) {
        if (isset($form_state['values'][$filter]) && $form_state['values'][$filter] != '[any]') {
118
          $_SESSION['user_overview_filter'][] = array($filter, $form_state['values'][$filter]);
119 120 121 122 123 124 125
        }
      }
      break;
    case t('Undo'):
      array_pop($_SESSION['user_overview_filter']);
      break;
    case t('Reset'):
126
      $_SESSION['user_overview_filter'] = array();
127 128 129 130 131
      break;
    case t('Update'):
      return;
  }

132
  $form_state['redirect'] = 'admin/people';
133 134 135 136 137 138 139
  return;
}

/**
 * Form builder; User administration page.
 *
 * @ingroup forms
140 141
 * @see user_admin_account_validate()
 * @see user_admin_account_submit()
142 143 144 145
 */
function user_admin_account() {

  $header = array(
146 147 148 149 150 151
    'username' => array('data' => t('Username'), 'field' => 'u.name'),
    'status' => array('data' => t('Status'), 'field' => 'u.status'),
    'roles' => array('data' => t('Roles')),
    'member_for' => array('data' => t('Member for'), 'field' => 'u.created', 'sort' => 'desc'),
    'access' => array('data' => t('Last access'), 'field' => 'u.access'),
    'operations' => array('data' => t('Operations')),
152 153
  );

154
  $query = db_select('users', 'u');
155 156
  $query->condition('u.uid', 0, '<>');
  user_build_filter_query($query);
157

158
  $count_query = clone $query;
159
  $count_query->addExpression('COUNT(u.uid)');
160 161 162 163 164

  $query = $query->extend('PagerDefault')->extend('TableSort');
  $query
    ->fields('u', array('uid', 'name', 'status', 'created', 'access'))
    ->limit(50)
165
    ->orderByHeader($header)
166 167
    ->setCountQuery($count_query);
  $result = $query->execute();
168 169 170 171

  $form['options'] = array(
    '#type' => 'fieldset',
    '#title' => t('Update options'),
172
    '#attributes' => array('class' => array('container-inline')),
173 174 175 176 177 178 179
  );
  $options = array();
  foreach (module_invoke_all('user_operations') as $operation => $array) {
    $options[$operation] = $array['label'];
  }
  $form['options']['operation'] = array(
    '#type' => 'select',
180 181
    '#title' => t('Operation'),
    '#title_display' => 'invisible',
182 183 184
    '#options' => $options,
    '#default_value' => 'unblock',
  );
185
  $options = array();
186 187 188 189 190 191 192 193
  $form['options']['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Update'),
  );

  $destination = drupal_get_destination();

  $status = array(t('blocked'), t('active'));
194
  $roles = array_map('check_plain', user_roles(TRUE));
195
  $accounts = array();
196
  foreach ($result as $account) {
197
    $users_roles = array();
198 199
    $roles_result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
    foreach ($roles_result as $user_role) {
200
      $users_roles[] = $roles[$user_role->rid];
201
    }
202
    asort($users_roles);
203

204
    $options[$account->uid] = array(
205
      'username' => theme('username', array('account' => $account)),
206
      'status' =>  $status[$account->status],
207
      'roles' => theme('item_list', array('items' => $users_roles)),
208 209
      'member_for' => format_interval(REQUEST_TIME - $account->created),
      'access' =>  $account->access ? t('@time ago', array('@time' => format_interval(REQUEST_TIME - $account->access))) : t('never'),
210
      'operations' => array('data' => array('#type' => 'link', '#title' => t('edit'), '#href' => "user/$account->uid/edit", '#options' => array('query' => $destination))),
211
    );
212
  }
213

214
  $form['accounts'] = array(
215 216 217 218
    '#type' => 'tableselect',
    '#header' => $header,
    '#options' => $options,
    '#empty' => t('No people available.'),
219
  );
220
  $form['pager'] = array('#markup' => theme('pager'));
221 222 223 224 225 226 227 228

  return $form;
}

/**
 * Submit the user administration update form.
 */
function user_admin_account_submit($form, &$form_state) {
229
  $operations = module_invoke_all('user_operations', $form, $form_state);
230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257
  $operation = $operations[$form_state['values']['operation']];
  // Filter out unchecked accounts.
  $accounts = array_filter($form_state['values']['accounts']);
  if ($function = $operation['callback']) {
    // Add in callback arguments if present.
    if (isset($operation['callback arguments'])) {
      $args = array_merge(array($accounts), $operation['callback arguments']);
    }
    else {
      $args = array($accounts);
    }
    call_user_func_array($function, $args);

    drupal_set_message(t('The update has been performed.'));
  }
}

function user_admin_account_validate($form, &$form_state) {
  $form_state['values']['accounts'] = array_filter($form_state['values']['accounts']);
  if (count($form_state['values']['accounts']) == 0) {
    form_set_error('', t('No users selected.'));
  }
}

/**
 * Form builder; Configure user settings for this site.
 *
 * @ingroup forms
258
 * @see system_settings_form()
259 260
 */
function user_admin_settings() {
261 262 263 264 265 266 267 268 269 270 271 272
  // Settings for anonymous users.
  $form['anonymous_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Anonymous users'),
  );
  $form['anonymous_settings']['anonymous'] = array(
    '#type' => 'textfield',
    '#title' => t('Name'),
    '#default_value' => variable_get('anonymous', t('Anonymous')),
    '#description' => t('The name used to indicate anonymous users.'),
    '#required' => TRUE,
  );
273

274 275 276
  // Administrative role option.
  $form['admin_role'] = array(
    '#type' => 'fieldset',
277
    '#title' => t('Administrator role'),
278 279
  );

280
  // Do not allow users to set the anonymous or authenticated user roles as the
281 282
  // administrator role.
  $roles = user_roles();
283 284
  unset($roles[DRUPAL_ANONYMOUS_RID]);
  unset($roles[DRUPAL_AUTHENTICATED_RID]);
285 286 287 288 289 290 291 292 293 294
  $roles[0] = t('disabled');

  $form['admin_role']['user_admin_role'] = array(
    '#type' => 'select',
    '#title' => t('Administrator role'),
    '#default_value' => variable_get('user_admin_role', 0),
    '#options' => $roles,
    '#description' => t('This role will be automatically assigned new permissions whenever a module is enabled. Changing this setting will not affect existing permissions.'),
  );

295 296
  // User registration settings.
  $form['registration_cancellation'] = array(
297
    '#type' => 'fieldset',
298 299 300 301 302
    '#title' => t('Registration and cancellation'),
  );
  $form['registration_cancellation']['user_register'] = array(
    '#type' => 'radios',
    '#title' => t('Who can register accounts?'),
303
    '#default_value' => variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL),
304
    '#options' => array(
305 306 307
      USER_REGISTER_ADMINISTRATORS_ONLY => t('Administrators only'),
      USER_REGISTER_VISITORS => t('Visitors'),
      USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL => t('Visitors, but administrator approval is required'),
308 309 310 311 312 313
    )
  );
  $form['registration_cancellation']['user_email_verification'] = array(
    '#type' => 'checkbox',
    '#title' => t('Require e-mail verification when a visitor creates an account.'),
    '#default_value' => variable_get('user_email_verification', TRUE),
314
    '#description' => t('New users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.')
315
  );
316 317
  module_load_include('inc', 'user', 'user.pages');
  $form['registration_cancellation']['user_cancel_method'] = array(
318 319
    '#type' => 'item',
    '#title' => t('When cancelling a user account'),
320
    '#description' => t('Users with the %select-cancel-method or %administer-users <a href="@permissions-url">permissions</a> can override this default method.', array('%select-cancel-method' => t('Select method for cancelling account'), '%administer-users' => t('Administer users'), '@permissions-url' => url('admin/people/permissions'))),
321
  );
322 323
  $form['registration_cancellation']['user_cancel_method'] += user_cancel_methods();
  foreach (element_children($form['registration_cancellation']['user_cancel_method']) as $element) {
324 325
    // Remove all account cancellation methods that have #access defined, as
    // those cannot be configured as default method.
326 327
    if (isset($form['registration_cancellation']['user_cancel_method'][$element]['#access'])) {
      $form['registration_cancellation']['user_cancel_method'][$element]['#access'] = FALSE;
328 329 330
    }
    // Remove the description (only displayed on the confirmation form).
    else {
331
      unset($form['registration_cancellation']['user_cancel_method'][$element]['#description']);
332 333 334
    }
  }

335 336
  // Account settings.
  $form['personalization'] = array(
337
    '#type' => 'fieldset',
338 339 340 341 342 343 344 345 346
    '#title' => t('Personalization'),
  );
  $form['personalization']['user_signatures'] = array(
    '#type' => 'checkbox',
    '#title' => t('Enable signatures.'),
    '#default_value' => variable_get('user_signatures', 0),
  );
  // If picture support is enabled, check whether the picture directory exists.
  if (variable_get('user_pictures', 0)) {
347
    $picture_path =  file_default_scheme() . '://' . variable_get('user_picture_path', 'pictures');
348 349
    if (!file_prepare_directory($picture_path, FILE_CREATE_DIRECTORY)) {
      form_set_error('user_picture_path', t('The directory %directory does not exist or is not writable.', array('%directory' => $picture_path)));
350
      watchdog('file system', 'The directory %directory does not exist or is not writable.', array('%directory' => $picture_path), WATCHDOG_ERROR);
351
    }
352 353 354 355 356 357 358 359 360
  }
  $picture_support = variable_get('user_pictures', 0);
  $form['personalization']['user_pictures'] = array(
    '#type' => 'checkbox',
    '#title' => t('Enable user pictures.'),
    '#default_value' => $picture_support,
  );
  drupal_add_js(drupal_get_path('module', 'user') . '/user.js');
  $form['personalization']['pictures'] = array(
361 362 363 364 365 366 367
    '#type' => 'container',
    '#states' => array(
      // Hide the additional picture settings when user pictures are disabled.
      'invisible' => array(
        'input[name="user_pictures"]' => array('checked' => FALSE),
      ),
    ),
368 369 370 371 372 373 374
  );
  $form['personalization']['pictures']['user_picture_path'] = array(
    '#type' => 'textfield',
    '#title' => t('Picture directory'),
    '#default_value' => variable_get('user_picture_path', 'pictures'),
    '#size' => 30,
    '#maxlength' => 255,
375
    '#description' => t('Subdirectory in the file upload directory where pictures will be stored.'),
376 377 378 379 380 381 382 383 384
  );
  $form['personalization']['pictures']['user_picture_default'] = array(
    '#type' => 'textfield',
    '#title' => t('Default picture'),
    '#default_value' => variable_get('user_picture_default', ''),
    '#size' => 30,
    '#maxlength' => 255,
    '#description' => t('URL of picture to display for users with no custom picture selected. Leave blank for none.'),
  );
385 386 387
  if (module_exists('image')) {
    $form['personalization']['pictures']['settings']['user_picture_style'] = array(
      '#type' => 'select',
388
      '#title' => t('Picture display style'),
389 390
      '#options' => image_style_options(TRUE),
      '#default_value' => variable_get('user_picture_style', ''),
391
      '#description' => t('The style selected will be used on display, while the original image is retained. Styles may be configured in the <a href="!url">Image styles</a> administration area.', array('!url' => url('admin/config/media/image-styles'))),
392 393
    );
  }
394 395
  $form['personalization']['pictures']['user_picture_dimensions'] = array(
    '#type' => 'textfield',
396
    '#title' => t('Picture upload dimensions'),
397
    '#default_value' => variable_get('user_picture_dimensions', '85x85'),
398
    '#size' => 10,
399
    '#maxlength' => 10,
400
    '#field_suffix' => ' ' . t('pixels'),
401
    '#description' => t('Pictures larger than this will be scaled down to this size.'),
402 403
  );
  $form['personalization']['pictures']['user_picture_file_size'] = array(
404
    '#type' => 'number',
405
    '#title' => t('Picture upload file size'),
406
    '#default_value' => variable_get('user_picture_file_size', '30'),
407
    '#min' => 0,
408
    '#field_suffix' => ' ' . t('KB'),
409
    '#description' => t('Maximum allowed file size for uploaded pictures. Upload size is normally limited only by the PHP maximum post and file upload settings, and images are automatically scaled down to the dimensions specified above.'),
410 411 412 413 414 415 416 417 418 419 420 421 422 423
  );
  $form['personalization']['pictures']['user_picture_guidelines'] = array(
    '#type' => 'textarea',
    '#title' => t('Picture guidelines'),
    '#default_value' => variable_get('user_picture_guidelines', ''),
    '#description' => t("This text is displayed at the picture upload form in addition to the default guidelines. It's useful for helping or instructing your users."),
  );

  $form['email_title'] = array(
    '#type' => 'item',
    '#title' => t('E-mails'),
  );
  $form['email'] = array(
    '#type' => 'vertical_tabs',
424 425 426
  );
  // These email tokens are shared for all settings, so just define
  // the list once to help ensure they stay in sync.
427
  $email_token_help = t('Available variables are: [site:name], [site:url], [user:name], [user:mail], [site:login-url], [site:url-brief], [user:edit-url], [user:one-time-login-url], [user:cancel-url].');
428

429
  $form['email_admin_created'] = array(
430
    '#type' => 'fieldset',
431
    '#title' => t('Welcome (new user created by administrator)'),
432
    '#collapsible' => TRUE,
433
    '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_ADMINISTRATORS_ONLY),
434
    '#description' => t('Edit the welcome e-mail messages sent to new member accounts created by an administrator.') . ' ' . $email_token_help,
435
    '#group' => 'email',
436
  );
437
  $form['email_admin_created']['user_mail_register_admin_created_subject'] = array(
438 439
    '#type' => 'textfield',
    '#title' => t('Subject'),
440
    '#default_value' => _user_mail_text('register_admin_created_subject', NULL, array(), FALSE),
441 442
    '#maxlength' => 180,
  );
443
  $form['email_admin_created']['user_mail_register_admin_created_body'] = array(
444 445
    '#type' => 'textarea',
    '#title' => t('Body'),
446
    '#default_value' => _user_mail_text('register_admin_created_body', NULL, array(), FALSE),
447 448 449
    '#rows' => 15,
  );

450
  $form['email_pending_approval'] = array(
451
    '#type' => 'fieldset',
452
    '#title' => t('Welcome (awaiting approval)'),
453
    '#collapsible' => TRUE,
454
    '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL),
455
    '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when administrative approval is required.') . ' ' . $email_token_help,
456
    '#group' => 'email',
457
  );
458
  $form['email_pending_approval']['user_mail_register_pending_approval_subject'] = array(
459 460
    '#type' => 'textfield',
    '#title' => t('Subject'),
461
    '#default_value' => _user_mail_text('register_pending_approval_subject', NULL, array(), FALSE),
462 463
    '#maxlength' => 180,
  );
464
  $form['email_pending_approval']['user_mail_register_pending_approval_body'] = array(
465 466
    '#type' => 'textarea',
    '#title' => t('Body'),
467
    '#default_value' => _user_mail_text('register_pending_approval_body', NULL, array(), FALSE),
468
    '#rows' => 8,
469 470
  );

471
  $form['email_no_approval_required'] = array(
472
    '#type' => 'fieldset',
473
    '#title' => t('Welcome (no approval required)'),
474
    '#collapsible' => TRUE,
475
    '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_VISITORS),
476
    '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when no administrator approval is required.') . ' ' . $email_token_help,
477
    '#group' => 'email',
478
  );
479
  $form['email_no_approval_required']['user_mail_register_no_approval_required_subject'] = array(
480 481
    '#type' => 'textfield',
    '#title' => t('Subject'),
482
    '#default_value' => _user_mail_text('register_no_approval_required_subject', NULL, array(), FALSE),
483 484
    '#maxlength' => 180,
  );
485
  $form['email_no_approval_required']['user_mail_register_no_approval_required_body'] = array(
486 487
    '#type' => 'textarea',
    '#title' => t('Body'),
488
    '#default_value' => _user_mail_text('register_no_approval_required_body', NULL, array(), FALSE),
489
    '#rows' => 15,
490
  );
491

492
  $form['email_password_reset'] = array(
493
    '#type' => 'fieldset',
494
    '#title' => t('Password recovery'),
495 496
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
497
    '#description' => t('Edit the e-mail messages sent to users who request a new password.') . ' ' . $email_token_help,
498 499
    '#group' => 'email',
    '#weight' => 10,
500
  );
501
  $form['email_password_reset']['user_mail_password_reset_subject'] = array(
502 503
    '#type' => 'textfield',
    '#title' => t('Subject'),
504
    '#default_value' => _user_mail_text('password_reset_subject', NULL, array(), FALSE),
505 506
    '#maxlength' => 180,
  );
507
  $form['email_password_reset']['user_mail_password_reset_body'] = array(
508 509
    '#type' => 'textarea',
    '#title' => t('Body'),
510
    '#default_value' => _user_mail_text('password_reset_body', NULL, array(), FALSE),
511 512 513
    '#rows' => 12,
  );

514
  $form['email_activated'] = array(
515
    '#type' => 'fieldset',
516
    '#title' => t('Account activation'),
517 518
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
519
    '#description' => t('Enable and edit e-mail messages sent to users upon account activation (when an administrator activates an account of a user who has already registered, on a site where administrative approval is required).') . ' ' . $email_token_help,
520
    '#group' => 'email',
521
  );
522
  $form['email_activated']['user_mail_status_activated_notify'] = array(
523 524 525 526
    '#type' => 'checkbox',
    '#title' => t('Notify user when account is activated.'),
    '#default_value' => variable_get('user_mail_status_activated_notify', TRUE),
  );
527 528 529 530 531 532 533 534 535 536
  $form['email_activated']['settings'] = array(
    '#type' => 'container',
    '#states' => array(
      // Hide the additional settings when this email is disabled.
      'invisible' => array(
        'input[name="user_mail_status_activated_notify"]' => array('checked' => FALSE),
      ),
    ),
  );
  $form['email_activated']['settings']['user_mail_status_activated_subject'] = array(
537 538
    '#type' => 'textfield',
    '#title' => t('Subject'),
539
    '#default_value' => _user_mail_text('status_activated_subject', NULL, array(), FALSE),
540 541
    '#maxlength' => 180,
  );
542
  $form['email_activated']['settings']['user_mail_status_activated_body'] = array(
543 544
    '#type' => 'textarea',
    '#title' => t('Body'),
545
    '#default_value' => _user_mail_text('status_activated_body', NULL, array(), FALSE),
546 547 548
    '#rows' => 15,
  );

549
  $form['email_blocked'] = array(
550
    '#type' => 'fieldset',
551
    '#title' => t('Account blocked'),
552 553
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
554
    '#description' => t('Enable and edit e-mail messages sent to users when their accounts are blocked.') . ' ' . $email_token_help,
555
    '#group' => 'email',
556
  );
557
  $form['email_blocked']['user_mail_status_blocked_notify'] = array(
558 559 560 561
    '#type' => 'checkbox',
    '#title' => t('Notify user when account is blocked.'),
    '#default_value' => variable_get('user_mail_status_blocked_notify', FALSE),
  );
562 563 564 565 566 567 568 569 570 571
  $form['email_blocked']['settings'] = array(
    '#type' => 'container',
    '#states' => array(
      // Hide the additional settings when the blocked email is disabled.
      'invisible' => array(
        'input[name="user_mail_status_blocked_notify"]' => array('checked' => FALSE),
      ),
    ),
  );
  $form['email_blocked']['settings']['user_mail_status_blocked_subject'] = array(
572 573
    '#type' => 'textfield',
    '#title' => t('Subject'),
574
    '#default_value' => _user_mail_text('status_blocked_subject', NULL, array(), FALSE),
575 576
    '#maxlength' => 180,
  );
577
  $form['email_blocked']['settings']['user_mail_status_blocked_body'] = array(
578 579
    '#type' => 'textarea',
    '#title' => t('Body'),
580
    '#default_value' => _user_mail_text('status_blocked_body', NULL, array(), FALSE),
581 582 583
    '#rows' => 3,
  );

584
  $form['email_cancel_confirm'] = array(
585
    '#type' => 'fieldset',
586
    '#title' => t('Account cancellation confirmation'),
587 588
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
589
    '#description' => t('Edit the e-mail messages sent to users when they attempt to cancel their accounts.') . ' ' . $email_token_help,
590
    '#group' => 'email',
591
  );
592
  $form['email_cancel_confirm']['user_mail_cancel_confirm_subject'] = array(
593 594
    '#type' => 'textfield',
    '#title' => t('Subject'),
595
    '#default_value' => _user_mail_text('cancel_confirm_subject', NULL, array(), FALSE),
596 597
    '#maxlength' => 180,
  );
598
  $form['email_cancel_confirm']['user_mail_cancel_confirm_body'] = array(
599 600
    '#type' => 'textarea',
    '#title' => t('Body'),
601
    '#default_value' => _user_mail_text('cancel_confirm_body', NULL, array(), FALSE),
602 603 604
    '#rows' => 3,
  );

605
  $form['email_canceled'] = array(
606
    '#type' => 'fieldset',
607
    '#title' => t('Account canceled'),
608 609
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
610
    '#description' => t('Enable and edit e-mail messages sent to users when their accounts are canceled.') . ' ' . $email_token_help,
611
    '#group' => 'email',
612
  );
613
  $form['email_canceled']['user_mail_status_canceled_notify'] = array(
614
    '#type' => 'checkbox',
615 616
    '#title' => t('Notify user when account is canceled.'),
    '#default_value' => variable_get('user_mail_status_canceled_notify', FALSE),
617
  );
618 619 620
  $form['email_canceled']['settings'] = array(
    '#type' => 'container',
    '#states' => array(
621
      // Hide the settings when the cancel notify checkbox is disabled.
622 623 624 625 626 627
      'invisible' => array(
        'input[name="user_mail_status_canceled_notify"]' => array('checked' => FALSE),
      ),
    ),
  );
  $form['email_canceled']['settings']['user_mail_status_canceled_subject'] = array(
628 629
    '#type' => 'textfield',
    '#title' => t('Subject'),
630
    '#default_value' => _user_mail_text('status_canceled_subject', NULL, array(), FALSE),
631 632
    '#maxlength' => 180,
  );
633
  $form['email_canceled']['settings']['user_mail_status_canceled_body'] = array(
634 635
    '#type' => 'textarea',
    '#title' => t('Body'),
636
    '#default_value' => _user_mail_text('status_canceled_body', NULL, array(), FALSE),
637 638 639
    '#rows' => 3,
  );

640
  return system_settings_form($form);
641 642 643 644
}

/**
 * Menu callback: administer permissions.
645
 *
646
 * @ingroup forms
647 648
 * @see user_admin_permissions_submit()
 * @see theme_user_admin_permissions()
649
 */
650
function user_admin_permissions($form, $form_state, $rid = NULL) {
651

652 653
  // Retrieve role names for columns.
  $role_names = user_roles();
654
  if (is_numeric($rid)) {
655
    $role_names = array($rid => $role_names[$rid]);
656
  }
657 658
  // Fetch permissions for all roles or the one selected role.
  $role_permissions = user_role_permissions($role_names);
659

660 661 662 663 664
  // Store $role_names for use when saving the data.
  $form['role_names'] = array(
    '#type' => 'value',
    '#value' => $role_names,
  );
665 666
  // Render role/permission overview:
  $options = array();
667
  $module_info = system_get_info('module');
668
  $hide_descriptions = system_admin_compact_mode();
669 670 671 672

  // Get a list of all the modules implementing a hook_permission() and sort by
  // display name.
  $modules = array();
673
  foreach (module_implements('permission') as $module) {
674
    $modules[$module] = $module_info[$module]['name'];
675
  }
676
  asort($modules);
677

678
  foreach ($modules as $module => $display_name) {
679
    if ($permissions = module_invoke($module, 'permission')) {
680
      $form['permission'][] = array(
681
        '#markup' => $module_info[$module]['name'],
682
        '#id' => $module,
683
      );
684
      foreach ($permissions as $perm => $perm_item) {
685 686 687 688 689 690
        // Fill in default values for the permission.
        $perm_item += array(
          'description' => '',
          'restrict access' => FALSE,
          'warning' => !empty($perm_item['restrict access']) ? t('Warning: Give to trusted roles only; this permission has security implications.') : '',
        );
691
        $options[$perm] = '';
692 693
        $form['permission'][$perm] = array(
          '#type' => 'item',
694
          '#markup' => $perm_item['title'],
695
          '#description' => theme('user_permission_description', array('permission_item' => $perm_item, 'hide' => $hide_descriptions)),
696
        );
697 698
        foreach ($role_names as $rid => $name) {
          // Builds arrays for checked boxes for each role
699
          if (isset($role_permissions[$rid][$perm])) {
700 701 702 703 704 705 706 707 708
            $status[$rid][] = $perm;
          }
        }
      }
    }
  }

  // Have to build checkboxes here after checkbox arrays are built
  foreach ($role_names as $rid => $name) {
709 710 711 712 713 714
    $form['checkboxes'][$rid] = array(
      '#type' => 'checkboxes',
      '#options' => $options,
      '#default_value' => isset($status[$rid]) ? $status[$rid] : array(),
      '#attributes' => array('class' => array('rid-' . $rid)),
    );
715
    $form['role_names'][$rid] = array('#markup' => check_plain($name), '#tree' => TRUE);
716
  }
717

718
  $form['actions'] = array('#type' => 'actions');
719
  $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Save permissions'));
720

721
  $form['#attached']['js'][] = drupal_get_path('module', 'user') . '/user.permissions.js';
722

723 724 725
  return $form;
}

726 727 728
/**
 * Save permissions selected on the administer permissions page.
 *
729
 * @see user_admin_permissions()
730
 */
731
function user_admin_permissions_submit($form, &$form_state) {
732
  foreach ($form_state['values']['role_names'] as $rid => $name) {
733
    user_role_change_permissions($rid, $form_state['values'][$rid]);
734 735 736 737
  }

  drupal_set_message(t('The changes have been saved.'));

738
  // Clear the cached pages and blocks.
739 740 741 742
  cache_clear_all();
}

/**
743 744 745 746 747
 * Returns HTML for the administer permissions page.
 *
 * @param $variables
 *   An associative array containing:
 *   - form: A render element representing the form.
748 749 750
 *
 * @ingroup themeable
 */
751 752 753
function theme_user_admin_permissions($variables) {
  $form = $variables['form'];

754
  $roles = user_roles();
755
  foreach (element_children($form['permission']) as $key) {
756 757 758
    $row = array();
    // Module name
    if (is_numeric($key)) {
759
      $row[] = array('data' => drupal_render($form['permission'][$key]), 'class' => array('module'), 'id' => 'module-' . $form['permission'][$key]['#id'], 'colspan' => count($form['role_names']['#value']) + 1);
760 761 762 763 764
    }
    else {
      // Permission row.
      $row[] = array(
        'data' => drupal_render($form['permission'][$key]),
765
        'class' => array('permission'),
766 767
      );
      foreach (element_children($form['checkboxes']) as $rid) {
768
        $form['checkboxes'][$rid][$key]['#title'] = $roles[$rid] . ': ' . $form['permission'][$key]['#markup'];
769 770
        $form['checkboxes'][$rid][$key]['#title_display'] = 'invisible';
        $row[] = array('data' => drupal_render($form['checkboxes'][$rid][$key]), 'class' => array('checkbox'));
771 772
      }
    }
773
    $rows[] = $row;
774 775 776
  }
  $header[] = (t('Permission'));
  foreach (element_children($form['role_names']) as $rid) {
777
    $header[] = array('data' => drupal_render($form['role_names'][$rid]), 'class' => array('checkbox'));
778
  }
779
  $output = theme('system_compact_link');
780
  $output .= theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'permissions')));
781
  $output .= drupal_render_children($form);
782 783 784
  return $output;
}

785
/**
786
 * Returns HTML for an individual permission description.
787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815
 *
 * @param $variables
 *   An associative array containing:
 *   - permission_item: An associative array representing the permission whose
 *     description is being themed. Useful keys include:
 *     - description: The text of the permission description.
 *     - warning: A security-related warning message about the permission (if
 *       there is one).
 *   - hide: A boolean indicating whether or not the permission description was
 *     requested to be hidden rather than shown.
 *
 * @ingroup themeable
 */
function theme_user_permission_description($variables) {
  if (!$variables['hide']) {
    $description = array();
    $permission_item = $variables['permission_item'];
    if (!empty($permission_item['description'])) {
      $description[] = $permission_item['description'];
    }
    if (!empty($permission_item['warning'])) {
      $description[] = '<em class="permission-warning">' . $permission_item['warning'] . '</em>';
    }
    if (!empty($description)) {
      return implode(' ', $description);
    }
  }
}

816
/**
817
 * Form to re-order roles or add a new one.
818
 *
819
 * @ingroup forms
820
 * @see theme_user_admin_roles()
821
 */
822 823 824 825 826 827 828 829 830 831 832 833
function user_admin_roles($form, $form_state) {
  $roles = user_roles();

  $form['roles'] = array(
    '#tree' => TRUE,
  );
  $order = 0;
  foreach ($roles as $rid => $name) {
    $form['roles'][$rid]['#role'] = (object) array(
      'rid' => $rid,
      'name' => $name,
      'weight' => $order,
834
    );
835 836
    $form['roles'][$rid]['#weight'] = $order;
    $form['roles'][$rid]['weight'] = array(
837
      '#type' => 'textfield',