user.admin.inc 37.9 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14
<?php
// $Id$

/**
 * @file
 * Admin page callback file for the user module.
 */

function user_admin($callback_arg = '') {
  $op = isset($_POST['op']) ? $_POST['op'] : $callback_arg;

  switch ($op) {
    case t('Create new account'):
    case 'create':
15
      $build['user_register'] = drupal_get_form('user_register_form');
16 17
      break;
    default:
18
      if (!empty($_POST['accounts']) && isset($_POST['operation']) && ($_POST['operation'] == 'cancel')) {
19
        $build['user_multiple_cancel_confirm'] = drupal_get_form('user_multiple_cancel_confirm');
20 21
      }
      else {
22 23
        $build['user_filter_form'] = drupal_get_form('user_filter_form');
        $build['user_admin_account'] = drupal_get_form('user_admin_account');
24 25
      }
  }
26
  return $build;
27 28 29 30
}

/**
 * Form builder; Return form for user administration filters.
31
 *
32
 * @ingroup forms
33
 * @see user_filter_form_submit()
34 35
 */
function user_filter_form() {
36
  $session = isset($_SESSION['user_overview_filter']) ? $_SESSION['user_overview_filter'] : array();
37 38 39
  $filters = user_filters();

  $i = 0;
40 41 42 43 44
  $form['filters'] = array(
    '#type' => 'fieldset',
    '#title' => t('Show only users where'),
    '#theme' => 'user_filters',
  );
45 46
  foreach ($session as $filter) {
    list($type, $value) = $filter;
47 48 49 50 51 52 53 54 55 56 57
    if ($type == 'permission') {
      // Merge arrays of module permissions into one.
      // Slice past the first element '[any]' whose value is not an array.
      $options = call_user_func_array('array_merge', array_slice($filters[$type]['options'], 1));
      $value = $options[$value];
    }
    else {
      $value = $filters[$type]['options'][$value];
    }
    $params = array('%property' => $filters[$type]['title'] , '%value' => $value);
    if ($i++) {
58
      $form['filters']['current'][] = array('#markup' => t('<em>and</em> where <strong>%property</strong> is <strong>%value</strong>', $params));
59 60
    }
    else {
61
      $form['filters']['current'][] = array('#markup' => t('<strong>%property</strong> is <strong>%value</strong>', $params));
62
    }
63 64 65 66
  }

  foreach ($filters as $key => $filter) {
    $names[$key] = $filter['title'];
67 68 69
    $form['filters']['status'][$key] = array(
      '#type' => 'select',
      '#options' => $filter['options'],
70 71
      '#title' => $filter['title'],
      '#default_value' => '[any]',
72
    );
73 74
  }

75
  $form['filters']['actions'] = array(
76
    '#type' => 'actions',
77
    '#id' => 'user-admin-buttons',
78
    '#attributes' => array('class' => array('container-inline')),
79 80
  );
  $form['filters']['actions']['submit'] = array(
81 82 83
    '#type' => 'submit',
    '#value' => (count($session) ? t('Refine') : t('Filter')),
  );
84
  if (count($session)) {
85
    $form['filters']['actions']['undo'] = array(
86 87 88
      '#type' => 'submit',
      '#value' => t('Undo'),
    );
89
    $form['filters']['actions']['reset'] = array(
90 91 92
      '#type' => 'submit',
      '#value' => t('Reset'),
    );
93 94
  }

95 96
  drupal_add_js('misc/form.js');

97 98 99 100 101 102 103 104 105 106
  return $form;
}

/**
 * Process result from user administration filter form.
 */
function user_filter_form_submit($form, &$form_state) {
  $op = $form_state['values']['op'];
  $filters = user_filters();
  switch ($op) {
107 108 109 110 111 112 113 114 115 116 117
    case t('Filter'):
    case t('Refine'):
      // Apply every filter that has a choice selected other than 'any'.
      foreach ($filters as $filter => $options) {
        if (isset($form_state['values'][$filter]) && $form_state['values'][$filter] != '[any]') {
          // Merge an array of arrays into one if necessary.
          $options = ($filter == 'permission') ? form_options_flatten($filters[$filter]['options']) : $filters[$filter]['options'];
          // Only accept valid selections offered on the dropdown, block bad input.
          if (isset($options[$form_state['values'][$filter]])) {
            $_SESSION['user_overview_filter'][] = array($filter, $form_state['values'][$filter]);
          }
118 119 120 121 122 123 124
        }
      }
      break;
    case t('Undo'):
      array_pop($_SESSION['user_overview_filter']);
      break;
    case t('Reset'):
125
      $_SESSION['user_overview_filter'] = array();
126 127 128 129 130
      break;
    case t('Update'):
      return;
  }

131
  $form_state['redirect'] = 'admin/people';
132 133 134 135 136 137 138
  return;
}

/**
 * Form builder; User administration page.
 *
 * @ingroup forms
139 140
 * @see user_admin_account_validate()
 * @see user_admin_account_submit()
141 142 143 144
 */
function user_admin_account() {

  $header = array(
145 146 147 148 149 150
    'username' => array('data' => t('Username'), 'field' => 'u.name'),
    'status' => array('data' => t('Status'), 'field' => 'u.status'),
    'roles' => array('data' => t('Roles')),
    'member_for' => array('data' => t('Member for'), 'field' => 'u.created', 'sort' => 'desc'),
    'access' => array('data' => t('Last access'), 'field' => 'u.access'),
    'operations' => array('data' => t('Operations')),
151 152
  );

153
  $query = db_select('users', 'u');
154 155
  $query->condition('u.uid', 0, '<>');
  user_build_filter_query($query);
156

157
  $count_query = clone $query;
158
  $count_query->addExpression('COUNT(u.uid)');
159 160 161 162 163

  $query = $query->extend('PagerDefault')->extend('TableSort');
  $query
    ->fields('u', array('uid', 'name', 'status', 'created', 'access'))
    ->limit(50)
164
    ->orderByHeader($header)
165 166
    ->setCountQuery($count_query);
  $result = $query->execute();
167 168 169 170

  $form['options'] = array(
    '#type' => 'fieldset',
    '#title' => t('Update options'),
171
    '#attributes' => array('class' => array('container-inline')),
172 173 174 175 176 177 178 179 180 181
  );
  $options = array();
  foreach (module_invoke_all('user_operations') as $operation => $array) {
    $options[$operation] = $array['label'];
  }
  $form['options']['operation'] = array(
    '#type' => 'select',
    '#options' => $options,
    '#default_value' => 'unblock',
  );
182
  $options = array();
183 184 185 186 187 188 189 190
  $form['options']['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Update'),
  );

  $destination = drupal_get_destination();

  $status = array(t('blocked'), t('active'));
191
  $roles = array_map('check_plain', user_roles(TRUE));
192
  $accounts = array();
193
  foreach ($result as $account) {
194
    $users_roles = array();
195 196
    $roles_result = db_query('SELECT rid FROM {users_roles} WHERE uid = :uid', array(':uid' => $account->uid));
    foreach ($roles_result as $user_role) {
197
      $users_roles[] = $roles[$user_role->rid];
198
    }
199
    asort($users_roles);
200

201
    $options[$account->uid] = array(
202
      'username' => theme('username', array('account' => $account)),
203
      'status' =>  $status[$account->status],
204
      'roles' => theme('item_list', array('items' => $users_roles)),
205 206
      'member_for' => format_interval(REQUEST_TIME - $account->created),
      'access' =>  $account->access ? t('@time ago', array('@time' => format_interval(REQUEST_TIME - $account->access))) : t('never'),
207
      'operations' => array('data' => array('#type' => 'link', '#title' => t('edit'), '#href' => "user/$account->uid/edit", '#options' => array('query' => $destination))),
208
    );
209
  }
210

211
  $form['accounts'] = array(
212 213 214 215
    '#type' => 'tableselect',
    '#header' => $header,
    '#options' => $options,
    '#empty' => t('No people available.'),
216
  );
217
  $form['pager'] = array('#markup' => theme('pager', array('tags' => NULL)));
218 219 220 221 222 223 224 225

  return $form;
}

/**
 * Submit the user administration update form.
 */
function user_admin_account_submit($form, &$form_state) {
226
  $operations = module_invoke_all('user_operations', $form, $form_state);
227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254
  $operation = $operations[$form_state['values']['operation']];
  // Filter out unchecked accounts.
  $accounts = array_filter($form_state['values']['accounts']);
  if ($function = $operation['callback']) {
    // Add in callback arguments if present.
    if (isset($operation['callback arguments'])) {
      $args = array_merge(array($accounts), $operation['callback arguments']);
    }
    else {
      $args = array($accounts);
    }
    call_user_func_array($function, $args);

    drupal_set_message(t('The update has been performed.'));
  }
}

function user_admin_account_validate($form, &$form_state) {
  $form_state['values']['accounts'] = array_filter($form_state['values']['accounts']);
  if (count($form_state['values']['accounts']) == 0) {
    form_set_error('', t('No users selected.'));
  }
}

/**
 * Form builder; Configure user settings for this site.
 *
 * @ingroup forms
255
 * @see system_settings_form()
256 257
 */
function user_admin_settings() {
258 259 260 261 262 263 264 265 266 267 268 269
  // Settings for anonymous users.
  $form['anonymous_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Anonymous users'),
  );
  $form['anonymous_settings']['anonymous'] = array(
    '#type' => 'textfield',
    '#title' => t('Name'),
    '#default_value' => variable_get('anonymous', t('Anonymous')),
    '#description' => t('The name used to indicate anonymous users.'),
    '#required' => TRUE,
  );
270

271 272 273
  // Administrative role option.
  $form['admin_role'] = array(
    '#type' => 'fieldset',
274
    '#title' => t('Administrator role'),
275 276
  );

277
  // Do not allow users to set the anonymous or authenticated user roles as the
278 279
  // administrator role.
  $roles = user_roles();
280 281
  unset($roles[DRUPAL_ANONYMOUS_RID]);
  unset($roles[DRUPAL_AUTHENTICATED_RID]);
282 283 284 285 286 287 288 289 290 291
  $roles[0] = t('disabled');

  $form['admin_role']['user_admin_role'] = array(
    '#type' => 'select',
    '#title' => t('Administrator role'),
    '#default_value' => variable_get('user_admin_role', 0),
    '#options' => $roles,
    '#description' => t('This role will be automatically assigned new permissions whenever a module is enabled. Changing this setting will not affect existing permissions.'),
  );

292 293
  // User registration settings.
  $form['registration_cancellation'] = array(
294
    '#type' => 'fieldset',
295 296 297 298 299
    '#title' => t('Registration and cancellation'),
  );
  $form['registration_cancellation']['user_register'] = array(
    '#type' => 'radios',
    '#title' => t('Who can register accounts?'),
300
    '#default_value' => variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL),
301
    '#options' => array(
302 303 304
      USER_REGISTER_ADMINISTRATORS_ONLY => t('Administrators only'),
      USER_REGISTER_VISITORS => t('Visitors'),
      USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL => t('Visitors, but administrator approval is required'),
305 306 307 308 309 310
    )
  );
  $form['registration_cancellation']['user_email_verification'] = array(
    '#type' => 'checkbox',
    '#title' => t('Require e-mail verification when a visitor creates an account.'),
    '#default_value' => variable_get('user_email_verification', TRUE),
311
    '#description' => t('New users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.')
312
  );
313 314
  module_load_include('inc', 'user', 'user.pages');
  $form['registration_cancellation']['user_cancel_method'] = array(
315 316
    '#type' => 'item',
    '#title' => t('When cancelling a user account'),
317
    '#description' => t('Users with the %select-cancel-method or %administer-users <a href="@permissions-url">permissions</a> can override this default method.', array('%select-cancel-method' => t('Select method for cancelling account'), '%administer-users' => t('Administer users'), '@permissions-url' => url('admin/people/permissions'))),
318
  );
319 320
  $form['registration_cancellation']['user_cancel_method'] += user_cancel_methods();
  foreach (element_children($form['registration_cancellation']['user_cancel_method']) as $element) {
321 322
    // Remove all account cancellation methods that have #access defined, as
    // those cannot be configured as default method.
323 324
    if (isset($form['registration_cancellation']['user_cancel_method'][$element]['#access'])) {
      $form['registration_cancellation']['user_cancel_method'][$element]['#access'] = FALSE;
325 326 327
    }
    // Remove the description (only displayed on the confirmation form).
    else {
328
      unset($form['registration_cancellation']['user_cancel_method'][$element]['#description']);
329 330 331
    }
  }

332 333
  // Account settings.
  $form['personalization'] = array(
334
    '#type' => 'fieldset',
335 336 337 338 339 340 341 342 343
    '#title' => t('Personalization'),
  );
  $form['personalization']['user_signatures'] = array(
    '#type' => 'checkbox',
    '#title' => t('Enable signatures.'),
    '#default_value' => variable_get('user_signatures', 0),
  );
  // If picture support is enabled, check whether the picture directory exists.
  if (variable_get('user_pictures', 0)) {
344 345 346 347 348
    $picture_path =  variable_get('file_default_scheme', 'public') . '://' . variable_get('user_picture_path', 'pictures');
    if (!file_prepare_directory($picture_path, FILE_CREATE_DIRECTORY)) {
      form_set_error('user_picture_path', t('The directory %directory does not exist or is not writable.', array('%directory' => $picture_path)));
      watchdog('file system', 'The directory %directory does not exist or is not writable.', array('%directory' => $picture_path), WATCHDOG_ERROR);
    }
349 350 351 352 353 354 355 356 357
  }
  $picture_support = variable_get('user_pictures', 0);
  $form['personalization']['user_pictures'] = array(
    '#type' => 'checkbox',
    '#title' => t('Enable user pictures.'),
    '#default_value' => $picture_support,
  );
  drupal_add_js(drupal_get_path('module', 'user') . '/user.js');
  $form['personalization']['pictures'] = array(
358 359 360 361 362 363 364
    '#type' => 'container',
    '#states' => array(
      // Hide the additional picture settings when user pictures are disabled.
      'invisible' => array(
        'input[name="user_pictures"]' => array('checked' => FALSE),
      ),
    ),
365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381
  );
  $form['personalization']['pictures']['user_picture_path'] = array(
    '#type' => 'textfield',
    '#title' => t('Picture directory'),
    '#default_value' => variable_get('user_picture_path', 'pictures'),
    '#size' => 30,
    '#maxlength' => 255,
    '#description' => t('Subdirectory in the directory %dir where pictures will be stored.', array('%dir' => file_directory_path() . '/')),
  );
  $form['personalization']['pictures']['user_picture_default'] = array(
    '#type' => 'textfield',
    '#title' => t('Default picture'),
    '#default_value' => variable_get('user_picture_default', ''),
    '#size' => 30,
    '#maxlength' => 255,
    '#description' => t('URL of picture to display for users with no custom picture selected. Leave blank for none.'),
  );
382 383 384
  if (module_exists('image')) {
    $form['personalization']['pictures']['settings']['user_picture_style'] = array(
      '#type' => 'select',
385
      '#title' => t('Picture display style'),
386 387
      '#options' => image_style_options(TRUE),
      '#default_value' => variable_get('user_picture_style', ''),
388
      '#description' => t('The style selected will be used on display, while the original image is retained. Styles may be configured in the <a href="!url">Image styles</a> administration area.', array('!url' => url('admin/config/media/image-styles'))),
389 390
    );
  }
391 392
  $form['personalization']['pictures']['user_picture_dimensions'] = array(
    '#type' => 'textfield',
393
    '#title' => t('Picture upload dimensions'),
394
    '#default_value' => variable_get('user_picture_dimensions', '85x85'),
395
    '#size' => 10,
396
    '#maxlength' => 10,
397 398
    '#field_suffix' => ' ' . t('pixels'),
    '#description' => t('Maximum allowed dimensions for uploaded pictures.'),
399 400 401
  );
  $form['personalization']['pictures']['user_picture_file_size'] = array(
    '#type' => 'textfield',
402
    '#title' => t('Picture upload file size'),
403
    '#default_value' => variable_get('user_picture_file_size', '30'),
404
    '#size' => 10,
405
    '#maxlength' => 10,
406 407
    '#field_suffix' => ' ' . t('KB'),
    '#description' => t('Maximum allowed file size for uploaded pictures.'),
408 409 410 411 412 413 414 415 416 417 418 419 420 421
  );
  $form['personalization']['pictures']['user_picture_guidelines'] = array(
    '#type' => 'textarea',
    '#title' => t('Picture guidelines'),
    '#default_value' => variable_get('user_picture_guidelines', ''),
    '#description' => t("This text is displayed at the picture upload form in addition to the default guidelines. It's useful for helping or instructing your users."),
  );

  $form['email_title'] = array(
    '#type' => 'item',
    '#title' => t('E-mails'),
  );
  $form['email'] = array(
    '#type' => 'vertical_tabs',
422 423 424
  );
  // These email tokens are shared for all settings, so just define
  // the list once to help ensure they stay in sync.
425
  $email_token_help = t('Available variables are: [site:name], [site:url], [user:name], [user:mail], [site:login-url], [site:url-brief], [user:edit-url], [user:one-time-login-url], [user:cancel-url].');
426

427
  $form['email_admin_created'] = array(
428
    '#type' => 'fieldset',
429
    '#title' => t('Welcome (new user created by administrator)'),
430
    '#collapsible' => TRUE,
431
    '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_ADMINISTRATORS_ONLY),
432
    '#description' => t('Edit the welcome e-mail messages sent to new member accounts created by an administrator.') . ' ' . $email_token_help,
433
    '#group' => 'email',
434
  );
435
  $form['email_admin_created']['user_mail_register_admin_created_subject'] = array(
436 437
    '#type' => 'textfield',
    '#title' => t('Subject'),
438
    '#default_value' => _user_mail_text('register_admin_created_subject', NULL, array(), FALSE),
439 440
    '#maxlength' => 180,
  );
441
  $form['email_admin_created']['user_mail_register_admin_created_body'] = array(
442 443
    '#type' => 'textarea',
    '#title' => t('Body'),
444
    '#default_value' => _user_mail_text('register_admin_created_body', NULL, array(), FALSE),
445 446 447
    '#rows' => 15,
  );

448
  $form['email_pending_approval'] = array(
449
    '#type' => 'fieldset',
450
    '#title' => t('Welcome (awaiting approval)'),
451
    '#collapsible' => TRUE,
452
    '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL),
453
    '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when administrative approval is required.') . ' ' . $email_token_help,
454
    '#group' => 'email',
455
  );
456
  $form['email_pending_approval']['user_mail_register_pending_approval_subject'] = array(
457 458
    '#type' => 'textfield',
    '#title' => t('Subject'),
459
    '#default_value' => _user_mail_text('register_pending_approval_subject', NULL, array(), FALSE),
460 461
    '#maxlength' => 180,
  );
462
  $form['email_pending_approval']['user_mail_register_pending_approval_body'] = array(
463 464
    '#type' => 'textarea',
    '#title' => t('Body'),
465
    '#default_value' => _user_mail_text('register_pending_approval_body', NULL, array(), FALSE),
466
    '#rows' => 8,
467 468
  );

469
  $form['email_no_approval_required'] = array(
470
    '#type' => 'fieldset',
471
    '#title' => t('Welcome (no approval required)'),
472
    '#collapsible' => TRUE,
473
    '#collapsed' => (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) != USER_REGISTER_VISITORS),
474
    '#description' => t('Edit the welcome e-mail messages sent to new members upon registering, when no administrator approval is required.') . ' ' . $email_token_help,
475
    '#group' => 'email',
476
  );
477
  $form['email_no_approval_required']['user_mail_register_no_approval_required_subject'] = array(
478 479
    '#type' => 'textfield',
    '#title' => t('Subject'),
480
    '#default_value' => _user_mail_text('register_no_approval_required_subject', NULL, array(), FALSE),
481 482
    '#maxlength' => 180,
  );
483
  $form['email_no_approval_required']['user_mail_register_no_approval_required_body'] = array(
484 485
    '#type' => 'textarea',
    '#title' => t('Body'),
486
    '#default_value' => _user_mail_text('register_no_approval_required_body', NULL, array(), FALSE),
487
    '#rows' => 15,
488
  );
489

490
  $form['email_password_reset'] = array(
491
    '#type' => 'fieldset',
492
    '#title' => t('Password recovery'),
493 494
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
495
    '#description' => t('Edit the e-mail messages sent to users who request a new password.') . ' ' . $email_token_help,
496 497
    '#group' => 'email',
    '#weight' => 10,
498
  );
499
  $form['email_password_reset']['user_mail_password_reset_subject'] = array(
500 501
    '#type' => 'textfield',
    '#title' => t('Subject'),
502
    '#default_value' => _user_mail_text('password_reset_subject', NULL, array(), FALSE),
503 504
    '#maxlength' => 180,
  );
505
  $form['email_password_reset']['user_mail_password_reset_body'] = array(
506 507
    '#type' => 'textarea',
    '#title' => t('Body'),
508
    '#default_value' => _user_mail_text('password_reset_body', NULL, array(), FALSE),
509 510 511
    '#rows' => 12,
  );

512
  $form['email_activated'] = array(
513
    '#type' => 'fieldset',
514
    '#title' => t('Account activation'),
515 516
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
517
    '#description' => t('Enable and edit e-mail messages sent to users upon account activation (when an administrator activates an account of a user who has already registered, on a site where administrative approval is required).') . ' ' . $email_token_help,
518
    '#group' => 'email',
519
  );
520
  $form['email_activated']['user_mail_status_activated_notify'] = array(
521 522 523 524
    '#type' => 'checkbox',
    '#title' => t('Notify user when account is activated.'),
    '#default_value' => variable_get('user_mail_status_activated_notify', TRUE),
  );
525 526 527 528 529 530 531 532 533 534
  $form['email_activated']['settings'] = array(
    '#type' => 'container',
    '#states' => array(
      // Hide the additional settings when this email is disabled.
      'invisible' => array(
        'input[name="user_mail_status_activated_notify"]' => array('checked' => FALSE),
      ),
    ),
  );
  $form['email_activated']['settings']['user_mail_status_activated_subject'] = array(
535 536
    '#type' => 'textfield',
    '#title' => t('Subject'),
537
    '#default_value' => _user_mail_text('status_activated_subject', NULL, array(), FALSE),
538 539
    '#maxlength' => 180,
  );
540
  $form['email_activated']['settings']['user_mail_status_activated_body'] = array(
541 542
    '#type' => 'textarea',
    '#title' => t('Body'),
543
    '#default_value' => _user_mail_text('status_activated_body', NULL, array(), FALSE),
544 545 546
    '#rows' => 15,
  );

547
  $form['email_blocked'] = array(
548
    '#type' => 'fieldset',
549
    '#title' => t('Account blocked'),
550 551
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
552
    '#description' => t('Enable and edit e-mail messages sent to users when their accounts are blocked.') . ' ' . $email_token_help,
553
    '#group' => 'email',
554
  );
555
  $form['email_blocked']['user_mail_status_blocked_notify'] = array(
556 557 558 559
    '#type' => 'checkbox',
    '#title' => t('Notify user when account is blocked.'),
    '#default_value' => variable_get('user_mail_status_blocked_notify', FALSE),
  );
560 561 562 563 564 565 566 567 568 569
  $form['email_blocked']['settings'] = array(
    '#type' => 'container',
    '#states' => array(
      // Hide the additional settings when the blocked email is disabled.
      'invisible' => array(
        'input[name="user_mail_status_blocked_notify"]' => array('checked' => FALSE),
      ),
    ),
  );
  $form['email_blocked']['settings']['user_mail_status_blocked_subject'] = array(
570 571
    '#type' => 'textfield',
    '#title' => t('Subject'),
572
    '#default_value' => _user_mail_text('status_blocked_subject', NULL, array(), FALSE),
573 574
    '#maxlength' => 180,
  );
575
  $form['email_blocked']['settings']['user_mail_status_blocked_body'] = array(
576 577
    '#type' => 'textarea',
    '#title' => t('Body'),
578
    '#default_value' => _user_mail_text('status_blocked_body', NULL, array(), FALSE),
579 580 581
    '#rows' => 3,
  );

582
  $form['email_cancel_confirm'] = array(
583
    '#type' => 'fieldset',
584
    '#title' => t('Account cancellation confirmation'),
585 586
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
587
    '#description' => t('Edit the e-mail messages sent to users when they attempt to cancel their accounts.') . ' ' . $email_token_help,
588
    '#group' => 'email',
589
  );
590
  $form['email_cancel_confirm']['user_mail_cancel_confirm_subject'] = array(
591 592
    '#type' => 'textfield',
    '#title' => t('Subject'),
593
    '#default_value' => _user_mail_text('cancel_confirm_subject', NULL, array(), FALSE),
594 595
    '#maxlength' => 180,
  );
596
  $form['email_cancel_confirm']['user_mail_cancel_confirm_body'] = array(
597 598
    '#type' => 'textarea',
    '#title' => t('Body'),
599
    '#default_value' => _user_mail_text('cancel_confirm_body', NULL, array(), FALSE),
600 601 602
    '#rows' => 3,
  );

603
  $form['email_canceled'] = array(
604
    '#type' => 'fieldset',
605
    '#title' => t('Account canceled'),
606 607
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
608
    '#description' => t('Enable and edit e-mail messages sent to users when their accounts are canceled.') . ' ' . $email_token_help,
609
    '#group' => 'email',
610
  );
611
  $form['email_canceled']['user_mail_status_canceled_notify'] = array(
612
    '#type' => 'checkbox',
613 614
    '#title' => t('Notify user when account is canceled.'),
    '#default_value' => variable_get('user_mail_status_canceled_notify', FALSE),
615
  );
616 617 618
  $form['email_canceled']['settings'] = array(
    '#type' => 'container',
    '#states' => array(
619
      // Hide the settings when the cancel notify checkbox is disabled.
620 621 622 623 624 625
      'invisible' => array(
        'input[name="user_mail_status_canceled_notify"]' => array('checked' => FALSE),
      ),
    ),
  );
  $form['email_canceled']['settings']['user_mail_status_canceled_subject'] = array(
626 627
    '#type' => 'textfield',
    '#title' => t('Subject'),
628
    '#default_value' => _user_mail_text('status_canceled_subject', NULL, array(), FALSE),
629 630
    '#maxlength' => 180,
  );
631
  $form['email_canceled']['settings']['user_mail_status_canceled_body'] = array(
632 633
    '#type' => 'textarea',
    '#title' => t('Body'),
634
    '#default_value' => _user_mail_text('status_canceled_body', NULL, array(), FALSE),
635 636 637
    '#rows' => 3,
  );

638
  return system_settings_form($form);
639 640 641 642
}

/**
 * Menu callback: administer permissions.
643
 *
644
 * @ingroup forms
645 646
 * @see user_admin_permissions_submit()
 * @see theme_user_admin_permissions()
647
 */
648
function user_admin_permissions($form, $form_state, $rid = NULL) {
649

650 651
  // Retrieve role names for columns.
  $role_names = user_roles();
652
  if (is_numeric($rid)) {
653
    $role_names = array($rid => $role_names[$rid]);
654
  }
655 656
  // Fetch permissions for all roles or the one selected role.
  $role_permissions = user_role_permissions($role_names);
657

658 659 660 661 662
  // Store $role_names for use when saving the data.
  $form['role_names'] = array(
    '#type' => 'value',
    '#value' => $role_names,
  );
663 664
  // Render role/permission overview:
  $options = array();
665
  $module_info = system_get_info('module');
666
  $hide_descriptions = system_admin_compact_mode();
667 668 669 670

  // Get a list of all the modules implementing a hook_permission() and sort by
  // display name.
  $modules = array();
671
  foreach (module_implements('permission') as $module) {
672 673 674 675 676
    $modules[$module_info[$module]['name']] = $module;
  }
  ksort($modules);

  foreach ($modules as $display_name => $module) {
677
    if ($permissions = module_invoke($module, 'permission')) {
678
      $form['permission'][] = array(
679
        '#markup' => $module_info[$module]['name'],
680
        '#id' => $module,
681
      );
682
      foreach ($permissions as $perm => $perm_item) {
683 684 685 686 687 688
        // Fill in default values for the permission.
        $perm_item += array(
          'description' => '',
          'restrict access' => FALSE,
          'warning' => !empty($perm_item['restrict access']) ? t('Warning: Give to trusted roles only; this permission has security implications.') : '',
        );
689
        $options[$perm] = '';
690 691
        $form['permission'][$perm] = array(
          '#type' => 'item',
692
          '#markup' => $perm_item['title'],
693
          '#description' => theme('user_permission_description', array('permission_item' => $perm_item, 'hide' => $hide_descriptions)),
694
        );
695 696
        foreach ($role_names as $rid => $name) {
          // Builds arrays for checked boxes for each role
697
          if (isset($role_permissions[$rid][$perm])) {
698 699 700 701 702 703 704 705 706 707
            $status[$rid][] = $perm;
          }
        }
      }
    }
  }

  // Have to build checkboxes here after checkbox arrays are built
  foreach ($role_names as $rid => $name) {
    $form['checkboxes'][$rid] = array('#type' => 'checkboxes', '#options' => $options, '#default_value' => isset($status[$rid]) ? $status[$rid] : array());
708
    $form['role_names'][$rid] = array('#markup' => check_plain($name), '#tree' => TRUE);
709
  }
710

711
  $form['actions'] = array('#type' => 'actions');
712
  $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Save permissions'));
713

714
  $form['#attached']['js'][] = drupal_get_path('module', 'user') . '/user.permissions.js';
715

716 717 718
  return $form;
}

719 720 721
/**
 * Save permissions selected on the administer permissions page.
 *
722
 * @see user_admin_permissions()
723
 */
724
function user_admin_permissions_submit($form, &$form_state) {
725
  foreach ($form_state['values']['role_names'] as $rid => $name) {
726
    user_role_change_permissions($rid, $form_state['values'][$rid]);
727 728 729 730
  }

  drupal_set_message(t('The changes have been saved.'));

731
  // Clear the cached pages and blocks.
732 733 734 735
  cache_clear_all();
}

/**
736 737 738 739 740
 * Returns HTML for the administer permissions page.
 *
 * @param $variables
 *   An associative array containing:
 *   - form: A render element representing the form.
741 742 743
 *
 * @ingroup themeable
 */
744 745 746
function theme_user_admin_permissions($variables) {
  $form = $variables['form'];

747
  $roles = user_roles();
748
  foreach (element_children($form['permission']) as $key) {
749 750 751
    $row = array();
    // Module name
    if (is_numeric($key)) {
752
      $row[] = array('data' => drupal_render($form['permission'][$key]), 'class' => array('module'), 'id' => 'module-' . $form['permission'][$key]['#id'], 'colspan' => count($form['role_names']['#value']) + 1);
753 754 755 756 757
    }
    else {
      // Permission row.
      $row[] = array(
        'data' => drupal_render($form['permission'][$key]),
758
        'class' => array('permission'),
759 760
      );
      foreach (element_children($form['checkboxes']) as $rid) {
761
        $row[] = array('data' => drupal_render($form['checkboxes'][$rid][$key]), 'class' => array('checkbox'), 'title' => $roles[$rid] . ' : ' . t($key));
762 763
      }
    }
764
    $rows[] = $row;
765 766 767
  }
  $header[] = (t('Permission'));
  foreach (element_children($form['role_names']) as $rid) {
768
    $header[] = array('data' => drupal_render($form['role_names'][$rid]), 'class' => array('checkbox'));
769
  }
770
  $output = theme('system_compact_link');
771
  $output .= theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'permissions')));
772
  $output .= drupal_render_children($form);
773 774 775
  return $output;
}

776
/**
777
 * Returns HTML for an individual permission description.
778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806
 *
 * @param $variables
 *   An associative array containing:
 *   - permission_item: An associative array representing the permission whose
 *     description is being themed. Useful keys include:
 *     - description: The text of the permission description.
 *     - warning: A security-related warning message about the permission (if
 *       there is one).
 *   - hide: A boolean indicating whether or not the permission description was
 *     requested to be hidden rather than shown.
 *
 * @ingroup themeable
 */
function theme_user_permission_description($variables) {
  if (!$variables['hide']) {
    $description = array();
    $permission_item = $variables['permission_item'];
    if (!empty($permission_item['description'])) {
      $description[] = $permission_item['description'];
    }
    if (!empty($permission_item['warning'])) {
      $description[] = '<em class="permission-warning">' . $permission_item['warning'] . '</em>';
    }
    if (!empty($description)) {
      return implode(' ', $description);
    }
  }
}

807
/**
808
 * Form to re-order roles or add a new one.
809
 *
810
 * @ingroup forms
811
 * @see theme_user_admin_roles()
812
 */
813 814 815 816 817 818 819 820 821 822 823 824
function user_admin_roles($form, $form_state) {
  $roles = user_roles();

  $form['roles'] = array(
    '#tree' => TRUE,
  );
  $order = 0;
  foreach ($roles as $rid => $name) {
    $form['roles'][$rid]['#role'] = (object) array(
      'rid' => $rid,
      'name' => $name,
      'weight' => $order,
825
    );
826 827
    $form['roles'][$rid]['#weight'] = $order;
    $form['roles'][$rid]['weight'] = array(
828
      '#type' => 'textfield',
829 830 831
      '#size' => 4,
      '#default_value' => $order,
      '#attributes' => array('class' => array('role-weight')),
832
    );
833 834 835 836 837 838 839 840 841 842 843 844 845 846
    $order++;
  }

  $form['name'] = array(
    '#type' => 'textfield',
    '#size' => 32,
    '#maxlength' => 64,
  );
  $form['add'] = array(
    '#type' => 'submit',
    '#value' => t('Add role'),
    '#validate' => array('user_admin_role_validate'),
    '#submit' => array('user_admin_role_submit'),
  );
847 848
  $form['actions'] = array('#type' => 'actions');
  $form['actions']['submit'] = array(
849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868
    '#type' => 'submit',
    '#value' => t('Save order'),
    '#submit' => array('user_admin_roles_order_submit'),
  );

  return $form;
}

/**
 * Form submit function. Update the role weights.
 */
function user_admin_roles_order_submit($form, &$form_state) {
  foreach ($form_state['values']['roles'] as $rid => $role_values) {
    $role = $form['roles'][$rid]['#role'];
    $role->weight = $role_values['weight'];
    user_role_save($role);
  }
}

/**
869 870 871 872 873
 * Returns HTML for the role order and new role form.
 *
 * @param $variables
 *   An associative array containing:
 *   - form: A render element representing the form.
874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896
 *
 * @ingroup themeable
 */
function theme_user_admin_roles($variables) {
  $form = $variables['form'];

  $header = array(t('Name'), t('Weight'), array('data' => t('Operations'), 'colspan' => 2));
  foreach (element_children($form['roles']) as $rid) {
    $name = $form['roles'][$rid]['#role']->name;
    $row = array();
    if (in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
      $row[] = t('@name <em>(locked)</em>', array('@name' => $name));
      $row[] = drupal_render($form['roles'][$rid]['weight']);
      $row[] = '';
      $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid);
    }
    else {
      $row[] = check_plain($name);
      $row[] = drupal_render($form['roles'][$rid]['weight']);
      $row[] = l(t('edit role'), 'admin/people/permissions/roles/edit/' . $rid);
      $row[] = l(t('edit permissions'), 'admin/people/permissions/' . $rid);
    }
    $rows[] = array('data' => $row, 'class' => array('draggable'));
897
  }
898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937
  $rows[] = array(array('data' => drupal_render($form['name']) . drupal_render($form['add']), 'colspan' => 4, 'class' => 'edit-name'));

  drupal_add_tabledrag('user-roles', 'order', 'sibling', 'role-weight');

  $output = theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'user-roles')));
  $output .= drupal_render_children($form);

  return $output;
}

/**
 * Form to configure a single role.
 *
 * @ingroup forms
 * @see user_admin_role_validate()
 * @see user_admin_role_submit()
 */
function user_admin_role($form, $form_state, $role) {
  if ($role->rid == DRUPAL_ANONYMOUS_RID || $role->rid == DRUPAL_AUTHENTICATED_RID) {
    drupal_goto('admin/people/permissions/roles');
  }

  // Display the edit role form.
  $form['name'] = array(
    '#type' => 'textfield',
    '#title' => t('Role name'),
    '#default_value' => $role->name,
    '#size' => 30,
    '#required' => TRUE,
    '#maxlength' => 64,
    '#description' => t('The name for this role. Example: "moderator", "editorial board", "site architect".'),
  );
  $form['rid'] = array(
    '#type' => 'value',
    '#value' => $role->rid,
  );
  $form['weight'] = array(
    '#type' => 'value',
    '#value' => $role->weight,
  );
938
  $form['actions'] = array('#type' => 'actions');
939 940 941 942 943 944 945
  $form['actions']['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Save role'),
  );
  $form['actions']['delete'] = array(
    '#type' => 'submit',
    '#value' => t('Delete role'),
946
    '#submit' => array('user_admin_role_delete_submit'),
947 948
  );

949 950 951
  return $form;
}