Merge pull request #8122 from annando/additional

Additional accounts can now be created easily
2020-01-18 08:21:17 -05:00 · 2020-01-18 08:21:17 -05:00 · 7274891b62
commit 7274891b62
parent 4e83b2930e f69a601ab1
5 changed files with 120 additions and 46 deletions
--- a/src/Module/Register.php
+++ b/src/Module/Register.php
@ -43,13 +43,21 @@ class Register extends BaseModule
 		// 'block_extended_register' blocks all registrations, period.
 		$block = Config::get('system', 'block_extended_register');

-		if (local_user() && ($block)) {
-			notice('Permission denied.' . EOL);
+		if (local_user() && $block) {
+			notice(L10n::t('Permission denied.'));
 			return '';
 		}

-		if ((!local_user()) && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) {
-			notice('Permission denied.' . EOL);
+		if (local_user()) {
+			$user = DBA::selectFirst('user', ['parent-uid'], ['uid' => local_user()]);
+			if (!empty($user['parent-uid'])) {
+				notice(L10n::t('Only parent users can create additional accounts.'));
+				return '';
+			}
+		}
+
+		if (!local_user() && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) {
+			notice(L10n::t('Permission denied.'));
 			return '';
 		}

@ -58,7 +66,7 @@ class Register extends BaseModule
 			$count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']);
 			if ($count >= $max_dailies) {
 				Logger::log('max daily registrations exceeded.');
-				notice(L10n::t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL);
+				notice(L10n::t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.'));
 				return '';
 			}
 		}
@ -70,7 +78,7 @@ class Register extends BaseModule
 		$photo      = $_REQUEST['photo']      ?? '';
 		$invite_id  = $_REQUEST['invite_id']  ?? '';

-		if (Config::get('system', 'no_openid')) {
+		if (local_user() || Config::get('system', 'no_openid')) {
 			$fillwith = '';
 			$fillext  = '';
 			$oidlabel = '';
@ -94,7 +102,7 @@ class Register extends BaseModule
 			]);
 		}

-		$ask_password = ! DBA::count('contact');
+		$ask_password = !DBA::count('contact');

 		$tpl = Renderer::getMarkupTemplate('register.tpl');

@ -142,7 +150,10 @@ class Register extends BaseModule
 			'$privstatement'=> $tos->privacy_complete,
 			'$form_security_token' => BaseModule::getFormSecurityToken('register'),
 			'$explicit_content' => Config::get('system', 'explicit_content', false),
-			'$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content')
+			'$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content'),
+			'$additional'   => !empty(local_user()),
+			'$parent_password' => ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')]
+
 		]);

 		return $o;
@ -163,6 +174,26 @@ class Register extends BaseModule
 		$arr = ['post' => $_POST];
 		Hook::callAll('register_post', $arr);

+		$additional_account = false;
+
+		if (!local_user() && !empty($arr['post']['parent_password'])) {
+			notice(L10n::t('Permission denied.'));
+			return;
+		} elseif (local_user() && !empty($arr['post']['parent_password'])) {
+			try {
+				Model\User::getIdFromPasswordAuthentication(local_user(), $arr['post']['parent_password']);
+			} catch (\Exception $ex) {
+				notice(L10n::t("Password doesn't match."));
+				$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
+				DI::baseUrl()->redirect('register?' . http_build_query($regdata));
+			}
+			$additional_account = true;
+		} elseif (local_user()) {
+			notice(L10n::t('Please enter your password.'));
+			$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
+			DI::baseUrl()->redirect('register?' . http_build_query($regdata));
+		}
+
 		$max_dailies = intval(Config::get('system', 'max_daily_registrations'));
 		if ($max_dailies) {
 			$count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']);
@ -185,7 +216,7 @@ class Register extends BaseModule
 			case self::CLOSED:
 			default:
 				if (empty($_SESSION['authenticated']) && empty($_SESSION['administrator'])) {
-					\notice(L10n::t('Permission denied.') . EOL);
+					notice(L10n::t('Permission denied.'));
 					return;
 				}
 				$blocked = 1;
@ -208,6 +239,20 @@ class Register extends BaseModule
 		// Overwriting the "tar pit" field with the real one
 		$arr['email'] = $arr['field1'];

+		if ($additional_account) {
+			$user = DBA::selectFirst('user', ['email'], ['uid' => local_user()]);
+			if (!DBA::isResult($user)) {
+				notice(L10n::t('User not found.'));
+				DI::baseUrl()->redirect('register');
+			}
+
+			$blocked = 0;
+			$verified = 1;
+
+			$arr['password1'] = $arr['confirm'] = $arr['parent_password'];
+			$arr['repeat'] = $arr['email'] = $user['email'];
+		}
+
 		if ($arr['email'] != $arr['repeat']) {
 			Logger::info('Mail mismatch', $arr);
 			notice(L10n::t('Please enter the identical mail address in the second field.'));
@ -222,7 +267,7 @@ class Register extends BaseModule
 		try {
 			$result = Model\User::create($arr);
 		} catch (\Exception $e) {
-			\notice($e->getMessage());
+			notice($e->getMessage());
 			return;
 		}

@ -235,6 +280,12 @@ class Register extends BaseModule
 			Worker::add(PRIORITY_LOW, 'Directory', $url);
 		}

+		if ($additional_account) {
+			DBA::update('user', ['parent-uid' => local_user()], ['uid' => $user['uid']]);
+			info(L10n::t('The additional account was created.'));
+			DI::baseUrl()->redirect('delegation');
+		}
+
 		$using_invites = Config::get('system', 'invitation_only');
 		$num_invites   = Config::get('system', 'number_invites');
 		$invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : '');
@ -256,29 +307,29 @@ class Register extends BaseModule
 				);

 				if ($res) {
-					\info(L10n::t('Registration successful. Please check your email for further instructions.') . EOL);
+					info(L10n::t('Registration successful. Please check your email for further instructions.'));
 					DI::baseUrl()->redirect();
 				} else {
-					\notice(
+					notice(
 						L10n::t('Failed to send email message. Here your accout details:<br> login: %s<br> password: %s<br><br>You can change your password after login.',
 							$user['email'],
 							$result['password'])
 					);
 				}
 			} else {
-				\info(L10n::t('Registration successful.') . EOL);
+				info(L10n::t('Registration successful.'));
 				DI::baseUrl()->redirect();
 			}
 		} elseif (intval(Config::get('config', 'register_policy')) === self::APPROVE) {
 			if (!strlen(Config::get('config', 'admin_email'))) {
-				\notice(L10n::t('Your registration can not be processed.') . EOL);
+				notice(L10n::t('Your registration can not be processed.'));
 				DI::baseUrl()->redirect();
 			}

 			// Check if the note to the admin is actually filled out
 			if (empty($_POST['permonlybox'])) {
-				\notice(L10n::t('You have to leave a request note for the admin.')
-					. L10n::t('Your registration can not be processed.') . EOL);
+				notice(L10n::t('You have to leave a request note for the admin.')
+					. L10n::t('Your registration can not be processed.'));

 				DI::baseUrl()->redirect('register/');
 			}
@ -325,7 +376,7 @@ class Register extends BaseModule
 				$result['password']
 			);

-			\info(L10n::t('Your registration is pending approval by the site owner.') . EOL);
+			info(L10n::t('Your registration is pending approval by the site owner.'));
 			DI::baseUrl()->redirect();
 		}

--- a/src/Module/Settings/Delegation.php
+++ b/src/Module/Settings/Delegation.php
@ -140,12 +140,15 @@ class Delegation extends BaseSettingsModule

 		$o = Renderer::replaceMacros(Renderer::getMarkupTemplate('settings/delegation.tpl'), [
 			'$form_security_token' => BaseModule::getFormSecurityToken('delegate'),
+			'$account_header' => L10n::t('Additional Accounts'),
+			'$account_desc' => L10n::t('Register additional accounts that are automatically connected to your existing account so you can manage it from this account.'),
+			'$add_account' => L10n::t('Register an additional account'),
 			'$parent_header' => L10n::t('Parent User'),
 			'$parent_user' => $parent_user,
 			'$parent_password' => $parent_password,
 			'$parent_desc' => L10n::t('Parent users have total control about this account, including the account settings. Please double check whom you give this access.'),
 			'$submit' => L10n::t('Save Settings'),
-			'$header' => L10n::t('Delegate Page Management'),
+			'$header' => L10n::t('Manage Accounts'),
 			'$delegates_header' => L10n::t('Delegates'),
 			'$base' => DI::baseUrl(),
 			'$desc' => L10n::t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'),
--- a/view/templates/register.tpl
+++ b/view/templates/register.tpl
@ -35,17 +35,19 @@
 	<div id="register-name-end" ></div>


-	<div id="register-email-wrapper" >
-		<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
-		<input type="text" maxlength="60" size="32" name="field1" id="register-email" value="{{$email}}" required>
-	</div>
-	<div id="register-email-end" ></div>
+	{{if !$additional}}
+		<div id="register-email-wrapper" >
+			<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
+			<input type="text" maxlength="60" size="32" name="field1" id="register-email" value="{{$email}}" required>
+		</div>
+		<div id="register-email-end" ></div>

-	<div id="register-repeat-wrapper" >
-		<label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label>
-		<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" value="" required>
-	</div>
-	<div id="register-repeat-end" ></div>
+		<div id="register-repeat-wrapper" >
+			<label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label>
+			<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" value="" required>
+		</div>
+		<div id="register-repeat-end" ></div>
+	{{/if}}

 {{if $ask_password}}
 	{{include file="field_password.tpl" field=$password1}}
@ -62,6 +64,10 @@

 	<input type="input" id=tarpit" name="email" style="display: none;" placeholder="Don't enter anything here"/>

+	{{if $additional}}
+		{{include file="field_password.tpl" field=$parent_password}}
+	{{/if}}
+
 {{if $permonly}}
 	{{include file="field_textarea.tpl" field=$permonlybox}}
 {{/if}}
@ -83,8 +89,10 @@
 	</div>
 	<div id="register-submit-end" ></div>

-	<h3>{{$importh}}</h3>
-	<div id ="import-profile">
-		<a href="uimport">{{$importt}}</a>
-	</div>
+	{{if !$additional}}
+		<h3>{{$importh}}</h3>
+		<div id ="import-profile">
+			<a href="uimport">{{$importt}}</a>
+		</div>
+	{{/if}}
 </form>
--- a/view/templates/settings/delegation.tpl
+++ b/view/templates/settings/delegation.tpl
@ -11,6 +11,10 @@
 		<div class="submit"><input type="submit" name="delegate" value="{{$submit}}"/></div>
 	</form>
 </div>
+{{else}}
+<h4>{{$account_header}}</h4>
+<div id="add-account-desc" class="add-account-desc">{{$account_desc}}</div>
+<a href='register'>{{$add_account}}</a>
 {{/if}}

 <h4>{{$delegates_header}}</h4>
--- a/view/theme/frio/templates/register.tpl
+++ b/view/theme/frio/templates/register.tpl
@ -36,17 +36,19 @@
 		<div id="register-name-end" ></div>


-		<div id="register-email-wrapper" class="form-group">
-			<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
-			<input type="text" maxlength="60" size="32" name="field1" id="register-email" class="form-control" value="{{$email}}" required>
-		</div>
-		<div id="register-email-end" ></div>
+		{{if !$additional}}
+			<div id="register-email-wrapper" class="form-group">
+				<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
+				<input type="text" maxlength="60" size="32" name="field1" id="register-email" class="form-control" value="{{$email}}" required>
+			</div>
+			<div id="register-email-end" ></div>

-		<div id="register-repeat-wrapper" class="form-group">
-			<label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label>
-			<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" class="form-control" value="" required>
-		</div>
-		<div id="register-repeat-end" ></div>
+			<div id="register-repeat-wrapper" class="form-group">
+				<label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label>
+				<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" class="form-control" value="" required>
+			</div>
+			<div id="register-repeat-end" ></div>
+		{{/if}}

 		{{if $ask_password}}
 		{{include file="field_password.tpl" field=$password1}}
@ -60,6 +62,10 @@
 		</div>
 		<div id="register-nickname-end" ></div>

+		{{if $additional}}
+			{{include file="field_password.tpl" field=$parent_password}}
+		{{/if}}
+
 		<input type="input" id=tarpit" name="email" style="display: none;" placeholder="Don't enter anything here"/>

 		{{if $permonly}}
@ -83,9 +89,11 @@
 		</div>
 		<div id="register-submit-end" class="clear"></div>

-		<h3>{{$importh}}</h3>
-		<div id ="import-profile">
-			<a href="uimport">{{$importt}}</a>
-		</div>
+		{{if !$additional}}
+			<h3>{{$importh}}</h3>
+			<div id ="import-profile">
+				<a href="uimport">{{$importt}}</a>
+			</div>
+		{{/if}}
 	</form>
 </div>