initial version for user managment tab in the settings page

10 files changed, 251 insertions, 50 deletions

diff --git a/css/default.php b/css/default.php
index 09f98976b9e..5f69eeaa1ba 100644
--- a/css/default.php
+++ b/css/default.php
@@ -454,4 +454,54 @@ div.moreActionsList tr:hover{
 	position:absolute;
 	overflow:auto;
 	height:100%;
+}
+
+table.userlist{
+	margin:0px;
+	padding:0px;
+	width:100%;
+	border-spacing:0px;
+}
+
+table.userlist>thead{
+	background-color:#DDD;
+}
+
+table.userlist td.sellect{
+	width:18px;
+}
+
+table.userlist td.name{
+	width:200px;
+}
+
+p.description{
+	background-color:#DDD;
+	margin:0px;
+	padding-top:3px;
+	padding-bottom:3px;
+	width:100%;
+	font-weight:bold;
+}
+
+#newUserForm, #newGroupForm{
+	width:100%;
+	padding-top:3px;
+	padding-bottom:3px;
+}
+
+#settingsContent_user_managment{
+	background-color:#F2F2F2;
+	min-height:100%;
+}
+
+#sellectedUsersActions>form{
+	display:inline;
+}
+
+#sellectedUsersActions{
+	margin:0px;
+	text-align:left;
+	background-color:#DDD;
+	width:100%;
 }
\ No newline at end of file
diff --git a/inc/User/backend.php b/inc/User/backend.php
index 4283e6799ef..e71d155cea1 100755
--- a/inc/User/backend.php
+++ b/inc/User/backend.php
@@ -111,6 +111,14 @@ abstract class OC_USER_BACKEND {
 	abstract public static function addToGroup($username, $groupName);
 
 	/**
+	 * Remove a user from a group
+	 *
+	 * @param  string  $username   Name of the user to remove from group
+	 * @param  string  $groupName  Name of the group from which remove the user
+	 */
+	abstract public static function removeFromGroup($username,$groupName);
+	
+	/**
 	 * Generate a random password
 	 */
 	abstract public static function generatePassword();
diff --git a/inc/User/database.php b/inc/User/database.php
index e121760ab82..6b1310265da 100755
--- a/inc/User/database.php
+++ b/inc/User/database.php
@@ -64,8 +64,8 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 	 * @param  string  $password  The password of the new user
 	 */
 	public static function createUser($username, $password) {
+		self::clearCache();
 		global $CONFIG_DBTABLEPREFIX;
-
 		// Check if the user already exists
 		if ( 0 != OC_USER::getUserId($username, true) ) {
 			return false;
@@ -138,9 +138,9 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 	 * @param  string  $groupName  The name of the group to create
 	 */
 	public static function createGroup($groupName) {
+		self::clearCache();
 		global $CONFIG_DBTABLEPREFIX;
-
-		if ( 0 == OC_USER::getGroupId($groupName, true) ) {
+		if (0 == OC_USER::getGroupId($groupName) ) {
 			$groupName = OC_DB::escape($groupName);
 			$query = "INSERT INTO  `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupName')";
 			$result = OC_DB::query($query);
@@ -251,17 +251,15 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 	 */
 	public static function addToGroup($username, $groupName) {
 		global $CONFIG_DBTABLEPREFIX;
-
+		self::clearCache();
 		if ( !OC_USER::inGroup($username, $groupName) ) {
-			$userId = OC_USER::getUserId($username);
-			$groupId = OC_USER::getGroupId($groupName);
+			$userId = OC_USER::getUserId($username,true);
+			$groupId = OC_USER::getGroupId($groupName,true);
 			if ( (0 != $groupId) AND (0 != $userId) ) {
 				$query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId',  '$groupId');";
 				$result = OC_DB::query($query);
 				if ( $result ) {
-					if(isset(self::$userGroupCache[$userId])){
-						self::$userGroupCache[$userId][]=$groupId;
-					}
+					self::clearCache();
 					return true;
 				} else {
 					return false;
@@ -273,6 +271,32 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 			return true;
 		}
 	}
+	
+	/**
+	 * Remove a user from a group
+	 *
+	 * @param  string  $username   Name of the user to remove from group
+	 * @param  string  $groupName  Name of the group from which remove the user
+	 */
+	public static function removeFromGroup($username,$groupName){
+		global $CONFIG_DBTABLEPREFIX;
+		self::clearCache();
+		if (OC_USER::inGroup($username, $groupName) ) {
+			$userId = OC_USER::getUserId($username,true);
+			$groupId = OC_USER::getGroupId($groupName,true);
+			if ( (0 != $groupId) AND (0 != $userId) ) {
+				$query="DELETE FROM `{$CONFIG_DBTABLEPREFIX}user_group` WHERE `group_id` =$groupId AND `user_id`=$userId";
+				$result = OC_DB::query($query);
+				if ( $result ) {
+					self::clearCache();
+					return true;
+				} else {
+					return false;
+				}
+			}
+		}
+		return false;
+	}
 
 	/**
 	 * Generate a random password
@@ -293,17 +317,15 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 		if(!isset(self::$userGroupCache[$userId])){
 			$query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'";
 			$result = OC_DB::select($query);
-			$groups = array();
 			$groupsId = array();
 			if ( is_array($result) ) {
 				foreach ( $result as $group ) {
 					$groupId = $group['group_id'];
 					$groupsId[]=$groupId;
-					$groups[] = OC_USER::getGroupName($groupId);
 				}
 			}
 			self::$userGroupCache[$userId]=$groupsId;
-			return $groups;
+			return $groupsId;
 		}else{
 			return self::$userGroupCache[$userId];
 		}
@@ -342,7 +364,7 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 		$usernameClean = strToLower($username);
 		$usernameClean = OC_DB::escape($usernameClean);
 		$username = OC_DB::escape($username);
-		$query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' "
+		$query = "SELECT user_id FROM `{$CONFIG_DBTABLEPREFIX}users` "
 		       . "WHERE user_name_clean = '$usernameClean' AND user_password =  '$password' LIMIT 1";
 		$result = OC_DB::select($query);
 		if ( isset($result[0]) AND isset($result[0]['user_id']) AND ($result[0]['user_id'] > 0) ) {
@@ -359,7 +381,7 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 	public static function getUsers() {
 		global $CONFIG_DBTABLEPREFIX;
 		
-		$query = "SELECT user_name FROM '{$CONFIG_DBTABLEPREFIX}users'";
+		$query = "SELECT user_name FROM `{$CONFIG_DBTABLEPREFIX}users`";
 		$result = OC_DB::select($query);
 		$users=array();
 		foreach($result as $user){
@@ -375,7 +397,7 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 	public static function getGroups() {
 		global $CONFIG_DBTABLEPREFIX;
 		
-		$query = "SELECT group_name FROM '{$CONFIG_DBTABLEPREFIX}groups'";
+		$query = "SELECT group_name FROM `{$CONFIG_DBTABLEPREFIX}groups`";
 		$result = OC_DB::select($query);
 		$groups=array();
 		foreach($result as $group){
@@ -383,4 +405,10 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 		}
 		return $groups;
 	}
+	
+	private static function clearCache(){
+		self::$userGroupCache=array();
+		$_SESSION['user_id_cache']=array();
+		$_SESSION['group_id_cache']=array();
+	}
 }
diff --git a/inc/lib_config.php b/inc/lib_config.php
index 8189ee7fe33..d5f0f2270fb 100644
--- a/inc/lib_config.php
+++ b/inc/lib_config.php
@@ -252,7 +252,7 @@ class OC_CONFIG{
 						if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){
 							$error.='error while trying to create the admin user<br/>';
 						}
-						if(OC_USER::getgroupid('admin')==0){
+						if(OC_USER::getgroupid('admin',true)==0){
 							if(!OC_USER::creategroup('admin')){
 								$error.='error while trying to create the admin group<br/>';
 							}
diff --git a/inc/lib_user.php b/inc/lib_user.php
index 2f55e5f6b2a..8bde1d92075 100644
--- a/inc/lib_user.php
+++ b/inc/lib_user.php
@@ -178,10 +178,20 @@ class OC_USER {
 	}
 
 	/**
+	 * Remove a user from a group
+	 *
+	 * @param  string  $username   Name of the user to remove from group
+	 * @param  string  $groupName  Name of the group from which remove the user
+	 */
+	public static function removeFromGroup($username,$groupName){
+		return self::$_backend->removeFromGroup($username, $groupName);
+	}
+
+	/**
 	 * Generate a random password
 	 */
 	public static function generatePassword() {
-		return uniqId();
+		return substr(md5(uniqId().time()),0,10);
 	}
 
 	/**
diff --git a/inc/templates/adminform.php b/inc/templates/adminform.php
index e421eac31e8..da75b8b841d 100755
--- a/inc/templates/adminform.php
+++ b/inc/templates/adminform.php
@@ -12,7 +12,6 @@ if(!isset($fillDB)) $fillDB=true;
 if(!isset($CONFIG_DBHOST)) $CONFIG_DBHOST='localhost';
 if(!isset($CONFIG_DBUSER)) $CONFIG_DBUSER='owncloud';
 if(!isset($CONFIG_DBTABLEPREFIX)) $CONFIG_DBTABLEPREFIX='oc_';
-$newuserpassword=OC_USER::generatepassword();
 ?>
 <script type="text/javascript">
 function showDBAdmin(){
@@ -187,20 +186,6 @@ if($CONFIG_DBTYPE=='sqlite'){
 ?>
 <tr><td></td><td><input type="submit" name="set_config" alt="save" value="save" class="formstyle" /></td></tr>
 </table></form><br/>
-<?php
-if(!$FIRSTRUN ){//disabled for now?>
-<br/>
-<form method="post" enctype="multipart/form-data" action="#">
-<table cellpadding="5" cellspacing="5" border="0" class="loginform">
-<tr><th colspan='2'>Create new user:</td></tr>
-<tr title="Name used to log in."><td>user name</td><td><input type='text' name='new_username' class="formstyle"></input></td></tr>
-<tr title="Make a secure password, use at least 9 characters. Use letters and numbers."><td>password</td><td><input type='text' name='new_password' class="formstyle" autocomplete="off" value='<?php echo($newuserpassword);?>'></input></td></tr>
-<tr><td></td><td><input type='submit' value='create' class="formstyle"></input></td></tr>
-</table>
-</form>
-<?php
-}
-?>
 <script type="text/javascript">
 	dbtypechange();
 	datetypechange();
diff --git a/inc/templates/configform.php b/inc/templates/configform.php
index d24c138612e..76c73cb8887 100644
--- a/inc/templates/configform.php
+++ b/inc/templates/configform.php
@@ -34,21 +34,3 @@ changepassset=function(){
 <tr><td></td><td><input type='submit' value='save' class='formstyle'/></td></tr>
 </table>
 </form>
-<!--dissabled for now
-Groups:-->
-<form method="post" enctype="multipart/form-data" action="#">
-<div><input type='hidden' name='creategroup' value='1' /></div>
-<table cellpadding="5" cellspacing="5" border="0" class="loginform">
-<tr><td colspan='2' class='center'>Current groups</td></tr>
-<?php
-$groups=OC_USER::getusergroups($_SESSION['username']);
-foreach($groups as $group){
-	?>
-	<tr><td><?php echo $group;?></td></tr>
-	<?php
-}
-?>
-<tr><td colspan='2' class='center'>Create new group</td></tr>
-<tr><td><input type='text' name='groupname' class="formstyle"></input></td><td><input type='submit' value='create' class="formstyle"></input></td></tr>
-</table>
-</form>
diff --git a/inc/templates/userform.php b/inc/templates/userform.php
new file mode 100644
index 00000000000..bb9741efd8b
--- /dev/null
+++ b/inc/templates/userform.php
@@ -0,0 +1,126 @@
+<?php
+//handle addTo and removeFrom group
+if(isset($_POST['groupAddRemove'])){
+	$groupName=$_POST['groupname'];
+	$users=explode(';',$_POST['users']);
+	if($_POST['groupAddRemove']=='add'){
+		foreach($users as $user){
+			OC_USER::addToGroup($user,$groupName);
+		}
+	}elseif($_POST['groupAddRemove']=='remove'){
+		foreach($users as $user){
+			OC_USER::removeFromGroup($user,$groupName);
+		}
+	}
+}
+$action=$WEBROOT.'/settings/#user_managment';
+if(!empty($CONFIG_ERROR)){
+	echo "<p class='error'>$CONFIG_ERROR</p>";
+}
+?>
+<script type="text/javascript">
+<?php
+	$users=OC_USER::getUsers();
+	$groups=OC_USER::getGroups();
+	echo('var users='.json_encode($users).";\n");
+	echo('var groups='.json_encode($groups).";\n");
+?>
+sellectAllUsers=function(){
+	var check=document.getElementById('user_selectall');
+	for(i in users){
+		if(users[i]){
+			document.getElementById('user_select_'+users[i]).checked=check.checked;
+		}
+	}
+	getSellectedUsers();
+}
+
+getSellectedUsers=function(){
+	sellectedUsers=new Array();
+	for(i in users){
+		if(users[i]){
+			if(document.getElementById('user_select_'+users[i]).checked){
+				sellectedUsers.push(users[i]);
+			}
+		}
+	}
+	document.getElementById('removeFromGroupUsers').value=sellectedUsers.join(';');
+	document.getElementById('addToGroupUsers').value=sellectedUsers.join(';');
+}
+
+var sellectedUsers=new Array();
+
+setGroup=function(){
+	var select=document.getElementById('groupselect');
+	var group=select.options[select.selectedIndex].value;
+	document.getElementById('addToGroupName').value=group;
+	document.getElementById('removeFromGroupName').value=group;
+}
+
+</script>
+<p class='description'>All Users</p>
+<table class='userlist'>
+	<thead>
+		<tr>
+			<td class='sellect'><input type='checkbox' id='user_selectall' onchange='sellectAllUsers()' class='formstyle'/></td>
+			<td class='name'>Name</td>
+			<td class='groups'>Groups</td>
+		</tr>
+	</thead>
+	<tbody>
+		<?php
+		foreach($users as $user){
+			if($user){
+				echo("<tr>\n");
+				echo("<td class='sellect'><input type='checkbox' onchange='getSellectedUsers()' id='user_select_$user' class='formstyle'/></td>\n");
+				echo("<td class='name'>$user</td>\n");
+				$userGroups=OC_USER::getUserGroups($user);
+				foreach($userGroups as &$userGroup){
+					$userGroup=OC_USER::getGroupName($userGroup);
+				}
+				$userGroups=join(', ',$userGroups);
+				echo("<td class='groups'>$userGroups</td>\n");
+				echo("</tr>\n");
+			}
+		}
+		?>
+	</tbody>
+</table>
+<div id='sellectedUsersActions'>
+Groups <select id='groupselect' onchange='setGroup()'>
+<?php
+foreach($groups as $group){
+	echo("<option value='$group'>$group</option>");
+}
+?>
+</select>
+<form id='addToGroupForm' method="post" enctype="multipart/form-data" action="<?php echo($action);?>">
+<input type='hidden' name='groupAddRemove' value='add'></input>
+<input id='addToGroupName' type='hidden' name='groupname' value='<?php echo($groups[0]);?>'></input>
+<input id='addToGroupUsers' type='hidden' name='users' value=''></input>
+<input type='submit' value='Add'></input>
+</form>
+<form id='removeFromGroupForm' method="post" enctype="multipart/form-data" action="<?php echo($action);?>">
+<input type='hidden' name='groupAddRemove' value='remove'></input>
+<input id='removeFromGroupName' type='hidden' name='groupname' value='<?php echo($groups[0]);?>'></input>
+<input id='removeFromGroupUsers' type='hidden' name='users' value=''></input>
+<input type='submit' value='Remove'></input>
+</form>
+</div>
+<p class='description'>Add User</p>
+<?php
+$newuserpassword=OC_USER::generatepassword();
+?>
+<form id='newUserForm' method="post" enctype="multipart/form-data" action="<?php echo($action);?>">
+user name: <input type='text' name='new_username' class="formstyle"></input>
+password <input type='text' name='new_password' class="formstyle" autocomplete="off" value='<?php echo($newuserpassword);?>'></input>
+&nbsp;&nbsp;<input type='submit' value='create' class="formstyle"></input>
+</form>
+<p class='description'>Add Group</p>
+<form id='newGroupForm'  method="post" enctype="multipart/form-data" action="<?php echo($action);?>">
+<input type='hidden' name='creategroup' value='1' />
+<input type='text' name='groupname' class="formstyle"></input>
+<input type='submit' value='create' class="formstyle"></input>
+</form>
+
+
diff --git a/plugins/ldap/lib_ldap.php b/plugins/ldap/lib_ldap.php
index 581561a505d..16bd3a52869 100755
--- a/plugins/ldap/lib_ldap.php
+++ b/plugins/ldap/lib_ldap.php
@@ -161,6 +161,17 @@ class OC_USER_LDAP extends OC_USER_BACKEND {
 	}
 
 	/**
+	 * Remove a user from a group
+	 *
+	 * @param  string  $username   Name of the user to remove from group
+	 * @param  string  $groupName  Name of the group from which remove the user
+	 */
+	public static function removeFromGroup($username,$groupName){
+		// does not work with MOD_AUTH (only or some modules)
+		return false;
+	}
+
+	/**
 	 * Generate a random password
 	 */	
 	public static function generatePassword() {
diff --git a/settings/index.php b/settings/index.php
index b57e75f8d99..5983eebc0a7 100644
--- a/settings/index.php
+++ b/settings/index.php
@@ -33,6 +33,7 @@ $FIRSTRUN=false;
 OC_CONFIG::addForm('User Settings','/inc/templates/configform.php');
 if(OC_USER::ingroup($_SESSION['username'],'admin')){
 	OC_CONFIG::addForm('System Settings','/inc/templates/adminform.php');
+	OC_CONFIG::addForm('User Managment','/inc/templates/userform.php');
 }
 
 echo('<div class="center">');