From 15c57eeb377e0d246b3fd4bf24edee8031503853 Mon Sep 17 00:00:00 2001 From: Antonin Date: Fri, 30 Oct 2015 20:45:18 +0100 Subject: [PATCH] Allows the admin to modify password related stuff. --- adminstuds.php | 23 +++++++++++- .../Framadate/Repositories/PollRepository.php | 4 +- css/style.css | 7 ++++ js/core.js | 29 +++++++++++++++ locale/de.json | 6 ++- locale/en.json | 6 ++- locale/es.json | 6 ++- locale/fr.json | 6 ++- locale/it.json | 6 ++- tpl/part/poll_info.tpl | 37 ++++++++++++++++++- tpl/part/vote_table_classic.tpl | 4 +- tpl/part/vote_table_date.tpl | 4 +- 12 files changed, 126 insertions(+), 12 deletions(-) diff --git a/adminstuds.php b/adminstuds.php index 6416bfb..ca920dd 100644 --- a/adminstuds.php +++ b/adminstuds.php @@ -24,7 +24,7 @@ use Framadate\Services\LogService; use Framadate\Services\MailService; use Framadate\Services\PollService; use Framadate\Services\NotificationService; -use Framadate\Utils; +use Framadate\Security\PasswordHasher; include_once __DIR__ . '/app/inc/init.php'; @@ -71,7 +71,8 @@ if ($poll) { if (isset($_POST['update_poll_info'])) { $updated = false; - $field = $inputService->filterAllowedValues($_POST['update_poll_info'], ['title', 'admin_mail', 'description', 'rules', 'expiration_date', 'name', 'hidden']); + $field = $inputService->filterAllowedValues($_POST['update_poll_info'], ['title', 'admin_mail', 'description', + 'rules', 'expiration_date', 'name', 'hidden', 'removePassword', 'password']); // Update the right poll field if ($field == 'title') { @@ -135,6 +136,24 @@ if (isset($_POST['update_poll_info'])) { $poll->hidden = $hidden; $updated = true; } + } elseif ($field == 'removePassword') { + $removePassword = isset($_POST['removePassword']) ? $inputService->filterBoolean($_POST['removePassword']) : false; + if ($removePassword) { + $poll->results_publicly_visible = false; + $poll->password_hash = null; + $updated = true; + } + } elseif ($field == 'password') { + $password = isset($_POST['password']) ? $_POST['password'] : null; + $resultsPubliclyVisible = isset($_POST['resultsPubliclyVisible']) ? $inputService->filterBoolean($_POST['resultsPubliclyVisible']) : false; + if (!empty($password)) { + $poll->password_hash = PasswordHasher::hash($password); + $updated = true; + } + if ($resultsPubliclyVisible != $poll->results_publicly_visible) { + $poll->results_publicly_visible = $resultsPubliclyVisible; + $updated = true; + } } // Update poll in database diff --git a/app/classes/Framadate/Repositories/PollRepository.php b/app/classes/Framadate/Repositories/PollRepository.php index 0f866cd..fd62e55 100644 --- a/app/classes/Framadate/Repositories/PollRepository.php +++ b/app/classes/Framadate/Repositories/PollRepository.php @@ -48,9 +48,9 @@ class PollRepository extends AbstractRepository { } function update($poll) { - $prepared = $this->prepare('UPDATE `' . Utils::table('poll') . '` SET title=?, admin_name=?, admin_mail=?, description=?, end_date=?, active=?, editable=?, hidden=? WHERE id = ?'); + $prepared = $this->prepare('UPDATE `' . Utils::table('poll') . '` SET title=?, admin_name=?, admin_mail=?, description=?, end_date=?, active=?, editable=?, hidden=?, password_hash=?, results_publicly_visible=? WHERE id = ?'); - return $prepared->execute([$poll->title, $poll->admin_name, $poll->admin_mail, $poll->description, $poll->end_date, $poll->active, $poll->editable, $poll->hidden, $poll->id]); + return $prepared->execute([$poll->title, $poll->admin_name, $poll->admin_mail, $poll->description, $poll->end_date, $poll->active, $poll->editable, $poll->hidden, $poll->password_hash, $poll->results_publicly_visible, $poll->id]); } function deleteById($poll_id) { diff --git a/css/style.css b/css/style.css index 16e1865..cb2d524 100644 --- a/css/style.css +++ b/css/style.css @@ -167,6 +167,7 @@ caption { #poll-rules-form .btn-edit, #poll-hidden-form .btn-edit, #expiration-form .btn-edit, +#password-form .btn-edit, #name-form .btn-edit { position:absolute; left:-2000px; @@ -184,6 +185,8 @@ caption { #poll-hidden-form:hover .btn-edit, #expiration-form .btn-edit:focus, #expiration-form:hover .btn-edit, +#password-form .btn-edit:focus, +#password-form:hover .btn-edit, #name-form .btn-edit:focus, #name-form:hover .btn-edit { position:relative !important; @@ -494,4 +497,8 @@ table.results > tbody > tr:hover > td .glyphicon { .password_request { padding-top: 15px; padding-bottom: 15px; +} + +#password-form .btn-cancel { + float: right; } \ No newline at end of file diff --git a/js/core.js b/js/core.js index b05e962..70d9c84 100644 --- a/js/core.js +++ b/js/core.js @@ -104,6 +104,35 @@ $(document).ready(function() { return false; }); + + $('#password-form .btn-edit').on('click', function() { + $('#password-form p').hide(); + $('#password-form .js-password').removeClass('hidden'); + $('#password').focus(); + return false; + }); + + $('#password-form .btn-cancel').on('click', function() { + $('#password-form p').show(); + $('#password-form .js-password').addClass('hidden'); + $('.js-password .btn-edit').focus(); + return false; + }); + + // Hiding other field when the admin wants to remove the password protection + var removePassword = $('#removePassword'); + removePassword.on('click', function() { + var removeButton = removePassword.siblings('button'); + if (removePassword.is(":checked")) { + $('#password_information').addClass('hidden'); + removeButton.removeClass('hidden'); + } else { + $('#password_information').removeClass('hidden'); + removeButton.addClass('hidden'); + } + removeButton.focus(); + }); + // Horizontal scroll buttons if($('.results').width() > $('.container').width()) { $('.scroll-buttons').removeClass('hidden'); diff --git a/locale/de.json b/locale/de.json index 4528f34..682f839 100644 --- a/locale/de.json +++ b/locale/de.json @@ -125,7 +125,11 @@ "Save the new rules": "Neue Regeln speichern", "Cancel the rules edit": "Abbruch, Regeln nicht ändern", "Results are hidden.": "Ergebnisse werden ausgeblendet.", - "Results are visible.": "Ergebnisse sind sichtbar." + "Results are visible.": "Ergebnisse sind sichtbar.", + "Password protected.": "DE_Protégé par mot de passe.", + "Votes protected by password.": "DE_Votes protégés par mot de passe.", + "No password.": "DE_Pas de mot de passe", + "Remove password.": "DE_Supprimer le mot de passe." }, "Poll results": { "Votes of the poll": "Stimmabgaben zur Umfrage", diff --git a/locale/en.json b/locale/en.json index 67af1dd..90c103b 100644 --- a/locale/en.json +++ b/locale/en.json @@ -125,7 +125,11 @@ "Save the new rules": "Save the new rules", "Cancel the rules edit": "Cancel the rules edit", "Results are hidden.": "Results are hidden.", - "Results are visible.": "Results are visible." + "Results are visible.": "Results are visible.", + "Password protected.": "Password protected.", + "Votes protected by password.": "Votes protected by password.", + "No password.": "No password.", + "Remove password.": "Remove password." }, "Poll results": { "Votes of the poll": "Votes", diff --git a/locale/es.json b/locale/es.json index 5350b3f..08e06a3 100644 --- a/locale/es.json +++ b/locale/es.json @@ -125,7 +125,11 @@ "Save the new rules": "ES_Enregistrer les nouvelles permissions", "Cancel the rules edit": "ES_Annuler le changement de permissions", "Results are hidden.": "ES_Les résultats sont cachés.", - "Results are visible.": "ES_Les résultats sont visibles." + "Results are visible.": "ES_Les résultats sont visibles.", + "Password protected.": "ES_Protégé par mot de passe.", + "Votes protected by password.": "ES_Votes protégés par mot de passe.", + "No password.": "ES_Pas de mot de passe", + "Remove password.": "ES_Supprimer le mot de passe." }, "Poll results": { "Votes of the poll": "ES_Votes du sondage", diff --git a/locale/fr.json b/locale/fr.json index d76e66e..e66a8b9 100644 --- a/locale/fr.json +++ b/locale/fr.json @@ -125,7 +125,11 @@ "Save the new rules": "Enregistrer les nouvelles permissions", "Cancel the rules edit": "Annuler le changement de permissions", "Results are hidden.": "Les résultats sont cachés.", - "Results are visible.": "Les résultats sont visibles." + "Results are visible.": "Les résultats sont visibles.", + "Password protected.": "Protégé par mot de passe.", + "Votes protected by password.": "Votes protégés par mot de passe.", + "No password.": "Pas de mot de passe", + "Remove password.": "Supprimer le mot de passe." }, "Poll results": { "Votes of the poll": "Votes du sondage", diff --git a/locale/it.json b/locale/it.json index 81759f0..31db272 100644 --- a/locale/it.json +++ b/locale/it.json @@ -125,7 +125,11 @@ "Save the new rules": "Salvare i nuovi permessi", "Cancel the rules edit": "Annullare le modifica dei permessi", "Results are hidden.": "I risultati sono nascosti.", - "Results are visible.": "I risultati sono visibili." + "Results are visible.": "I risultati sono visibili.", + "Password protected.": "IT_Protégé par mot de passe.", + "Votes protected by password.": "IT_Votes protégés par mot de passe.", + "No password.": "IT_Pas de mot de passe", + "Remove password.": "IT_Supprimer le mot de passe." }, "Poll results": { "Votes of the poll": "Voti del sondaggio ", diff --git a/tpl/part/poll_info.tpl b/tpl/part/poll_info.tpl index 9c0f7f6..ec77e4e 100644 --- a/tpl/part/poll_info.tpl +++ b/tpl/part/poll_info.tpl @@ -120,7 +120,42 @@ {if $admin}
-
+
+
+ {if !empty($poll->password_hash) && !$poll->results_publicly_visible} + {$password_text = __('PollInfo', 'Password protected.')} + {elseif !empty($poll->password_hash) && $poll->results_publicly_visible} + {$password_text = __('PollInfo', 'Votes protected by password.')} + {else} + {$password_text = __('PollInfo', 'No password.')} + {/if} +

{$password_text}

+ +
+
+ +
{if $poll->hidden} {$hidden_icon = "glyphicon-eye-close"} diff --git a/tpl/part/vote_table_classic.tpl b/tpl/part/vote_table_classic.tpl index e5e5070..660dc10 100644 --- a/tpl/part/vote_table_classic.tpl +++ b/tpl/part/vote_table_classic.tpl @@ -4,7 +4,9 @@

{__('Poll results', 'Votes of the poll')} {if $hidden}({__('PollInfo', 'Results are hidden.')}){/if} - + {if $accessGranted} + + {/if}

diff --git a/tpl/part/vote_table_date.tpl b/tpl/part/vote_table_date.tpl index 8ff1a04..975d42b 100644 --- a/tpl/part/vote_table_date.tpl +++ b/tpl/part/vote_table_date.tpl @@ -4,7 +4,9 @@

{__('Poll results', 'Votes of the poll')} {if $hidden}({__('PollInfo', 'Results are hidden.')}){/if} - + {if $accessGranted} + + {/if}