modules/subuser/subuser.pages.inc

<?php
// $Id: subuser.pages.inc,v 1.2 2009/10/14 03:17:09 boombatower Exp $
/**
 * @file
 * Allows users of a particular role to create sub user account in another role.
 *
 * Copyright 2008-2009 by Jimmy Berry ("boombatower", http://drupal.org/user/214218)
 */

/**
 * Sub user settings form.
 */
function subuser_settings_form(&$form_state) {
  $form = array();

  // Get all non-default roles.
  $roles = user_roles(TRUE);
  unset($roles[DRUPAL_ANONYMOUS_RID]);
  unset($roles[DRUPAL_AUTHENTICATED_RID]);

  $form['display'] = array(
    '#type' => 'fieldset',
    '#title' => t('Display'),
    '#description' => t('Configure the wording used for creating a subuser.'),
  );
  $form['display']['subuser_parent'] = array(
    '#type' => 'textfield',
    '#title' => t('Parent'),
    '#description' => t('Name for parent user.'),
    '#default_value' => SUBUSER_PARENT,
  );
  $form['display']['subuser_list'] = array(
    '#type' => 'textfield',
    '#title' => t('List'),
    '#description' => t('Displayed above a users list of subusers.'),
    '#default_value' => SUBUSER_LIST,
  );
  $form['display']['subuser_create'] = array(
    '#type' => 'textfield',
    '#title' => t('Create'),
    '#description' => t('The text used for the link and page title when creating a subuser.'),
    '#default_value' => SUBUSER_CREATE,
  );
  $form['display']['subuser_administer'] = array(
    '#type' => 'textfield',
    '#title' => t('Administer'),
    '#description' => t('The text used for the link and page title when administering subusers.'),
    '#default_value' => SUBUSER_ADMINISTER,
  );

  if ($roles) {
    $form['roles'] = array(
      '#type' => 'fieldset',
      '#title' => t('Roles'),
      '#description' => t('Choose the roles you would like for sub users to automatically have when created.')
    );
    $form['roles']['subuser_roles'] = array(
      '#type' => 'checkboxes',
      '#title' => t('Available roles'),
      '#options' => $roles,
      '#default_value' => variable_get('subuser_roles', array()),
    );
  }
  else {
    drupal_set_message(t('No available roles to select. Please <a href="/admin/user/roles">create a role</a>.'), 'error');
  }

  // Ensure that menu rebuild takes place after variables have been saved.
  $form = system_settings_form($form);
  $form['#submit'][] = 'subuser_settings_form_submit';

  return $form;
}

/**
 * Rebuild menu to ensure that display settings take effect.
 */
function subuser_settings_form_submit($form, &$form_state) {
  menu_rebuild();
}

/**
 * Create subuser form.
 *
 * @param object $user User object.
 */
function subuser_create_form(&$form_state, $user) {
  $form = array();

  $form['parent_user'] = array(
    '#type' => 'value',
    '#value' => $user->uid,
  );
  $form['origin'] = array(
    '#type' => 'value',
    '#value' => 'subuser',
  );
  $form['destination'] = array (
    '#type' => 'hidden',
    '#value' => 'user/'. $user->uid,
  );

  $form['account'] = array(
    '#type' => 'fieldset',
    '#title' => t('Account information'),
    '#weight' => -10,
  );
  $form['account']['status'] = array(
    '#type' => 'value',
    '#value' => TRUE,
  );
  $form['account']['name'] = array(
    '#type' => 'textfield',
    '#title' => t('Username'),
    '#default_value' => NULL,
    '#maxlength' => 60,
    '#description' => 'Spaces are allowed; punctuation is not allowed except for periods, hyphens, and underscores.',
    '#required' => true,
  );
  $form['account']['mail'] = array(
    '#type' => 'textfield',
    '#title' => t('E-mail address'),
    '#default_value' => NULL,
    '#maxlength' => 64,
    '#description' => 'A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.',
    '#required' => true,
  );
  $form['account']['pass'] = array(
    '#type' => 'password_confirm',
    '#description' => 'Provide a password for the new account in both fields.',
    '#required' => true,
    '#size' => 25,
  );
  $form['account']['notify'] = array(
    '#type' => 'checkbox',
    '#title' => t('Notify user of new account'),
  );
  $form['roles'] = array(
    '#type' => 'value',
    '#value' => variable_get('subuser_roles', array())
  );
  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Create new account'),
    '#weight' => 30,
  );

  $form['#validate'] = array('user_register_validate');

  return $form;
}

/**
 * Modified copy of user_register_submit().
 *
 * Just changed permission line, and removed uid == 1 case, which should never
 * occur.
 */
function subuser_create_form_submit($form, &$form_state) {
  global $base_url;
  $admin = user_access('create subuser');

  $mail = $form_state['values']['mail'];
  $name = $form_state['values']['name'];
  if (!variable_get('user_email_verification', TRUE) || $admin) {
    $pass = $form_state['values']['pass'];
  }
  else {
    $pass = user_password();
  };
  $notify = isset($form_state['values']['notify']) ? $form_state['values']['notify'] : NULL;
  $from = variable_get('site_mail', ini_get('sendmail_from'));
  if (isset($form_state['values']['roles'])) {
    // Remove unset roles.
    $roles = array_filter($form_state['values']['roles']);
  }
  else {
    $roles = array();
  }

  if (!$admin && array_intersect(array_keys($form_state['values']), array('uid', 'roles', 'init', 'session', 'status'))) {
    watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
    $form_state['redirect'] = 'user/register';
    return;
  }
  // The unset below is needed to prevent these form values from being saved as
  // user data.
  unset($form_state['values']['form_token'], $form_state['values']['submit'], $form_state['values']['op'], $form_state['values']['notify'], $form_state['values']['form_id'], $form_state['values']['affiliates'], $form_state['values']['destination']);

  $merge_data = array('pass' => $pass, 'init' => $mail, 'roles' => $roles);
  if (!$admin) {
    // Set the user's status because it was not displayed in the form.
    $merge_data['status'] = variable_get('user_register', 1) == 1;
  }
  $account = user_save('', array_merge($form_state['values'], $merge_data));
  // Terminate if an error occured during user_save().
  if (!$account) {
    drupal_set_message(t("Error saving user account."), 'error');
    $form_state['redirect'] = '';
    return;
  }
  $form_state['user'] = $account;

  watchdog('user', 'New user: %name (%email).', array('%name' => $name, '%email' => $mail), WATCHDOG_NOTICE, l(t('edit'), 'user/'. $account->uid .'/edit'));

  // Add plain text password into user account to generate mail tokens.
  $account->password = $pass;
  if ($admin && !$notify) {
    drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
  }
  else if (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {
    // No e-mail verification is required, create new user account, and login
    // user immediately.
    _user_mail_notify('register_no_approval_required', $account);
    if (user_authenticate(array_merge($form_state['values'], $merge_data))) {
      drupal_set_message(t('Registration successful. You are now logged in.'));
    }
    $form_state['redirect'] = '';
    return;
  }
  else if ($account->status || $notify) {
    // Create new user account, no administrator approval required.
    $op = $notify ? 'register_admin_created' : 'register_no_approval_required';
    _user_mail_notify($op, $account);
    if ($notify) {
      drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
    }
    else {
      drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
      $form_state['redirect'] = '';
      return;
    }
  }
  else {
    // Create new user account, administrator approval required.
    _user_mail_notify('register_pending_approval', $account);
    drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
    $form_state['redirect'] = '';
    return;
  }
}
1	<?php
2	// $Id: subuser.pages.inc,v 1.2 2009/10/14 03:17:09 boombatower Exp $
3	/**
4	* @file
5	* Allows users of a particular role to create sub user account in another role.
6	*
7	* Copyright 2008-2009 by Jimmy Berry ("boombatower", http://drupal.org/user/214218)
8	*/
9
10	/**
11	* Sub user settings form.
12	*/
13	function subuser_settings_form(&$form_state) {
14	$form = array();
15
16	// Get all non-default roles.
17	$roles = user_roles(TRUE);
18	unset($roles[DRUPAL_ANONYMOUS_RID]);
19	unset($roles[DRUPAL_AUTHENTICATED_RID]);
20
21	$form['display'] = array(
22	'#type' => 'fieldset',
23	'#title' => t('Display'),
24	'#description' => t('Configure the wording used for creating a subuser.'),
25	);
26	$form['display']['subuser_parent'] = array(
27	'#type' => 'textfield',
28	'#title' => t('Parent'),
29	'#description' => t('Name for parent user.'),
30	'#default_value' => SUBUSER_PARENT,
31	);
32	$form['display']['subuser_list'] = array(
33	'#type' => 'textfield',
34	'#title' => t('List'),
35	'#description' => t('Displayed above a users list of subusers.'),
36	'#default_value' => SUBUSER_LIST,
37	);
38	$form['display']['subuser_create'] = array(
39	'#type' => 'textfield',
40	'#title' => t('Create'),
41	'#description' => t('The text used for the link and page title when creating a subuser.'),
42	'#default_value' => SUBUSER_CREATE,
43	);
44	$form['display']['subuser_administer'] = array(
45	'#type' => 'textfield',
46	'#title' => t('Administer'),
47	'#description' => t('The text used for the link and page title when administering subusers.'),
48	'#default_value' => SUBUSER_ADMINISTER,
49	);
50
51	if ($roles) {
52	$form['roles'] = array(
53	'#type' => 'fieldset',
54	'#title' => t('Roles'),
55	'#description' => t('Choose the roles you would like for sub users to automatically have when created.')
56	);
57	$form['roles']['subuser_roles'] = array(
58	'#type' => 'checkboxes',
59	'#title' => t('Available roles'),
60	'#options' => $roles,
61	'#default_value' => variable_get('subuser_roles', array()),
62	);
63	}
64	else {
65	drupal_set_message(t('No available roles to select. Please <a href="/admin/user/roles">create a role</a>.'), 'error');
66	}
67
68	// Ensure that menu rebuild takes place after variables have been saved.
69	$form = system_settings_form($form);
70	$form['#submit'][] = 'subuser_settings_form_submit';
71
72	return $form;
73	}
74
75	/**
76	* Rebuild menu to ensure that display settings take effect.
77	*/
78	function subuser_settings_form_submit($form, &$form_state) {
79	menu_rebuild();
80	}
81
82	/**
83	* Create subuser form.
84	*
85	* @param object $user User object.
86	*/
87	function subuser_create_form(&$form_state, $user) {
88	$form = array();
89
90	$form['parent_user'] = array(
91	'#type' => 'value',
92	'#value' => $user->uid,
93	);
94	$form['origin'] = array(
95	'#type' => 'value',
96	'#value' => 'subuser',
97	);
98	$form['destination'] = array (
99	'#type' => 'hidden',
100	'#value' => 'user/'. $user->uid,
101	);
102
103	$form['account'] = array(
104	'#type' => 'fieldset',
105	'#title' => t('Account information'),
106	'#weight' => -10,
107	);
108	$form['account']['status'] = array(
109	'#type' => 'value',
110	'#value' => TRUE,
111	);
112	$form['account']['name'] = array(
113	'#type' => 'textfield',
114	'#title' => t('Username'),
115	'#default_value' => NULL,
116	'#maxlength' => 60,
117	'#description' => 'Spaces are allowed; punctuation is not allowed except for periods, hyphens, and underscores.',
118	'#required' => true,
119	);
120	$form['account']['mail'] = array(
121	'#type' => 'textfield',
122	'#title' => t('E-mail address'),
123	'#default_value' => NULL,
124	'#maxlength' => 64,
125	'#description' => 'A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.',
126	'#required' => true,
127	);
128	$form['account']['pass'] = array(
129	'#type' => 'password_confirm',
130	'#description' => 'Provide a password for the new account in both fields.',
131	'#required' => true,
132	'#size' => 25,
133	);
134	$form['account']['notify'] = array(
135	'#type' => 'checkbox',
136	'#title' => t('Notify user of new account'),
137	);
138	$form['roles'] = array(
139	'#type' => 'value',
140	'#value' => variable_get('subuser_roles', array())
141	);
142	$form['submit'] = array(
143	'#type' => 'submit',
144	'#value' => t('Create new account'),
145	'#weight' => 30,
146	);
147
148	$form['#validate'] = array('user_register_validate');
149
150	return $form;
151	}
152
153	/**
154	* Modified copy of user_register_submit().
155	*
156	* Just changed permission line, and removed uid == 1 case, which should never
157	* occur.
158	*/
159	function subuser_create_form_submit($form, &$form_state) {
160	global $base_url;
161	$admin = user_access('create subuser');
162
163	$mail = $form_state['values']['mail'];
164	$name = $form_state['values']['name'];
165	if (!variable_get('user_email_verification', TRUE) \|\| $admin) {
166	$pass = $form_state['values']['pass'];
167	}
168	else {
169	$pass = user_password();
170	};
171	$notify = isset($form_state['values']['notify']) ? $form_state['values']['notify'] : NULL;
172	$from = variable_get('site_mail', ini_get('sendmail_from'));
173	if (isset($form_state['values']['roles'])) {
174	// Remove unset roles.
175	$roles = array_filter($form_state['values']['roles']);
176	}
177	else {
178	$roles = array();
179	}
180
181	if (!$admin && array_intersect(array_keys($form_state['values']), array('uid', 'roles', 'init', 'session', 'status'))) {
182	watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
183	$form_state['redirect'] = 'user/register';
184	return;
185	}
186	// The unset below is needed to prevent these form values from being saved as
187	// user data.
188	unset($form_state['values']['form_token'], $form_state['values']['submit'], $form_state['values']['op'], $form_state['values']['notify'], $form_state['values']['form_id'], $form_state['values']['affiliates'], $form_state['values']['destination']);
189
190	$merge_data = array('pass' => $pass, 'init' => $mail, 'roles' => $roles);
191	if (!$admin) {
192	// Set the user's status because it was not displayed in the form.
193	$merge_data['status'] = variable_get('user_register', 1) == 1;
194	}
195	$account = user_save('', array_merge($form_state['values'], $merge_data));
196	// Terminate if an error occured during user_save().
197	if (!$account) {
198	drupal_set_message(t("Error saving user account."), 'error');
199	$form_state['redirect'] = '';
200	return;
201	}
202	$form_state['user'] = $account;
203
204	watchdog('user', 'New user: %name (%email).', array('%name' => $name, '%email' => $mail), WATCHDOG_NOTICE, l(t('edit'), 'user/'. $account->uid .'/edit'));
205
206	// Add plain text password into user account to generate mail tokens.
207	$account->password = $pass;
208	if ($admin && !$notify) {
209	drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
210	}
211	else if (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {
212	// No e-mail verification is required, create new user account, and login
213	// user immediately.
214	_user_mail_notify('register_no_approval_required', $account);
215	if (user_authenticate(array_merge($form_state['values'], $merge_data))) {
216	drupal_set_message(t('Registration successful. You are now logged in.'));
217	}
218	$form_state['redirect'] = '';
219	return;
220	}
221	else if ($account->status \|\| $notify) {
222	// Create new user account, no administrator approval required.
223	$op = $notify ? 'register_admin_created' : 'register_no_approval_required';
224	_user_mail_notify($op, $account);
225	if ($notify) {
226	drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array('@url' => url("user/$account->uid"), '%name' => $account->name)));
227	}
228	else {
229	drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
230	$form_state['redirect'] = '';
231	return;
232	}
233	}
234	else {
235	// Create new user account, administrator approval required.
236	_user_mail_notify('register_pending_approval', $account);
237	drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
238	$form_state['redirect'] = '';
239	return;
240	}
241	}