Groups: Transfer community permissions to another user (#348)

Closes #302
This commit is contained in:
n1rwana 2021-12-16 21:40:34 +03:00 committed by GitHub
parent e00e3b9097
commit 1d5a599734
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 65 additions and 0 deletions

View file

@ -3,6 +3,7 @@ namespace openvk\Web\Presenters;
use openvk\Web\Models\Entities\{Club, Photo}; use openvk\Web\Models\Entities\{Club, Photo};
use openvk\Web\Models\Entities\Notifications\ClubModeratorNotification; use openvk\Web\Models\Entities\Notifications\ClubModeratorNotification;
use openvk\Web\Models\Repositories\{Clubs, Users, Albums, Managers, Topics}; use openvk\Web\Models\Repositories\{Clubs, Users, Albums, Managers, Topics};
use Chandler\Security\Authenticator;
final class GroupPresenter extends OpenVKPresenter final class GroupPresenter extends OpenVKPresenter
{ {
@ -272,4 +273,27 @@ final class GroupPresenter extends OpenVKPresenter
$this->notFound(); $this->notFound();
} }
} }
function renderChangeOwner(int $id, int $newOwnerId): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
if($_SERVER['REQUEST_METHOD'] !== "POST")
$this->redirect("/groups" . $this->user->id);
if(!Authenticator::verifyHash($this->postParam("password"), $this->user->identity->getChandlerUser()->getRaw()->passwordHash))
$this->flashFail("err", tr("error"), tr("incorrect_password"));
$club = $this->clubs->get($id);
$newOwner = (new Users)->get($newOwnerId);
if($this->user->id !== $club->getOwner()->getId())
$this->flashFail("err", tr("error"), tr("forbidden"));
$club->setOwner($newOwnerId);
$club->addManager($this->user->id);
$club->save();
$this->flashFail("succ", tr("information_-1"), tr("group_owner_setted", $newOwner->getCanonicalName(), $club->getName()));
}
} }

View file

@ -91,6 +91,12 @@
{_promote_to_admin} {_promote_to_admin}
{/if} {/if}
</a> </a>
{if $club->getOwner()->getId() != $user->getId() && $manager && $thisUser->getId() == $club->getOwner()->getId()}
|
<a href="javascript:changeOwner({$club->getId()}, {$user->getId()})">
{_promote_to_owner}
</a>
{/if}
{if $manager} {if $manager}
| |
<a href="javascript:setClubAdminComment('{$club->getId()}', '{$manager->getUserId()}', '{rawurlencode($csrfToken)}')"> <a href="javascript:setClubAdminComment('{$club->getId()}', '{$manager->getUserId()}', '{rawurlencode($csrfToken)}')">
@ -116,4 +122,25 @@
</tr> </tr>
</tbody> </tbody>
</table> </table>
<script>
function changeOwner(club, newOwner) {
let action = "/groups/" + club + "/setNewOwner/" + newOwner;
MessageBox(tr("group_changeowner_modal_title"), `
tr("group_changeowner_modal_text", {$user->getFullName()})
<br/><br/>
<form id="transfer-owner-permissions-form" method="post">
<label for="password">tr("password")</label>
<input type="password" id="password" name="password" required />
<input type="hidden" name="hash" value={$csrfToken} />
</form>
`, [tr("transfer"), tr("cancel")], [
() => {
$('#transfer-owner-permissions-form').attr('action', action);
document.querySelector("#transfer-owner-permissions-form").submit();
}, Function.noop
]);
}
</script>
{/block} {/block}

View file

@ -75,6 +75,8 @@ routes:
handler: "Group->attend" handler: "Group->attend"
- url: "/al_comments.pl/create/{text}/{num}" - url: "/al_comments.pl/create/{text}/{num}"
handler: "Comment->makeComment" handler: "Comment->makeComment"
- url: "/groups/{num}/setNewOwner/{num}"
handler: "Group->changeOwner"
- url: "/comment{num}/like" - url: "/comment{num}/like"
handler: "Comment->like" handler: "Comment->like"
- url: "/comment{num}/delete" - url: "/comment{num}/delete"

View file

@ -237,6 +237,7 @@
"role" = "Role"; "role" = "Role";
"administrator" = "Administrator"; "administrator" = "Administrator";
"promote_to_admin" = "Promote to admin"; "promote_to_admin" = "Promote to admin";
"promote_to_owner" = "Promote to owner";
"devote" = "Devote"; "devote" = "Devote";
"set_comment" = "Set comment"; "set_comment" = "Set comment";
"hidden_yes" = "Hidden: Yes"; "hidden_yes" = "Hidden: Yes";
@ -248,6 +249,10 @@
"group_display_all_administrators" = "Display all administrators"; "group_display_all_administrators" = "Display all administrators";
"group_dont_display_administrators_list" = "Display nothing"; "group_dont_display_administrators_list" = "Display nothing";
"group_changeowner_modal_title" = "Owner's permissions transfer";
"group_changeowner_modal_text" = "Attention! You are transferring owner rights to user $1. This action is irreversible. After the transfer, you will remain an administrator, but you can easily stop being one.";
"group_owner_setted" = "The new owner ($1) has been successfully assigned to the community $2. You have been granted administrator rights in the community. If you want to return the owner role, contact <a href='/support?act=new'>site technical support</a>.";
"participants_zero" = "No participants"; "participants_zero" = "No participants";
"participants_one" = "$1 participant"; "participants_one" = "$1 participant";
"participants_other" = "$1 participant"; "participants_other" = "$1 participant";
@ -723,6 +728,7 @@
"no" = "No"; "no" = "No";
"cancel" = "Cancel"; "cancel" = "Cancel";
"edit_action" = "Change"; "edit_action" = "Change";
"transfer" = "Transfer";
"warning" = "Warning"; "warning" = "Warning";
"question_confirm" = "This action can't be undone. Do you really wanna do it?"; "question_confirm" = "This action can't be undone. Do you really wanna do it?";

View file

@ -247,6 +247,7 @@
"role" = "Роль"; "role" = "Роль";
"administrator" = "Администратор"; "administrator" = "Администратор";
"promote_to_admin" = "Повысить до администратора"; "promote_to_admin" = "Повысить до администратора";
"promote_to_owner" = "Назначить владельцем";
"devote" = "Разжаловать"; "devote" = "Разжаловать";
"set_comment" = "Изменить комментарий"; "set_comment" = "Изменить комментарий";
"hidden_yes" = "Скрыт: Да"; "hidden_yes" = "Скрыт: Да";
@ -258,6 +259,10 @@
"group_display_all_administrators" = "Отображать всех администраторов"; "group_display_all_administrators" = "Отображать всех администраторов";
"group_dont_display_administrators_list" = "Ничего не отображать"; "group_dont_display_administrators_list" = "Ничего не отображать";
"group_changeowner_modal_title" = "Передача прав владельца";
"group_changeowner_modal_text" = "Внимание! Вы передаёте права владельца пользователю $1. Это действие необратимо. После передави вы останетесь адмиинстратором, но сможете легко перестать им быть.";
"group_owner_setted" = "Новый владелец ($1) успешно назначен в сообщество $2. Вам выданы права администратора в сообществе. Если Вы хотите вернуть роль владельца, обратитесь в <a href='/support?act=new'>техническую поддержку сайта</a>.";
"participants_zero" = "Ни одного участника"; "participants_zero" = "Ни одного участника";
"participants_one" = "Один участник"; "participants_one" = "Один участник";
"participants_few" = "$1 участника"; "participants_few" = "$1 участника";
@ -754,6 +759,7 @@
"no" = "Нет"; "no" = "Нет";
"cancel" = "Отмена"; "cancel" = "Отмена";
"edit_action" = "Изменить"; "edit_action" = "Изменить";
"transfer" = "Передать";
"warning" = "Внимание"; "warning" = "Внимание";
"question_confirm" = "Это действие нельзя отменить. Вы действительно уверены в том что хотите сделать?"; "question_confirm" = "Это действие нельзя отменить. Вы действительно уверены в том что хотите сделать?";