<?php
// $Id: ucreate.module,v 1.3 2008-08-07 14:11:33 yhahn Exp $
/**
 * @file U create - allows non site admins create and block users.
 */

/**
 * Implementation of hook_help().
 */
function ucreate_help($section) {
  switch ($section) {
    case 'user/add':
      return '<p>'. t('Create a new user. A notification e-mail will be sent to the e-mail address specified.') .'</p>';
  }
}

/**
 * Implementation of hook_menu().
 */
function ucreate_menu($may_cache) {
  $items = array();
  if ($may_cache) {
    $items[] = array(
      'path' => 'user/add', 
      'callback' => 'drupal_get_form',
      'callback arguments' => array('ucreate_user_form'),
      'title' => t('Add user'),
      'description' => t('Add a user to this web site.'),
      'access' => user_access('create users'),
      );
    $items[] = array(
      'path' => 'admin/user/ucreate', 
      'callback' => 'drupal_get_form',
      'callback arguments' => array('ucreate_settings_form'),
      'title' => t('U create settings'),
      'description' => t('Configure default roles for users created by U create module.'),
      'access' => user_access('administer site configuration'),
      );
  }
  else {
    if (arg(0) == 'user' && is_numeric(arg(1))) {
      global $user;
      if (($user->uid != arg(1)) && user_access('block users')) {
        $account = user_load(array('uid' => arg(1)));
        if ($account->uid && ($account->uid != 1)) {
          if ($account->status) {
            $items[] = array(
              'path' => 'user/'. arg(1) .'/block', 
              'callback' => 'drupal_get_form',
              'callback arguments' => array('ucreate_block_form', arg(1), 'block'),
              'title' => t('Suspend'),
              'description' => t('Suspend this user\'s account.'),
              'type' => MENU_LOCAL_TASK,
              );
          }
          else {
            $items[] = array(
              'path' => 'user/'. arg(1) .'/activate', 
              'callback' => 'drupal_get_form',
              'callback arguments' => array('ucreate_block_form', arg(1), 'activate'),
              'title' => t('Activate'),
              'description' => t('Activate this user\'s account.'),
              'type' => MENU_LOCAL_TASK,
              );
          }
        }
      }
    }
  }
  return $items;
}

/**
 * Implementation of hook_perm().
 */
function ucreate_perm() {
  return array('create users', 'block users');
}

/**
 * Implementation of hook_user().
 */
function ucreate_user($op, &$edit, &$account, $category = NULL) {
  if ($op == 'login') {
    // On first login, welcome user and ask to reset password.
    // @todo: make user form multi step.
    if ($account->login == 0 && $account->uid) {
      // Unset destination requests - otherwise drupal_goto does not yield results.
      unset($_REQUEST['destination']);
      unset($_REQUEST['edit']['destination']);
      drupal_set_message(t('Welcome to !site, !name - please change your password', array('!site' => variable_get('site_name', 'Drupal'), '!name' => $account->name)), 'welcome');
      drupal_goto('user/'. $account->uid .'/edit', 'destination='. variable_get('site_frontpage', 'node'));
    }
  }
}

/**
 * Menu callback for settings form.
 */
function ucreate_settings_form() {
  $options = user_roles();
  unset($options[1]);
  unset($options[2]);
  $form['ucreate_default_roles'] = array(
    '#title' => t('Default roles'),
    '#description' => t('Roles a new user should be assigned.'),
    '#type' => 'checkboxes',
    '#options' => $options,
    '#default_value' => variable_get('ucreate_default_roles', array()),
    );
  // @todo: personalize e-mail message.
  return system_settings_form($form);
}

/**
 * Break out form for creating users.
 */
function ucreate_user_form() {
  $form['name'] = array(
    '#type' => 'textfield',
    '#title' => t('User name'),
    '#required' => TRUE,
    );
  $form['mail'] = array(
    '#type' => 'textfield',
    '#title' => t('E-mail'),
    '#required' => TRUE,
    );
  $form['mail_confirm'] = array(
    '#type' => 'textfield',
    '#title' => t('E-mail (confirm)'),
    '#required' => TRUE,
    );
  $form['roles'] = array(
    '#type' => 'value',
    '#value' => drupal_map_assoc(variable_get('ucreate_default_roles', array())),
    );
  // The personal welcome message will be added to the top of the mail.
  // @todo: Ideal would be offering the full notification message for edit
  //        * updated by ajax call back (we shouldn't show tokens to users)
  //        * or in a second step of the form
  //        Both approaches have ramifications for the use of the form in ajaxy popups.
  $form['welcome_message_body'] = array(
    '#type' => 'textarea',
    '#title' => t('Personal welcome message'),
    '#default_value' => '',
    '#description' => t('This welcome message will appear at the top of the e-mail notification sent to the new user.')
    );
  $form['submit'] = array(
    '#type' => 'submit', 
    '#value' => t('Add'),
    '#weight' => 20,
    );
  return $form;
}

/**
 * Validation handler for ucreate_user_form().
 */
function ucreate_user_form_validate($form_id, $form_values, $form) {
  if ($account = user_load(array('name' => $form_values['name']))) {
    $name = user_access('access user profiles') ? l($account->name, 'user/'. $account->uid) : $account->name;
    form_set_error('name', t('User !name already exists.', array('!name' => $name)));
  }
  if ($form_values['mail'] != $form_values['mail_confirm']) {
    form_set_error('email_confirm', t('E-mail addresses don\'t match'));
  }
  else if (user_load(array('mail' => $form_values['mail']))) {
    form_set_error('mail', t('User with this e-mail address already exists.'));
  }
}

/**
 * Submit handler for ucreate_user_form().
 */
function ucreate_user_form_submit($form_id, $form_values) {
  ucreate_user_create($form_values);
  drupal_goto($_GET['q']);
}

/**
 * Block user confirm dialog.
 */
function ucreate_block_form($uid, $op) {
  if ($account = user_load(array('uid'=>$uid))) {
    $path = $_GET['destination'] ?  $_GET['destination'] : '<front>';
    $form = array(
      'uid' => array(
        '#type' => 'value',
        '#value'=> $uid,
      ),
      'operation' => array(
        '#type' => 'value',
        '#value'=> $op,
      ),
    );
    if ($op == 'block') {
      $message = t('Are you sure you would like to suspend !user\'s account?', array('!user'=>theme('username', $account)));
    }
    else if ($op == 'activate') {
      $message = t('Are you sure you would like to activate !user\'s account?', array('!user'=>theme('username', $account)));
    }
    $form = confirm_form($form, $message, $path, '');
    return $form;
  }
}

/**
 * Submit handler for ucreate_block_form().
 * @todo: send email if user is blocked/activated.
 */
function ucreate_block_form_submit($form_id, $form_values) {
  // print_r($form_values);
  if ($account = user_load(array('uid' => $form_values['uid']))) {
    if ($form_values['operation'] == 'block') {
      $account = user_save($account, array('status' => 0));
      if ($account->status == 0) {
        drupal_set_message(t('The account !user was suspended.', array('!user'=>theme('username', $account))));
        return;
      }
    }
    else if ($form_values['operation'] == 'activate') {
      $account = user_save($account, array('status' => 1));
      if ($account->status == 1) {
        drupal_set_message(t('The account !user was activated.', array('!user'=>theme('username', $account))));
        return;
      }
    }
  }
  // Unlikely.
  drupal_set_message(t('There was an error in changing the account status.'), 'error');
}

/**
 * Create user
 *
 * @param array $edit
 *   Values in format accepted by user_save().
 *   Required values:
 *   $edit['name']
 *   $edit['mail']
 * 
 */
function ucreate_user_create($edit) {
  // Create account.
  $account = new stdClass();
  $password = user_password();
  $edit['pass'] = $password;
  $edit['status'] = 1;
  $account = user_save($account, $edit);
  
  // Notify user if successful.
  if ($account->uid) {
    drupal_set_message(t('You have created an account for !name, password and login instructions have been sent to the e-mail address !email.', array('!name' => $edit['name'], '!email' => l($edit['mail'], 'mailto:'. $edit['mail']))));    
    
    $subject = t('[!site_name] We have created an account for you', array('!site_name' => variable_get('site_name', 'Drupal')));
    $variables = array(
      '!name' => $edit['name'], 
      '!site' => variable_get('site_name', 'Drupal'), 
      '!login_url' => user_pass_reset_url($account) .'/login',
      '!url' => trim(url(NULL, NULL, NULL, TRUE), '/'),
      '!password' => $password,
      );
    if (trim($edit['welcome_message_body'])) {
      $body .= $edit['welcome_message_body'];
      $body .= "\n\n================================================\n";
    }
    else {
      $body .= t("\nHello !name,\n", $variables);
    }
    // @todo: Would love to use one time login link here - alas it is only valid for 24 hrs and needs to be renewed then.
    $body .= t("\nWe have created an account for you on !site\n!url.\n\nYou can log in to the site with the following username and password\n\n!name\n!password\n\nPlease change your password after the first time you log in.\n\nWelcome to !site", $variables);
    if (!drupal_mail('ucreate-create', $edit['mail'], $subject, $body)) {
      drupal_set_message(t('Error sending notification mail to user.'), 'error');
    }
  }
  else {
    drupal_set_message(t('Error creating user.'), 'error');
  }
  return $account;
}