diff --git a/database/create-tables.sql b/database/create-tables.sql index de8cee9..7d2e702 100644 --- a/database/create-tables.sql +++ b/database/create-tables.sql @@ -56,6 +56,7 @@ GRANT SELECT,INSERT,UPDATE,DELETE ON items TO :webapp_user; CREATE TABLE users ( user_id INT NOT NULL DEFAULT NEXTVAL('users_user_id_seq'::TEXT), user_email VARCHAR(256) NOT NULL, + user_display_name VARCHAR(256) , user_salt CHAR(8) NOT NULL, user_iterations INT NOT NULL, user_hash CHAR(40) NOT NULL, diff --git a/database/users-functions.sql b/database/users-functions.sql index e024b5f..9d51d87 100644 --- a/database/users-functions.sql +++ b/database/users-functions.sql @@ -2,14 +2,18 @@ -- Create a new user -- -CREATE OR REPLACE FUNCTION users_add( _email TEXT , _salt TEXT , _iters INT , _hash TEXT ) +CREATE OR REPLACE FUNCTION users_add( _email TEXT , _salt TEXT , _iters INT , _hash TEXT , _name TEXT ) RETURNS INT LANGUAGE PLPGSQL STRICT VOLATILE SECURITY INVOKER AS $users_add$ BEGIN - INSERT INTO users ( user_email , user_salt , user_iterations , user_hash ) - VALUES ( _email , _salt , _iters , _hash ); + IF _name = '' THEN + _name := NULL; + END IF; + + INSERT INTO users ( user_email , user_salt , user_iterations , user_hash , user_display_name ) + VALUES ( _email , _salt , _iters , _hash , _name ); RETURN 0; EXCEPTION WHEN unique_violation THEN @@ -17,5 +21,5 @@ EXCEPTION END; $users_add$; -REVOKE EXECUTE ON FUNCTION users_add( TEXT , TEXT , INT , TEXT ) FROM PUBLIC; -GRANT EXECUTE ON FUNCTION users_add( TEXT , TEXT , INT , TEXT) TO :webapp_user; +REVOKE EXECUTE ON FUNCTION users_add( TEXT , TEXT , INT , TEXT , TEXT ) FROM PUBLIC; +GRANT EXECUTE ON FUNCTION users_add( TEXT , TEXT , INT , TEXT , TEXT) TO :webapp_user; diff --git a/includes/t-basics/dao_users.inc.php b/includes/t-basics/dao_users.inc.php index 2977002..9af0791 100644 --- a/includes/t-basics/dao_users.inc.php +++ b/includes/t-basics/dao_users.inc.php @@ -18,7 +18,10 @@ class Dao_Users public function getUsers( ) { - return $this->query( 'SELECT user_id , user_email FROM users ORDER BY LOWER( user_email )' )->execute( ); + return $this->query( + 'SELECT user_id , user_display_name , user_email ' + . 'FROM users ' + . 'ORDER BY LOWER( user_email )' )->execute( ); } @@ -48,7 +51,7 @@ class Dao_Users } - public function addUser( $email , $password ) + public function addUser( $email , $password , $name ) { $iterations = rand( 130 , 160 ); @@ -65,8 +68,8 @@ class Dao_Users $hash = $this->hashPassword( $password , $salt , $iterations ); - $result = $this->query( 'SELECT users_add( $1 , $2 , $3 , $4 ) AS error' ) - ->execute( $email , $salt , $iterations , $hash ); + $result = $this->query( 'SELECT users_add( $1 , $2 , $3 , $4 , $5 ) AS error' ) + ->execute( $email , $salt , $iterations , $hash , $name ); return $result[ 0 ]->error; } diff --git a/includes/t-users/users.inc.php b/includes/t-users/users.inc.php index b137a7f..d2a9ed0 100644 --- a/includes/t-users/users.inc.php +++ b/includes/t-users/users.inc.php @@ -52,6 +52,11 @@ class Ctrl_UsersAddForm ->setValidator( Loader::Create( 'Validator_StringLength' , 'This password' , 8 ) ) ) ->addField( Loader::Create( 'Field' , 'pass2' , 'password' ) ->setDescription( 'Confirm password:' ) ) + ->addField( Loader::Create( 'Field' , 'display-name' , 'text' ) + ->setDescription( 'Display name:' ) + ->setMandatory( false ) + ->setValidator( Loader::Create( 'Validator_StringLength' , 'This display name', + 5 , 256 , true ) ) ) ->addController( Loader::Ctrl( 'users_add' , $this->initial ) ); if ( $this->initial ) { @@ -94,8 +99,9 @@ class Ctrl_UsersAdd } $email = $this->form->field( 'email' ); + $name = $this->form->field( 'display-name' ); $error = Loader::DAO( 'users' )->addUser( $email->value( ) , - $p1->value( ) ); + $p1->value( ) , $name->value( ) ); switch ( $error ) { @@ -137,14 +143,31 @@ class View_UsersList ->appendElement( HTML::make( 'tr' ) ->setAttribute( 'class' , 'header' ) ->appendElement( HTML::make( 'th' ) - ->appendText( 'E-mail address' ) ) ); + ->appendText( 'E-mail address' ) ) + ->appendElement( HTML::make( 'th' ) + ->appendText( 'Display name' ) ) ); foreach ( $this->users as $user ) { - $table->appendElement( HTML::make( 'tr' ) - ->appendElement( HTML::make( 'td' ) - ->appendText( $user->user_email ) ) ); + $table->appendElement( $this->makeUserRow( $user ) ); } return $table; } + + private function makeUserRow( $user ) + { + $row = HTML::make( 'tr' ) + ->appendElement( HTML::make( 'td' ) + ->appendText( $user->user_email ) ); + + $nameColumn = HTML::make( 'td' ); + if ( $user->user_display_name !== null ) { + $nameColumn->appendText( $user->user_display_name ); + } else { + $nameColumn->appendElement( HTML::make( 'em' )->appendText( 'N/A' ) ); + } + $row->appendElement( $nameColumn ); + + return $row; + } }