{* $Id$ *} {if !$ts.ajax} {title help="Users Management" admpage="login" url="tiki-adminusers.php"}{tr}Admin Users{/tr}{/title}
{if $tiki_p_admin eq 'y'} {* only full admins can manage groups, not tiki_p_admin_users *} {button href="tiki-admingroups.php" class="btn btn-primary" _type="link" _icon_name="group" _text="{tr}Admin Groups{/tr}"} {/if} {if $tiki_p_admin eq 'y'} {permission_link mode=button_link} {/if} {if isset($userinfo.userId)} {button href="?add=1" class="btn btn-primary" _text="{tr}Add a New User{/tr}"} {/if} {if $prefs.feature_invite eq 'y' and $tiki_p_invite eq 'y'} {button href="tiki-list_invite.php" _type="link" _icon_name="thumbs-up" _text="{tr}Invitation List{/tr}"} {/if}
{if $prefs.feature_intertiki eq 'y' and ($prefs.feature_intertiki_import_groups eq 'y' or $prefs.feature_intertiki_import_preferences eq 'y')} {remarksbox type="warning" title="{tr}Warning{/tr}"} {if $prefs.feature_intertiki_import_groups eq 'y'}{tr}Since this Tiki site is in slave mode and imports groups, the master groups will be automatically reimported at each login{/tr}{/if} {if $prefs.feature_intertiki_import_preferences eq 'y'}{tr}Since this Tiki site is in slave mode and imports preferences, the master user preferences will be automatically reimported at each login{/tr}{/if} {/remarksbox} {/if} {/if} {tabset name='tabs_adminusers'} {* ---------------------- tab with list -------------------- *} {tab name="{tr}Users{/tr}"} {if !$ts.ajax}

{tr}Users{/tr}

{if !$ts.enabled}
{icon name='add' alt="{tr}more{/tr}"} {tr}More Criteria{/tr}
{autocomplete element='#find' type='username'}
{/if} {if ($cant > $numrows or !empty($initial)) && !$ts.enabled} {initials_filter_links} {/if}
{/if} {* Use css menus as fallback for item dropdown action menu if javascript is not being used *} {* Note: th element ids here need to match those at /lib/core/Table/Settings/TikiAdminusers.php for tablesorter to work properly *} {if !$ts.ajax} {if $prefs.login_is_email neq 'y'} {/if} {if $prefs.auth_method eq 'openid'} {/if} {/if} {section name=user loop=$users} {if $users[user].editable} {capture assign=username}{$users[user].user|escape}{/capture} {if $prefs.login_is_email ne 'y'} {/if} {if $prefs.auth_method eq 'openid'} {/if} {/if} {sectionelse} {norecords _colspan=8 _text="No user records found"} {/section}
{if $users} {select_all checkbox_names='checked[]' tablesorter="{$ts.enabled}"} {/if} {self_link _sort_arg='sort_mode' _sort_field='login'}{tr}User{/tr}{/self_link}{self_link _sort_arg='sort_mode' _sort_field='email'}{tr}Email{/tr}{/self_link}{self_link _sort_arg='sort_mode' _sort_field='openID'}{tr}OpenID{/tr}{/self_link}{self_link _sort_arg='sort_mode' _sort_field='currentLogin'}{tr}Last login{/tr}{/self_link} {self_link _sort_arg='sort_mode' _sort_field='created'}{tr}Registered{/tr}{/self_link} {tr}Groups{/tr}
{if $users[user].user ne 'admin'} {/if}
{capture name=username}{$users[user].user|username}{/capture} {$users[user].user|escape} {if $prefs.user_show_realnames eq 'y' and $smarty.capture.username ne $users[user].user}
{$smarty.capture.username|escape}
{/if} 		{$users[user].openid_url|default:"{tr}N{/tr}"} {if $users[user].currentLogin eq ''} {capture name=when}{$users[user].age|duration_short}{/capture} {tr}Never{/tr} ({tr _0=$smarty.capture.when}Registered %0 ago{/tr}) {else} {$users[user].currentLogin|tiki_short_datetime} {/if} {if $users[user].waiting eq 'u'}
{tr}Need to validate email{/tr} {/if} 		{$users[user].registrationDate|tiki_short_datetime} {foreach from=$users[user].groups key=grs item=what name=gr}
{if $grs != "Anonymous" and ($tiki_p_admin eq 'y' || in_array($grs, $all_groups))} {if $tiki_p_admin eq 'y'} {$grs|escape} {else} {$grs|escape} {/if} {if $what eq 'included'}{tr}Included{/tr}{/if} {if $grs eq $users[user].default_group}({tr}default{/tr}){/if} {if $what ne 'included' and $grs != "Registered"} {* keep link code on one line to avoid stray underlining *} {icon name="remove"} {/if} {if !$smarty.foreach.gr.last}
{/if} {/if}
{/foreach} 		{actions} {strip} {icon name="group" _menu_text='y' _menu_icon='y' alt="{tr}Add or remove from a group{/tr}"} {icon name='time' _menu_text='y' _menu_icon='y' alt='{tr}Edit group expiry{/tr}'} {icon name="edit" _menu_text='y' _menu_icon='y' alt="{tr}Edit account settings{/tr}"} {if $prefs.feature_userPreferences eq 'y' || $user eq 'admin'} {icon name="settings" _menu_text='y' _menu_icon='y' alt="{tr}Change user preferences{/tr}"} {/if} {if $users[user].user eq $user or $users[user].user_information neq 'private' or $tiki_p_admin eq 'y'} {icon name="help" _menu_text='y' _menu_icon='y' alt="{tr}User information{/tr}"} {/if} {if $users[user].user ne 'admin' and $users[user].user ne $user and $tiki_p_admin eq 'y'} {icon name="user" _menu_text='y' _menu_icon='y' alt="{tr}Switch to this user{/tr}"} {/if} {if $users[user].user ne 'admin'} {if $users[user].waiting eq 'a'} {* Use a form for the next three actions since they change the database. No confirm needed, confirmPopup() only checks if the ticket has expired *} {ticket} {/if} {if $users[user].waiting eq 'u'}
{ticket}
{/if} {if $prefs.email_due > 0 and $users[user].waiting ne 'u' and $users[user].waiting ne 'a'}
{ticket}
{/if} {icon name="remove" _menu_text='y' _menu_icon='y' alt="{tr}Delete{/tr}"} {if $users[user].waiting eq 'l'} {icon name="unlock" _menu_text='y' _menu_icon='y' alt="{tr}Unlock account{/tr}"} {else} {icon name="lock" _menu_text='y' _menu_icon='y' alt="{tr}Lock account{/tr}"} {/if} {/if} {* Use a confirm here since action cannot easily be undone *} {if !empty($users[user].openid_url)} {icon name="link" _menu_text='y' _menu_icon='y' alt="{tr}Remove link with OpenID account{/tr}"} {/if} {/strip} {/actions}
{jq} $document.on("show.bs.popover", function ( e ) { var itemId = $(e.target).data("itemid"); if (itemId) { $.get($.service("tracker", "view", {id: itemId}), function (data) { data = data.replace(//mgi, ""); // remove headings $(".popover-body", ".popover.show").empty().append(data); }); } }); {/jq} {if !$ts.ajax}
{if $users}
{/if}
{ticket}
{if !$ts.enabled} {pagination_links cant=$cant step=$numrows offset=$offset}{/pagination_links} {/if} {/if} {/tab} {if !$ts.ajax} {* ---------------------- tab with form -------------------- *} {if isset($userinfo.userId) && $userinfo.userId} {capture assign=add_edit_user_tablabel}{tr}Edit user{/tr} {$userinfo.login|escape}{/capture} {else} {assign var=add_edit_user_tablabel value="{tr}Add a New User{/tr}"} {/if} {tab name="{$add_edit_user_tablabel}"} {if $prefs.feature_user_encryption eq 'y'} {remarksbox type="warning" title="{tr}Warning: User Encryption is Active{/tr}"} {tr}The feature User Encryption stores encrypted user information, such as password used to connect to externalsystems. If the password is changed, it will destroy the user's decryption key, and make the data unreadable. The user will be forced to re-enter the passwords and other data that may be encrypted.{/tr}. {/remarksbox} {/if} {if isset($userinfo.userId) && $userinfo.userId}

{tr}Edit user{/tr} {$userinfo.login|escape}

{assign var=thisloginescaped value=$userinfo.login|escape:'url'} {if $userinfo.login ne 'admin' and $userinfo.editable} {button href="tiki-assignuser.php?assign_user=$thisloginescaped" _text="{tr}Assign user to Groups{/tr}" _icon_name='group'} {/if} {if $userinfo.waiting eq 'a'} {$thispassescaped = $userinfo.valid|escape:'url'} {if empty($thispassescaped)}{$thispassescaped = 0}{/if} {button href='tiki-login_validate.php?user='|cat:$thisloginescaped|cat:'&pass='|cat:$thispassescaped _text="{tr}Validate user{/tr}" _icon_name='ok'} {/if} {else}

{tr}Add a New User{/tr}

{/if} {if $prefs.feature_intertiki eq 'y' and not empty($prefs.feature_intertiki_mymaster)} {remarksbox type="info" title="{tr}Intertiki Enabled{/tr}"} {tr _0=$prefs.feature_intertiki_mymaster|escape}This Tiki is an Intertiki Client so user information must be edited on the Intertiki Master "%0"{/tr}. {/remarksbox} {elseif $userinfo.editable}
{ticket}
{if $userinfo.login neq 'admin'} {if $prefs.login_is_email eq 'y'}
{tr}Use the email as username{/tr}. {elseif $prefs.lowercase_username eq 'y'}
{tr}Lowercase only{/tr}. {elseif $prefs.login_autogenerate eq 'y'}
{icon name='warning' alt="{tr}Warning{/tr}" style="vertical-align:middle"} {tr}The username will be an autogenerated number based on the user ID if no actual username is provided when the user is created. Do not change these numeric usernames.{/tr} {/if} {if not empty($userinfo.userId) and $prefs.feature_intertiki eq 'y'}

{icon name='warning' alt="{tr}Warning{/tr}" style="vertical-align:middle"} {tr}Changing username is disabled for Intertiki sites{/tr}

{/if} {else} {$userinfo.login} {/if}
{* No need to specify user password or to ask him to change it, if : --> Tiki is using the Tiki + PEAR Auth systems --> AND Tiki won't create the user in the Tiki auth system --> AND Tiki won't create the user in the ldap *} {if $prefs.auth_method eq 'ldap' and ( $prefs.ldap_create_user_tiki eq 'n' or $prefs.ldap_skip_admin eq 'y' ) and $prefs.ldap_create_user_ldap eq 'n' and $userinfo.login neq 'admin' and $auth_ldap_permit_tiki_users eq 'n'}
{tr}No password is required{/tr}
{tr}Tiki is configured to delegate the password managment to LDAP.{/tr}
{else} {include file='password_jq.tpl' ignorejq='y'}
{icon name='ok' istyle='display:none'}{icon name='error' istyle='display:none' }
{include file='password_help.tpl'}
{if $prefs.generate_password eq 'y' and not ( $prefs.auth_method eq 'ldap' and ( $prefs.ldap_create_user_tiki eq 'n' or $prefs.ldap_skip_admin eq 'y' ) and $prefs.ldap_create_user_ldap eq 'n')}
{button href="#" _text="{tr}Generate a password{/tr}"}
{/if} {if $userinfo.login neq 'admin' && $prefs.change_password neq 'n'}
{/if} {/if} {if $prefs.login_is_email neq 'y'}
{/if} {if $userinfo.login neq 'admin' and ($prefs.validateUsers eq 'y' or $prefs.validateRegistration eq 'y')}
{if empty($prefs.sender_email)}
{tr}You need to set Sender Email{/tr}
{/if}
{/if} {if $prefs.userTracker eq 'y' and $userinfo.login eq ''}
{/if} {if $prefs.userTracker eq 'y' and $userstrackerid}
{if $usersitemid} {tr}Edit Item{/tr} {tr}View item{/tr} {else} {tr}Create Item{/tr} {/if}
{/if}
{if isset($userinfo.userId) && $userinfo.userId} {else} {/if}
{if isset($userinfo.userId) && $userinfo.userId != 0} {if $userinfo.created neq $userinfo.registrationDate} {/if} {if $prefs.email_due > 0} {/if}
{tr}Created{/tr} {$userinfo.created|tiki_long_datetime}
{tr}Registered{/tr}{if $userinfo.registrationDate}{$userinfo.registrationDate|tiki_long_datetime}{/if}
{tr}Pass confirmed{/tr}{if isset($userinfo.pass_confirm) && $userinfo.pass_confirm}{$userinfo.pass_confirm|tiki_long_datetime|default:'Never'}{/if}
{tr}Email confirmed{/tr} {if $userinfo.email_confirm} ({tr _0=$userinfo.daysSinceEmailConfirm}%0 days ago{/tr}) {else} {tr}Never{/tr} {/if}
{tr}Current Login{/tr} {if $userinfo.currentLogin}{$userinfo.currentLogin|tiki_long_datetime|default:'Never'}{/if}
{tr}Last Login{/tr} {if $userinfo.lastLogin}{$userinfo.lastLogin|tiki_long_datetime|default:'Never'}{/if}
{/if}
{else} {tr}You do not have permission to edit this user{/tr} {/if} {/tab} {* ---------------------- tab with upload -------------------- *} {tab name="{tr}Import{/tr}"}

{tr}Batch upload (CSV file){/tr}{help url="Users"}

{ticket}
{tr}Your file should contain in the first row (first entry) the following fields:{/tr} login, password, email, groups, default_group,realName.

{tr}Example:{/tr}
login,password,email,groups,default_group,realName
{tr}user1,pass1,email1,group1,group1{/tr}
{tr}user2,pass2,email2,"group1,group2",group1{/tr}

{tr}Only login, password, email are mandatory. Use an empty password for automatic password generation. Use same login and email if the login use email. Groups are separated by comma. With group name with comma, double the comma.{/tr}
{tr}On most server with default setting importing 250 users should be fine. If you have a long list you can split it or change the server settings to allow longer execution time.{/tr} {tr}Please also note that the data should match your Tiki setting. IE: if special characters or space are not permit for the username of your Tiki then your data in the CSV file for username should not contain any.{/tr}
{if $prefs.change_password neq 'n'}
{/if}
{if $tiki_p_admin eq 'y'} {* only full admins can manage groups, not tiki_p_admin_users *} {remarksbox type="tip" title="{tr}Tip{/tr}"}{tr}You can export users of a group by clicking on that group at admin->groups{/tr}{/remarksbox} {/if} {/tab} {tab name="{tr}Temporary Users{/tr}"}

{tr}Invite new temporary user(s){/tr}

{$temp_users_enabled = true} {if $prefs['auth_token_access'] != 'y'} {remarksbox type="warning" title="{tr}Token Access Feature Dependency{/tr}"} {tr}The token access feature is needed for Temporary Users to login.{/tr} {tr}Turn it on here.{/tr} {/remarksbox} {$temp_users_enabled = false} {/if} {if $prefs['login_is_email'] === 'y'} {remarksbox type="warning" title="{tr}Feature Conflict{/tr}"} {tr}This feature currently is incompatible with the "Use email as username" feature{/tr} {tr}Turn it off here.{/tr} {/remarksbox} {$temp_users_enabled = false} {/if} {if $prefs['user_unique_email'] === 'y'} {remarksbox type="warning" title="{tr}Feature Conflict{/tr}"} {tr}This feature currently is incompatible with the "The email address of each user must be unique." feature{/tr} {tr}Turn it off here.{/tr} {/remarksbox} {$temp_users_enabled = false} {/if} {if $temp_users_enabled} {remarksbox type="info" title="{tr}Temporary Users{/tr}"}

{tr}Temporary users cannot login the usual way but instead do so via an autologin URL that is associated with a token.{/tr} {tr}An email will be sent out to invited users containing this URL. You will receive a copy of the email yourself.{/tr}

{tr}These temporary users will be deleted (but can be set to be preserved in Admin Tokens) once the validity period is over. Normally, these users should have read-only access. Nevertheless, if you are allowing these users to submit information, e.g. fill in a tracker form, make sure to ask for their information again in those forms.{/tr}

{tr}Please do not assign temporary users to Groups that can access any security sensitive information, since access to these accounts is relatively easy to obtain, for example by intercepting or otherwise getting access to these emails.{/tr}

{/remarksbox} {remarksbox type="info" title="{tr}Revoking Access{/tr}"} {tr}To revoke access before validity expires or to review who has access, please see:{/tr} {tr}Admin Tokens{/tr} {/remarksbox}
{autocomplete element='#tempuser_groups' type='groupname'}
{/if} {/tab} {/if} {/tabset}