page delegation

doc/Pages.md

@@ -4,13 +4,13 @@ Pages
 * [Home](help)
 
 
-Friendica also lets you create group and/or celebrity pages. 
+Friendica also lets you create forum and/or celebrity pages. 
 
-Every page in Friendica has a nickname and these must all be unique. This applies to all pages, whether they are normal profiles or group pages. 
+Every page in Friendica has a nickname and these must all be unique. This applies to all pages, whether they are normal profiles or forum pages. 
 
 Therefore the first thing you need to do to create a new page is to register a new account for the page. Please note that the site administrator can restrict and/or regulate the registration of new accounts. 
 
-If you create a second account on a system and use the same email address or OpenID account, you will no longer be able to use the email address (or OpenID) to login to the account. You should login using the account nickname instead. 
+If you create a second account on a system and use the same email address or OpenID account as an existing account, you will no longer be able to use the email address (or OpenID) to login to the account. You should login using the account nickname instead. 
 
 On the new account, visit the 'Settings' page. Towards the end of the page are "Advanced Page Settings". Typically you would use "Normal Account" for a normal personal account. This is the default selection. Group pages provide the ability for people to become friends/fans of the page without requiring approval.
 
@@ -24,6 +24,8 @@ The "Automatic Friend Account" is typically used for personal profile pages wher
 
 We recommend that you create group pages with the same email address and password as your normal account. If you do this, you will find a new "Manage" tab on the menu bar which lets you toggle identities easily and manage your pages. You are not required to do this, but the alternative is to logout and log back into the other account to manage alternate pages - and this could get cumbersome if you manage several different pages/identities. 
 
+You may also appoint a delegate to manage your page. Do this by visiting the [Delegation Setup Page](/delegate). This will provide you with a list of contacts on this system under "Potential Delegates". Selecting one or more persons will give them access to manage your page. They will be able to edit contacts, profiles, and all content for this account/page. Please use this facility wisely. Delegated managers will not be able to alter basic account settings such as passwords or page types and/or remove the account.  
+
 
 **Posting to Community Pages**
 

mod/delegate.php

@@ -0,0 +1,140 @@
+<?php
+
+function delegate_content(&$a) {
+
+	if(! local_user()) {
+		notice( t('Permission denied.') . EOL);
+		return;
+	}
+
+	if($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) {
+
+		// delegated admins can view but not change delegation permissions
+
+		if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
+			goaway($a->get_baseurl() . '/delegate');
+
+
+		$id = $a->argv[2];
+
+		$r = q("select `nickname` from user where uid = %d limit 1",
+			intval($id)
+		);
+		if(count($r)) {
+			$r = q("select id from contact where uid = %d and nurl = '%s' limit 1",
+				intval(local_user()),
+				dbesc(normalise_link($a->get_baseurl() . '/profile/' . $r[0]['nickname']))
+			);
+			if(count($r)) {
+				q("insert into manage ( uid, mid ) values ( %d , %d ) ",
+					intval($a->argv[2]),
+					intval(local_user())
+				);
+			}
+		}
+		goaway($a->get_baseurl() . '/delegate');
+	}
+
+	if($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) {
+
+		// delegated admins can view but not change delegation permissions
+
+		if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
+			goaway($a->get_baseurl() . '/delegate');
+
+		q("delete from manage where uid = %d and mid = %d limit 1",
+			intval($a->argv[2]),
+			intval(local_user())
+		);
+		goaway($a->get_baseurl() . '/delegate');
+
+	}
+
+	$full_managers = array();
+
+	// These people can manage this account/page with full privilege
+
+	$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
+		intval(local_user()),
+		dbesc($a->user['email']),
+		dbesc($a->user['password'])
+	);
+	if(count($r))
+		$full_managers = $r;
+
+	$delegates = array();
+
+	// find everybody that currently has delegated management to this account/page
+
+	$r = q("select * from user where uid in ( select uid from manage where mid = %d ) ",
+		intval(local_user())
+	);
+
+	if(count($r))
+		$delegates = $r;
+
+	$uids = array();
+
+	if(count($full_managers))
+		foreach($full_managers as $rr)
+			$uids[] = $rr['uid'];
+
+	if(count($delegates))
+		foreach($delegates as $rr)
+			$uids[] = $rr['uid'];
+
+	// find every contact who might be a candidate for delegation
+
+	$r = q("select nurl from contact where substring_index(contact.nurl,'/',3) = '%s' 
+		and contact.uid = %d and contact.self = 0 and network = '%s' ",
+		dbesc($a->get_baseurl()),
+		intval(local_user()),
+		dbesc(NETWORK_DFRN)
+	); 
+
+	if(! count($r)) {
+		notice( t('No potential page delegates located.') . EOL);
+		return;
+	}
+
+	$nicknames = array();
+
+	if(count($r)) {
+		foreach($r as $rr) {
+			$nicknames[] = "'" . dbesc(basename($rr['nurl'])) . "'";
+		}
+	}
+
+	$potentials = array();
+
+	$nicks = implode(',',$nicknames);
+
+	// get user records for all potential page delegates who are not already delegates or managers
+
+	$r = q("select `uid`, `username`, `nickname` from user where nickname in ( $nicks )");
+
+	if(count($r))
+		foreach($r as $rr)
+			if(! in_array($rr['uid'],$uids))
+				$potentials[] = $rr;
+
+	$o = replace_macros(get_markup_template('delegate.tpl'),array(
+		'$header' => t('Delegate Page Management'),
+		'$base' => $a->get_baseurl(),
+		'$desc' => t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'),
+		'$head_managers' => t('Existing Page Managers'),
+		'$managers' => $full_managers,
+		'$head_delegates' => t('Existing Page Delegates'),
+		'$delegates' => $delegates,
+		'$head_potentials' => t('Potential Delegates'),
+		'$potentials' => $potentials,
+		'$remove' => t('Remove'),
+		'$add' => t('Add'),
+		'$none' => t('No entries.')
+	));
+
+
+	return $o;
+
+
+}

mod/removeme.php

@@ -5,6 +5,9 @@ function removeme_post(&$a) {
 	if(! local_user())
 		return;
 
+	if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
+		return;
+
 	if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
 		return;
 

view/delegate.tpl

@@ -0,0 +1,57 @@
+<h3>$header</h3>
+
+<div id="delegate-desc" class="delegate-desc">$desc</div>
+
+{{ if $managers }}
+<h3>$head_managers</h3>
+
+{{ for $managers as $x }}
+
+<div class="contact-block-div">
+<a class="contact-block-link" href="#" >
+<img class="contact-block-img" src="$base/photo/thumb/$x.uid" title="$x.username" />
+</a>
+</div>
+
+{{ endfor }}
+<div class="clear"></div>
+<hr />
+{{ endif }}
+
+
+<h3>$head_delegates</h3>
+
+{{ if $delegates }}
+{{ for $delegates as $x }}
+
+<div class="contact-block-div">
+<a class="contact-block-link" href="$base/delegate/remove/$x.uid" >
+<img class="contact-block-img" src="$base/photo/thumb/$x.uid" title="$x.username" />
+</a>
+</div>
+
+{{ endfor }}
+<div class="clear"></div>
+{{ else }}
+$none
+{{ endif }}
+<hr />
+
+
+<h3>$head_potentials</h3>
+{{ if $potentials }}
+{{ for $potentials as $x }}
+
+<div class="contact-block-div">
+<a class="contact-block-link" href="$base/delegate/add/$x.uid" >
+<img class="contact-block-img" src="$base/photo/thumb/$x.uid" title="$x.username" />
+</a>
+</div>
+
+{{ endfor }}
+<div class="clear"></div>
+{{ else }}
+$none
+{{ endif }}
+<hr />
+