From 3c0ae46d1bf7d5990d2f3a0ee402df7fa08bc527 Mon Sep 17 00:00:00 2001
From: Donatas Glodenis <dgvirtual@akl.lt>
Date: Sun, 18 Feb 2024 14:21:09 +0200
Subject: [PATCH] Add user banning and manual activation functionality

---
 src/Users/Controllers/UserController.php | 20 ++++++++++++++--
 src/Users/Models/UserFilter.php          | 15 ++++++++++++
 src/Users/Views/form.php                 | 29 ++++++++++++++++++++++++
 3 files changed, 62 insertions(+), 2 deletions(-)

diff --git a/src/Users/Controllers/UserController.php b/src/Users/Controllers/UserController.php
index 68157bcf..b832062d 100644
--- a/src/Users/Controllers/UserController.php
+++ b/src/Users/Controllers/UserController.php
@@ -101,6 +101,7 @@ public function edit(int $userId)
         return $this->render($this->viewPrefix . 'form', [
             'user'   => $user,
             'groups' => $groups,
+            'itsMe' => $itsMe
         ]);
     }
 
@@ -149,11 +150,26 @@ public function save(?int $userId = null)
         // Fill in basic details
         $user->fill($this->request->getPost());
 
-        // Mark the user active if it is created by admin
-        if ($userId === null) {
+        // Mark the user active if it is created by admin, or if it is marked active by admin
+        if (
+            $userId === null
+            || (
+                $user->isNotActivated()
+                && auth()->user()->can('users.edit')
+                && (int) $this->request->getPost('activate') === 1
+            )
+        ) {
             $user->active = 1;
         }
 
+        if (auth()->user()->can('users.edit') && ! $itsMe) {
+            if ((int) $this->request->getPost('ban') === 1) {
+                $user->ban($this->request->getPost('ban_reason'));
+            } elseif($user->isBanned() && (int) $this->request->getPost('ban') === 0) {
+                $user->unBan();
+            }
+        }
+
         // Save basic details
         $users->save($user);
 
diff --git a/src/Users/Models/UserFilter.php b/src/Users/Models/UserFilter.php
index baa4f772..bff95549 100644
--- a/src/Users/Models/UserFilter.php
+++ b/src/Users/Models/UserFilter.php
@@ -33,6 +33,10 @@ class UserFilter extends UserModel
             'title'   => 'Active?',
             'options' => [0 => 'Inactive', 1 => 'Active'],
         ],
+        'banned' => [
+            'title'   => 'Banned?',
+            'options' => [0 => 'Not Banned', 1 => 'Banned'],
+        ],
         'last_active' => [
             'title'   => 'Last Active Within',
             'type'    => 'radio',
@@ -78,6 +82,17 @@ public function filter(?array $params = null)
             $this->whereIn('users.active', $params['active']);
         }
 
+        if (isset($params['banned']) && count($params['banned'])) {
+            $this->groupStart();
+            if(isset($params['banned'][0])) {
+                $this->where('users.status', null);
+            }
+            if(isset($params['banned'][1])) {
+                $this->orWhere('users.status', 'banned');
+            }
+            $this->groupEnd();
+        }
+
         if (isset($params['last_active']) && is_numeric($params['last_active'])) {
             $this->where('last_active >=', Time::now()->subDays($params['last_active'])->toDateTimeString());
         } elseif (isset($params['last_active']) && $params['last_active'] === 'any') {
diff --git a/src/Users/Views/form.php b/src/Users/Views/form.php
index f6047c08..89bdbf88 100644
--- a/src/Users/Views/form.php
+++ b/src/Users/Views/form.php
@@ -80,6 +80,35 @@
                     </div>
                 </div>
             </fieldset>
+            <?php if (isset($user) && $user->id !== null) : ?>
+            <fieldset>
+                <legend>User Status</legend>
+                <div
+                    x-data="{ isChecked: <?= $user->isBanned() ? 'true' : 'false' ?> }">
+                    <input class="form-check-input" type="checkbox" name="activate" id="activate" value="1"
+                    <?php if (! $user->isNotActivated()) : ?>
+                        checked disabled
+                    <?php endif; ?>
+                    >
+                    <label class="form-check-label" for="activate">
+                        User is activated
+                    </label><br>
+                    <input type="hidden" name="ban" value="0">
+                    <input class="form-check-input" type="checkbox" name="ban" id="ban" value="1" x-model="isChecked"
+                    <?php if ($itsMe) : ?>
+                        disabled
+                    <?php endif; ?>
+                    >
+                    <label class="form-check-label" for="ban">
+                        User is banned<span class="x-cloak fw-bold" x-show="isChecked">, enter reason for the ban (will
+                            be shown at login attempt)</span>
+                    </label>
+                    <input x-show="isChecked" x-bind:disabled="!isChecked" type="text" name="ban_reason" id="ban_reason"
+                        class="form-control form-control-sm x-cloak"
+                        value="<?= $user->getBanMessage() ?>">
+                </div>
+            </fieldset>
+            <?php endif; ?>
 
                 <fieldset>
                     <legend>Groups</legend>