<?php
# MantisBT - a php based bugtracking system

# MantisBT is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.

/**
 * This script allows to automatically create users.
 * To run it, put it into the script folder and open the page as any other normal page with your browser.
 * !!! The variables only serve as an example !!!
 * I highly suggest you to create an other file like this script using a spreadsheet program and a script.
 * Add the right function into your file, with the right call.
 * $t_new_users and $t_prefs should be generated from your spreadsheet.
 * Please note that the add_user_all_projects function might not make any sense for the way you use mantisbt.
 * - Mathieu Desjardin (aka Roadster on the mantisbt bugtracker), 11/15/2016
 */

require_once('../core.php');
require_once('user_api.php');
require_once('user_pref_api.php');
require_once('project_api.php');


/**
 * uses the user_create function from user_api.php
 * sends a mail to each new user, asking him to click on a link to change his password
 * uses the user_pref_set function and the UserPreferences class from user_pref_api.php
 * sets specified preferences to each new user
 * @param array $p_new_users
 * @param array $p_prefs
 */
function auto_create_users_ask_validation($p_new_users, $p_prefs)
{
	foreach($p_new_users as $t_username => $t_values)
	{
		user_create($t_username, $t_values['password'], $t_values['email'], $t_values['access_level'], $t_values['protected'], $t_values['enabled'], $t_values['realname']);
		
		$t_id = user_get_id_by_name($t_username);
		if($t_id)
		{
			# Adds user to all projects with the right access levels
			add_user_all_projects($t_id, $t_values['specific_access_level_projects']);
			
			# Updates user's preferences
			$t_user_preferences = new UserPreferences($t_id, ALL_PROJECTS);
			foreach($p_prefs as $t_pref_name => $t_pref_value) 
				$t_user_preferences->__set($t_pref_name, $t_pref_value);
			user_pref_set($t_id, $t_user_preferences);
		}
		
		else 
		{
			echo 'The user ' . $t_username . ' hasn\'nt been found in the database. <br/> He might haven\'t been added correctly. <br/> His preferences haven\'nt been updated. <br/> <br/>';
		}
	}
}


/**
 * this code is mostly taken from the user_create function from user_api.php
 * the main difference is that it doesn't send a confirmation email
 * (the user should know the password you added in order to log in for the first time)
 * the user_api.php file hasn't been modified so upgrading mantisbt will be easier
 * uses the user_pref_set function and the UserPreferences class from user_pref_api.php
 * sets specified preferences to each new user
 * @param array $p_new_users
 * @param array $p_prefs
 */
function auto_create_users_without_validation($p_new_users, $p_prefs)
{
	foreach($p_new_users as $t_username => $t_values)
	{
		if( null === $t_values['access_level'] ) {
			$t_values['access_level'] = config_get( 'default_new_account_access_level' );
		}

		$t_password = auth_process_plain_password( $t_values['password'] );

		$c_access_level = db_prepare_int( $t_values['access_level'] );
		$c_protected = db_prepare_bool( $t_values['protected'] );
		$c_enabled = db_prepare_bool( $t_values['enabled'] );

		user_ensure_name_valid( $t_username );
		user_ensure_name_unique( $t_username );
		user_ensure_realname_valid( $t_values['realname'] );
		user_ensure_realname_unique( $t_username, $t_values['realname'] );
		email_ensure_valid( $t_values['email'] );

		$t_seed = $t_values['email'] . $t_username;
		$t_cookie_string = auth_generate_unique_cookie_string( $t_seed );
		$t_user_table = db_get_table( 'mantis_user_table' );

		$query = "INSERT INTO $t_user_table
						( username, email, password, date_created, last_visit,
						 enabled, access_level, login_count, cookie_string, realname )
					  VALUES
						( " . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param()  . ",
						 " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ', ' . db_param() . ')';
		db_query_bound( $query, Array( $t_username, $t_values['email'], $t_password, db_now(), db_now(), $c_enabled, $c_access_level, 0, $t_cookie_string, $t_values['realname'] ) );

		$t_id = user_get_id_by_name($t_username);
		if($t_id)
		{
			# Adds user to all projects with the right access levels
			add_user_all_projects($t_id, $t_values['specific_access_level_projects']);
			
			# Updates user's preferences
			$t_user_preferences = new UserPreferences($t_id, ALL_PROJECTS);
			foreach($p_prefs as $t_pref_name => $t_pref_value) 
				$t_user_preferences->__set($t_pref_name, $t_pref_value);
			user_pref_set($t_id, $t_user_preferences);
			
			# Users are added with protected set to FALSE in order to be able to update
			# preferences.  Now set the real value of protected.
			if( $t_values['protected'] ) {
				user_set_field( $t_user_id, 'protected', $c_protected );
			}
		}
		else 
			echo 'The user ' . $t_username . ' hasn\'nt been found in the database. <br/> He might haven\'t been added correctly. <br/> His preferences haven\'nt been updated. <br/> <br/>';
	}
}


/**
 * deletes specified users
 * uses the user_delete function from user_api.php
 * gets user's id from user's username using user_get_id_by_name from user_api
 * only uses the username, but is compatible with the $t_new_users example
 * very useful when testing the script
 * @param array $p_users
 */
function auto_delete_users_by_username($p_users)
{
	foreach($p_users as $t_username => $t_values)
	{
		$t_id = user_get_id_by_name($t_username);
		if($t_id)
		{
			user_delete($t_id);
		}
	}
}


/**
 * Adds user to the specified projects with the specified access levels
 * adds the user as a reporter to all other projects (might not make sense depending on how you use mantisbt)
 * uses the project_add_user function from project_api.php
 * @param int $p_user_id
 * @param array $p_specific_access_level_projects
 */
function add_user_all_projects($p_user_id, $p_specific_access_level_projects)
{
	foreach(project_name_array_to_id_array($p_specific_access_level_projects) + project_get_all_ids() as $t_project_id => $t_access_level)
	{
		project_add_user($t_project_id, $p_user_id, $t_access_level);
	}
}


/**
 * transforms an array looking like project_name => user_access_level_for_project
 * into an array looking like project_id => user_access_level_for_project
 * @param $p_specific_access_level_projects
 * @return $t_specific_access_level_projects_ids
 */
function project_name_array_to_id_array($p_specific_access_level_projects)
{
	$t_specific_access_level_projects_ids = array();
	
	foreach($p_specific_access_level_projects as $t_project_name => $t_access_level)
	{
		$t_specific_access_level_projects_ids [ project_get_id_by_name($t_project_name) ] = $t_access_level;
	}
	
	return $t_specific_access_level_projects_ids;
}


/**
 * returns an array which keys are every project's id 
 * and values are 25 (the reporter access level) (might not make sens depending on how you use mantisbt)
 * @return array $t_all_project_ids
 */
function project_get_all_ids()
{
	$t_all_project_ids = array();
	foreach(project_get_all_rows() as $t_project_row)
	{
		$t_all_project_ids[$t_project_row['id']] = 25; 
	}
	return $t_all_project_ids;
}


/**
 * variable $t_new_users
 * contains the users that should be added in the database
 * 'DRC' and 'DFR' are usernames
 */
$t_new_users = array(
	'F42' => array('password' => 'ctc', 'email' => 'foo.bar@zar.com', 'access_level' => 55, 'protected' => FALSE, 'enabled' => TRUE, 'realname' => 'Foo', 'admin_name' => '', 'specific_access_level_projects' => array('Foo Services' => 70)),
	'B42' => array('password' => 'ctc', 'email' => 'bar.foo@zar.com', 'access_level' => 55, 'protected' => FALSE, 'enabled' => TRUE, 'realname' => 'Bar', 'admin_name' => '', 'specific_access_level_projects' => array('Foo Services' => 55, 'Bar Marketing' => 70)),
);


/**
 * variable $t_prefs
 * contains the preferences that shoud be applied to all users
 * the preferences that are the same as the default ones don't need to be specified
 * the keys are the name of the columns in the user_pref_table (in the database)
 * the values are the ones that should be added in the table (be careful with the types)
 */
$t_prefs = array(
	'email_on_bugnote' => 0,
	'email_on_status' => 1,
	'email_on_new' => 0,
);


# uncomment the calls you need
# auto_delete_users_by_username($t_new_users);
# auto_create_users_ask_validation($t_new_users, $t_prefs);
# auto_create_users_without_validation($t_new_users, $t_prefs);


# notifies the user that the script has been executed
# it doesn't mean that the script did what was expected
echo 'Script executed. <br/> Please check that the script worked as expected. <br/> <br/>';


?>