Reorganize user pages

Three pages:

- User profil
- User management
- Authentication

app/Controllers/authController.php

@@ -4,6 +4,66 @@
  * This controller handles action about authentication.
  */
 class FreshRSS_auth_Controller extends Minz_ActionController {
+	/**
+	 * This action handles authentication management page.
+	 *
+	 * Parameters are:
+	 *   - token (default: current token)
+	 *   - anon_access (default: false)
+	 *   - anon_refresh (default: false)
+	 *   - auth_type (default: none)
+	 *   - unsafe_autologin (default: false)
+	 *   - api_enabled (default: false)
+	 *
+	 * @todo move unsafe_autologin in an extension.
+	 */
+	public function indexAction() {
+		if (!FreshRSS_Auth::hasAccess('admin')) {
+			Minz_Error::error(403,
+			                  array('error' => array(_t('access_denied'))));
+		}
+
+		if (Minz_Request::isPost()) {
+			$ok = true;
+
+			$current_token = $this->view->conf->token;
+			$token = Minz_Request::param('token', $current_token);
+			$this->view->conf->_token($token);
+			$ok &= $this->view->conf->save();
+
+			$anon = Minz_Request::param('anon_access', false);
+			$anon = ((bool)$anon) && ($anon !== 'no');
+			$anon_refresh = Minz_Request::param('anon_refresh', false);
+			$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
+			$auth_type = Minz_Request::param('auth_type', 'none');
+			$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
+			$api_enabled = Minz_Request::param('api_enabled', false);
+			if ($anon != Minz_Configuration::allowAnonymous() ||
+				$auth_type != Minz_Configuration::authType() ||
+				$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
+				$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
+				$api_enabled != Minz_Configuration::apiEnabled()) {
+
+				Minz_Configuration::_authType($auth_type);
+				Minz_Configuration::_allowAnonymous($anon);
+				Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
+				Minz_Configuration::_enableAutologin($unsafe_autologin);
+				Minz_Configuration::_enableApi($api_enabled);
+				$ok &= Minz_Configuration::writeFile();
+			}
+
+			invalidateHttpCache();
+
+			if ($ok) {
+				Minz_Request::good('configuration_updated',
+				                   array('c' => 'auth', 'a' => 'index'));
+			} else {
+				Minz_Request::bad('error_occurred',
+				                  array('c' => 'auth', 'a' => 'index'));
+			}
+		}
+	}
+
 	/**
 	 * This action handles the login page.
 	 *

app/Controllers/usersController.php → app/Controllers/userController.php

@@ -1,9 +1,18 @@
 <?php
 
-class FreshRSS_users_Controller extends Minz_ActionController {
-
-	const BCRYPT_COST = 9;	//Will also have to be computed client side on mobile devices, so do not use a too high cost
+/**
+ * Controller to handle user actions.
+ */
+class FreshRSS_user_Controller extends Minz_ActionController {
+	// Will also have to be computed client side on mobile devices,
+	// so do not use a too high cost
+	const BCRYPT_COST = 9;
 
+	/**
+	 * This action is called before every other action in that class. It is
+	 * the common boiler plate for every action. It is triggered by the
+	 * underlying framework.
+	 */
 	public function firstAction() {
 		if (!FreshRSS_Auth::hasAccess()) {
 			Minz_Error::error(
@@ -14,13 +23,11 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 	}
 
 	/**
-	 * This action display the user configuration page
+	 * This action displays the user profil page.
 	 */
-	public function indexAction() {
-		Minz_View::prependTitle(_t('users') . ' · ');
-	}
+	public function profilAction() {
+		Minz_View::prependTitle(_t('users.profil') . ' · ');
 
-	public function authAction() {
 		if (Minz_Request::isPost()) {
 			$ok = true;
 
@@ -51,6 +58,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 				$this->view->conf->_apiPasswordHash($passwordHash);
 			}
 
+			// TODO: why do we need of hasAccess here?
 			if (FreshRSS_Auth::hasAccess('admin')) {
 				$this->view->conf->_mail_login(Minz_Request::param('mail_login', '', true));
 			}
@@ -65,43 +73,21 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 				$ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false);
 			}
 
-			if (FreshRSS_Auth::hasAccess('admin')) {
-				$current_token = $this->view->conf->token;
-				$token = Minz_Request::param('token', $current_token);
-				$this->view->conf->_token($token);
-				$ok &= $this->view->conf->save();
-
-				$anon = Minz_Request::param('anon_access', false);
-				$anon = ((bool)$anon) && ($anon !== 'no');
-				$anon_refresh = Minz_Request::param('anon_refresh', false);
-				$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
-				$auth_type = Minz_Request::param('auth_type', 'none');
-				$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
-				$api_enabled = Minz_Request::param('api_enabled', false);
-				if ($anon != Minz_Configuration::allowAnonymous() ||
-					$auth_type != Minz_Configuration::authType() ||
-					$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
-					$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
-					$api_enabled != Minz_Configuration::apiEnabled()) {
-
-					Minz_Configuration::_authType($auth_type);
-					Minz_Configuration::_allowAnonymous($anon);
-					Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
-					Minz_Configuration::_enableAutologin($unsafe_autologin);
-					Minz_Configuration::_enableApi($api_enabled);
-					$ok &= Minz_Configuration::writeFile();
-				}
+			if ($ok) {
+				Minz_Request::good('users.profil.updated',
+				                   array('c' => 'user', 'a' => 'profil'));
+			} else {
+				Minz_Request::bad('error_occurred',
+				                  array('c' => 'user', 'a' => 'profil'));
 			}
-
-			invalidateHttpCache();
-
-			$notif = array(
-				'type' => $ok ? 'good' : 'bad',
-				'content' => _t($ok ? 'configuration_updated' : 'error_occurred')
-			);
-			Minz_Session::_param('notification', $notif);
 		}
-		Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
+	}
+
+	/**
+	 * This action displays the user management page.
+	 */
+	public function manageAction() {
+		Minz_View::prependTitle(_t('users.manage') . ' · ');
 	}
 
 	public function createAction() {
@@ -173,7 +159,8 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 			);
 			Minz_Session::_param('notification', $notif);
 		}
-		Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
+
+		Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true);
 	}
 
 	public function deleteAction() {
@@ -205,6 +192,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 			);
 			Minz_Session::_param('notification', $notif);
 		}
-		Minz_Request::forward(array('c' => 'users', 'a' => 'index'), true);
+
+		Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true);
 	}
 }

app/layout/aside_configure.phtml

@@ -19,10 +19,18 @@
 		<a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a>
 	</li>
 	<li class="separator"></li>
-	<li class="item<?php echo Minz_Request::controllerName() === 'users' ? ' active' : ''; ?>">
-		<a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a>
+	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
+	                          Minz_Request::actionName() === 'profil'? ' active' : ''; ?>">
+		<a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a>
 	</li>
 	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
+	<li class="item<?php echo Minz_Request::controllerName() === 'user' &&
+	                          Minz_Request::actionName() === 'manage' ? ' active' : ''; ?>">
+		<a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a>
+	</li>
+	<li class="item<?php echo Minz_Request::controllerName() === 'auth' ? ' active' : ''; ?>">
+		<a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a>
+	</li>
 	<li class="item<?php echo Minz_Request::controllerName() === 'update' ? ' active' : ''; ?>">
 		<a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a>
 	</li>

app/layout/header.phtml

@@ -63,8 +63,10 @@ if (Minz_Configuration::canLogIn()) {
 				<li class="item"><a href="<?php echo _url('configure', 'shortcut'); ?>"><?php echo _t('shortcuts'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('configure', 'queries'); ?>"><?php echo _t('queries'); ?></a></li>
 				<li class="separator"></li>
-				<li class="item"><a href="<?php echo _url('users', 'index'); ?>"><?php echo _t('users'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('user', 'profil'); ?>"><?php echo _t('users.profil'); ?></a></li>
 				<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
+				<li class="item"><a href="<?php echo _url('user', 'manage'); ?>"><?php echo _t('users.manage'); ?></a></li>
+				<li class="item"><a href="<?php echo _url('auth', 'index'); ?>"><?php echo _t('authentication'); ?></a></li>
 				<li class="item"><a href="<?php echo _url('update', 'index'); ?>"><?php echo _t('update'); ?></a></li>
 				<?php } ?>
 				<li class="separator"></li>

app/views/auth/index.phtml

@@ -0,0 +1,84 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<form method="post" action="<?php echo _url('auth', 'index'); ?>">
+		<legend><?php echo _t('auth_type'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="auth_type"><?php echo _t('auth_type'); ?></label>
+			<div class="group-controls">
+				<select id="auth_type" name="auth_type" required="required">
+					<?php if (!in_array(Minz_Configuration::authType(), array('form', 'persona', 'http_auth', 'none'))) { ?>
+						<option selected="selected"></option>
+					<?php } ?>
+					<option value="form"<?php echo Minz_Configuration::authType() === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('auth_form'); ?></option>
+					<option value="persona"<?php echo Minz_Configuration::authType() === 'persona' ? ' selected="selected"' : '', $this->conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('auth_persona'); ?></option>
+					<option value="http_auth"<?php echo Minz_Configuration::authType() === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('http_auth'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
+					<option value="none"<?php echo Minz_Configuration::authType() === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_none'); ?></option>
+				</select>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="anon_access">
+					<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo Minz_Configuration::allowAnonymous() ? ' checked="checked"' : '',
+						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('allow_anonymous', Minz_Configuration::defaultUser()); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="anon_refresh">
+					<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo Minz_Configuration::allowAnonymousRefresh() ? ' checked="checked"' : '',
+						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('allow_anonymous_refresh'); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="unsafe_autologin">
+					<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo Minz_Configuration::unsafeAutologinEnabled() ? ' checked="checked"' : '',
+						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('unsafe_autologin'); ?>
+					<kbd>p/i/?a=formLogin&amp;u=Alice&amp;p=1234</kbd>
+				</label>
+			</div>
+		</div>
+
+		<?php if (Minz_Configuration::canLogIn()) { ?>
+		<div class="form-group">
+			<label class="group-name" for="token"><?php echo _t('auth_token'); ?></label>
+			<?php $token = $this->conf->token; ?>
+			<div class="group-controls">
+				<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('blank_to_disable'); ?>"<?php
+					echo Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
+				<?php echo _i('help'); ?> <?php echo _t('explain_token', Minz_Url::display(null, 'html', true), $token); ?>
+			</div>
+		</div>
+		<?php } ?>
+
+		<div class="form-group">
+			<div class="group-controls">
+				<label class="checkbox" for="api_enabled">
+					<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo Minz_Configuration::apiEnabled() ? ' checked="checked"' : '',
+						Minz_Configuration::needsLogin() ? '' : ' disabled="disabled"'; ?> />
+					<?php echo _t('api_enabled'); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
+				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
+			</div>
+		</div>
+	</form>
+</div>

app/views/user/manage.phtml

@@ -0,0 +1,76 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<form method="post" action="<?php echo _url('user', 'delete'); ?>">
+		<legend><?php echo _t('users'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="users_list"><?php echo _t('users_list'); ?></label>
+			<div class="group-controls">
+				<select id="users_list" name="username"><?php
+					foreach (listUsers() as $user) {
+						echo '<option>', $user, '</option>';
+					}
+				?></select>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-attention confirm"><?php echo _t('delete'); ?></button>
+			</div>
+		</div>
+	</form>
+
+	<form method="post" action="<?php echo _url('user', 'create'); ?>">
+		<legend><?php echo _t('create_user'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_language"><?php echo _t('language'); ?></label>
+			<div class="group-controls">
+				<select name="new_user_language" id="new_user_language">
+				<?php $languages = $this->conf->availableLanguages(); ?>
+				<?php foreach ($languages as $short => $lib) { ?>
+				<option value="<?php echo $short; ?>"<?php echo $this->conf->language === $short ? ' selected="selected"' : ''; ?>><?php echo $lib; ?></option>
+				<?php } ?>
+				</select>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_name"><?php echo _t('username'); ?></label>
+			<div class="group-controls">
+				<input id="new_user_name" name="new_user_name" type="text" size="16" required="required" maxlength="16" autocomplete="off" pattern="[0-9a-zA-Z]{1,16}" placeholder="demo" />
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_passwordPlain"><?php echo _t('password_form'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="new_user_passwordPlain" name="new_user_passwordPlain" autocomplete="off" pattern=".{7,}" />
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="new_user_email"><?php echo _t('persona_connection_email'); ?></label>
+			<?php $mail = $this->conf->mail_login; ?>
+			<div class="group-controls">
+				<input type="email" id="new_user_email" name="new_user_email" class="extend" autocomplete="off" placeholder="alice@example.net" />
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-important"><?php echo _t('create'); ?></button>
+				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
+			</div>
+		</div>
+
+	</form>
+</div>

app/views/user/profil.phtml

@@ -0,0 +1,59 @@
+<?php $this->partial('aside_configure'); ?>
+
+<div class="post">
+	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
+
+	<form method="post" action="<?php echo _url('user', 'profil'); ?>">
+		<legend><?php echo _t('login_configuration'); ?></legend>
+
+		<div class="form-group">
+			<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
+			<div class="group-controls">
+				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
+				<label class="checkbox" for="is_admin">
+					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
+					<?php echo _t('is_admin'); ?>
+				</label>
+			</div>
+		</div>
+
+		<div class="form-group">
+			<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<?php if (Minz_Configuration::apiEnabled()) { ?>
+		<div class="form-group">
+			<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
+			<div class="group-controls">
+				<div class="stick">
+					<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
+					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
+				</div>
+			</div>
+		</div>
+		<?php } ?>
+
+		<div class="form-group">
+			<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
+			<?php $mail = $this->conf->mail_login; ?>
+			<div class="group-controls">
+				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
+				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<div class="form-group form-actions">
+			<div class="group-controls">
+				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
+				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
+			</div>
+		</div>
+	</form>
+</div>

app/views/users/index.phtml

@@ -1,211 +0,0 @@
-<?php $this->partial('aside_configure'); ?>
-
-<div class="post">
-	<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('back_to_rss_feeds'); ?></a>
-
-	<form method="post" action="<?php echo _url('users', 'auth'); ?>">
-		<legend><?php echo _t('login_configuration'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="current_user"><?php echo _t('current_user'); ?></label>
-			<div class="group-controls">
-				<input id="current_user" type="text" disabled="disabled" value="<?php echo Minz_Session::param('currentUser', '_'); ?>" />
-				<label class="checkbox" for="is_admin">
-					<input type="checkbox" id="is_admin" disabled="disabled" <?php echo FreshRSS_Auth::hasAccess('admin') ? 'checked="checked" ' : ''; ?>/>
-					<?php echo _t('is_admin'); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="passwordPlain"><?php echo _t('password_form'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="passwordPlain" name="passwordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<?php if (Minz_Configuration::apiEnabled()) { ?>
-		<div class="form-group">
-			<label class="group-name" for="apiPasswordPlain"><?php echo _t('password_api'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="apiPasswordPlain" name="apiPasswordPlain" autocomplete="off" pattern=".{7,}" <?php echo cryptAvailable() ? '' : 'disabled="disabled" '; ?>/>
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-			</div>
-		</div>
-		<?php } ?>
-
-		<div class="form-group">
-			<label class="group-name" for="mail_login"><?php echo _t('persona_connection_email'); ?></label>
-			<?php $mail = $this->conf->mail_login; ?>
-			<div class="group-controls">
-				<input type="email" id="mail_login" name="mail_login" class="extend" autocomplete="off" value="<?php echo $mail; ?>" <?php echo FreshRSS_Auth::hasAccess('admin') ? '' : 'disabled="disabled"'; ?> placeholder="alice@example.net" />
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
-				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
-			</div>
-		</div>
-
-	<?php if (FreshRSS_Auth::hasAccess('admin')) { ?>
-
-		<legend><?php echo _t('auth_type'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="auth_type"><?php echo _t('auth_type'); ?></label>
-			<div class="group-controls">
-				<select id="auth_type" name="auth_type" required="required">
-					<?php if (!in_array(Minz_Configuration::authType(), array('form', 'persona', 'http_auth', 'none'))) { ?>
-						<option selected="selected"></option>
-					<?php } ?>
-					<option value="form"<?php echo Minz_Configuration::authType() === 'form' ? ' selected="selected"' : '', cryptAvailable() ? '' : ' disabled="disabled"'; ?>><?php echo _t('auth_form'); ?></option>
-					<option value="persona"<?php echo Minz_Configuration::authType() === 'persona' ? ' selected="selected"' : '', $this->conf->mail_login == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('auth_persona'); ?></option>
-					<option value="http_auth"<?php echo Minz_Configuration::authType() === 'http_auth' ? ' selected="selected"' : '', httpAuthUser() == '' ? ' disabled="disabled"' : ''; ?>><?php echo _t('http_auth'); ?> (REMOTE_USER = '<?php echo httpAuthUser(); ?>')</option>
-					<option value="none"<?php echo Minz_Configuration::authType() === 'none' ? ' selected="selected"' : ''; ?>><?php echo _t('auth_none'); ?></option>
-				</select>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="anon_access">
-					<input type="checkbox" name="anon_access" id="anon_access" value="1"<?php echo Minz_Configuration::allowAnonymous() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('allow_anonymous', Minz_Configuration::defaultUser()); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="anon_refresh">
-					<input type="checkbox" name="anon_refresh" id="anon_refresh" value="1"<?php echo Minz_Configuration::allowAnonymousRefresh() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('allow_anonymous_refresh'); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="unsafe_autologin">
-					<input type="checkbox" name="unsafe_autologin" id="unsafe_autologin" value="1"<?php echo Minz_Configuration::unsafeAutologinEnabled() ? ' checked="checked"' : '',
-						Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('unsafe_autologin'); ?>
-					<kbd>p/i/?a=formLogin&amp;u=Alice&amp;p=1234</kbd>
-				</label>
-			</div>
-		</div>
-
-		<?php if (Minz_Configuration::canLogIn()) { ?>
-		<div class="form-group">
-			<label class="group-name" for="token"><?php echo _t('auth_token'); ?></label>
-			<?php $token = $this->conf->token; ?>
-			<div class="group-controls">
-				<input type="text" id="token" name="token" value="<?php echo $token; ?>" placeholder="<?php echo _t('blank_to_disable'); ?>"<?php
-					echo Minz_Configuration::canLogIn() ? '' : ' disabled="disabled"'; ?> />
-				<?php echo _i('help'); ?> <?php echo _t('explain_token', Minz_Url::display(null, 'html', true), $token); ?>
-			</div>
-		</div>
-		<?php } ?>
-
-		<div class="form-group">
-			<div class="group-controls">
-				<label class="checkbox" for="api_enabled">
-					<input type="checkbox" name="api_enabled" id="api_enabled" value="1"<?php echo Minz_Configuration::apiEnabled() ? ' checked="checked"' : '',
-						Minz_Configuration::needsLogin() ? '' : ' disabled="disabled"'; ?> />
-					<?php echo _t('api_enabled'); ?>
-				</label>
-			</div>
-		</div>
-
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-important"><?php echo _t('save'); ?></button>
-				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
-			</div>
-		</div>
-	</form>
-
-	<form method="post" action="<?php echo _url('users', 'delete'); ?>">
-		<legend><?php echo _t('users'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="users_list"><?php echo _t('users_list'); ?></label>
-			<div class="group-controls">
-				<select id="users_list" name="username"><?php
-					foreach (listUsers() as $user) {
-						echo '<option>', $user, '</option>';
-					}
-				?></select>
-			</div>
-		</div>
-	
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-attention confirm"><?php echo _t('delete'); ?></button>
-			</div>
-		</div>
-	</form>
-
-	<form method="post" action="<?php echo _url('users', 'create'); ?>">
-		<legend><?php echo _t('create_user'); ?></legend>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_language"><?php echo _t('language'); ?></label>
-			<div class="group-controls">
-				<select name="new_user_language" id="new_user_language">
-				<?php $languages = $this->conf->availableLanguages(); ?>
-				<?php foreach ($languages as $short => $lib) { ?>
-				<option value="<?php echo $short; ?>"<?php echo $this->conf->language === $short ? ' selected="selected"' : ''; ?>><?php echo $lib; ?></option>
-				<?php } ?>
-				</select>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_name"><?php echo _t('username'); ?></label>
-			<div class="group-controls">
-				<input id="new_user_name" name="new_user_name" type="text" size="16" required="required" maxlength="16" autocomplete="off" pattern="[0-9a-zA-Z]{1,16}" placeholder="demo" />
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_passwordPlain"><?php echo _t('password_form'); ?></label>
-			<div class="group-controls">
-				<div class="stick">
-					<input type="password" id="new_user_passwordPlain" name="new_user_passwordPlain" autocomplete="off" pattern=".{7,}" />
-					<a class="btn toggle-password"><?php echo _i('key'); ?></a>
-				</div>
-				<noscript><b><?php echo _t('javascript_should_be_activated'); ?></b></noscript>
-			</div>
-		</div>
-
-		<div class="form-group">
-			<label class="group-name" for="new_user_email"><?php echo _t('persona_connection_email'); ?></label>
-			<?php $mail = $this->conf->mail_login; ?>
-			<div class="group-controls">
-				<input type="email" id="new_user_email" name="new_user_email" class="extend" autocomplete="off" placeholder="alice@example.net" />
-			</div>
-		</div>
-
-		<div class="form-group form-actions">
-			<div class="group-controls">
-				<button type="submit" class="btn btn-important"><?php echo _t('create'); ?></button>
-				<button type="reset" class="btn"><?php echo _t('cancel'); ?></button>
-			</div>
-		</div>
-
-	</form>
-
-	<?php } ?>
-</div>