openfoodfacts · stephanegigandet · Aug 14, 2023 · Jul 31, 2023 · Aug 1, 2023 · Aug 1, 2023
@@ -358,18 +358,32 @@
 	if ($type eq "edit") {
 
 		store_org($org_ref);
+		$template_data_ref->{result} = lang("edit_org_result");
 	}
 	elsif ($type eq 'user_delete') {
 
-		if (is_user_in_org_group($org_ref, $User_id, "admins")) {
-			remove_user_by_org_admin($orgid, single_param('user_id'));
+		if (is_user_in_org_group($org_ref, $User_id, "admins") or $admin or $User{moderator}) {
+			remove_user_by_org_admin(single_param('org_id'), single_param('user_id'));
+			$template_data_ref->{result} = lang("edit_org_result");
 		}
 		else {
 			display_error_and_exit($Lang{error_no_permission}{$lang}, 403);
 		}
 
 	}
-	$template_data_ref->{result} = lang("edit_org_result");
+	elsif ($type eq 'add_users') {
+		if (is_user_in_org_group($org_ref, $User_id, "admins") or $admin or $User{moderator}) {
+			my $email_list = remove_tags_and_quote(single_param('email_list'));
+			my $email_ref = add_users_to_org_by_admin($orgid, $email_list);
+
+			# Set the template data for display
+			$template_data_ref->{email_ref} = {
+				added => \@{$email_ref->{added}},
+				invited => \@{$email_ref->{invited}},
+			};
+		}
+	}
+
 	$template_data_ref->{profile_url} = canonicalize_tag_link("editors", "org-" . $orgid);
 	$template_data_ref->{profile_name} = sprintf(lang('user_s_page'), $org_ref->{name});
 }

@@ -65,6 +65,7 @@ BEGIN {
 		&check_password_hash
 		&retrieve_user
 		&remove_user_by_org_admin
+		&add_users_to_org_by_admin
 
 		&check_session
 
@@ -936,6 +937,25 @@ sub retrieve_user ($user_id) {
 	return $user_ref;
 }
 
+sub is_email_has_off_account ($email) {
+
+	# First, check if the email exists in the users_emails.sto file
+	my $emails_ref = retrieve("$data_root/users/users_emails.sto");
+
+	if (defined $emails_ref->{$email}) {
+		my $user_id = $emails_ref->{$email}[0];
+
+		# Next, check if the user file exists and has the 'userid' field
+		my $user_file = "$data_root/users/" . get_string_id_for_lang("no_language", $user_id) . ".sto";
+		if (-e $user_file) {
+			my $user_ref = retrieve($user_file);
+			return $user_ref->{userid} if defined $user_ref->{userid};
+		}
+	}
+
+	return;    # Email is not associated with an OFF account
+}
+
 sub remove_user_by_org_admin ($orgid, $user_id) {
 	my $groups_ref = ['admins', 'members'];
 	remove_user_from_org($orgid, $user_id, $groups_ref);
@@ -949,6 +969,38 @@ sub remove_user_by_org_admin ($orgid, $user_id) {
 	return;
 }
 
+sub add_users_to_org_by_admin ($org_id, $email_list) {
+
+	my @emails_added;
+	my @emails_invited;
+
+	# Convert the email_list into an array of email addresses
+	my @emails = split(/,\s*/, $email_list);
+
+	foreach my $email (@emails) {
+
+		# Check if the email is associated with an OpenFoodFacts account
+		my $user_id = is_email_has_off_account($email);
+		if (defined $user_id) {
+			# Add the user to the organization
+			add_user_to_org($org_id, $user_id, ["members"]);
+			push @emails_added, $email;
+		}
+		else {
+
+			push @emails_invited, $email;
+
+		}
+	}
+	my $email_ref = {
+		added => \@emails_added,
+		invited => \@emails_invited,
+	};
+	$log->debug("The list of email ids ", {emails_list => $email_ref}) if $log->is_debug();
+
+	return $email_ref;
+}
+
 sub init_user ($request_ref) {
 
 	my $user_id = undef;

@@ -6689,6 +6689,14 @@ msgctxt "product_js_enter_value_between_0_and_max"
 msgid "Please enter a value between 0 and {max}."
 msgstr "Please enter a value between 0 and {max}."
 
+msgctxt "please_ask_users_create_account_first"
+msgid "Please ask the following users to create an Open Food Facts account first:"
+msgstr "Please ask the following users to create an Open Food Facts account first:"
+
+msgctxt "users_added_successfully"
+msgid "Users added to the organization successfully:"
+msgstr "Users added to the organization successfully:"
+
 msgctxt "product_js_sugars_warning"
 msgid "Sugars should not be higher than carbohydrates."
 msgstr "Sugars should not be higher than carbohydrates."

@@ -6729,6 +6729,14 @@ msgctxt "product_js_enter_value_between_0_and_max"
 msgid "Please enter a value between 0 and {max}."
 msgstr "Please enter a value between 0 and {max}."
 
+msgctxt "please_ask_users_create_account_first"
+msgid "Please ask the following users to create an Open Food Facts account first:"
+msgstr "Please ask the following users to create an Open Food Facts account first:"
+
+msgctxt "users_added_successfully"
+msgid "Users added to the organization successfully:"
+msgstr "Users added to the organization successfully:"
+
 msgctxt "product_js_sugars_warning"
 msgid "Sugars should not be higher than carbohydrates."
 msgstr "Sugars should not be higher than carbohydrates."

@@ -54,6 +54,15 @@ <h2>[% lang("organization_members") %]</h2>
 	</div>
 	[% END %]
 
+		<form method="post" action="/cgi/org.pl" enctype="multipart/form-data" style="margin-bottom: 20px;">
+		<p>Enter email addresses of users to invite (comma-separated):</p>
+		<textarea id="email_list" name="email_list" style="height:100px;width:50vw"></textarea>
+		<input type="hidden" name="action" value="process" />
+		<input type="hidden" name="type" value="add_users" />
+		<input type="hidden" name="orgid" value="[% orgid %]" />
+		<input type="submit" name=".submit" class="button" value="Invite Users" />
+	</form>
+
     <!-- Start form -->
 
     <p>[% lang('org_profile_description') %]</p>
@@ -131,6 +140,23 @@ <h2>[% lang("organization_members") %]</h2>
     <!-- End form -->
 
 [% ELSIF action == 'process' %]
+
+[% IF email_ref.invited.size > 0 OR email_ref.added.size > 0 %]
+  [% SET messages = [] %]
+
+  [% IF email_ref.invited.size > 0 %]
+    [% SET emails_invited_str = email_ref.invited.join("<br>&rarr; ") %]
+    [% messages.push('<h3>' _ lang('please_ask_users_create_account_first') _ '</h3><br>&rarr; ' _ emails_invited_str) %]
+  [% END %]
+
+  [% IF email_ref.added.size > 0 %]
+    [% SET emails_added_str = email_ref.added.join("<br>&rarr; ") %]
+    [% messages.push('<h3>' _ lang('users_added_successfully') _ '</h3><br>&rarr; ' _ emails_added_str) %]
+  [% END %]
+
+  [% messages.join("<br>") %]
+[% END %]
+
     <p>[% result %]</p>
     <p>&rarr; <a href="[% profile_url %]">[% profile_name %]</a></p>
 [% END %]