User: Add extra fields filter to advanced user search - refs BT#22305

main/admin/user_advanced_edit.php

@@ -27,11 +27,11 @@
 // Advanced search form
 $form = new FormValidator('advancedSearch', 'get', '', '', [], FormValidator::LAYOUT_HORIZONTAL);
 $form->addElement('header', '', get_lang('AdvancedSearch'));
-$form->addText('keywordUsername', get_lang('LoginName'), false);
-$form->addText('keywordEmail', get_lang('Email'), false);
-$form->addText('keywordFirstname', get_lang('FirstName'), false);
-$form->addText('keywordLastname', get_lang('LastName'), false);
-$form->addText('keywordOfficialCode', get_lang('OfficialCode'), false);
+$form->addText('keywordUsername', get_lang('LoginName'), false, ['value' => $_GET['keywordUsername'] ?? '']);
+$form->addText('keywordEmail', get_lang('Email'), false, ['value' => $_GET['keywordEmail'] ?? '']);
+$form->addText('keywordFirstname', get_lang('FirstName'), false, ['value' => $_GET['keywordFirstname'] ?? '']);
+$form->addText('keywordLastname', get_lang('LastName'), false, ['value' => $_GET['keywordLastname'] ?? '']);
+$form->addText('keywordOfficialCode', get_lang('OfficialCode'), false, ['value' => $_GET['keywordOfficialCode'] ?? '']);
 
 $statusOptions = [
     '%' => get_lang('All'),
@@ -41,34 +41,43 @@
     SESSIONADMIN => get_lang('SessionsAdmin'),
     PLATFORM_ADMIN => get_lang('Administrator')
 ];
-$form->addElement('select', 'keywordStatus', get_lang('Profile'), $statusOptions);
+$form->addElement('select', 'keywordStatus', get_lang('Profile'), $statusOptions, ['selected' => $_GET['keywordStatus'] ?? '%']);
 
 $activeGroup = [];
-$activeGroup[] = $form->createElement('checkbox', 'keywordActive', '', get_lang('Active'));
-$activeGroup[] = $form->createElement('checkbox', 'keywordInactive', '', get_lang('Inactive'));
+$activeGroup[] = $form->createElement('checkbox', 'keywordActive', '', get_lang('Active'), ['checked' => isset($_GET['keywordActive'])]);
+$activeGroup[] = $form->createElement('checkbox', 'keywordInactive', '', get_lang('Inactive'), ['checked' => isset($_GET['keywordInactive'])]);
 $form->addGroup($activeGroup, '', get_lang('ActiveAccount'), null, false);
-$form->addButtonSearch(get_lang('SearchUsers'), 'filter');
 
-// Search filters
-$searchFilters = [
-    'keywordFirstname' => $_GET['keywordFirstname'] ?? '',
-    'keywordLastname' => $_GET['keywordLastname'] ?? '',
-    'keywordUsername' => $_GET['keywordUsername'] ?? '',
-    'keywordEmail' => $_GET['keywordEmail'] ?? '',
-    'keywordOfficialCode' => $_GET['keywordOfficialCode'] ?? '',
-    'keywordStatus' => $_GET['keywordStatus'] ?? '',
-    'keywordActive' => $_GET['keywordActive'] ?? '',
-    'keywordInactive' => $_GET['keywordInactive'] ?? '',
-];
+$parameters = array_map(function ($value) {
+    return Security::remove_XSS($value);
+}, $_GET);
+
+$extraUserField = new ExtraField('user');
+$returnParams = $extraUserField->addElements(
+    $form,
+    0,
+    [],
+    true,
+    false,
+    [],
+    [],
+    $_REQUEST
+);
+
+$htmlHeadXtra[] = '<script>
+    $(function () {
+        '.$returnParams['jquery_ready_content'].'
+    })
+</script>';
+$form->addButtonSearch(get_lang('SearchUsers'), 'filter');
 
 $users = [];
 if (isset($_GET['filter'])) {
-    $users = UserManager::searchUsers($searchFilters);
+    $users = UserManager::searchUsers($parameters);
 }
 
 $fieldSelector = '';
 $jqueryReadyContent = '';
-$extraUserField = new ExtraField('user');
 if (!empty($users)) {
     $extraFields = $extraUserField->get_all(['filter = ?' => 1], 'option_order');
 
@@ -116,7 +125,12 @@
     }
     unset($user);
 
+    if (count($users) === 1) {
+        array_unshift($users, ['id' => '', 'username' => '']);
+    }
+    $parameters = array_diff_key($parameters, array_flip(['users_direction', 'users_column']));
     $userTable = new SortableTable('users', null, null, 0, 50);
+    $userTable->set_additional_parameters($parameters);
     $userTable->set_header(0, get_lang('ID'));
     $userTable->set_header(1, get_lang('Username'));
 

main/inc/lib/extra_field.lib.php

@@ -783,7 +783,6 @@ public function addElements(
 
         $itemId = (int) $itemId;
         $form->addHidden('item_id', $itemId);
-        $extraData = false;
         if (!empty($itemId)) {
             $extraData = $this->get_handler_extra_data($itemId);
             if (!empty($showOnlyTheseFields)) {
@@ -1373,6 +1372,23 @@ public function set_extra_fields_in_form(
                                         );
                                         $selectedOptions[] = $tag['tag'];
                                     }
+                                } else {
+                                    if (!empty($extraData) && isset($extraData['extra_'.$field_details['variable']])) {
+                                        $data = $extraData['extra_'.$field_details['variable']];
+                                        if (!empty($data)) {
+                                            foreach ($data as $option) {
+                                                $tagsSelect->addOption(
+                                                    $option,
+                                                    $option,
+                                                    [
+                                                        'selected' => 'selected',
+                                                        'class' => 'selected',
+                                                    ]
+                                                );
+                                                $selectedOptions[] = $option;
+                                            }
+                                        }
+                                    }
                                 }
                                 $url = api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php';
                             } else {

main/inc/lib/usermanager.lib.php

@@ -8269,6 +8269,12 @@ public static function searchUsers(array $filters = [], array $editableFields =
     {
         $where = [];
 
+        $accessUrlRelUserTable = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
+        $userGroupTable = Database::get_main_table(TABLE_USERGROUP_REL_USER);
+
+        $isMultipleUrl = (api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url();
+        $urlId = api_get_current_access_url_id();
+
         if (!empty($filters['keywordFirstname'])) {
             $where[] = "u.firstname LIKE '%".Database::escape_string($filters['keywordFirstname'])."%'";
         }
@@ -8293,6 +8299,50 @@ public static function searchUsers(array $filters = [], array $editableFields =
             $where[] = "u.active = 0";
         }
 
+        if ($isMultipleUrl) {
+            $where[] = "u.id IN (SELECT user_id FROM $accessUrlRelUserTable WHERE access_url_id = $urlId)";
+        }
+
+        if (!empty($filters['class_id'])) {
+            $where[] = "u.id IN (SELECT user_id FROM $userGroupTable WHERE usergroup_id = " . (int)$filters['class_id'] . ")";
+        }
+
+        $extraField = new ExtraField('user');
+        $extraFieldResults = [];
+        $extraFieldHasData = false;
+
+        foreach ($filters as $key => $value) {
+            if (strpos($key, 'extra_') === 0 && !empty($value)) {
+                $variable = substr($key, 6);
+                $fieldInfo = $extraField->get_handler_field_info_by_field_variable($variable);
+                if ($fieldInfo) {
+                    $extraFieldHasData = true;
+                    $values = is_array($value) ? $value : [$value];
+
+                    foreach ($values as $singleValue) {
+                        if (empty($singleValue)) {
+                            continue;
+                        }
+
+                        if ($fieldInfo['field_type'] == ExtraField::FIELD_TYPE_TAG) {
+                            $result = $extraField->getAllUserPerTag($fieldInfo['id'], $singleValue);
+                            $result = empty($result) ? [] : array_column($result, 'user_id');
+                        } else {
+                            $result = UserManager::get_extra_user_data_by_value($variable, $singleValue, true);
+                        }
+
+                        if (!empty($result)) {
+                            $extraFieldResults = array_merge($extraFieldResults, $result);
+                        }
+                    }
+                }
+            }
+        }
+
+        if ($extraFieldHasData && !empty($extraFieldResults)) {
+            $where[] = "u.id IN ('" . implode("','", array_unique($extraFieldResults)) . "')";
+        }
+
         $fields = ['u.id', 'u.username'];
 
         if (!empty($editableFields)) {
@@ -8301,11 +8351,25 @@ public static function searchUsers(array $filters = [], array $editableFields =
             }
         }
 
+        $sortableFields = [
+            0 => 'u.id',
+            1 => 'u.username'
+        ];
+
+        $columnIndex = $_GET['users_column'] ?? 0;
+        $direction = strtoupper($_GET['users_direction'] ?? 'ASC');
+
+        if (!in_array($direction, ['ASC', 'DESC'])) {
+            $direction = 'ASC';
+        }
+
+        $orderBy = $sortableFields[$columnIndex] ?? 'u.id';
+
         $sql = "SELECT " . implode(", ", $fields) . " FROM " . Database::get_main_table(TABLE_MAIN_USER) . " u";
         if (!empty($where)) {
             $sql .= " WHERE " . implode(" AND ", $where);
         }
-        $sql .= " ORDER BY u.id ASC";
+        $sql .= " ORDER BY $orderBy $direction";
 
         return Database::store_result(Database::query($sql), 'ASSOC');
     }