From f2acfeeb119fb64795d25bfd589690b558b0ae01 Mon Sep 17 00:00:00 2001
From: Cyperghost <olaf_schmitz_1@t-online.de>
Date: Wed, 24 Jan 2024 10:50:46 +0100
Subject: [PATCH] Allow admin to add attachments to the signature of users

---
 .../files/lib/acp/form/UserEditForm.class.php |  8 +++++
 .../SignatureAttachmentObjectType.class.php   | 34 +++++++++++++++----
 2 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/wcfsetup/install/files/lib/acp/form/UserEditForm.class.php b/wcfsetup/install/files/lib/acp/form/UserEditForm.class.php
index 594a816a79..d37b92acce 100755
--- a/wcfsetup/install/files/lib/acp/form/UserEditForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/UserEditForm.class.php
@@ -16,11 +16,13 @@ use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\exception\UserInputException;
+use wcf\system\message\embedded\object\MessageEmbeddedObjectManager;
 use wcf\system\moderation\queue\ModerationQueueManager;
 use wcf\system\option\user\UserOptionHandler;
 use wcf\system\style\StyleHandler;
 use wcf\system\user\command\SetColorScheme;
 use wcf\system\user\multifactor\Setup;
+use wcf\system\user\signature\SignatureCache;
 use wcf\system\WCF;
 use wcf\util\StringUtil;
 
@@ -181,6 +183,7 @@ class UserEditForm extends UserAddForm
         if (!UserGroup::isAccessibleGroup($this->user->getGroupIDs())) {
             throw new PermissionDeniedException();
         }
+        $this->attachmentObjectID = $this->user->userID;
 
         parent::readParameters();
     }
@@ -392,6 +395,8 @@ class UserEditForm extends UserAddForm
     public function save()
     {
         AbstractForm::save();
+        $this->htmlInputProcessor->setObjectID($this->userID);
+        MessageEmbeddedObjectManager::getInstance()->registerObjects($this->htmlInputProcessor);
 
         // handle avatar
         if ($this->avatarType != 'custom') {
@@ -436,11 +441,13 @@ class UserEditForm extends UserAddForm
                 'languageID' => $this->languageID,
                 'userTitle' => $this->userTitle,
                 'signature' => $this->htmlInputProcessor->getHtml(),
+                'signatureEnableHtml' => 1,
                 'styleID' => $this->styleID,
             ]),
             'groups' => $this->groupIDs,
             'languageIDs' => $this->visibleLanguages,
             'options' => $saveOptions,
+            'signatureAttachmentHandler' => $this->attachmentHandler,
         ];
         // handle changed username
         if (\mb_strtolower($this->username) != \mb_strtolower($this->user->username)) {
@@ -535,6 +542,7 @@ class UserEditForm extends UserAddForm
 
         // reload user
         $this->user = new UserEditor(new User($this->userID));
+        SignatureCache::getInstance()->getSignature($this->user->getDecoratedObject());
 
         // show success message
         WCF::getTPL()->assign('success', true);
diff --git a/wcfsetup/install/files/lib/system/attachment/SignatureAttachmentObjectType.class.php b/wcfsetup/install/files/lib/system/attachment/SignatureAttachmentObjectType.class.php
index f909fa4287..c90f73b598 100644
--- a/wcfsetup/install/files/lib/system/attachment/SignatureAttachmentObjectType.class.php
+++ b/wcfsetup/install/files/lib/system/attachment/SignatureAttachmentObjectType.class.php
@@ -2,6 +2,7 @@
 
 namespace wcf\system\attachment;
 
+use wcf\data\user\group\UserGroup;
 use wcf\data\user\UserProfile;
 use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\WCF;
@@ -24,11 +25,14 @@ class SignatureAttachmentObjectType extends AbstractAttachmentObjectType
      */
     public function canDownload($objectID)
     {
+        if (!MODULE_USER_SIGNATURE) {
+            return false;
+        }
         if ($objectID) {
             $userProfile = UserProfileRuntimeCache::getInstance()->getObject($objectID);
 
-            if (!MODULE_USER_SIGNATURE) {
-                return false;
+            if ($this->canEditUser($userProfile)) {
+                return true;
             }
             if ($userProfile->disableSignature) {
                 return false;
@@ -40,7 +44,7 @@ class SignatureAttachmentObjectType extends AbstractAttachmentObjectType
             return true;
         }
 
-        return false;
+        return $this->canAddUser();
     }
 
     /**
@@ -56,15 +60,22 @@ class SignatureAttachmentObjectType extends AbstractAttachmentObjectType
      */
     public function canUpload($objectID, $parentObjectID = 0)
     {
-        if (!$objectID || $objectID != WCF::getUser()->userID) {
+        if (!MODULE_USER_SIGNATURE) {
             return false;
         }
 
-        if (!MODULE_USER_SIGNATURE) {
+        if (!$objectID) {
+            return $this->canAddUser();
+        }
+        $userProfile = UserProfileRuntimeCache::getInstance()->getObject($objectID);
+        if ($this->canEditUser($userProfile)) {
+            return true;
+        }
+
+        if ($objectID != WCF::getUser()->userID) {
             return false;
         }
 
-        $userProfile = UserProfileRuntimeCache::getInstance()->getObject($objectID);
         if ($userProfile->disableSignature) {
             return false;
         }
@@ -153,4 +164,15 @@ class SignatureAttachmentObjectType extends AbstractAttachmentObjectType
             }
         }
     }
+
+    private function canAddUser(): bool
+    {
+        return WCF::getSession()->getPermission('admin.user.canAddUser');
+    }
+
+    private function canEditUser(UserProfile $userProfile): bool
+    {
+        return WCF::getSession()->getPermission('admin.user.canEditUser')
+            && UserGroup::isAccessibleGroup($userProfile->getGroupIDs());
+    }
 }
-- 
2.20.1