From 99b892471a81cdf1d2c7f3952a8c1ba4d75b0f04 Mon Sep 17 00:00:00 2001
From: Timo Stollenwerk <contact@timostollenwerk.net>
Date: Mon, 22 Dec 2014 11:04:38 +0100
Subject: [PATCH] Remove the users/groups control panel (moved to
 Products.CMFPlone).

---
 CHANGES.rst                                   |   3 +
 plone/app/controlpanel/configure.zcml         |  49 --
 plone/app/controlpanel/tests/test_doctests.py |  10 +-
 plone/app/controlpanel/tests/usergroups.txt   | 378 ---------
 plone/app/controlpanel/usergroups.py          | 779 ------------------
 .../controlpanel/usergroups_groupdetails.pt   | 254 ------
 .../usergroups_groupmembership.pt             | 345 --------
 .../controlpanel/usergroups_groupsoverview.pt | 281 -------
 .../controlpanel/usergroups_usermembership.pt | 225 -----
 .../controlpanel/usergroups_usersoverview.pt  | 253 ------
 plone/app/controlpanel/usergroupssettings.pt  |  58 --
 11 files changed, 8 insertions(+), 2627 deletions(-)
 delete mode 100644 plone/app/controlpanel/tests/usergroups.txt
 delete mode 100644 plone/app/controlpanel/usergroups.py
 delete mode 100644 plone/app/controlpanel/usergroups_groupdetails.pt
 delete mode 100644 plone/app/controlpanel/usergroups_groupmembership.pt
 delete mode 100644 plone/app/controlpanel/usergroups_groupsoverview.pt
 delete mode 100644 plone/app/controlpanel/usergroups_usermembership.pt
 delete mode 100644 plone/app/controlpanel/usergroups_usersoverview.pt
 delete mode 100644 plone/app/controlpanel/usergroupssettings.pt

diff --git a/CHANGES.rst b/CHANGES.rst
index 2d36f21..2e55a15 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -4,6 +4,9 @@ Changelog
 3.0.0 (unreleased)
 ------------------
 
+- Remove the users/groups control panel (moved to Products.CMFPlone).
+  [timo]
+
 - Remove the markup control panel, as it was moved to Products.CMFPlone.
   [thet]
 
diff --git a/plone/app/controlpanel/configure.zcml b/plone/app/controlpanel/configure.zcml
index 64089a0..c53cde4 100644
--- a/plone/app/controlpanel/configure.zcml
+++ b/plone/app/controlpanel/configure.zcml
@@ -15,8 +15,6 @@
 
   <adapter factory=".skins.SkinsControlPanelAdapter" />
 
-  <adapter factory=".usergroups.UserGroupsSettingsControlPanelAdapter" />
-
   <browser:page
       name="filter-controlpanel"
       for="Products.CMFPlone.interfaces.IPloneSiteRoot"
@@ -45,53 +43,6 @@
       permission="plone.app.controlpanel.Themes"
       />
 
-  <browser:page
-      name="usergroup-userprefs"
-      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-      class=".usergroups.UsersOverviewControlPanel"
-      permission="plone.app.controlpanel.UsersAndGroups"
-      template="usergroups_usersoverview.pt"
-      />
-
-  <browser:page
-      name="usergroup-groupprefs"
-      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-      class=".usergroups.GroupsOverviewControlPanel"
-      permission="plone.app.controlpanel.UsersAndGroups"
-      template="usergroups_groupsoverview.pt"
-      />
-
-  <browser:page
-      name="usergroup-controlpanel"
-      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-      class=".usergroups.UserGroupsSettingsControlPanel"
-      permission="plone.app.controlpanel.UsersAndGroups"
-      />
-
-  <browser:page
-      name="usergroup-groupmembership"
-      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-      class=".usergroups.GroupMembershipControlPanel"
-      permission="plone.app.controlpanel.UsersAndGroups"
-      template="usergroups_groupmembership.pt"
-      />
-
-  <browser:page
-      name="usergroup-usermembership"
-      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-      class=".usergroups.UserMembershipControlPanel"
-      permission="plone.app.controlpanel.UsersAndGroups"
-      template="usergroups_usermembership.pt"
-      />
-
-  <browser:page
-      name="usergroup-groupdetails"
-      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
-      class=".usergroups.GroupDetailsControlPanel"
-      permission="plone.app.controlpanel.UsersAndGroups"
-      template="usergroups_groupdetails.pt"
-      />
-
   <view
       type="zope.publisher.interfaces.browser.IBrowserRequest"
       for="zope.schema.interfaces.ITuple
diff --git a/plone/app/controlpanel/tests/test_doctests.py b/plone/app/controlpanel/tests/test_doctests.py
index 6ed5e00..7682db1 100644
--- a/plone/app/controlpanel/tests/test_doctests.py
+++ b/plone/app/controlpanel/tests/test_doctests.py
@@ -36,11 +36,11 @@ def test_suite():
             package="plone.app.controlpanel.tests",
             test_class=ControlPanelTestCase))
 
-    suite.addTest(FunctionalDocFileSuite(
-        'usergroups.txt',
-        optionflags=OPTIONFLAGS,
-        package="plone.app.controlpanel.tests",
-        test_class=UserGroupsControlPanelTestCase))
+#    suite.addTest(FunctionalDocFileSuite(
+#        'usergroups.txt',
+#        optionflags=OPTIONFLAGS,
+#        package="plone.app.controlpanel.tests",
+#        test_class=UserGroupsControlPanelTestCase))
 
 #    suite.addTest(FunctionalDocFileSuite(
 #        'security.txt',
diff --git a/plone/app/controlpanel/tests/usergroups.txt b/plone/app/controlpanel/tests/usergroups.txt
deleted file mode 100644
index 56f402e..0000000
--- a/plone/app/controlpanel/tests/usergroups.txt
+++ /dev/null
@@ -1,378 +0,0 @@
-User / Group control panel
-==========================
-
-First some initial setup code:
-
-    >>> self.loginAsManager()
-    >>> config_url = 'http://nohost/plone/plone_control_panel'
-
-    >>> self.browser.open(config_url)
-    >>> self.browser.getLink('Users and Groups').click()
-    >>> '@@usergroup-userprefs' in self.browser.url
-    True
-
-With the 'many users' flag disabled, should allow us to see the 'show all' button.
-    >>> 'Show all' in self.browser.contents
-    True
-
-So let's try a search, first on name...
-    >>> self.browser.getControl(name='searchstring').value = 'Richard'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Richard Ramirez' in self.browser.contents
-    True
-    >>> 'Sara Richardson' in self.browser.contents
-    True
-    >>> 'Émilie Richard' in self.browser.contents
-    True
-
-Try a search with an accent...
-    >>> self.browser.getControl(name='searchstring').value = 'Émilie'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Émilie Richard' in self.browser.contents
-    True
-
-And now on userid...
-    >>> self.browser.getControl(name='searchstring').value = 'TWrMCLIo'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Autumn Brooks' in self.browser.contents
-    True
-
-And now on email address..
-    >>> self.browser.getControl(name='searchstring').value = 'gracie@'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Gracie Adams' in self.browser.contents
-    True
-
-Make some modifications to Gracie's roles...
-    >>> self.browser.getControl(name='users.roles:list:records').getControl(value='Contributor').selected
-    False
-    >>> self.browser.getControl(name='users.roles:list:records').getControl(value='Contributor').selected = True
-    >>> self.browser.getControl(name='form.button.Modify').click()
-
-The previous search should still be in effect...
-    >>> self.browser.getControl(name='searchstring').value
-    'gracie@'
-
-But values should be changed
-    >>> self.browser.getControl(name='users.roles:list:records').getControl(value='Contributor').selected
-    True
-
-We'll reset her password.
-    >>> self.browser.getControl(name='users.resetpassword:records').value = True
-    >>> self.browser.getControl(name='form.button.Modify').click()
-
-Whoops, we haven't set up our mailhost...
-    >>> 'No mailhost defined. Unable to reset passwords.' in self.browser.contents
-    True
-
-# Mailhost is failing in this testcase, so commenting this bit out for now.
-# Let's do that and try again.
-#     >>> self.browser.open('http://nohost/plone/@@mail-controlpanel')
-#     >>> self.browser.getControl('SMTP server').value = 'nohost'
-#     >>> self.browser.getControl("Site 'From' address").value = 'bob@example.com'
-#     >>> self.browser.getControl('Save').click()
-#     >>> self.browser.getLink('Users and Groups').click()
-#     >>> self.browser.getControl(name='searchstring').value = 'gracie@'
-#     >>> self.browser.getControl(name='form.button.Search').click()
-#     >>> 'Gracie Adams' in self.browser.contents
-#     True
-#     >>> self.browser.getControl(name='users.resetpassword:records').value = True
-#     >>> self.browser.getControl(name='form.button.Modify').click()
-#     >>> 'No mailhost defined. Unable to reset passwords.' in self.browser.contents
-#     False
-
-Let's try deleting Gracie.
-    >>> self.browser.getControl(name='searchstring').value = 'gracie@'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> self.browser.getControl(name='delete:list').getControl(value='RwAO2YPa').selected = True
-    >>> self.browser.getControl(name='form.button.Modify').click()
-
-The previous search should still be in effect...
-    >>> self.browser.getControl(name='searchstring').value
-    'gracie@'
-
-But the user Gracie Adams should now be gone.
-    >>> 'Gracie Adams' in self.browser.contents
-    False
-
-Turning on the 'many users' flag should remove the 'Search All' button.
-    >>> self.browser.getLink('Settings').click()
-    >>> self.browser.getControl(name='form.many_users').value = True
-    >>> self.browser.getControl('Save').click()
-
-Go directly to the userprefs panel (getting link "Users" results in a trip to the Members folder).
-    >>> self.browser.open('http://nohost/plone/@@usergroup-userprefs')
-    >>> 'Show All' in self.browser.contents
-    False
-
-An empty search string while 'many users' is enabled should not perform a search.
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Enter a username to search for' in self.browser.contents
-    True
-
-Go directly to the groupprefs panel (getting link "Groups" results in a trip to the "users and groups" link).
-    >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-
-With the 'many groups' flag disabled, should allow us to see the 'show all' button.
-    >>> 'Show all' in self.browser.contents
-    True
-
-We'll attempt a search...
-    >>> self.browser.getControl(name='searchstring').value = 'group3'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Group 3' in self.browser.contents
-    True
-
-And again with the group's title
-    >>> self.browser.getControl(name='searchstring').value = 'Group 3 accentu\xc3\xa9'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'group3' in self.browser.contents
-    True
-
-Add a new role
-    >>> self.browser.getControl(name='group_group3:list', index=1).getControl(value='Contributor').selected
-    False
-    >>> self.browser.getControl(name='group_group3:list', index=1).getControl(value='Contributor').selected = True
-    >>> self.browser.getControl('Apply Changes').click()
-    >>> self.browser.getControl(name='group_group3:list', index=1).getControl(value='Contributor').selected
-    True
-
-And remove it again...
-    >>> self.browser.getControl(name='group_group3:list', index=1).getControl(value='Contributor').selected = False
-    >>> self.browser.getControl('Apply Changes').click()
-    >>> self.browser.getControl(name='group_group3:list', index=1).getControl(value='Contributor').selected
-    False
-
-Delete a group...
-    >>> self.browser.getControl(name='delete:list').getControl(value='group3').selected = True
-    >>> self.browser.getControl(name='form.button.Modify').click()
-    >>> self.browser.getControl(name='searchstring').value
-    'Group 3 accentu\xc3\xa9'
-    >>> 'group3' in self.browser.contents
-    False
-
-Turning on the 'many groups' flag should remove the 'Search All' button.
-    >>> self.browser.getLink('Settings').click()
-    >>> self.browser.getControl(name='form.many_groups').value = True
-    >>> self.browser.getControl('Save').click()
-    >>> self.browser.getLink('Groups').click()
-    >>> 'Search All' in self.browser.contents
-    False
-
-An empty search string while 'many groups' is enabled should not perform a search.
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Group name' in self.browser.contents
-    False
-
-Now let's try to break things.
-Add a test for http://dev.plone.org/plone/ticket/8940:
-"Group roles show up on the user roles page for members of that group."
-    >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-    >>> self.browser.getControl(name='searchstring').value = 'Reviewers'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> self.browser.getControl(name='group_Reviewers:list', index=1).getControl(value='Reader').selected = True
-    >>> self.browser.getControl('Apply Changes').click()
-    >>> self.browser.getLink('Reviewers').click()
-    >>> self.browser.getLink('Group Members').click()
-    >>> self.browser.getControl(name='searchstring').value = 'Sean Foster'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> self.browser.getControl(name='add:list').getControl(value='SLUhquYa').selected = True
-    >>> self.browser.getControl(name='form.button.Add').click()
-    >>> self.browser.open('http://nohost/plone/@@usergroup-userprefs')
-    >>> self.browser.getControl(name='searchstring').value = 'Sean Foster'
-    >>> self.browser.getControl(name='form.button.Search').click()
-
-#So according to the ticket, this should fail, finding a checked checkbox instead of an "inherited" icon
-#    >>> self.browser.getControl(name='users.roles:list:records').getControl(value='Reader').selected
-#    Traceback (most recent call last):
-#    ...
-#    LookupError: value 'Reader'
-
-And then making some change to the user and saving it will assign that checked role directly to the user...
-    >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-    >>> self.browser.getControl(name='searchstring').value = 'Authenticated'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> self.browser.getControl(name='group_AuthenticatedUsers:list', index=1).getControl(value='Editor').selected = False
-    >>> self.browser.getControl('Apply Changes').click()
-    >>> self.browser.open('http://nohost/plone/@@usergroup-userprefs')
-    >>> self.browser.getControl(name='searchstring').value = 'Sean Foster'
-    >>> self.browser.getControl(name='form.button.Search').click()
-
-According to the ticket, the user will now have an assigned role of 'Editor', which should not be the case.
-    >>> self.browser.getControl(name='users.roles:list:records').getControl(value='Editor').selected
-    False
-
-Turn off the many groups/users flags again
-    >>> self.browser.getLink('Settings').click()
-    >>> self.browser.getControl(name='form.many_groups').value = False
-    >>> self.browser.getControl(name='form.many_users').value = False
-    >>> self.browser.getControl('Save').click()
-
-Now let's try modifying some group memberships...
-    >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-    >>> self.browser.getLink('Group 1 (group1)').click()
-    >>> 'There is no group or user attached to this group.' in self.browser.contents
-    True
-
-Make sure that providing a search string while hitting 'show all' does not search for just that term.
-    >>> self.browser.getControl(name='searchstring').value = 'management'
-    >>> self.browser.getControl(name='form.button.FindAll').click()
-    >>> 'No matches' in self.browser.contents
-    False
-    >>> 'Brian Simmons' in self.browser.contents
-    True
-    >>> self.browser.getControl(name='searchstring').value is ''
-    True
-
-# Now provide a term and do a search.
-#     >>> self.browser.getControl(name='searchstring').value = 'management'
-#     >>> self.browser.getControl(name='form.button.Search').click()
-#     >>> 'No matches' in self.browser.contents
-#     False
-#     >>> 'Management' in self.browser.contents
-#     True
-#     >>> 'Brian Simmons' in self.browser.contents
-#     False
-
-Check to make sure search results are ordered properly and display the title/fullname and id
-    >>> self.browser.getControl(name='form.button.FindAll').click()
-    >>> self.browser.contents
-    '...Search for new group members...
-    ...Abigail Simmons...(XYsmd7ux)...
-    ...Alexandra Nelson...(FElYwiIr)...
-    ...Blake Jenkins...(BlXLQh7r)...'
-
-Add some group members
-    >>> self.browser.getControl(name='add:list').getControl(value='XYsmd7ux').selected = True
-    >>> self.browser.getControl(name='add:list').getControl(value='BlXLQh7r').selected = True
-    >>> self.browser.getControl(name='form.button.Add').click()
-
-These should be displayed in the Current group members section now.
-    >>> self.browser.contents
-    '...Current group members...
-    ...Abigail Simmons...(XYsmd7ux)...
-    ...Blake Jenkins...(BlXLQh7r)...
-    ...Search for new group members...'
-
-Users/Groups can be removed from this list as well.
-    >>> self.browser.getControl(name='delete:list').getControl(value='XYsmd7ux').selected = True
-    >>> self.browser.getControl(name='form.button.Edit').click()
-    >>> 'Changes made' in self.browser.contents
-    True
-    >>> 'Abigail Simmons' in self.browser.contents
-    False
-
-Open the groups overview, make sure Group 1 and Group 2 don't have globally-assigned roles
-    >>> self.browser.getLink('Group Members').click()
-    >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-    >>> self.browser.getControl(name='group_group1:list', index=1).getControl(value='Contributor').selected
-    False
-    >>> self.browser.getControl(name='group_group2:list', index=1).getControl(value='Contributor').selected
-    False
-
-Give the Group 1 group the contributor role
-    >>> self.browser.getControl(name='group_group1:list', index=1).getControl(value='Contributor').selected = True
-    >>> self.browser.getControl('Apply Changes').click()
-
-Now Group 1 should show the global contributor role
-    >>> self.browser.getControl(name='group_group1:list', index=1).getControl(value='Contributor').selected
-    True
-
-Let's try adding groups to a user.
-Go directly to the Users Overview screen.
-    >>> self.browser.open('http://nohost/plone/@@usergroup-userprefs')
-    >>> self.browser.getControl(name='searchstring').value = 'Sofia'
-    >>> self.browser.getControl(name='form.button.Search').click()
-    >>> 'Sofia Williams' in self.browser.contents
-    True
-    >>> self.browser.getLink('Sofia Williams').click()
-    >>> self.browser.getLink('Group Memberships').click()
-    >>> '@@usergroup-usermembership?userid=tyOxRnml' in self.browser.url
-    True
-    >>> self.browser.contents
-    '...Group memberships for...Sofia Williams...(tyOxRnml)...
-    ...Current group memberships...
-    ...Authenticated Users...
-    ...Assign to groups...
-    ...Administrators...
-    ...Group 1...
-    ...Group 2...
-    ...Reviewers...'
-    >>> self.browser.getControl(name='add:list').getControl(value='group2').selected = True
-    >>> self.browser.getControl(name='form.button.Add').click()
-    >>> '@@usergroup-usermembership?userid=tyOxRnml' in self.browser.url
-    True
-    >>> self.browser.contents
-    '...Group memberships for...Sofia Williams...(tyOxRnml)...
-    ...Current group memberships...
-    ...Authenticated Users...
-    ...Group 2...
-    ...Assign to groups...
-    ...Administrators...
-    ...Group 1...
-    ...Reviewers...'
-
-Check to make sure search results are ordered properly and display the title/fullname and id
-    >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-    >>> self.browser.getLink('Group 1 (group1)').click()
-    >>> self.browser.getControl(name='form.button.FindAll').click()
-    >>> self.browser.contents
-    '...Current group members...
-    ...Blake Jenkins...(BlXLQh7r)...
-    ...Search for new group members...
-    ...Administrators...(Administrators)...
-    ...Group 2...(group2)...
-    ...Reviewers...(Reviewers)...
-    ...Abigail Simmons...(XYsmd7ux)...
-    ...Alexandra Nelson...(FElYwiIr)...'
-
-Add some group members
-    >>> self.browser.getControl(name='add:list').getControl(value='group2').selected = True
-    >>> self.browser.getControl(name='add:list').getControl(value='Reviewers').selected = True
-    >>> self.browser.getControl(name='add:list').getControl(value='XYsmd7ux').selected = True
-    >>> self.browser.getControl(name='form.button.Add').click()
-
-These should be displayed in the Current group members section now.
-    >>> self.browser.contents
-    '...Current group members...
-    ...Group 2...(group2)...
-    ...Reviewers...(Reviewers)...
-    ...Abigail Simmons...(XYsmd7ux)...
-    ...Blake Jenkins...(BlXLQh7r)...
-    ...Search for new group members...'
-
-Users/Groups they can be removed from this list as well.
-    >>> self.browser.getControl(name='delete:list').getControl(value='XYsmd7ux').selected = True
-    >>> self.browser.getControl(name='form.button.Edit').click()
-    >>> 'Changes made' in self.browser.contents
-    True
-    >>> 'Abigail Simmons' in self.browser.contents
-    False
-
-Groups nested within groups assigned to this one should not be displayed
-    >>> self.browser.getLink('Group 2').click()
-    >>> self.browser.getLink('Group Members').click()
-
-Open the groups overview, make sure Group 2 doesn't have a globally-assigned contributor role
-    >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-    >>> self.browser.getControl(name='group_group1:list', index=1).getControl(value='Contributor').selected
-    True
-    >>> self.browser.getControl(name='group_group2:list', index=1).getControl(value='Contributor').selected
-    Traceback (most recent call last):
-    ...
-    LookupError: value 'Contributor'
-
-But the nested group (Group 2) should show it as an inherited global role
-   >>> self.browser.getControl(name='group_group2:list', index=1).getControl(value='Contributor')
-   Traceback (most recent call last):
-   ...
-   LookupError: value 'Contributor'
-
-Even when explicitly giving the nested group (Group 2) the contributor role,
-it should still show it as an inherited global role.
-   >>> self.portal.portal_groups.editGroup('group2', roles=['Contributor'], groups=())
-   >>> self.browser.open('http://nohost/plone/@@usergroup-groupprefs')
-   >>> self.browser.getControl(name='group_group2:list', index=1).getControl(value='Contributor')
-   Traceback (most recent call last):
-   ...
-   LookupError: value 'Contributor'
diff --git a/plone/app/controlpanel/usergroups.py b/plone/app/controlpanel/usergroups.py
deleted file mode 100644
index 9efafe2..0000000
--- a/plone/app/controlpanel/usergroups.py
+++ /dev/null
@@ -1,779 +0,0 @@
-import logging
-from smtplib import SMTPException
-
-from AccessControl import getSecurityManager
-from Acquisition import aq_inner
-from zExceptions import Forbidden
-from itertools import chain
-
-from zope.interface import Interface
-from zope.component import adapts, getAdapter, getMultiAdapter, getUtility
-from zope.formlib.form import FormFields
-from zope.interface import implements
-from zope.schema import Bool
-from ZTUtils import make_query
-
-from plone.protect import CheckAuthenticator
-from Products.CMFCore.interfaces import ISiteRoot
-from Products.CMFCore.permissions import ManagePortal
-from Products.CMFCore.utils import getToolByName
-from Products.CMFDefault.formlib.schema import ProxyFieldProperty
-from Products.CMFDefault.formlib.schema import SchemaAdapterBase
-from Products.CMFPlone import PloneMessageFactory as _
-from Products.CMFPlone.utils import normalizeString
-from Products.CMFPlone.interfaces import IPloneSiteRoot
-from Products.statusmessages.interfaces import IStatusMessage
-from Products.Five.browser.pagetemplatefile import ZopeTwoPageTemplateFile
-from Products.PluggableAuthService.interfaces.plugins import IRolesPlugin
-
-from form import ControlPanelForm, ControlPanelView
-from Products.CMFPlone.interfaces import ISecuritySchema
-
-logger = logging.getLogger('plone.app.controlpanel')
-
-
-class IUserGroupsSettingsSchema(Interface):
-
-    many_groups = Bool(title=_(u'Many groups?'),
-                       description=_(u"Determines if your Plone is optimized "
-                           "for small or large sites. In environments with a "
-                           "lot of groups it can be very slow or impossible "
-                           "to build a list all groups. This option tunes the "
-                           "user interface and behaviour of Plone for this "
-                           "case by allowing you to search for groups instead "
-                           "of listing all of them."),
-                       default=False)
-
-    many_users = Bool(title=_(u'Many users?'),
-                      description=_(u"Determines if your Plone is optimized "
-                          "for small or large sites. In environments with a "
-                          "lot of users it can be very slow or impossible to "
-                          "build a list all users. This option tunes the user "
-                          "interface and behaviour of Plone for this case by "
-                          "allowing you to search for users instead of "
-                          "listing all of them."),
-                      default=False)
-
-class UserGroupsSettingsControlPanelAdapter(SchemaAdapterBase):
-
-    adapts(IPloneSiteRoot)
-    implements(IUserGroupsSettingsSchema)
-
-    def __init__(self, context):
-        super(UserGroupsSettingsControlPanelAdapter, self).__init__(context)
-        pprop = getToolByName(context, 'portal_properties')
-        self.context = pprop.site_properties
-
-    many_groups = ProxyFieldProperty(IUserGroupsSettingsSchema['many_groups'])
-    many_users = ProxyFieldProperty(IUserGroupsSettingsSchema['many_users'])
-
-class UserGroupsSettingsControlPanel(ControlPanelForm):
-
-    base_template = ControlPanelForm.template
-    template = ZopeTwoPageTemplateFile('usergroupssettings.pt')
-
-    form_fields = FormFields(IUserGroupsSettingsSchema)
-
-    label = _("User/Groups settings")
-    description = _("User and groups settings for this site.")
-    form_name = _("User/Groups settings")
-
-class UsersGroupsControlPanelView(ControlPanelView):
-
-    @property
-    def portal_roles(self):
-        pmemb = getToolByName(aq_inner(self.context), 'portal_membership')
-        return [r for r in pmemb.getPortalRoles() if r != 'Owner']
-
-    @property
-    def many_users(self):
-        pprop = getToolByName(aq_inner(self.context), 'portal_properties')
-        return pprop.site_properties.many_users
-
-    @property
-    def many_groups(self):
-        pprop = getToolByName(aq_inner(self.context), 'portal_properties')
-        return pprop.site_properties.many_groups
-
-    @property
-    def email_as_username(self):
-        return getAdapter(aq_inner(self.context), ISecuritySchema).get_use_email_as_login()
-
-    def makeQuery(self, **kw):
-        return make_query(**kw)
-
-    def membershipSearch(self, searchString='', searchUsers=True, searchGroups=True, ignore=None):
-        """Search for users and/or groups, returning actual member and group items
-           Replaces the now-deprecated prefs_user_groups_search.py script"""
-        if ignore is None:
-            ignore = []
-        groupResults = userResults = []
-
-        gtool = getToolByName(self, 'portal_groups')
-        mtool = getToolByName(self, 'portal_membership')
-
-        searchView = getMultiAdapter((aq_inner(self.context), self.request), name='pas_search')
-
-        if searchGroups:
-            groupResults = searchView.merge(chain(*[searchView.searchGroups(**{field: searchString}) for field in ['id', 'title']]), 'groupid')
-            groupResults = [gtool.getGroupById(g['id']) for g in groupResults if g['id'] not in ignore]
-            groupResults.sort(key=lambda x: x is not None and normalizeString(x.getGroupTitleOrName()))
-
-        if searchUsers:
-            userResults = searchView.merge(chain(*[searchView.searchUsers(**{field: searchString}) for field in ['name', 'fullname', 'email']]), 'userid')
-            userResults = [mtool.getMemberById(u['id']) for u in userResults if u['id'] not in ignore]
-            userResults.sort(key=lambda x: x is not None and x.getProperty('fullname') is not None and normalizeString(x.getProperty('fullname')) or '')
-
-        return groupResults + userResults
-
-    def atoi(self, s):
-        try:
-            return int(s)
-        except ValueError:
-            return 0
-
-    @property
-    def is_zope_manager(self):
-        return getSecurityManager().checkPermission(ManagePortal, self.context)
-
-    # The next two class methods implement the following truth table:
-    #
-    # MANY USERS/GROUPS SEARCHING       CAN LIST USERS/GROUPS   RESULT
-    # False             False           False                   Lists unavailable
-    # False             False           True                    Show all
-    # False             True            False                   Show matching
-    # False             True            True                    Show matching
-    # True              False           False                   Too many to list
-    # True              False           True                    Lists unavailable
-    # True              True            False                   Show matching
-    # True              True            True                    Show matching
-
-    # TODO: Maybe have these methods return a text message (instead of a bool)
-    # corresponding to the actual result, e.g. "Too many to list", "Lists unavailable"
-
-    @property
-    def show_group_listing_warning(self):
-        if not self.searchString:
-            acl = getToolByName(self, 'acl_users')
-            if acl.canListAllGroups():
-                if self.many_groups:
-                    return True
-        return False
-
-    @property
-    def show_users_listing_warning(self):
-        if not self.searchString:
-            acl = getToolByName(self, 'acl_users')
-            # XXX Huh? Is canListAllUsers broken?
-            if not acl.canListAllUsers():
-                if self.many_users:
-                    return True
-        return False
-
-
-class UsersOverviewControlPanel(UsersGroupsControlPanelView):
-
-    mailhost_tool = None
-
-    def __call__(self):
-        form = self.request.form
-        submitted = form.get('form.submitted', False)
-        search = form.get('form.button.Search', None) is not None
-        findAll = form.get('form.button.FindAll', None) is not None
-        self.searchString = not findAll and form.get('searchstring', '') or ''
-        self.searchResults = []
-        self.newSearch = False
-
-        if search or findAll:
-            self.newSearch = True
-
-        if submitted:
-            if form.get('form.button.Modify', None) is not None:
-                self.manageUser(form.get('users', None),
-                                form.get('resetpassword', []),
-                                form.get('delete', []))
-
-        # Only search for all ('') if the many_users flag is not set.
-        if not(self.many_users) or bool(self.searchString):
-            self.searchResults = self.doSearch(self.searchString)
-
-        return self.index()
-
-    def get_mailhost(self):
-        if self.mailhost_tool is None:
-            self.mailhost_tool = getToolByName(self, 'MailHost')
-        return self.mailhost_tool
-
-    def doSearch(self, searchString):
-
-        acl = getToolByName(self, 'acl_users')
-        rolemakers = acl.plugins.listPlugins(IRolesPlugin)
-
-        mtool = getToolByName(self, 'portal_membership')
-        searchView = getMultiAdapter((aq_inner(self.context), self.request), name='pas_search')
-
-        # First, search for all inherited roles assigned to each group.
-        # We push this in the request so that IRoles plugins are told provide
-        # the roles inherited from the groups to which the principal belongs.
-        self.request.set('__ignore_group_roles__', False)
-        self.request.set('__ignore_direct_roles__', True)
-        inheritance_enabled_users = searchView.merge(chain(*[searchView.searchUsers(**{field: searchString}) for field in ['name', 'fullname', 'email']]), 'userid')
-        allInheritedRoles = {}
-        for user_info in inheritance_enabled_users:
-            userId = user_info['id']
-            user = acl.getUserById(userId)
-            # play safe, though this should never happen
-            if user is None:
-                logger.warn('Skipped user without principal object: %s' % userId)
-                continue
-            allAssignedRoles = []
-            for rolemaker_id, rolemaker in rolemakers:
-                # getRolesForPrincipal can return None
-                roles = rolemaker.getRolesForPrincipal(user) or ()
-                allAssignedRoles.extend(roles)
-            allInheritedRoles[userId] = allAssignedRoles
-
-        # We push this in the request such IRoles plugins don't provide
-        # the roles from the groups the principal belongs.
-        self.request.set('__ignore_group_roles__', True)
-        self.request.set('__ignore_direct_roles__', False)
-        explicit_users = searchView.merge(chain(*[searchView.searchUsers(**{field: searchString}) for field in ['login', 'fullname', 'email']]), 'userid')
-
-        # Tack on some extra data, including whether each role is explicitly
-        # assigned ('explicit'), inherited ('inherited'), or not assigned at all (None).
-        results = []
-
-        for user_info in explicit_users:
-            userId = user_info['id']
-            user = mtool.getMemberById(userId)
-            # play safe, though this should never happen
-            if user is None:
-                logger.warn('Skipped user without principal object: %s' % userId)
-                continue
-            explicitlyAssignedRoles = []
-            for rolemaker_id, rolemaker in rolemakers:
-                # getRolesForPrincipal can return None
-                roles = rolemaker.getRolesForPrincipal(user) or ()
-                explicitlyAssignedRoles.extend(roles)
-
-            roleList = {}
-            for role in self.portal_roles:
-                canAssign = user.canAssignRole(role)
-                if role == 'Manager' and not self.is_zope_manager:
-                    canAssign = False
-                roleList[role]={'canAssign': canAssign,
-                                'explicit': role in explicitlyAssignedRoles,
-                                'inherited': role in allInheritedRoles.get(userId, [])}
-
-            canDelete = user.canDelete()
-            canPasswordSet = user.canPasswordSet()
-            if ('Manager' in explicitlyAssignedRoles or
-                'Manager' in allInheritedRoles.get(userId, [])):
-                if not self.is_zope_manager:
-                    canDelete = False
-                    canPasswordSet = False
-
-            user_info['roles'] = roleList
-            user_info['login'] = user.getUserName()
-            user_info['fullname'] = user.getProperty('fullname', '')
-            user_info['email'] = user.getProperty('email', '')
-            user_info['can_delete'] = canDelete
-            user_info['can_set_email'] = user.canWriteProperty('email')
-            user_info['can_set_password'] = canPasswordSet
-            results.append(user_info)
-
-        # Sort the users by fullname
-        results.sort(key=lambda x: x is not None and x['fullname'] is not None and normalizeString(x['fullname']) or '')
-
-        # Reset the request variable, just in case.
-        self.request.set('__ignore_group_roles__', False)
-        return results
-
-    def manageUser(self, users=None, resetpassword=None, delete=None):
-        if users is None:
-            users = []
-        if resetpassword is None:
-            resetpassword = []
-        if delete is None:
-            delete = []
-
-        CheckAuthenticator(self.request)
-
-        if users:
-            context = aq_inner(self.context)
-            acl_users = getToolByName(context, 'acl_users')
-            mtool = getToolByName(context, 'portal_membership')
-            regtool = getToolByName(context, 'portal_registration')
-            groups_tool = getToolByName(self, 'portal_groups')
-
-            utils = getToolByName(context, 'plone_utils')
-
-            users_with_reset_passwords = []
-            users_failed_reset_passwords = []
-
-            for user in users:
-                # Don't bother if the user will be deleted anyway
-                if user.id in delete:
-                    continue
-
-                member = mtool.getMemberById(user.id)
-                current_roles = member.getRoles()
-
-                # TODO: is it still possible to change the e-mail address here?
-                #       isn't that done on @@user-information now?
-                # If email address was changed, set the new one
-                if hasattr(user, 'email'):
-                    # If the email field was disabled (ie: non-writeable), the
-                    # property might not exist.
-                    if user.email != member.getProperty('email'):
-                        utils.setMemberProperties(member, REQUEST=context.REQUEST, email=user.email)
-                        utils.addPortalMessage(_(u'Changes applied.'))
-
-                # If reset password has been checked email user a new password
-                pw = None
-                if hasattr(user, 'resetpassword'):
-                    if 'Manager' in current_roles and not self.is_zope_manager:
-                        raise Forbidden
-                    if not context.unrestrictedTraverse('@@overview-controlpanel').mailhost_warning():
-                        pw = regtool.generatePassword()
-                    else:
-                        utils.addPortalMessage(_(u'No mailhost defined. Unable to reset passwords.'), type='error')
-
-                roles = user.get('roles', [])
-                if not self.is_zope_manager:
-                    # don't allow adding or removing the Manager role
-                    # add check if user is in Administrators group
-                    grouproles = []
-                    for group in groups_tool.getGroupsByUserId(member.id):
-                        grouproles.extend(group.getRoles())
-                    if ('Manager' in roles or 'Manager' in grouproles) != ('Manager' in current_roles):
-                        raise Forbidden
-
-                # Ideally, we would like to detect if any role assignment has
-                # actually changed, and only then issue "Changes applied".
-                acl_users.userFolderEditUser(user.id, pw, roles, member.getDomains(), REQUEST=context.REQUEST)
-
-                if pw:
-                    context.REQUEST.form['new_password'] = pw
-                    # [Comment copied from plone.app.contentrules.actions.mail.MailActionExecutor.__call__()]
-                    # XXX: We're using "immediate=True" because otherwise we won't
-                    # be able to catch SMTPException as the smtp connection is made
-                    # as part of the transaction apparatus.
-                    # AlecM thinks this wouldn't be a problem if mail queuing was
-                    # always on -- but it isn't. (stevem)
-                    # so we test if queue is not on to set immediate
-                    immediate = not self.get_mailhost().smtp_queue
-                    try:
-                        regtool.mailPassword(user.id, context.REQUEST, immediate=immediate)
-                    except SMTPException as e:
-                        logger.exception(e)
-                        users_failed_reset_passwords.append(user.id)
-                    else:
-                        users_with_reset_passwords.append(user.id)
-
-            if delete:
-                self.deleteMembers(delete)
-
-            if users_with_reset_passwords:
-                reset_passwords_message = _(
-                    u"reset_passwords_msg",
-                    default=u"The following users have been sent an e-mail with link to reset their password: ${user_ids}",
-                    mapping={
-                        u"user_ids" : ', '.join(users_with_reset_passwords),
-                        },
-                    )
-                utils.addPortalMessage(reset_passwords_message)
-            if users_failed_reset_passwords:
-                failed_passwords_message = _(
-                    u'failed_passwords_msg',
-                    default=u'A password reset e-mail could not be sent to the following users: ${user_ids}',
-                    mapping={
-                        u'user_ids' : ', '.join(users_failed_reset_passwords),
-                        },
-                    )
-                utils.addPortalMessage(failed_passwords_message, type='error')
-
-            # TODO: issue message only if something actually has changed
-            utils.addPortalMessage(_(u'Changes applied.'))
-
-    def deleteMembers(self, member_ids):
-        # this method exists to bypass the 'Manage Users' permission check
-        # in the CMF member tool's version
-        context = aq_inner(self.context)
-        mtool = getToolByName(self.context, 'portal_membership')
-
-        # Delete members in acl_users.
-        acl_users = context.acl_users
-        if isinstance(member_ids, basestring):
-            member_ids = (member_ids,)
-        member_ids = list(member_ids)
-        for member_id in member_ids[:]:
-            member = mtool.getMemberById(member_id)
-            if member is None:
-                member_ids.remove(member_id)
-            else:
-                if not member.canDelete():
-                    raise Forbidden
-                if 'Manager' in member.getRoles() and not self.is_zope_manager:
-                    raise Forbidden
-        try:
-            acl_users.userFolderDelUsers(member_ids)
-        except (AttributeError, NotImplementedError):
-            raise NotImplementedError('The underlying User Folder '
-                                     'doesn\'t support deleting members.')
-
-        # Delete member data in portal_memberdata.
-        mdtool = getToolByName(context, 'portal_memberdata', None)
-        if mdtool is not None:
-            for member_id in member_ids:
-                mdtool.deleteMemberData(member_id)
-
-        # Delete members' local roles.
-        mtool.deleteLocalRoles( getUtility(ISiteRoot), member_ids,
-                               reindex=1, recursive=1 )
-
-
-class GroupDetailsControlPanel(UsersGroupsControlPanelView):
-
-    def __call__(self):
-        context = aq_inner(self.context)
-
-        self.gtool = getToolByName(context, 'portal_groups')
-        self.gdtool = getToolByName(context, 'portal_groupdata')
-        self.regtool = getToolByName(context, 'portal_registration')
-        self.groupname = getattr(self.request, 'groupname', None)
-        self.grouproles = self.request.set('grouproles', [])
-        self.group = self.gtool.getGroupById(self.groupname)
-        self.grouptitle = self.groupname
-        if self.group is not None:
-            self.grouptitle = self.group.getGroupTitleOrName()
-
-        self.request.set('grouproles', self.group.getRoles() if self.group else [])
-
-        submitted = self.request.form.get('form.submitted', False)
-        if submitted:
-            CheckAuthenticator(self.request)
-
-            msg = _(u'No changes made.')
-            self.group = None
-
-            title = self.request.form.get('title', None)
-            description = self.request.form.get('description', None)
-            addname = self.request.form.get('addname', None)
-
-            if addname:
-                if not self.regtool.isMemberIdAllowed(addname):
-                    msg = _(u'The group name you entered is not valid.')
-                    IStatusMessage(self.request).add(msg, 'error')
-                    return self.index()
-
-                success = self.gtool.addGroup(addname, (), (), title=title,
-                                              description=description,
-                                              REQUEST=self.request)
-                if not success:
-                    msg = _(u'Could not add group ${name}, perhaps a user or group with '
-                            u'this name already exists.', mapping={u'name' : addname})
-                    IStatusMessage(self.request).add(msg, 'error')
-                    return self.index()
-
-                self.group = self.gtool.getGroupById(addname)
-                msg = _(u'Group ${name} has been added.',
-                        mapping={u'name' : addname})
-
-            elif self.groupname:
-                self.gtool.editGroup(self.groupname, roles=None, groups=None,
-                                     title=title, description=description,
-                                     REQUEST=context.REQUEST)
-                self.group = self.gtool.getGroupById(self.groupname)
-                msg = _(u'Changes saved.')
-
-            else:
-                msg = _(u'Group name required.')
-
-            processed = {}
-            for id, property in self.gdtool.propertyItems():
-                processed[id] = self.request.get(id, None)
-
-            if self.group:
-                # for what reason ever, the very first group created does not exist
-                self.group.setGroupProperties(processed)
-
-            IStatusMessage(self.request).add(msg, type=self.group and 'info' or 'error')
-            if self.group and not self.groupname:
-                target_url = '%s/%s' % (self.context.absolute_url(), '@@usergroup-groupprefs')
-                self.request.response.redirect(target_url)
-                return ''
-
-        return self.index()
-
-
-class GroupsOverviewControlPanel(UsersGroupsControlPanelView):
-
-    def __call__(self):
-        form = self.request.form
-        submitted = form.get('form.submitted', False)
-        search = form.get('form.button.Search', None) is not None
-        findAll = form.get('form.button.FindAll', None) is not None
-        self.searchString = not findAll and form.get('searchstring', '') or ''
-        self.searchResults = []
-        self.newSearch = False
-
-        if search or findAll:
-            self.newSearch = True
-
-        if submitted:
-            if form.get('form.button.Modify', None) is not None:
-                self.manageGroup([group[len('group_'):] for group in self.request.keys() if group.startswith('group_')],
-                                 form.get('delete', []))
-
-        # Only search for all ('') if the many_users flag is not set.
-        if not(self.many_groups) or bool(self.searchString):
-            self.searchResults = self.doSearch(self.searchString)
-
-        return self.index()
-
-    def doSearch(self, searchString):
-        """ Search for a group by id or title"""
-        acl = getToolByName(self, 'acl_users')
-        rolemakers = acl.plugins.listPlugins(IRolesPlugin)
-
-        searchView = getMultiAdapter((aq_inner(self.context), self.request), name='pas_search')
-
-        # First, search for inherited roles assigned to each group.
-        # We push this in the request so that IRoles plugins are told provide
-        # the roles inherited from the groups to which the principal belongs.
-        self.request.set('__ignore_group_roles__', False)
-        self.request.set('__ignore_direct_roles__', True)
-        inheritance_enabled_groups = searchView.merge(chain(*[searchView.searchGroups(**{field: searchString}) for field in ['id', 'title']]), 'id')
-        allInheritedRoles = {}
-        for group_info in inheritance_enabled_groups:
-            groupId = group_info['id']
-            group = acl.getGroupById(groupId)
-            group_info['title'] = group.getProperty('title', group_info['title'])
-            allAssignedRoles = []
-            for rolemaker_id, rolemaker in rolemakers:
-                # getRolesForPrincipal can return None
-                roles = rolemaker.getRolesForPrincipal(group) or ()
-                allAssignedRoles.extend(roles)
-            allInheritedRoles[groupId] = allAssignedRoles
-
-        # Now, search for all roles explicitly assigned to each group.
-        # We push this in the request so that IRoles plugins don't provide
-        # the roles inherited from the groups to which the principal belongs.
-        self.request.set('__ignore_group_roles__', True)
-        self.request.set('__ignore_direct_roles__', False)
-        explicit_groups = searchView.merge(chain(*[searchView.searchGroups(**{field: searchString}) for field in ['id', 'title']]), 'id')
-
-        # Tack on some extra data, including whether each role is explicitly
-        # assigned ('explicit'), inherited ('inherited'), or not assigned at all (None).
-        results = []
-        for group_info in explicit_groups:
-            groupId = group_info['id']
-            group = acl.getGroupById(groupId)
-            group_info['title'] = group.getProperty('title', group_info['title'])
-
-            explicitlyAssignedRoles = []
-            for rolemaker_id, rolemaker in rolemakers:
-                # getRolesForPrincipal can return None
-                roles = rolemaker.getRolesForPrincipal(group) or ()
-                explicitlyAssignedRoles.extend(roles)
-
-            roleList = {}
-            for role in self.portal_roles:
-                canAssign = group.canAssignRole(role)
-                if role == 'Manager' and not self.is_zope_manager:
-                    canAssign = False
-                roleList[role]={'canAssign': canAssign,
-                                'explicit': role in explicitlyAssignedRoles,
-                                'inherited': role in allInheritedRoles.get(groupId, [])}
-
-            canDelete = group.canDelete()
-            if ('Manager' in explicitlyAssignedRoles or
-                'Manager' in allInheritedRoles.get(groupId, [])):
-                if not self.is_zope_manager:
-                    canDelete = False
-
-            group_info['roles'] = roleList
-            group_info['can_delete'] = canDelete
-            results.append(group_info)
-        # Sort the groups by title
-        sortedResults = searchView.sort(results, 'title')
-
-        # Reset the request variable, just in case.
-        self.request.set('__ignore_group_roles__', False)
-        return sortedResults
-
-    def manageGroup(self, groups=None, delete=None):
-        if groups is None:
-            groups = []
-        if delete is None:
-            delete = []
-        CheckAuthenticator(self.request)
-        context = aq_inner(self.context)
-
-        groupstool=context.portal_groups
-        utils = getToolByName(context, 'plone_utils')
-        groupstool = getToolByName(context, 'portal_groups')
-
-        message = _(u'No changes made.')
-
-        for group in groups:
-            roles=[r for r in self.request.form['group_' + group] if r]
-            group_obj = groupstool.getGroupById(group)
-            current_roles = group_obj.getRoles()
-            if not self.is_zope_manager:
-                # don't allow adding or removing the Manager role
-                if ('Manager' in roles) != ('Manager' in current_roles):
-                    raise Forbidden
-
-            groupstool.editGroup(group, roles=roles, groups=())
-            message = _(u'Changes saved.')
-
-        if delete:
-            for group_id in delete:
-                group = groupstool.getGroupById(group_id)
-                if 'Manager' in group.getRoles() and not self.is_zope_manager:
-                    raise Forbidden
-
-            groupstool.removeGroups(delete)
-            message=_(u'Group(s) deleted.')
-
-        utils.addPortalMessage(message)
-
-class GroupMembershipControlPanel(UsersGroupsControlPanelView):
-
-    def update(self):
-        self.groupname = getattr(self.request, 'groupname')
-        self.gtool = getToolByName(self, 'portal_groups')
-        self.mtool = getToolByName(self, 'portal_membership')
-        self.group = self.gtool.getGroupById(self.groupname)
-        self.grouptitle = self.group.getGroupTitleOrName() or self.groupname
-
-        self.request.set('grouproles', self.group.getRoles() if self.group else [])
-        self.canAddUsers = True
-        if 'Manager' in self.request.get('grouproles') and not self.is_zope_manager:
-            self.canAddUsers = False
-
-        self.groupquery = self.makeQuery(groupname=self.groupname)
-        self.groupkeyquery = self.makeQuery(key=self.groupname)
-
-        form = self.request.form
-        submitted = form.get('form.submitted', False)
-
-        self.searchResults = []
-        self.searchString = ''
-        self.newSearch = False
-
-        if submitted:
-            # add/delete before we search so we don't show stale results
-            toAdd = form.get('add', [])
-            if toAdd:
-                if not self.canAddUsers:
-                    raise Forbidden
-
-                for u in toAdd:
-                    self.gtool.addPrincipalToGroup(u, self.groupname, self.request)
-                self.context.plone_utils.addPortalMessage(_(u'Changes made.'))
-
-            toDelete = form.get('delete', [])
-            if toDelete:
-                for u in toDelete:
-                    self.gtool.removePrincipalFromGroup(u, self.groupname, self.request)
-                self.context.plone_utils.addPortalMessage(_(u'Changes made.'))
-
-            search = form.get('form.button.Search', None) is not None
-            edit = form.get('form.button.Edit', None) is not None and toDelete
-            add = form.get('form.button.Add', None) is not None and toAdd
-            findAll = form.get('form.button.FindAll', None) is not None and \
-                not self.many_users
-            # The search string should be cleared when one of the
-            # non-search buttons has been clicked.
-            if findAll or edit or add:
-                form['searchstring'] = ''
-            self.searchString = form.get('searchstring', '')
-            if findAll or bool(self.searchString):
-                self.searchResults = self.getPotentialMembers(self.searchString)
-
-            if search or findAll:
-                self.newSearch = True
-
-        self.groupMembers = self.getMembers()
-
-    def __call__(self):
-        self.update()
-        return self.index()
-
-    def isGroup(self, itemName):
-        return self.gtool.isGroup(itemName)
-
-    def getMembers(self):
-        searchResults = self.gtool.getGroupMembers(self.groupname)
-
-        groupResults = [self.gtool.getGroupById(m) for m in searchResults]
-        groupResults.sort(key=lambda x: x is not None and normalizeString(x.getGroupTitleOrName()))
-
-        userResults = [self.mtool.getMemberById(m) for m in searchResults]
-        userResults.sort(key=lambda x: x is not None and x.getProperty('fullname') is not None and normalizeString(x.getProperty('fullname')) or '')
-
-        mergedResults = groupResults + userResults
-        return filter(None, mergedResults)
-
-    def getPotentialMembers(self, searchString):
-        ignoredUsersGroups = [x.id for x in self.getMembers() + [self.group,] if x is not None]
-        return self.membershipSearch(searchString, ignore=ignoredUsersGroups)
-
-class UserMembershipControlPanel(UsersGroupsControlPanelView):
-
-    def update(self):
-        self.userid = getattr(self.request, 'userid')
-        self.gtool = getToolByName(self, 'portal_groups')
-        self.mtool = getToolByName(self, 'portal_membership')
-        self.member = self.mtool.getMemberById(self.userid)
-
-        form = self.request.form
-
-        self.searchResults = []
-        self.searchString = ''
-        self.newSearch = False
-
-        if form.get('form.submitted', False):
-            delete = form.get('delete', [])
-            if delete:
-                for groupname in delete:
-                    self.gtool.removePrincipalFromGroup(self.userid, groupname, self.request)
-                self.context.plone_utils.addPortalMessage(_(u'Changes made.'))
-
-            add = form.get('add', [])
-            if add:
-                for groupname in add:
-                    group = self.gtool.getGroupById(groupname)
-                    if 'Manager' in group.getRoles() and not self.is_zope_manager:
-                        raise Forbidden
-
-                    self.gtool.addPrincipalToGroup(self.userid, groupname, self.request)
-                self.context.plone_utils.addPortalMessage(_(u'Changes made.'))
-
-        search = form.get('form.button.Search', None) is not None
-        findAll = form.get('form.button.FindAll', None) is not None and not self.many_groups
-        self.searchString = not findAll and form.get('searchstring', '') or ''
-
-        if findAll or not self.many_groups or self.searchString != '':
-            self.searchResults = self.getPotentialGroups(self.searchString)
-
-        if search or findAll:
-            self.newSearch = True
-
-        self.groups = self.getGroups()
-
-    def __call__(self):
-        self.update()
-        return self.index()
-
-    def getGroups(self):
-        groupResults = [self.gtool.getGroupById(m) for m in self.gtool.getGroupsForPrincipal(self.member)]
-        groupResults.sort(key=lambda x: x is not None and normalizeString(x.getGroupTitleOrName()))
-        return filter(None, groupResults)
-
-    def getPotentialGroups(self, searchString):
-        ignoredGroups = [x.id for x in self.getGroups() if x is not None]
-        return self.membershipSearch(searchString, searchUsers=False, ignore=ignoredGroups)
diff --git a/plone/app/controlpanel/usergroups_groupdetails.pt b/plone/app/controlpanel/usergroups_groupdetails.pt
deleted file mode 100644
index d6ce280..0000000
--- a/plone/app/controlpanel/usergroups_groupdetails.pt
+++ /dev/null
@@ -1,254 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-      lang="en"
-      metal:use-macro="context/prefs_main_template/macros/master"
-      i18n:domain="plone">
-
-<body>
-
-<metal:main fill-slot="prefs_configlet_content"
-     tal:define="template_id string:@@usergroup-groupdetails;
-                 portal_roles view/portal_roles;
-                 groupquery python:view.makeQuery(groupname=view.groupname);
-                 groupkeyquery python:view.makeQuery(key=view.groupname)">
-
-    <div class="documentEditable">
-        <!-- simulating views on the groups/user pages until we have real objects. -->
-        <div id="edit-bar" tal:condition="view/group">
-            <ul class="contentViews" id="content-views">
-              <li>
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@usergroup-groupmembership?${groupquery}"
-                   i18n:translate="label_group_members">Group Members</a>
-              </li>
-              <li class="selected">
-                <a href=""
-                   tal:attributes="href string:$portal_url/${template_id}?${groupquery}"
-                   i18n:translate="label_group_properties">Group Properties</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:${portal_url}/@@manage-group-portlets?${groupkeyquery}"
-                   i18n:translate="label_group_portlets">Group Portlets</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:${portal_url}/@@manage-group-dashboard?${groupkeyquery}"
-                   i18n:translate="label_group_dashboard">Group Dashboard</a>
-              </li>
-
-            </ul>
-
-            <div class="contentActions">&nbsp;</div>
-        </div>
-
-        <div metal:use-macro="context/global_statusmessage/macros/portal_message">
-          Portal status message
-        </div>
-
-        <!-- When no group is specified, this gets used as the add group page page -->
-        <article id="content" tal:condition="not:view/group">
-            <metal:block metal:use-macro="template/macros/props">
-                <metal:title metal:fill-slot="content-title">
-                    <h1 class="documentFirstHeading"
-                        i18n:translate="heading_create_group">Create a Group</h1>
-                </metal:title>
-
-                <metal:name metal:fill-slot="name">
-                    <div class="field">
-                        <label for="addname" i18n:translate="label_name">Name</label>
-
-                        <span class="fieldRequired" title="Required"
-                              i18n:attributes="title title_required;"
-                              i18n:translate="label_required">(Required)</span>
-
-                         <div class="formHelp" i18n:translate="help_groupname">
-                         A unique identifier for the group. Can not be changed after creation.
-                         </div>
-
-                        <input type="text" name="addname" value="groupname"
-                               id="addname"
-                               tal:attributes="value view/groupname | string:"/>
-                    </div>
-                </metal:name>
-            </metal:block>
-        </article>
-
-        <article id="content" tal:condition="view/group | nothing">
-            <metal:block define-macro="props">
-
-                <h1 class="documentFirstHeading"
-                    i18n:translate="heading_edit_groupproperties"
-                    metal:define-slot="content-title">
-                    Edit Group Properties for <span tal:content="view/grouptitle | default" tal:omit-tag="" i18n:name="groupname">unavailable</span>
-                </h1>
-
-                <div class="documentDescription" i18n:translate="description_edit_groupproperties">
-                Groups are logical collections of users, like departments and business units.
-                They are not directly related to permissions on a global level, you normally
-                use Roles for that - and let certain Groups have a particular role.
-                </div>
-
-                <div id="content-core">
-                    <a href=""
-                       class="link-parent"
-                       tal:attributes="href string:$portal_url/@@usergroup-groupprefs"
-                       i18n:translate="label_up_to_groups_overview">
-                       Up to Groups Overview
-                    </a>
-
-                    <form action=""
-                          id="createGroup"
-                          name="groups"
-                          method="post"
-                          class="enableUnloadProtection enableAutoFocus"
-                          tal:attributes="action string:$portal_url/$template_id"
-                          tal:define="targetobject context/portal_groupdata;
-                                      targetGetProperty nocall:view/group/getProperty | nocall:context/returnNone;">
-
-                        <fieldset>
-                            <legend i18n:translate="link_group_properties">Group Properties</legend>
-
-                            <div class="field" metal:define-slot="name">
-                               <label for="groupname" i18n:translate="label_name">Name</label>
-
-                               <div tal:content="view/groupname | string:" />
-                               <input type="hidden" name="groupname" value="groupname"
-                                      id="groupname"
-                                      tal:attributes="value view/groupname | string:"/>
-                            </div>
-
-                             <tal:set tal:condition="targetobject/management_page_charset|nothing"
-                                      tal:define="dummy python:request.set('management_page_charset_tag','')" />
-
-                             <tal:set tal:condition="not:targetobject/management_page_charset|nothing">
-                                <tal:defines define="dummy python:request.set('management_page_charset','UTF-8');
-                                                     dummy python:request.set('management_page_charset_tag','UTF-8:');" />
-                             </tal:set>
-
-                            <tal:properties repeat="property targetobject/propertyMap">
-                                <div class="field"
-                                     tal:define="id property/id;
-                                                 type property/type;
-                                                 propertyvalue python:targetGetProperty(id, None);">
-
-                                <label for="value"
-                                        tal:attributes="for id"
-                                        i18n:translate=""
-                                        tal:content="python:targetobject.propertyLabel(id).capitalize()">Property Value</label>
-
-                                <div tal:define="propertyitem python:targetobject.getProperty(id);
-                                                 disabled python:None if (not view.group or view.group.canWriteProperty(id)) else 'disabled';"
-                                tal:condition="python:'w' in property.get('mode', 'awd')">
-
-                                <input type="text" name="id" size="35"
-                                        tal:condition="python:type in ('int', 'long')"
-                                        tal:attributes="name string:$id:$type;
-                                                        id id;
-                                                        value python:propertyvalue if propertyvalue else '';
-                                                        disabled disabled;" />
-
-                                <input type="text" name="id" size="35"
-                                        tal:condition="python:type in ('float','date')"
-                                        tal:attributes="name string:$id:${request/management_page_charset_tag}$type;
-                                                        id id;
-                                                        value python:propertyvalue if propertyvalue else '';
-                                                        disabled disabled;" />
-
-                                <input type="text" name="string and ustring" size="35"
-                                        tal:condition="python:type in ('string','ustring')"
-                                        tal:attributes="name string:$id:${request/management_page_charset_tag}$type;
-                                                        id id;
-                                                        value python:propertyvalue if propertyvalue else '';
-                                                        disabled disabled;" />
-
-                                <input type="checkbox"
-                                        class="noborder"
-                                        name="id"
-                                        id="cb-checkbox"
-                                        tal:condition="python: type in ('boolean',)"
-                                        tal:attributes="name string:$id:$type;
-                                                        id id;
-                                                        checked python:'checked' if propertyvalue else '';
-                                                        disabled disabled;" />
-
-                                <input name="tokens and utokens" value="" type="text" size="35"
-                                        tal:condition="python:type in ('tokens', 'utokens')"
-                                        tal:attributes="name string:$id:${request/management_page_charset_tag}$type;
-                                                        value python:propertyvalue if propertyvalue else '';
-                                                        disabled disabled;" />
-
-                                <textarea name="text and utext"
-                                        rows="6"
-                                        cols="35"
-                                        tal:condition="python: type in ('text', 'utext')"
-                                        tal:attributes="name string:$id:${request/management_page_charset_tag}$type;
-                                                        disabled disabled;"
-                                        tal:content="propertyvalue">some data</textarea>
-
-                                <textarea name="lines and ulines"
-                                        rows="6"
-                                        cols="35"
-                                        tal:condition="python: type in ('lines', 'ulines')"
-                                        tal:attributes="name string:$id:${request/management_page_charset_tag}$type;
-                                                        disabled disabled;"
-                                        tal:content="python: propertyvalue and '\n'.join(propertyvalue) or ''">
-                                </textarea>
-
-
-                                <tal:selections tal:condition="python:type in ('selection', 'multiple selection')"
-                                                tal:define="select_variable python:property.get('select_variable','');
-                                                select_value python:select_variable and path('context/%s' %select_variable) or [];">
-
-                                <select name="selection" tal:condition="python:type in ('selection',)"
-                                    tal:attributes="name string:$id:${request/management_page_charset_tag}text;
-                                                    disabled disabled;">
-                                    <tal:values repeat="option select_value">
-                                        <option tal:attributes="SELECTED python:'SELECTED' if propertyvalue==option else ''"
-                                            tal:content="option">value</option>
-                                    </tal:values>
-                                </select>
-
-                                <select name="multiple selection" multiple="multiple" tal:condition="python:type in ('multiple selection',)"
-                                        tal:attributes="name string:$id:${request/management_page_charset_tag}list:string;
-                                                        size python:min(7, len(select_value));
-                                                        disabled disabled;">
-                                    <tal:values repeat="option select_value">
-                                        <option tal:attributes="SELECTED python:'selected' if (propertyvalue and option in propertyvalue) else ''"
-                                                tal:content="option">value</option>
-                                    </tal:values>
-                                </select>
-
-                                </tal:selections>
-
-                                </div>
-
-                                </div>
-                            </tal:properties>
-
-                            <input type="hidden" name="form.submitted" value="1" />
-
-                            <div class="formControls">
-                                <input class="context"
-                                       type="submit"
-                                       name="form.button.Save"
-                                       value="Save"
-                                       i18n:attributes="value label_save;" />
-                            </div>
-                        </fieldset>
-
-                        <input tal:replace="structure context/@@authenticator/authenticator" />
-                    </form>
-                </div>
-            </metal:block>
-        </article>
-
-
-    </div>
-
-</metal:main>
-
-</body>
-</html>
diff --git a/plone/app/controlpanel/usergroups_groupmembership.pt b/plone/app/controlpanel/usergroups_groupmembership.pt
deleted file mode 100644
index 0c6bae6..0000000
--- a/plone/app/controlpanel/usergroups_groupmembership.pt
+++ /dev/null
@@ -1,345 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-      lang="en"
-      metal:use-macro="context/prefs_main_template/macros/master"
-      i18n:domain="plone">
-
-<body>
-
-<metal:main fill-slot="prefs_configlet_content"
-     tal:define="template_id string:@@usergroup-groupmembership;
-                 errors python:request.get('errors', {});
-                 portal_roles view/portal_roles;
-                 showAll python:request.get('showAll', '') and not view.newSearch and 'y';
-                 Batch python:modules['Products.CMFPlone'].Batch;
-                 resultcount python:len(view.searchResults);
-                 b_size python:resultcount if showAll else 20;
-                 b_start python:0 if showAll or view.newSearch else view.atoi(request.get('b_start',0));
-                 b_start python:b_start if b_start &lt;= resultcount else resultcount - resultcount % b_size;
-                 b_start python:b_start if b_start &lt; resultcount else max(b_start - b_size, 0);
-                 portal_url context/portal_url;">
-
-    <div class="documentEditable">
-        <!-- simulating views on the groups/user pages until we have real objects. -->
-        <div id="edit-bar">
-            <ul class="contentViews" id="content-views">
-              <li class="selected">
-                    <a href=""
-                   tal:attributes="href string:$portal_url/${template_id}?${view/groupquery}"
-                   i18n:translate="label_group_members">Group Members</a>
-              </li>
-              <li>
-                    <a href=""
-                   tal:attributes="href string:${portal_url}/@@usergroup-groupdetails?${view/groupquery}"
-                       i18n:translate="label_group_properties">Group Properties</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:${portal_url}/@@manage-group-portlets?${view/groupkeyquery}"
-                   i18n:translate="label_group_portlets">Group Portlets</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:${portal_url}/@@manage-group-dashboard?${view/groupkeyquery}"
-                   i18n:translate="label_group_dashboard">Group Dashboard</a>
-              </li>
-            </ul>
-
-            <div class="contentActions">
-              &nbsp;
-            </div>
-        </div>
-
-        <div metal:use-macro="context/global_statusmessage/macros/portal_message">
-          Portal status message
-        </div>
-
-        <article id="content">
-
-            <tal:ifnogroups tal:condition="not:view/group | nothing">
-              <h1 class="documentFirstHeading"
-                  i18n:translate="heading_group_members">Group Members</h1>
-
-              <div id="content-core">
-                  <a href=""
-                     class="link-parent"
-                     tal:attributes="href string:$portal_url/@@usergroup-groupprefs"
-                     i18n:translate="label_up_to_groups_overview">
-                    Up to Groups Overview
-                  </a>
-
-                  <p i18n:translate="label_no_group_specified">No group was specified.</p>
-
-                  <p>
-                    <a href="@@usergroup-groupprefs" i18n:translate="label_find_group">Find a group here</a>
-                  </p>
-              </div>
-            </tal:ifnogroups>
-
-            <tal:ifgroups tal:condition="view/group | nothing">
-              <h1 class="documentFirstHeading"
-                  i18n:translate="heading_group_members_of">
-                  Members of the <span tal:content="view/grouptitle" tal:omit-tag="" i18n:name="groupname">Groupname</span> group
-              </h1>
-
-              <div id="content-core">
-                  <a href=""
-                     class="link-parent"
-                     tal:attributes="href string:$portal_url/@@usergroup-groupprefs"
-                     i18n:translate="label_up_to_groups_overview">
-                    Up to Groups Overview
-                  </a>
-
-                  <p i18n:translate="description_group_members_of">
-                    You can add or remove groups and users from this particular group here. Note that this
-                    doesn't actually delete the group or user, it is only removed from this group.
-                  </p>
-
-                  <form action=""
-                            name="groups"
-                            method="post"
-                            tal:attributes="action string:$portal_url/$template_id?groupname=${view/groupname}"
-                            tal:define="batch python:Batch(view.searchResults, b_size, int(b_start));
-                                        batchformkeys python:['searchstring','_authenticator','groupname','form.submitted'];
-                                        many_users view/many_users">
-                    <h2 i18n:translate="heading_groupmembers_current">Current group members</h2>
-                      <table class="listing" summary="Group Members Listing"
-                         tal:condition="view/groupMembers">
-
-                          <tr>
-                              <th>
-                                  <input class="noborder"
-                                         type="checkbox"
-                                         src="select_all_icon.png"
-                                         name="selectButton"
-                                         title="Select all items"
-                                         onClick="toggleSelect(this, 'delete:list');"
-                                         tal:attributes="src string:$portal_url/select_all_icon.png"
-                                         alt="Select all items"
-                                         i18n:attributes="title label_select_all_items; alt label_select_all_items;"/>
-                                         <!--Remove user from this group-->
-                              </th>
-                              <th i18n:translate="listingheader_user_name">User name</th>
-                              <th i18n:translate="listingheader_email_address">E-mail Address</th>
-                          </tr>
-
-                          <tal:block tal:repeat="this_user view/groupMembers">
-                            <tr tal:condition="python:this_user is not None"
-                                tal:define="oddrow repeat/this_user/odd"
-                                tal:attributes="class python:oddrow and 'odd' or 'even'">
-                                <td class="listingCheckbox">
-                                    <input
-                                           type="checkbox"
-                                           class="noborder notify"
-                                           name="delete:list"
-                                           tal:attributes="value this_user/getId;
-                                                           disabled python:this_user.canRemoveFromGroup(view.groupname) and default or 'disabled'" />
-                                </td>
-
-                                <tal:block tal:condition="python: view.isGroup(this_user)">
-                                  <td>
-                                    <img src="group.png" alt="" />
-                                    <a href="" tal:attributes="href python:'@@usergroup-groupdetails?' + view.makeQuery(groupname=this_user.getGroupName())" >
-                                      <span tal:replace="this_user/getGroupTitleOrName | default" />
-                                      (<span tal:replace="this_user/id" />)
-                                    </a>
-                                  </td>
-                                </tal:block>
-
-                                <tal:block tal:condition="python: not view.isGroup(this_user)">
-                                  <td>
-                                    <img src="user.png" alt="" />
-                                    <a href="" tal:attributes="href python:'@@user-information?' + view.makeQuery(userid=this_user.getId());
-                                                               title this_user/getId">
-                                        <span tal:replace="python:this_user.getProperty('fullname')">Full Name</span>
-                                        <tal:userid tal:condition="not:view/email_as_username">
-                                            (<span tal:replace="this_user/getUserName | default" />)
-                                        </tal:userid>
-                                    </a>
-                                  </td>
-                                </tal:block>
-
-                                <td tal:define="email python: this_user.getProperty('email')">
-                                    <a  href="#"
-                                        tal:attributes="href string:mailto:${email}"
-                                        title="Send a mail to this user"
-                                        i18n:attributes="title title_send_mail_to_user;"
-                                        tal:condition="email">
-                                        <span tal:replace="email" />
-                                    </a>
-                                </td>
-                            </tr>
-                          </tal:block>
-                      </table>
-
-
-                      <p tal:condition="not:view/groupMembers" i18n:translate="decription_no_members_assigned">There is no group or user attached to this group.</p>
-
-                      <input class="destructive"
-                             type="submit"
-                             name="form.button.Edit"
-                             value="Remove selected groups / users"
-                             i18n:attributes="value label_remove_selected_users;"
-                             tal:condition="view/groupMembers" />
-
-                    <tal:addusers tal:condition="view/canAddUsers">
-
-                        <h2 i18n:translate="heading_search_newmembers">Search for new group members</h2>
-
-                        <input type="hidden" name="form.submitted" value="1" />
-
-                        <table class="listing" summary="Groups">
-                          <tr>
-                            <th colspan="3">
-                              <span tal:omit-tag="" i18n:translate="label_quick_search">Quick search</span>:
-                                <input class="quickSearch"
-                                       type="text"
-                                       name="searchstring"
-                                       value=""
-                                       tal:attributes="value view/searchString;"
-                                       />
-
-                                <input type="submit"
-                                       class="searchButton"
-                                       name="form.button.Search"
-                                       value="Search"
-                                       i18n:attributes="value label_search;" />
-                                <input type="submit"
-                                       class="searchButton"
-                                       name="form.button.FindAll"
-                                       value="Show all"
-                                       i18n:attributes="value label_search_large;"
-                                       tal:condition="not:many_users" />
-                            </th>
-                          </tr>
-                          <tr tal:condition="batch">
-                            <th>
-                                <input class="noborder"
-                                       type="checkbox"
-                                       src="select_all_icon.png"
-                                       name="selectButton"
-                                       title="Select all items"
-                                       onClick="toggleSelect(this, 'add:list');"
-                                       tal:attributes="src string:$portal_url/select_all_icon.png"
-                                       alt="Select all items"
-                                       i18n:attributes="title label_select_all_items; alt label_select_all_items;"/>
-                            </th>
-
-                            <th i18n:translate="listingheader_group_user_name">Group/User name</th>
-                            <th i18n:translate="listingheader_email_address">E-mail Address</th>
-                          </tr>
-
-                          <tal:block repeat="this_user batch">
-                            <tr tal:define="oddrow repeat/this_user/odd"
-				                        tal:condition="python:this_user is not None"
-                                tal:attributes="class python:oddrow and 'odd' or 'even'">
-
-                              <td class="listingCheckbox">
-                                <input type="checkbox"
-                                       class="noborder"
-                                       name="add:list"
-                                       value="value"
-                                       tal:attributes="value this_user/getId;
-                                                       disabled python:this_user.canAddToGroup(view.groupname) and default or 'disabled'" />
-                              </td>
-
-                              <td>
-                                  <tal:block tal:condition="python:not view.isGroup(this_user)">
-                                      <img src="user.png" alt="" />
-                                      <a href="" tal:attributes="href python:'@@user-information?' + view.makeQuery(userid=this_user.getId());
-                                                                 title this_user/getId">
-                                        <span tal:replace="python:this_user.getProperty('fullname')">Full Name</span>
-                                        <tal:userid tal:condition="not:view/email_as_username">
-                                            (<span tal:replace="this_user/getUserName | default" />)
-                                        </tal:userid>
-                                      </a>
-                                  </tal:block>
-                                  <tal:block tal:condition="python: view.isGroup(this_user)">
-                                      <img src="group.png" alt="" />
-                                      <a href="" tal:attributes="href python:'@@usergroup-groupdetails?' + view.makeQuery(groupname=this_user.getGroupName())">
-                                          <span tal:replace="this_user/getGroupTitleOrName | default" />
-                                          (<span tal:replace="this_user/id | default" />)
-                                      </a>
-                                  </tal:block>
-                              </td>
-                              <td tal:define="email python: this_user.getProperty('email')">
-                                  <a  href="#"
-                                      tal:attributes="href string:mailto:${email}"
-                                      title="Send a mail to this user"
-                                      i18n:attributes="title title_send_mail_to_user;"
-                                      tal:condition="email">
-                                      <span tal:replace="email" />
-                                  </a>
-                              </td>
-                            </tr>
-                          </tal:block>
-
-                          <tr tal:condition="not:batch">
-
-                            <td tal:condition="view/searchString"
-                              i18n:translate="text_nomatches"
-                              style="text-align:center;">No matches</td>
-
-                            <tal:block tal:condition="not:view/searchString">
-                              <td tal:condition="site_properties/many_users"
-                                class="discreet"
-                                i18n:translate="text_no_searchstring_large"
-                                style="text-align:center; font-size: 100%;">
-                                Enter a group or user name to search for.
-                              </td>
-                              <td tal:condition="not:site_properties/many_users"
-                                class="discreet"
-                                i18n:translate="text_no_searchstring"
-                                style="text-align:center; font-size: 100%;">
-                                Enter a group or user name to search for or click 'Show All'.
-                              </td>
-                            </tal:block>
-
-                          </tr>
-
-                        </table>
-
-                        <input type="hidden" value="b_start" name="b_start"
-                               tal:attributes="value b_start"/>
-
-                        <input type="hidden" value="" name="showAll"
-                               tal:attributes="value showAll"/>
-
-                        <div metal:use-macro="context/batch_macros/macros/navigation" />
-
-                        <div class="showAllSearchResults"
-                             tal:condition="python:batch.next or batch.previous"
-                             tal:define="mq python:modules['ZTUtils'].make_query;
-                                         keys batchformkeys|nothing;
-                                         linkparams python:keys and dict([(key, request.form[key]) for key in keys if key in request]) or request.form;
-                                         url batch_base_url | string:${context/absolute_url}/${template_id}">
-                            <a tal:attributes="href python: '%s?%s' % (url, mq( linkparams, {'showAll':'y'} ))"
-                               i18n:translate="description_pas_show_all_search_results">
-                                Show all search results
-                            </a>
-                        </div>
-
-                        <input class="context"
-                                type="submit"
-                                name="form.button.Add"
-                                value="Add selected groups and users to this group"
-                                tal:condition="batch"
-                                i18n:attributes="value label_add_users_to_group;" />
-
-                    </tal:addusers>
-
-                    <input tal:replace="structure context/@@authenticator/authenticator" />
-
-                  </form>
-              </div>
-            </tal:ifgroups>
-
-        </article>
-    </div>
-
-</metal:main>
-</body>
-</html>
-
diff --git a/plone/app/controlpanel/usergroups_groupsoverview.pt b/plone/app/controlpanel/usergroups_groupsoverview.pt
deleted file mode 100644
index 8ce1210..0000000
--- a/plone/app/controlpanel/usergroups_groupsoverview.pt
+++ /dev/null
@@ -1,281 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-      lang="en"
-      metal:use-macro="context/prefs_main_template/macros/master"
-      i18n:domain="plone">
-
-<body>
-
-<metal:main fill-slot="prefs_configlet_content"
-     tal:define="template_id string:@@usergroup-groupprefs;
-                 errors python:request.get('errors', {});
-                 showAll python:request.get('showAll', '') and not view.newSearch and 'y';
-                 Batch python:modules['Products.CMFPlone'].Batch;
-                 b_start python:0 if showAll or view.newSearch else request.get('b_start',0);
-                 portal_roles view/portal_roles;
-                 search_results view/searchResults;
-                 b_size python:showAll and len(search_results) or 20;
-                 batch python:search_results and Batch(search_results, b_size, int(b_start), orphan=1) or None;
-                 batchformkeys python:['searchstring','_authenticator'];
-                 portal_url context/portal_url;">
-
-    <div class="documentEditable">
-
-        <div id="edit-bar">
-           <ul class="contentViews" id="content-views">
-             <li>
-               <a href=""
-                  tal:attributes="href string:$portal_url/@@usergroup-userprefs"
-                  i18n:translate="label_users">Users</a>
-             </li>
-             <li class="selected">
-               <a href=""
-                  tal:attributes="href string:$portal_url/@@usergroup-groupprefs"
-                  i18n:translate="label_groups">Groups</a>
-             </li>
-             <li>
-               <a href=""
-                  tal:attributes="href string:$portal_url/@@usergroup-controlpanel"
-                  i18n:translate="label_usergroup_settings">Settings</a>
-             </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@member-registration"
-                   i18n:translate="label_member_registration">Member Registration</a>
-              </li>
-           </ul>
-          <div class="contentActions">&nbsp;</div>
-        </div>
-
-        <div metal:use-macro="context/global_statusmessage/macros/portal_message">
-            Portal status message
-        </div>
-
-        <article id="content">
-            <a href=""
-               id="setup-link"
-               tal:attributes="href string:$portal_url/plone_control_panel"
-               i18n:translate="">
-              Site Setup
-            </a>
-            <h1 class="documentFirstHeading"
-                i18n:translate="heading_groups_overview">Groups Overview</h1>
-
-            <div id="content-core">
-
-                <p class="discreet">
-                  <span tal:omit-tag=""
-                        i18n:translate="description_groups_management">
-                    Groups are logical collections of users, such as
-                    departments and business units. Groups are not directly
-                    related to permissions on a global level, you normally
-                    use Roles for that - and let certain Groups have a
-                    particular role.
-                  </span>
-                  <span tal:omit-tag=""
-                        i18n:translate="description_groups_management2">
-                    The symbol
-                    <img i18n:name="image_link_icon"
-                         tal:replace="structure context/site_icon.png" />
-                    indicates a role inherited from membership in another group.
-                  </span>
-                </p>
-
-                <p i18n:translate="description_pas_group_listing"
-                   tal:condition="view/show_group_listing_warning">
-                    Note: Some or all of your PAS groups
-                    source plugins do not allow listing of groups, so you
-                    may not see the groups defined by those plugins unless
-                    doing a specific search.
-                </p>
-
-                <a class="pat-modal" id="add-group"
-                   tal:attributes="href string:${portal_url}/@@usergroup-groupdetails">
-                   <button i18n:translate="label_add_new_group">Add New Group</button>
-                </a>
-
-                <form action=""
-                      name="groups_search"
-                      method="post"
-                      tal:attributes="action string:$template_id">
-
-                    <input type="hidden" name="form.submitted" value="1" />
-
-                    <input type="hidden" value="b_start" name="b_start"
-                           tal:attributes="value b_start"/>
-
-                    <input type="hidden" value="" name="showAll"
-                           tal:attributes="value showAll"/>
-
-                    <table class="listing"
-                           summary="Select roles for each group"
-                           i18n:attributes="summary summary_roles_for_groups;">
-                        <tbody>
-                            <tr class="odd">
-                                <th colspan="6"
-                                    tal:attributes="colspan python:len(portal_roles)+2">
-
-                                    <span tal:omit-tag=""
-                                          i18n:translate="label_group_search">
-                                        Group Search
-                                    </span>
-
-                                    <input class="quickSearch"
-                                           type="text"
-                                           name="searchstring"
-                                           value=""
-                                           tal:attributes="value view/searchString;"
-                                           />
-
-                                    <input type="submit"
-                                           class="searchButton"
-                                           name="form.button.Search"
-                                           value="Search"
-                                           i18n:attributes="value label_search;"
-                                           />
-
-                                    <input type="submit"
-                                           class="searchButton"
-                                           name="form.button.FindAll"
-                                           value="Show all"
-                                           i18n:attributes="value label_showall;"
-                                           tal:condition="not:site_properties/many_groups"
-                                           />
-
-                                </th>
-                            </tr>
-
-                            <tal:block tal:condition="search_results">
-                            <tr class="odd">
-                                <th rowspan="2"
-                                    i18n:translate="listingheader_group_name">
-                                    Group Name
-                                </th>
-
-                                <th colspan="3"
-                                    tal:attributes="colspan python:len(portal_roles)"
-                                    i18n:translate="listingheader_roles">
-                                    Roles
-                                </th>
-
-                                <th rowspan="2"
-                                    i18n:translate="listingheader_remove_group">
-                                    Remove Group
-                                </th>
-                            </tr>
-
-                            <tr class="odd">
-                                <tal:header repeat="portal_role portal_roles">
-                                    <th tal:content="portal_role"
-                                        i18n:translate="">
-                                        Role
-                                    </th>
-                                </tal:header>
-                            </tr>
-
-                            <tal:block repeat="group_info batch">
-                            <tr tal:define="oddrow repeat/group_info/odd;"
-                                tal:attributes="class python:oddrow and 'odd' or 'even'">
-
-                                <td>
-                                    <input type="hidden"
-                                           name=""
-                                           tal:attributes="name string:group_${group_info/groupid}:list"
-                                           value=""
-                                           />
-
-                                    <a href="#"
-                                       tal:attributes="href python:portal_url+'/@@usergroup-groupmembership?'+view.makeQuery(groupname=group_info['groupid']);
-                                                       title group_info/description|string:''">
-                                       <tal:block replace="structure context/portal_url/group.png" />&nbsp;
-                                       <tal:group tal:replace="group_info/title" /> <tal:groupid tal:condition="python:group_info['groupid'] != group_info['title']">(<tal:id tal:replace="group_info/groupid" />)</tal:groupid>
-                                   </a>
-                                </td>
-
-                                <td class="listingCheckbox"
-                                    tal:repeat="portal_role portal_roles">
-                                  <tal:block tal:define="inherited python:group_info['roles'][portal_role]['inherited'];
-                                                         explicit python:group_info['roles'][portal_role]['explicit'];
-                                                         enabled python:group_info['roles'][portal_role]['canAssign']">
-                                    <input type="checkbox"
-                                           class="noborder"
-                                           name="name"
-                                           value="Manager"
-                                           tal:condition="not:inherited"
-                                           tal:attributes="name string:group_${group_info/groupid}:list;
-                                                           value portal_role;
-                                                           checked python:'checked' if explicit else nothing;
-                                                           disabled python:default if enabled else 'disabled'"
-                                           />
-                                    <input type="hidden"
-                                           name="name"
-                                           value="Manager"
-                                           tal:condition="python:explicit and not enabled and not inherited"
-                                           tal:attributes="name string:group_${group_info/groupid}:list;
-                                                           value portal_role" />
-                                    <img tal:condition="inherited" tal:replace="structure context/site_icon.png" />
-                                  </tal:block>
-                                </td>
-
-                                <td class="listingCheckbox">
-                                    <input type="checkbox"
-                                           class="noborder notify"
-                                           name="delete:list"
-                                           value="value"
-                                           tal:attributes="value group_info/groupid;
-                                                           disabled python:default if group_info['can_delete'] else 'disabled'"
-                                           />
-                                </td>
-                            </tr>
-                            </tal:block>
-
-                            </tal:block>
-
-                            <tal:block tal:condition="python:(view.searchString and not search_results)">
-                            <tr>
-                                <td i18n:translate="text_nomatches"
-                                    style="text-align:center;">
-                                    No matches
-                                </td>
-                            </tr>
-                            </tal:block>
-                        </tbody>
-                    </table>
-
-                    <tal:block tal:condition="python:(search_results)">
-
-                        <div metal:use-macro="context/batch_macros/macros/navigation" />
-
-                        <div class="showAllSearchResults"
-                             tal:condition="python:batch.next or batch.previous"
-                             tal:define="mq python:modules['ZTUtils'].make_query;
-                                         keys batchformkeys|nothing;
-                                         linkparams python:keys and dict([(key, request.form[key]) for key in keys if key in request]) or request.form;
-                                         url batch_base_url | string:${context/absolute_url}/${template_id}">
-                            <a tal:attributes="href python: '%s?%s' % (url, mq( linkparams, {'showAll':'y'} ))"
-                               i18n:translate="description_pas_show_all_search_results">
-                                Show all search results
-                            </a>
-                        </div>
-
-                        <input class="context"
-                               type="submit"
-                               name="form.button.Modify"
-                               value="Apply Changes"
-                               i18n:attributes="value label_apply_changes;"
-                               />
-                    </tal:block>
-
-                    <input tal:replace="structure context/@@authenticator/authenticator" />
-
-                </form>
-            </div>
-        </article>
-    </div>
-
-</metal:main>
-</body>
-</html>
-
diff --git a/plone/app/controlpanel/usergroups_usermembership.pt b/plone/app/controlpanel/usergroups_usermembership.pt
deleted file mode 100644
index 622140e..0000000
--- a/plone/app/controlpanel/usergroups_usermembership.pt
+++ /dev/null
@@ -1,225 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-      lang="en"
-      metal:use-macro="context/prefs_main_template/macros/master"
-      i18n:domain="plone">
-
-<body>
-
-<metal:main fill-slot="prefs_configlet_content"
-     tal:define="template_id string:@@usergroup-usermembership;
-                 portal context/@@plone_portal_state/portal;
-                 userid view/userid;
-                 member python:context.portal_membership.getMemberById(userid);
-                 groups view/getGroups;
-                 gtool view/gtool;
-                 errors python:request.get('errors', {});
-                 userquery python:view.makeQuery(userid=userid);
-                 portal_url context/portal_url;
-                 showAll python:request.get('showAll', '') and not view.newSearch and 'y';
-                 Batch python:modules['Products.CMFPlone'].Batch;
-                 b_size python:showAll and len(view.searchResults) or 20;
-                 many_groups view/many_groups;
-                 mq python:modules['ZTUtils'].make_query;
-                 results view/searchResults;
-                 resultcount python:len(results);
-                 b_start python:0 if showAll or view.newSearch else view.atoi(request.get('b_start',0));
-                 b_start python:b_start if (b_start &lt;= resultcount) else (resultcount - resultcount % b_size);
-                 b_start python:b_start if (b_start &lt; resultcount) else max(b_start - b_size, 0);
-                 batch python:Batch(view.searchResults, b_size, int(b_start));
-                 batchformkeys python:['searchstring','_authenticator', 'userid'];">
-
-    <div class="documentEditable">
-        <!-- simulating views on the groups/user pages until we have real objects. -->
-        <div id="edit-bar">
-            <ul class="contentViews" id="content-views">
-              <li>
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@user-information?${userquery}"
-                   i18n:translate="label_personal_information">Personal Information</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@user-preferences?${userquery}"
-                   i18n:translate="label_personal_preferences">Personal Preferences</a>
-              </li>
-              <li class="selected">
-                <a href=""
-                   tal:attributes="href string:$portal_url/${template_id}?${userquery}"
-                   i18n:translate="label_group_memberships">Group Memberships</a>
-              </li>
-            </ul>
-            <div class="contentActions">&nbsp;</div>
-        </div>
-
-        <div metal:use-macro="context/global_statusmessage/macros/portal_message">
-          Portal status message
-        </div>
-
-        <article id="content" tal:define="many_groups view/many_groups">
-
-            <h1 class="documentFirstHeading"
-                i18n:translate="heading_group_memberships_for_fullname">
-              Group memberships for
-              <span i18n:name="fullname"
-                    tal:replace="python:member.getProperty('fullname')" />
-              (<span tal:content="python:member.getUser().getUserName()"
-                    tal:omit-tag=""
-                    i18n:name="userid">login name</span>)
-            </h1>
-
-            <div id="content-core">
-                <a href=""
-                   class="link-parent"
-                   tal:attributes="href string:$portal_url/@@usergroup-userprefs"
-                   i18n:translate="label_up_to_usersoverview">
-                  Up to Users Overview
-                </a>
-
-                <form method="post"
-                      tal:attributes="action string:$portal_url/$template_id?userid=${userid}">
-
-                  <h2 i18n:translate="heading_memberships_current">Current group memberships</h2>
-                  <table tal:condition="groups" class="listing" summary="Group Memberships Listing">
-                    <tr>
-                      <th i18n:translate="listingheader_group_name">Group Name</th>
-                      <th i18n:translate="listingheader_group_remove">Remove</th>
-                    </tr>
-                    <tal:block repeat="group groups">
-                        <tr tal:define="oddrow repeat/group/odd;
-                                        groupId group/getId;"
-                            tal:attributes="class python:'odd' if oddrow else 'even'">
-                            <td>
-                                <a href="@@usergroup-groupdetails"
-                                   tal:attributes="href string:@@usergroup-groupdetails?groupname=${groupId}">
-                                <tal:block replace="structure portal/group.png"/>&nbsp;<span
-                                             tal:replace="group/getGroupTitleOrName">group name</span>
-                                </a>
-                            </td>
-
-
-                            <td class="listingCheckbox">
-                                <input type="checkbox"
-                                       class="noborder notify"
-                                       name="delete:list"
-                                       tal:attributes="value groupId;
-                                                       disabled python:member.canRemoveFromGroup(groupId) and default or 'disabled'" />
-                            </td>
-                        </tr>
-                    </tal:block>
-                  </table>
-                  <p tal:condition="not:groups" i18n:translate="text_user_not_in_any_group">This user does not belong to any group.</p>
-                  <input class="destructive"
-                         type="submit"
-                         name="form.button.Delete"
-                         value="Remove from selected groups"
-                         i18n:attributes="value label_remove_selected_groups;"
-                         tal:condition="groups" />
-
-                  <h2 tal:condition="many_groups" i18n:translate="heading_search_groups">Search for groups</h2>
-                  <h2 tal:condition="not:many_groups" i18n:translate="heading_assign_to_groups">Assign to groups</h2>
-
-                  <table class="listing" summary="Groups">
-                    <tr>
-                      <th colspan="2" tal:condition="many_groups">
-                        <span tal:omit-tag="" i18n:translate="label_quick_search">Quick search</span>:
-                              <input class="quickSearch"
-                                     type="text"
-                                     name="searchstring"
-                                     value=""
-                                     tal:attributes="value view/searchString;"
-                                     />
-
-                              <input type="submit"
-                                     class="searchButton"
-                                     name="form.button.search"
-                                     value="Search"
-                                     i18n:attributes="value label_search;" />
-
-                      </th>
-                    </tr>
-                    <tal:block condition="python:results">
-                        <tr>
-                          <th>
-                              <input class="noborder"
-                                     type="checkbox"
-                                     src="select_all_icon.png"
-                                     name="selectButton"
-                                     title="Select all items"
-                                     onClick="toggleSelect(this, 'add:list');"
-                                     tal:attributes="src string:${context/portal_url}/select_all_icon.png"
-                                     alt="Select all items"
-                                     i18n:attributes="title label_select_all_items; alt label_select_all_items;"/>
-                          </th>
-                          <th i18n:translate="listingheader_group_name">Group Name</th>
-                        </tr>
-                        <tal:block repeat="obj batch">
-                          <tr tal:define="oddrow repeat/obj/odd"
-                              tal:attributes="class python:'odd' if oddrow else 'even'">
-
-                            <td class="listingCheckbox">
-                              <input type="checkbox"
-                                     class="noborder"
-                                     name="add:list"
-                                     value="value"
-                                         tal:define="calcId obj/getGroupId | obj/getId;
-                                                     canAddToGroup python:member.canAddToGroup(calcId) and ('Manager' not in obj.getRoles() or view.is_zope_manager)"
-                                         tal:attributes="value calcId;
-                                                         disabled python:canAddToGroup and default or 'disabled'" />
-                            </td>
-
-                            <td>
-                                <img src="group.png" alt="" />
-                                <a href="" tal:attributes="href python:'@@usergroup-groupdetails?'+mq(groupname=obj.getGroupName())"
-                                          tal:content="obj/getGroupTitleOrName | default">
-                                      <span i18n:translate="link_groupname_not_available">
-                                          groupname not available
-                                      </span>
-                                </a>
-                            </td>
-                          </tr>
-                        </tal:block>
-                    </tal:block>
-                  </table>
-
-                  <div metal:use-macro="context/batch_macros/macros/navigation" />
-
-                  <div class="showAllSearchResults"
-                       tal:condition="python:batch.next or batch.previous"
-                       tal:define="mq python:modules['ZTUtils'].make_query;
-                                   keys batchformkeys|nothing;
-                                   linkparams python:keys and dict([(key, request.form[key]) for key in keys if key in request]) or request.form;
-                                   url batch_base_url | string:${context/absolute_url}/${template_id}">
-                      <a tal:attributes="href python: '%s?%s' % (url, mq( linkparams, {'showAll':'y'} ))"
-                         i18n:translate="description_pas_show_all_search_results">
-                          Show all search results
-                      </a>
-                  </div>
-
-                  <input type="hidden" value="b_start" name="b_start"
-                         tal:attributes="value b_start"/>
-
-                  <input type="hidden" value="" name="showAll"
-                         tal:attributes="value showAll"/>
-
-                  <input type="hidden" name="form.submitted" value="1" />
-
-                  <input class="context"
-                         type="submit"
-                         name="form.button.Add"
-                         value="Add user to selected groups"
-                         tal:condition="batch"
-                         i18n:attributes="value label_add_user_to_group;" />
-                  <input tal:replace="structure context/@@authenticator/authenticator" />
-
-                </form>
-            </div>
-        </article>
-    </div>
-
-</metal:main>
-
-</body>
-</html>
diff --git a/plone/app/controlpanel/usergroups_usersoverview.pt b/plone/app/controlpanel/usergroups_usersoverview.pt
deleted file mode 100644
index be82771..0000000
--- a/plone/app/controlpanel/usergroups_usersoverview.pt
+++ /dev/null
@@ -1,253 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-    lang="en"
-    metal:use-macro="context/prefs_main_template/macros/master"
-    i18n:domain="plone">
-
-<body>
-
-<metal:main fill-slot="prefs_configlet_content"
-    tal:define="template_id string:@@usergroup-userprefs;
-                showAll python:request.get('showAll', '') and not view.newSearch and 'y';
-                Batch python:modules['Products.CMFPlone'].Batch;
-                b_start python:0 if showAll or view.newSearch else request.get('b_start',0);
-                b_size python:showAll and len(view.searchResults) or 20;
-                portal_roles view/portal_roles;
-                portal_url context/portal_url;">
-
-    <div class="documentEditable">
-        <div id="edit-bar">
-            <ul class="contentViews" id="content-views">
-              <li class="selected">
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@usergroup-userprefs"
-                   i18n:translate="label_users">Users</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@usergroup-groupprefs"
-                   i18n:translate="label_groups">Groups</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@usergroup-controlpanel"
-                   i18n:translate="label_usergroup_settings">Settings</a>
-              </li>
-              <li>
-                <a href=""
-                   tal:attributes="href string:$portal_url/@@member-registration"
-                   i18n:translate="label_member_registration">Member Registration</a>
-              </li>
-            </ul>
-            <div class="contentActions">&nbsp;</div>
-        </div>
-
-        <div metal:use-macro="context/global_statusmessage/macros/portal_message">
-          Portal status message
-        </div>
-
-        <article id="content">
-
-
-            <h1 class="documentFirstHeading"
-                i18n:translate="heading_users_overview">Users Overview</h1>
-
-            <div id="content-core">
-                <p i18n:translate="description_user_management" class="documentDescription">
-                  Click the user's name to see and change the details of a
-                  specific user. You can also add and remove users.
-                </p>
-                <p i18n:translate="user_roles_note" class="discreet">
-                  Note that roles set here apply directly to a user.
-                  The symbol <img i18n:name="image_link_icon" tal:replace="structure context/site_icon.png" />
-                  indicates a role inherited from membership in a group.
-                </p>
-                <p i18n:translate="description_pas_users_listing"
-                   tal:condition="view/show_users_listing_warning" class="portalMessage warning">
-                  <strong>Note</strong>
-                  <span>Some or all of your PAS user source
-                  plugins do not allow listing of users, so you may not see
-                  the users defined by those plugins unless doing a specific
-                  search.</span>
-                </p>
-                <p>
-                  <a class="pat-modal" id="add-user"
-                     data-pat-modal="{&quot;actionOptions&quot;: {&quot;displayInModal&quot;: false}}"
-                     tal:attributes="href string:${portal_url}/@@new-user">
-                     <button i18n:translate="label_add_new_user" class="context">Add New User</button>
-                  </a>
-                </p>
-                <form action=""
-                      class="enableAutoFocus autotabs"
-                      name="users_search"
-                      method="post"
-                      tal:attributes="action string:$portal_url/$template_id"
-                      tal:define="findAll python:'form.button.FindAll' in request.keys();
-                                  portal_users view/searchResults;
-                                  batch python:Batch(portal_users, b_size, int(b_start), orphan=1);
-                                  batchformkeys python:['searchstring','_authenticator'];
-                                  many_users view/many_users">
-                  <input type="hidden" name="form.submitted" value="1" />
-
-                  <div class="field">
-                    <label for="quickSearch" i18n:translate="label_user_search">User Search</label>
-                                  <input class="quickSearch"
-                                         id="quickSearch"
-                                         type="text"
-                                         name="searchstring"
-                                         value=""
-                                         tal:attributes="value view/searchString;"
-                                         />
-
-                                  <input type="submit"
-                                         class="searchButton context"
-                                         name="form.button.Search"
-                                         value="Search"
-                                         i18n:attributes="value label_search;"
-                                         />
-
-                                  <input type="submit"
-                                         class="searchButton standalone"
-                                         name="form.button.FindAll"
-                                         value="Show all"
-                                         i18n:attributes="value label_showall;"
-                                         tal:condition="not:many_users"
-                                         />
-                  </div>
-                  <table class="listing" summary="User Listing">
-                      <tbody>
-                          <tal:block tal:condition="portal_users" >
-                          <tr class="odd">
-                              <th rowspan="2" i18n:translate="listingheader_user_name">User name</th>
-                              <th colspan="3" tal:attributes="colspan python:len(portal_roles)"
-                                  i18n:translate="listingheader_roles">Roles</th>
-                              <th rowspan="2" i18n:translate="listingheader_reset_password">Reset Password</th>
-                              <th rowspan="2" i18n:translate="listingheader_remove_user">Remove user</th>
-                          </tr>
-                          <tr class="odd">
-                              <th tal:repeat="portal_role portal_roles" tal:content="portal_role" i18n:translate="">Role</th>
-                          </tr>
-                          </tal:block>
-                          <tal:block repeat="user batch">
-                            <tr tal:define="oddrow repeat/user/odd;
-                                            userid user/userid;
-                                            userquery python:view.makeQuery(userid=userid);"
-                                tal:attributes="class python:oddrow and 'odd' or 'even'">
-
-                                <td>
-                                    <a href="@@user-information"
-                                       tal:attributes="href string:$portal_url/@@user-information?${userquery};
-                                                       title userid">
-                                        <span tal:replace="user/fullname">Full Name</span>
-                                        <em> – <em tal:replace="user/login">login name</em></em>
-                                    </a>
-                                    <input type="hidden" name="users.id:records" tal:attributes="value userid" />
-                                </td>
-
-                                <td class="listingCheckbox"
-                                    tal:repeat="portal_role portal_roles">
-                                  <tal:block tal:define="inherited python:user['roles'][portal_role]['inherited'];
-                                                         explicit python:user['roles'][portal_role]['explicit'];
-                                                         enabled python:user['roles'][portal_role]['canAssign']">
-                                    <input type="checkbox"
-                                       class="noborder"
-                                       name="users.roles:list:records"
-                                       value="Manager"
-                                       tal:condition="not:inherited"
-                                       tal:attributes="value portal_role;
-                                           checked python:'checked' if explicit else nothing;
-                                           disabled python:default if enabled else 'disabled'" />
-                                    <input type="hidden"
-                                        name="users.roles:list:records"
-                                        value="Manager"
-                                        tal:condition="python:explicit and not enabled and not inherited"
-                                        tal:attributes="value portal_role" />
-                                    <img tal:condition="inherited" tal:replace="structure context/site_icon.png" />
-                                  </tal:block>
-
-                                </td>
-
-                                <td class="listingCheckbox">
-                                  <input type="checkbox"
-                                     class="noborder"
-                                     name="users.resetpassword:records"
-                                                 value=""
-                                                 tal:attributes="value userid;
-                                                                 disabled python:user['can_set_password'] and default or 'disabled'" />
-                                </td>
-
-                                <td class="listingCheckbox">
-                                  <input type="checkbox"
-                                                 class="noborder notify"
-                                                 name="delete:list"
-                                                 value=""
-                                                 tal:attributes="value userid;
-                                                                 disabled python:user['can_delete'] and default or 'disabled'" />
-                                </td>
-                            </tr>
-                          </tal:block>
-                          <tr tal:condition="not:batch">
-                              <td tal:condition="view/searchString"
-                                  i18n:translate="text_nomatches"
-                                  style="text-align:center;">No matches</td>
-                              <tal:block tal:condition="not:view/searchString">
-                                <td tal:condition="many_users"
-                                    class="discreet"
-                                    i18n:translate="text_no_user_searchstring"
-                                    style="text-align:center; font-size: 100%;">
-                                    Enter a username to search for
-                                </td>
-                                <td tal:condition="not:many_users"
-                                    class="discreet"
-                                    i18n:translate="text_no_user_searchstring_largesite"
-                                    style="text-align:center; font-size: 100%;">
-                                    Enter a username to search for, or click 'Show All'
-                                </td>
-                              </tal:block>
-                          </tr>
-                      </tbody>
-                  </table>
-
-                  <div metal:use-macro="context/batch_macros/macros/navigation" />
-
-                  <div class="showAllSearchResults"
-                       tal:condition="python:batch.next or batch.previous"
-                       tal:define="mq python:modules['ZTUtils'].make_query;
-                                   keys batchformkeys|nothing;
-                                   linkparams python:keys and dict([(key, request.form[key]) for key in keys if key in request]) or request.form;
-                                   url batch_base_url | string:${context/absolute_url}/${template_id}">
-                      <a tal:attributes="href python: '%s?%s' % (url, mq( linkparams, {'showAll':'y'} ))"
-                         i18n:translate="description_pas_show_all_search_results">
-                          Show all search results
-                      </a>
-                  </div>
-
-                  <input type="hidden" value="b_start" name="b_start"
-                         tal:attributes="value b_start"/>
-
-                  <input type="hidden" value="" name="showAll"
-                         tal:attributes="value showAll"/>
-
-                  <div class="formControls" tal:condition="batch">
-                  <input class="context"
-                     type="submit"
-                     name="form.button.Modify"
-                     value="Apply Changes"
-                     i18n:attributes="value label_apply_changes;"
-                     />
-                   </div>
-
-                  <input tal:replace="structure context/@@authenticator/authenticator" />
-
-                </form>
-            </div>
-        </article>
-    </div>
-
-</metal:main>
-
-</body>
-</html>
-
diff --git a/plone/app/controlpanel/usergroupssettings.pt b/plone/app/controlpanel/usergroupssettings.pt
deleted file mode 100644
index 3fb055c..0000000
--- a/plone/app/controlpanel/usergroupssettings.pt
+++ /dev/null
@@ -1,58 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      xmlns:i18n="http://xml.zope.org/namespaces/i18n"
-      xml:lang="en" lang="en"
-      metal:use-macro="context/prefs_main_template/macros/master"
-      i18n:domain="plone">
-
-<body>
-
-<metal:main fill-slot="prefs_configlet_content">
-
-  <div class="documentEditable">
-
-      <div id="edit-bar">
-          <ul class="contentViews" id="content-views">
-            <li>
-              <a href=""
-                 tal:attributes="href string:$portal_url/@@usergroup-userprefs"
-                 i18n:translate="label_users">Users</a>
-            </li>
-            <li>
-              <a href=""
-                 tal:attributes="href string:$portal_url/@@usergroup-groupprefs"
-                 i18n:translate="label_groups">Groups</a>
-            </li>
-            <li class="selected">
-              <a href=""
-                 tal:attributes="href string:$portal_url/@@usergroup-controlpanel"
-                 i18n:translate="label_usergroup_settings">Settings</a>
-            </li>
-            <li>
-              <a href=""
-                 tal:attributes="href string:$portal_url/@@member-registration"
-                 i18n:translate="label_member_registration">Member Registration</a>
-            </li>
-          </ul>
-          <div class="contentActions">&nbsp;</div>
-      </div>
-
-      <div metal:use-macro="context/global_statusmessage/macros/portal_message">
-        Portal status message
-      </div>
-
-      <article id="content">
-        <metal:block use-macro="view/base_template/macros/header" />
-
-        <h1 class="documentFirstHeading"
-            i18n:translate="heading_usergroup_settings">User/Groups Settings</h1>
-
-        <div id="content-core">
-            <metal:block use-macro="view/base_template/macros/master" />
-        </div>
-      </article>
-  </div>
-</metal:main>
-</body>
-</html>