edit.php 11 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<?php
/**
 * This program is part of Mahara
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
 *
 * @package    mahara
 * @subpackage admin
 * @author     Richard Mansfield <richard.mansfield@catalyst.net.nz>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
 * @copyright  (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
 *
 */

define('INTERNAL', 1);
28
define('INSTITUTIONALADMIN', 1);
29
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
30
define('TITLE', get_string('accountsettings', 'admin'));
31
32
33
34
35
36
37
38
39
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
require_once('pieforms/pieform.php');

$id = param_integer('id');
if (!$user = get_record('usr', 'id', $id)) {
    throw new UserNotFoundException("User not found");
}

40
41
42
43
44
// Deny access to institutional admins from different institutions to the displayed user
$userinstitution = get_record('usr_institution', 'usr', $id, null, null, null, null,
                              'usr,institution,studentid,staff,admin,'.db_format_tsfield('expiry'));
global $USER;
if (!$USER->get('admin')) {
45
    if (empty($userinstitution) || !$USER->is_institutional_admin($userinstitution->institution)) {
46
47
48
        redirect(get_config('wwwroot').'user/view.php?id='.$id);
    }
}
49
50
51

if (empty($user->suspendedcusr)) {
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
52
        'name'       => 'edituser_suspend',
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'reason' => array(
                'type'        => 'text',
                'title'       => get_string('reason'),
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('suspenduser','admin'),
            ),
        )
    ));
} else {
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
72
        'name'       => 'edituser_unsuspend',
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('unsuspenduser','admin'),
            ),
        )
    ));
}

Richard Mansfield's avatar
Richard Mansfield committed
88
function edituser_suspend_submit(Pieform $form, $values) {
89
90
91
92
93
94
    global $SESSION;
    suspend_user($values['id'], $values['reason']);
    $SESSION->add_ok_msg(get_string('usersuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}

Richard Mansfield's avatar
Richard Mansfield committed
95
function edituser_unsuspend_submit(Pieform $form, $values) {
96
97
98
99
100
101
102
103
    global $SESSION;
    unsuspend_user($values['id']);
    $SESSION->add_ok_msg(get_string('userunsuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}


// Site-wide account settings
Richard Mansfield's avatar
Richard Mansfield committed
104
$elements = array();
105
106
107
108
109
110
111
112
113
114
115
116
117
118
$elements['id'] = array(
    'type'    => 'hidden',
    'rules'   => array('integer' => true),
    'value'   => $id,
);
$elements['password'] = array(
    'type'         => 'text',
    'title'        => get_string('resetpassword','admin'),
);
$elements['passwordchange'] = array(
    'type'         => 'checkbox',
    'title'        => get_string('forcepasswordchange','admin'),
    'defaultvalue' => $user->passwordchange,
);
119
120
121
122
123
124
125
126
127
128
129
130
if ($USER->get('admin')) {
    $elements['staff'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('sitestaff','admin'),
        'defaultvalue' => $user->staff,
    );
    $elements['admin'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('siteadmin','admin'),
        'defaultvalue' => $user->admin,
    );
}
131
$elements['quota'] = array(
132
    'type'         => 'bytes',
133
    'title'        => get_string('filequota','admin'),
134
    'defaultvalue' => $user->quota,
135
);
136
137
138
139
140
141

$authinstances = auth_get_auth_instances();
if (count($authinstances) > 1) {
    $options = array();

    foreach ($authinstances as $authinstance) {
142
143
144
        if ($USER->get('admin') || $USER->is_institutional_admin($authinstance->name)) {
            $options[$authinstance->id] = $authinstance->displayname. ': '.$authinstance->instancename;
        }
145
146
147
148
149
150
151
152
153
154
    }

    $elements['authinstance'] = array(
        'type' => 'select',
        'title' => get_string('authenticatedby', 'admin'),
        'options' => $options,
        'defaultvalue' => $user->authinstance
    );
}

155
156
157
158
159
$elements['submit'] = array(
    'type'  => 'submit',
    'value' => get_string('savechanges','admin'),
);

Richard Mansfield's avatar
Richard Mansfield committed
160
161
$siteform = pieform(array(
    'name'       => 'edituser_site',
162
163
164
165
166
167
168
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));


Richard Mansfield's avatar
Richard Mansfield committed
169
function edituser_site_submit(Pieform $form, $values) {
170
171
172
173
174
175
176
177
    if (!$user = get_record('usr', 'id', $values['id'])) {
        return false;
    }

    if (isset($values['password']) && $values['password'] !== '') {
        $user->password = $values['password'];
    }
    $user->passwordchange = (int) ($values['passwordchange'] == 'on');
178
    $user->quota = $values['quota'];
179
180
181
182
183
184
185
186
187
188
189
190
191

    global $USER;
    if ($USER->get('admin')) {  // Not editable by institutional admins
        $user->staff = (int) ($values['staff'] == 'on');
        $user->admin = (int) ($values['admin'] == 'on');
    }

    // Authinstance can be changed by institutional admins if both the
    // old and new authinstances belong to the admin's institutions
    if (isset($values['authinstance']) &&
        ($USER->get('admin') || 
         ($USER->is_institutional_admin(get_field('auth_instance', 'institution', 'id', $values['authinstance'])) &&
          $USER->is_institutional_admin(get_field('auth_instance', 'institution', 'id', $user->authinstance))))) {
192
193
        $user->authinstance = $values['authinstance'];
    }
194
195
196
197
198
199
200

    update_record('usr', $user);

    redirect('/admin/users/edit.php?id='.$user->id);
}


Richard Mansfield's avatar
Richard Mansfield committed
201
202
203
204
// Institution settings
$allinstitutions = get_records_array('institution');
$options = array();
foreach ($allinstitutions as $i) {
205
    if ($USER->get('admin') || $i->name == 'mahara' || $i->name == $userinstitution->institution) {
206
207
        $options[$i->name] = $i->displayname;
    }
Richard Mansfield's avatar
Richard Mansfield committed
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
}

$elements = array(
    'id' => array(
         'type'    => 'hidden',
         'value'   => $id,
     ),
    'institution' => array(
         'type'         => 'select',
         'title'        => get_string('institution'),
         'options'      => $options,
         'defaultvalue' => empty($userinstitution) ? 'mahara' : $userinstitution->institution
    ),
    'change' => array(
        'type'  => 'submit',
        'value' => get_string('changeinstitution','admin'),
    ),
);

if ($userinstitution) {
    $elements['subtitle'] = array(
        'type'         => 'html',
        'title'        => get_string('settingsfor', 'admin'),
        'value'        => $options[$userinstitution->institution],
    );
    $currentdate = getdate();
    $elements['expiry'] = array(
        'type'         => 'date',
        'title'        => get_string('membershipexpiry'),
        'minyear'      => $currentdate['year'],
        'maxyear'      => $currentdate['year'] + 20
    );
    if (!empty($userinstitution->expiry)) {
        $elements['expiry']['defaultvalue'] = $userinstitution->expiry;
    }
    $elements['studentid'] = array(
        'type'         => 'text',
        'title'        => get_string('studentid'),
        'defaultvalue' => $userinstitution->studentid,
    );
    $elements['staff'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('institutionstaff','admin'),
        'defaultvalue' => $userinstitution->staff,
    );
    $elements['admin'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('institutionadmin','admin'),
        'defaultvalue' => $userinstitution->admin,
    );
    $elements['submit'] = array(
        'type'  => 'submit',
        'value' => get_string('update'),
    );
}
263

Richard Mansfield's avatar
Richard Mansfield committed
264
265
266
267
268
269
270
271
272
273
274
275
276
277
$institutionform = pieform(array(
    'name'       => 'edituser_institution',
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));

function edituser_institution_submit(Pieform $form, $values) {
    if (!$user = get_record('usr', 'id', $values['id'])) {
        return false;
    }
    $userinstitution = get_record('usr_institution', 'usr', $user->id);

278
279
280
281
282
283
284
285
    // Make sure institutional admins are from the same institution as
    // the user being edited
    global $USER;
    if (!$USER->get('admin')
        && (!$userinstitution || !$USER->is_institutional_admin($userinstitution->institution))) {
        redirect('/admin/users/edit.php?id='.$user->id);
    }

Richard Mansfield's avatar
Richard Mansfield committed
286
    if (isset($values['change'])) {
287
        // Do nothing if there's no change to the institution
Richard Mansfield's avatar
Richard Mansfield committed
288
289
290
291
        if (!$userinstitution && $values['institution'] == 'mahara'
            || $userinstitution && $values['institution'] == $userinstitution->institution) {
            redirect('/admin/users/edit.php?id='.$user->id);
        }
292
293
294
295
296
        // Don't let institutional admins change the institution, but let them unset it
        if (!$USER->get('admin') && $values['institution'] != 'mahara') {
            redirect('/admin/users/edit.php?id='.$user->id);
        }

Richard Mansfield's avatar
Richard Mansfield committed
297
298
299
300
301
302
303
        delete_records('usr_institution', 'usr', $user->id);
        if ($values['institution'] != 'mahara') {
            insert_record('usr_institution', (object) array(
                'usr' => $user->id,
                'institution' => $values['institution']  // ctime, expiry, etc
            ));
        }
304
        handle_event('updateuser', $user->id);
Richard Mansfield's avatar
Richard Mansfield committed
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
    } else { // Changing settings for an existing institution
        $newuser = (object) array(
            'usr'         => $userinstitution->usr,
            'institution' => $userinstitution->institution,
            'ctime'       => $userinstitution->ctime,
            'studentid'   => $values['studentid'],
            'staff'       => (int) ($values['staff'] == 'on'),
            'admin'       => (int) ($values['admin'] == 'on'),
        );
        if ($values['expiry']) {
            $newuser->expiry = db_format_timestamp($values['expiry']);
        }
        delete_records('usr_institution', 'usr', $user->id);
        insert_record('usr_institution', $newuser);
    }

    redirect('/admin/users/edit.php?id='.$user->id);
}
323
324
325
326

$smarty = smarty();
$smarty->assign('user', $user);
$smarty->assign('suspendform', $suspendform);
Richard Mansfield's avatar
Richard Mansfield committed
327
328
$smarty->assign('siteform', $siteform);
$smarty->assign('institutionform', $institutionform);
329
330
331
$smarty->display('admin/users/edit.tpl');

?>