edit.php 16.1 KB
Newer Older
1
2
<?php
/**
3
 * Mahara: Electronic portfolio, weblog, resume builder and social networking
4
 * Copyright (C) 2006-2008 Catalyst IT Ltd (http://www.catalyst.net.nz)
5
 *
6
7
8
9
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
10
 *
11
12
13
14
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
15
 *
16
17
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
18
19
20
21
22
 *
 * @package    mahara
 * @subpackage admin
 * @author     Richard Mansfield <richard.mansfield@catalyst.net.nz>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
23
 * @copyright  (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
24
25
26
27
 *
 */

define('INTERNAL', 1);
28
define('INSTITUTIONALADMIN', 1);
29
define('MENUITEM', 'configusers/usersearch');
30
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
31
define('TITLE', get_string('accountsettings', 'admin'));
32
33
34
35
36
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
require_once('pieforms/pieform.php');

$id = param_integer('id');
37
38
$user = new User;
$user->find_by_id($id);
39

40
41
if (!$USER->is_admin_for_user($user)) {
    redirect(get_config('wwwroot').'user/view.php?id='.$id);
42
}
43

44
45
$suspended = $user->get('suspendedcusr');
if (empty($suspended)) {
46
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
47
        'name'       => 'edituser_suspend',
48
49
50
51
52
53
54
55
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'reason' => array(
56
57
58
                'type'        => 'textarea',
                'rows'        => 5,
                'cols'        => 60,
59
                'title'       => get_string('reason'),
60
                'description' => get_string('suspendedreasondescription', 'admin'),
61
62
63
64
65
66
67
68
69
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('suspenduser','admin'),
            ),
        )
    ));
} else {
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
70
        'name'       => 'edituser_unsuspend',
71
72
73
74
75
76
77
78
79
80
81
82
83
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('unsuspenduser','admin'),
            ),
        )
    ));
84
    $suspender = display_name(get_record('usr', 'id', $suspended));
85
86
}

Richard Mansfield's avatar
Richard Mansfield committed
87
function edituser_suspend_submit(Pieform $form, $values) {
88
89
90
91
92
93
    global $SESSION;
    suspend_user($values['id'], $values['reason']);
    $SESSION->add_ok_msg(get_string('usersuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}

Richard Mansfield's avatar
Richard Mansfield committed
94
function edituser_unsuspend_submit(Pieform $form, $values) {
95
96
97
98
99
100
101
102
    global $SESSION;
    unsuspend_user($values['id']);
    $SESSION->add_ok_msg(get_string('userunsuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}


// Site-wide account settings
103
$currentdate = getdate();
Richard Mansfield's avatar
Richard Mansfield committed
104
$elements = array();
105
106
107
108
109
110
111
112
$elements['id'] = array(
    'type'    => 'hidden',
    'rules'   => array('integer' => true),
    'value'   => $id,
);
$elements['password'] = array(
    'type'         => 'text',
    'title'        => get_string('resetpassword','admin'),
113
    'description'  => get_string('resetpassworddescription','admin'),
114
115
116
117
);
$elements['passwordchange'] = array(
    'type'         => 'checkbox',
    'title'        => get_string('forcepasswordchange','admin'),
118
    'description'  => get_string('forcepasswordchangedescription','admin'),
119
120
    'defaultvalue' => $user->passwordchange,
);
121
122
123
124
if ($USER->get('admin')) {
    $elements['staff'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('sitestaff','admin'),
125
        //'description'  => get_string('sitestaffdescription','admin'),
126
127
128
129
130
        'defaultvalue' => $user->staff,
    );
    $elements['admin'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('siteadmin','admin'),
131
        //'description'  => get_string('siteadmindescription','admin'),
132
133
134
        'defaultvalue' => $user->admin,
    );
}
135
136
137
138
139
140
141
142
$elements['expiry'] = array(
    'type'         => 'date',
    'title'        => get_string('accountexpiry', 'admin'),
    'description'  => get_string('accountexpirydescription', 'admin'),
    'minyear'      => $currentdate['year'] - 2,
    'maxyear'      => $currentdate['year'] + 20,
    'defaultvalue' => $user->expiry
);
143
$elements['quota'] = array(
144
    'type'         => 'bytes',
145
    'title'        => get_string('filequota','admin'),
146
    'description'  => get_string('filequotadescription','admin'),
147
    'rules'        => array('integer' => true),
148
    'defaultvalue' => $user->quota,
149
);
150
151
152
153
154

$authinstances = auth_get_auth_instances();
if (count($authinstances) > 1) {
    $options = array();

155
    $external = false;
156
    foreach ($authinstances as $authinstance) {
Richard Mansfield's avatar
Richard Mansfield committed
157
        if ($USER->can_edit_institution($authinstance->name)) {
158
            $options[$authinstance->id] = $authinstance->displayname. ': '.$authinstance->instancename;
159
160
161
            if ($authinstance->authname != 'internal') {
                $external = true;
            }
162
        }
163
164
    }

165
166
    if (isset($options[$user->authinstance])) {
        $elements['authinstance'] = array(
167
168
169
170
            'type'         => 'select',
            'title'        => get_string('authenticatedby', 'admin'),
            //'description'  => get_string('authenticatedbydescription', 'admin'),
            'options'      => $options,
171
172
            'defaultvalue' => $user->authinstance,
        );
173
174
175
        if ($external) {
            $un = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
            $elements['remoteusername'] = array(
176
177
178
                'type'         => 'text',
                'title'        => get_string('remoteusername', 'admin'),
                'description'  => get_string('remoteusernamedescription', 'admin'),
179
180
181
                'defaultvalue' => $un ? $un : $user->username,
            );
        }
182
    }
183

184
185
}

186
187
188
189
190
$elements['submit'] = array(
    'type'  => 'submit',
    'value' => get_string('savechanges','admin'),
);

Richard Mansfield's avatar
Richard Mansfield committed
191
192
$siteform = pieform(array(
    'name'       => 'edituser_site',
193
194
195
196
197
198
199
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));


Richard Mansfield's avatar
Richard Mansfield committed
200
function edituser_site_submit(Pieform $form, $values) {
201
202
203
204
205
206
    if (!$user = get_record('usr', 'id', $values['id'])) {
        return false;
    }

    if (isset($values['password']) && $values['password'] !== '') {
        $user->password = $values['password'];
207
        $user->salt = '';
208
209
    }
    $user->passwordchange = (int) ($values['passwordchange'] == 'on');
210
    $user->quota = $values['quota'];
211
    $user->expiry = db_format_timestamp($values['expiry']);
212
213
214
215
216

    global $USER;
    if ($USER->get('admin')) {  // Not editable by institutional admins
        $user->staff = (int) ($values['staff'] == 'on');
        $user->admin = (int) ($values['admin'] == 'on');
217
218
219
        if ($user->admin) {
            activity_add_admin_defaults(array($user->id));
        }
220
221
222
223
    }

    // Authinstance can be changed by institutional admins if both the
    // old and new authinstances belong to the admin's institutions
224
225
226
227
    $remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
    if (!$remotename) {
        $remotename = $user->username;
    }
228
229
230
    if (isset($values['authinstance'])
        && ($values['authinstance'] != $user->authinstance
            || (isset($values['remoteusername']) && $values['remoteusername'] != $remotename))) {
231
232
233
234
235
236
237
        $authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', 
                                             array($values['authinstance'], $user->authinstance));
        if ($USER->get('admin') || 
            ($USER->is_institutional_admin($authinst[$values['authinstance']]->institution) &&
             $USER->is_institutional_admin($authinst[$user->authinstance]->institution))) {
            delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $user->id);
            if ($authinst[$values['authinstance']]->authname != 'internal') {
238
239
240
241
242
243
                if (isset($values['remoteusername']) && strlen($values['remoteusername']) > 0) {
                    $un = $values['remoteusername'];
                }
                else {
                    $un = $remotename;
                }
244
245
                insert_record('auth_remote_user', (object) array(
                    'authinstance'   => $values['authinstance'],
246
                    'remoteusername' => $un,
247
248
249
250
251
                    'localusr'       => $user->id,
                ));
            }
            $user->authinstance = $values['authinstance'];
        }
252
    }
253
254
255
256
257
258
259

    update_record('usr', $user);

    redirect('/admin/users/edit.php?id='.$user->id);
}


260
// Institution settings form
Richard Mansfield's avatar
Richard Mansfield committed
261
262
263
264
265
266
267
268

$elements = array(
    'id' => array(
         'type'    => 'hidden',
         'value'   => $id,
     ),
);

269
270
271
272
273
274
275
276
$allinstitutions = get_records_assoc('institution');
foreach ($user->get('institutions') as $i) {
    $elements[$i->institution.'_settings'] = array(
        'type' => 'fieldset',
        'legend' => $allinstitutions[$i->institution]->displayname,
        'elements' => array(
            $i->institution.'_expiry' => array(
                'type'         => 'date',
277
278
                'title'        => get_string('membershipexpiry', 'admin'),
                'description'  => get_string('membershipexpirydescription', 'admin'),
279
280
281
282
283
284
                'minyear'      => $currentdate['year'],
                'maxyear'      => $currentdate['year'] + 20,
                'defaultvalue' => $i->expiry
            ),
            $i->institution.'_studentid' => array(
                'type'         => 'text',
285
286
                'title'        => get_string('studentid', 'admin'),
                'description'  => get_string('institutionstudentiddescription', 'admin'),
287
288
                'defaultvalue' => $i->studentid,
            ),
289
            $i->institution.'_staff' => array(
290
291
292
                'type'         => 'checkbox',
                'title'        => get_string('institutionstaff','admin'),
                'defaultvalue' => $i->staff,
293
            ),
294
295
296
            $i->institution.'_admin' => array(
                'type'         => 'checkbox',
                'title'        => get_string('institutionadmin','admin'),
297
                'description'  => get_string('institutionadmindescription','admin'),
298
299
300
301
302
303
304
                'defaultvalue' => $i->admin,
            ),
            $i->institution.'_submit' => array(
                'type'  => 'submit',
                'value' => get_string('update'),
            ),
        ),
Richard Mansfield's avatar
Richard Mansfield committed
305
    );
306
    $elements[$i->institution.'_remove'] = array(
Richard Mansfield's avatar
Richard Mansfield committed
307
        'type'  => 'submit',
308
        'value' => get_string('remove'),
309
        'confirm' => get_string('confirmremoveuserfrominstitution', 'admin'),
Richard Mansfield's avatar
Richard Mansfield committed
310
311
    );
}
312

313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
// Only site admins can add institutions; institutional admins must invite
if ($USER->get('admin') 
    && (get_config('usersallowedmultipleinstitutions') || count($user->institutions) == 0)) {
    $options = array();
    foreach ($allinstitutions as $i) {
        if (!$user->in_institution($i->name) && $i->name != 'mahara') {
            $options[$i->name] = $i->displayname;
        }
    }
    if (!empty($options)) {
        $elements['addinstitution'] = array(
            'type'         => 'select',
            'title'        => get_string('addinstitution', 'admin'),
            'options'      => $options,
        );
        $elements['add'] = array(
            'type'  => 'submit',
            'value' => get_string('addinstitution','admin'),
        );
    }
}

Richard Mansfield's avatar
Richard Mansfield committed
335
336
337
338
339
340
341
342
343
$institutionform = pieform(array(
    'name'       => 'edituser_institution',
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));

function edituser_institution_submit(Pieform $form, $values) {
344
345
    $user = new User;
    if (!$user->find_by_id($values['id'])) {
Richard Mansfield's avatar
Richard Mansfield committed
346
347
        return false;
    }
348
    $userinstitutions = $user->get('institutions');
Richard Mansfield's avatar
Richard Mansfield committed
349

350
    global $USER;
351
    foreach ($userinstitutions as $i) {
Richard Mansfield's avatar
Richard Mansfield committed
352
        if ($USER->can_edit_institution($i->institution)) {
353
354
355
356
            if (isset($values[$i->institution.'_submit'])) {
                $newuser = (object) array(
                    'usr'         => $user->id,
                    'institution' => $i->institution,
357
                    'ctime'       => db_format_timestamp($i->ctime),
358
                    'studentid'   => $values[$i->institution . '_studentid'],
359
                    'staff'       => (int) ($values[$i->institution . '_staff'] == 'on'),
360
361
362
363
364
365
366
367
                    'admin'       => (int) ($values[$i->institution . '_admin'] == 'on'),
                );
                if ($values[$i->institution . '_expiry']) {
                    $newuser->expiry = db_format_timestamp($values[$i->institution . '_expiry']);
                }
                db_begin();
                delete_records('usr_institution', 'usr', $user->id, 'institution', $i->institution);
                insert_record('usr_institution', $newuser);
368
369
370
                if ($newuser->admin) {
                    activity_add_admin_defaults(array($user->id));
                }
371
372
373
374
                handle_event('updateuser', $user->id);
                db_commit();
                break;
            } else if (isset($values[$i->institution.'_remove'])) {
375
376
377
378
379
                if ($user->id == $USER->id) {
                    $USER->leave_institution($i->institution);
                } else {
                    $user->leave_institution($i->institution);
                }
380
381
382
383
                // Institutional admins can no longer access this page
                // if they remove the user from the institution, so
                // send them back to user search.
                if (!$USER->get('admin')) {
384
385
386
                    if (!$USER->is_institutional_admin()) {
                        redirect(get_config('wwwroot'));
                    }
387
388
389
390
391
                    redirect('/admin/users/search.php');
                }
                break;
            }
        }
392
393
    }

394
395
396
397
398
399
    if (isset($values['add']) && $USER->get('admin')
        && (empty($userinstitutions) || get_config('usersallowedmultipleinstitutions'))) {
        // Do nothing if the user is already in the institution
        $addinstitution = get_record('institution', 'name', $values['addinstitution']);
        if (!$addinstitution || $addinstitution->name == 'mahara'
            || $user->in_institution($addinstitution->name)) {
Richard Mansfield's avatar
Richard Mansfield committed
400
401
            redirect('/admin/users/edit.php?id='.$user->id);
        }
402
403
404
405
406
        $now = time();
        if (!empty($addinstitution->defaultmembershipperiod)) {
            $expiry = db_format_timestamp($now + $addinstitution->defaultmembershipperiod);
        } else {
            $expiry = null;
Richard Mansfield's avatar
Richard Mansfield committed
407
        }
408
409
410
411
412
413
414
        db_begin();
        insert_record('usr_institution', (object) array(
            'usr' => $user->id,
            'institution' => $addinstitution->name,
            'ctime' => db_format_timestamp($now),
            'expiry' => $expiry,
        ));
415
        handle_event('updateuser', $user->id);
416
        db_commit();
Richard Mansfield's avatar
Richard Mansfield committed
417
418
419
420
    }

    redirect('/admin/users/edit.php?id='.$user->id);
}
421
422
423

$smarty = smarty();
$smarty->assign('user', $user);
424
425
426
427
$smarty->assign('suspended', $suspended);
if ($suspended) {
    $smarty->assign('suspendedby', get_string('suspendedby', 'admin', $suspender));
}
428
$smarty->assign('suspendform', $suspendform);
Richard Mansfield's avatar
Richard Mansfield committed
429
$smarty->assign('siteform', $siteform);
430
$smarty->assign('institutions', count($allinstitutions) > 1);
Richard Mansfield's avatar
Richard Mansfield committed
431
$smarty->assign('institutionform', $institutionform);
Richard Mansfield's avatar
Richard Mansfield committed
432
433
434
435
436
437
438

if ($id != $USER->get('id') && is_null($USER->get('parentuser'))) {
    $loginas = get_string('loginasuser', 'admin', $user->username);
} else {
    $loginas = null;
}
$smarty->assign('loginas', $loginas);
439
440
441
$smarty->display('admin/users/edit.tpl');

?>