edit.php 14.8 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<?php
/**
 * This program is part of Mahara
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
 *
 * @package    mahara
 * @subpackage admin
 * @author     Richard Mansfield <richard.mansfield@catalyst.net.nz>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
 * @copyright  (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
 *
 */

define('INTERNAL', 1);
28
define('INSTITUTIONALADMIN', 1);
29
define('MENUITEM', 'configusers/usersearch');
30
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
31
define('TITLE', get_string('accountsettings', 'admin'));
32
33
34
35
36
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
require_once('pieforms/pieform.php');

$id = param_integer('id');
37
38
$user = new User;
$user->find_by_id($id);
39

40
global $USER;
41
42
if (!$USER->is_admin_for_user($user)) {
    redirect(get_config('wwwroot').'user/view.php?id='.$id);
43
}
44

45
46
$suspended = $user->get('suspendedcusr');
if (empty($suspended)) {
47
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
48
        'name'       => 'edituser_suspend',
49
50
51
52
53
54
55
56
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'reason' => array(
57
58
59
                'type'        => 'textarea',
                'rows'        => 5,
                'cols'        => 60,
60
61
62
63
64
65
66
67
68
69
                'title'       => get_string('reason'),
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('suspenduser','admin'),
            ),
        )
    ));
} else {
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
70
        'name'       => 'edituser_unsuspend',
71
72
73
74
75
76
77
78
79
80
81
82
83
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('unsuspenduser','admin'),
            ),
        )
    ));
84
    $suspender = display_name(get_record('usr', 'id', $suspended));
85
86
}

Richard Mansfield's avatar
Richard Mansfield committed
87
function edituser_suspend_submit(Pieform $form, $values) {
88
89
90
91
92
93
    global $SESSION;
    suspend_user($values['id'], $values['reason']);
    $SESSION->add_ok_msg(get_string('usersuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}

Richard Mansfield's avatar
Richard Mansfield committed
94
function edituser_unsuspend_submit(Pieform $form, $values) {
95
96
97
98
99
100
101
102
    global $SESSION;
    unsuspend_user($values['id']);
    $SESSION->add_ok_msg(get_string('userunsuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}


// Site-wide account settings
Richard Mansfield's avatar
Richard Mansfield committed
103
$elements = array();
104
105
106
107
108
109
110
111
112
113
114
115
116
117
$elements['id'] = array(
    'type'    => 'hidden',
    'rules'   => array('integer' => true),
    'value'   => $id,
);
$elements['password'] = array(
    'type'         => 'text',
    'title'        => get_string('resetpassword','admin'),
);
$elements['passwordchange'] = array(
    'type'         => 'checkbox',
    'title'        => get_string('forcepasswordchange','admin'),
    'defaultvalue' => $user->passwordchange,
);
118
119
120
121
122
123
124
125
126
127
128
129
if ($USER->get('admin')) {
    $elements['staff'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('sitestaff','admin'),
        'defaultvalue' => $user->staff,
    );
    $elements['admin'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('siteadmin','admin'),
        'defaultvalue' => $user->admin,
    );
}
130
$elements['quota'] = array(
131
    'type'         => 'bytes',
132
    'title'        => get_string('filequota','admin'),
133
    'rules'        => array('integer' => true),
134
    'defaultvalue' => $user->quota,
135
);
136
137
138
139
140

$authinstances = auth_get_auth_instances();
if (count($authinstances) > 1) {
    $options = array();

141
    $external = false;
142
    foreach ($authinstances as $authinstance) {
Richard Mansfield's avatar
Richard Mansfield committed
143
        if ($USER->can_edit_institution($authinstance->name)) {
144
            $options[$authinstance->id] = $authinstance->displayname. ': '.$authinstance->instancename;
145
146
147
            if ($authinstance->authname != 'internal') {
                $external = true;
            }
148
        }
149
150
    }

151
152
153
154
155
156
157
    if (isset($options[$user->authinstance])) {
        $elements['authinstance'] = array(
            'type' => 'select',
            'title' => get_string('authenticatedby', 'admin'),
            'options' => $options,
            'defaultvalue' => $user->authinstance,
        );
158
159
160
161
162
163
164
165
166
        if ($external) {
            $un = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
            $elements['remoteusername'] = array(
                'type' => 'text',
                'title' => get_string('remoteusername', 'admin'),
                'rules' => array('regex' => '/^[a-zA-Z]+[0-9a-zA-Z\.-]*$/'),
                'defaultvalue' => $un ? $un : $user->username,
            );
        }
167
    }
168

169
170
}

171
172
173
174
175
$elements['submit'] = array(
    'type'  => 'submit',
    'value' => get_string('savechanges','admin'),
);

Richard Mansfield's avatar
Richard Mansfield committed
176
177
$siteform = pieform(array(
    'name'       => 'edituser_site',
178
179
180
181
182
183
184
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));


Richard Mansfield's avatar
Richard Mansfield committed
185
function edituser_site_submit(Pieform $form, $values) {
186
187
188
189
190
191
    if (!$user = get_record('usr', 'id', $values['id'])) {
        return false;
    }

    if (isset($values['password']) && $values['password'] !== '') {
        $user->password = $values['password'];
192
        $user->salt = '';
193
194
    }
    $user->passwordchange = (int) ($values['passwordchange'] == 'on');
195
    $user->quota = $values['quota'];
196
197
198
199
200

    global $USER;
    if ($USER->get('admin')) {  // Not editable by institutional admins
        $user->staff = (int) ($values['staff'] == 'on');
        $user->admin = (int) ($values['admin'] == 'on');
201
202
203
        if ($user->admin) {
            activity_add_admin_defaults(array($user->id));
        }
204
205
206
207
    }

    // Authinstance can be changed by institutional admins if both the
    // old and new authinstances belong to the admin's institutions
208
209
210
211
212
213
    $remotename = get_field('auth_remote_user', 'remoteusername', 'authinstance', $user->authinstance, 'localusr', $user->id);
    if (!$remotename) {
        $remotename = $user->username;
    }
    if (isset($values['authinstance']) && ($values['authinstance'] != $user->authinstance
                                           || $values['remoteusername'] != $remotename)) {
214
215
216
217
218
219
220
        $authinst = get_records_select_assoc('auth_instance', 'id = ? OR id = ?', 
                                             array($values['authinstance'], $user->authinstance));
        if ($USER->get('admin') || 
            ($USER->is_institutional_admin($authinst[$values['authinstance']]->institution) &&
             $USER->is_institutional_admin($authinst[$user->authinstance]->institution))) {
            delete_records('auth_remote_user', 'authinstance', $user->authinstance, 'localusr', $user->id);
            if ($authinst[$values['authinstance']]->authname != 'internal') {
221
222
223
224
225
226
                if (isset($values['remoteusername']) && strlen($values['remoteusername']) > 0) {
                    $un = $values['remoteusername'];
                }
                else {
                    $un = $remotename;
                }
227
228
                insert_record('auth_remote_user', (object) array(
                    'authinstance'   => $values['authinstance'],
229
                    'remoteusername' => $un,
230
231
232
233
234
                    'localusr'       => $user->id,
                ));
            }
            $user->authinstance = $values['authinstance'];
        }
235
    }
236
237
238
239
240
241
242

    update_record('usr', $user);

    redirect('/admin/users/edit.php?id='.$user->id);
}


243
// Institution settings form
Richard Mansfield's avatar
Richard Mansfield committed
244
245
246
247
248
249
250
251

$elements = array(
    'id' => array(
         'type'    => 'hidden',
         'value'   => $id,
     ),
);

252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
$allinstitutions = get_records_assoc('institution');
$currentdate = getdate();
foreach ($user->get('institutions') as $i) {
    $elements[$i->institution.'_settings'] = array(
        'type' => 'fieldset',
        'legend' => $allinstitutions[$i->institution]->displayname,
        'elements' => array(
            $i->institution.'_expiry' => array(
                'type'         => 'date',
                'title'        => get_string('membershipexpiry'),
                'minyear'      => $currentdate['year'],
                'maxyear'      => $currentdate['year'] + 20,
                'defaultvalue' => $i->expiry
            ),
            $i->institution.'_studentid' => array(
                'type'         => 'text',
                'title'        => get_string('studentid'),
                'defaultvalue' => $i->studentid,
            ),
            $i->institution.'_staff' => array(
                'type'         => 'checkbox',
                'title'        => get_string('institutionstaff','admin'),
                'defaultvalue' => $i->staff,
            ),
            $i->institution.'_admin' => array(
                'type'         => 'checkbox',
                'title'        => get_string('institutionadmin','admin'),
                'defaultvalue' => $i->admin,
            ),
            $i->institution.'_submit' => array(
                'type'  => 'submit',
                'value' => get_string('update'),
            ),
        ),
Richard Mansfield's avatar
Richard Mansfield committed
286
    );
287
    $elements[$i->institution.'_remove'] = array(
Richard Mansfield's avatar
Richard Mansfield committed
288
        'type'  => 'submit',
289
        'value' => get_string('remove'),
290
        'confirm' => get_string('confirmremoveuserfrominstitution', 'admin'),
Richard Mansfield's avatar
Richard Mansfield committed
291
292
    );
}
293

294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
// Only site admins can add institutions; institutional admins must invite
if ($USER->get('admin') 
    && (get_config('usersallowedmultipleinstitutions') || count($user->institutions) == 0)) {
    $options = array();
    foreach ($allinstitutions as $i) {
        if (!$user->in_institution($i->name) && $i->name != 'mahara') {
            $options[$i->name] = $i->displayname;
        }
    }
    if (!empty($options)) {
        $elements['addinstitution'] = array(
            'type'         => 'select',
            'title'        => get_string('addinstitution', 'admin'),
            'options'      => $options,
        );
        $elements['add'] = array(
            'type'  => 'submit',
            'value' => get_string('addinstitution','admin'),
        );
    }
}

Richard Mansfield's avatar
Richard Mansfield committed
316
317
318
319
320
321
322
323
324
$institutionform = pieform(array(
    'name'       => 'edituser_institution',
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));

function edituser_institution_submit(Pieform $form, $values) {
325
326
    $user = new User;
    if (!$user->find_by_id($values['id'])) {
Richard Mansfield's avatar
Richard Mansfield committed
327
328
        return false;
    }
329
    $userinstitutions = $user->get('institutions');
Richard Mansfield's avatar
Richard Mansfield committed
330

331
    global $USER;
332
    foreach ($userinstitutions as $i) {
Richard Mansfield's avatar
Richard Mansfield committed
333
        if ($USER->can_edit_institution($i->institution)) {
334
335
336
337
            if (isset($values[$i->institution.'_submit'])) {
                $newuser = (object) array(
                    'usr'         => $user->id,
                    'institution' => $i->institution,
338
                    'ctime'       => db_format_timestamp($i->ctime),
339
340
341
342
343
344
345
346
347
348
                    'studentid'   => $values[$i->institution . '_studentid'],
                    'staff'       => (int) ($values[$i->institution . '_staff'] == 'on'),
                    'admin'       => (int) ($values[$i->institution . '_admin'] == 'on'),
                );
                if ($values[$i->institution . '_expiry']) {
                    $newuser->expiry = db_format_timestamp($values[$i->institution . '_expiry']);
                }
                db_begin();
                delete_records('usr_institution', 'usr', $user->id, 'institution', $i->institution);
                insert_record('usr_institution', $newuser);
349
350
351
                if ($newuser->admin) {
                    activity_add_admin_defaults(array($user->id));
                }
352
353
354
355
                handle_event('updateuser', $user->id);
                db_commit();
                break;
            } else if (isset($values[$i->institution.'_remove'])) {
356
357
358
359
360
                if ($user->id == $USER->id) {
                    $USER->leave_institution($i->institution);
                } else {
                    $user->leave_institution($i->institution);
                }
361
362
363
364
                // Institutional admins can no longer access this page
                // if they remove the user from the institution, so
                // send them back to user search.
                if (!$USER->get('admin')) {
365
366
367
                    if (!$USER->is_institutional_admin()) {
                        redirect(get_config('wwwroot'));
                    }
368
369
370
371
372
                    redirect('/admin/users/search.php');
                }
                break;
            }
        }
373
374
    }

375
376
377
378
379
380
    if (isset($values['add']) && $USER->get('admin')
        && (empty($userinstitutions) || get_config('usersallowedmultipleinstitutions'))) {
        // Do nothing if the user is already in the institution
        $addinstitution = get_record('institution', 'name', $values['addinstitution']);
        if (!$addinstitution || $addinstitution->name == 'mahara'
            || $user->in_institution($addinstitution->name)) {
Richard Mansfield's avatar
Richard Mansfield committed
381
382
            redirect('/admin/users/edit.php?id='.$user->id);
        }
383
384
385
386
387
        $now = time();
        if (!empty($addinstitution->defaultmembershipperiod)) {
            $expiry = db_format_timestamp($now + $addinstitution->defaultmembershipperiod);
        } else {
            $expiry = null;
Richard Mansfield's avatar
Richard Mansfield committed
388
        }
389
390
391
392
393
394
395
        db_begin();
        insert_record('usr_institution', (object) array(
            'usr' => $user->id,
            'institution' => $addinstitution->name,
            'ctime' => db_format_timestamp($now),
            'expiry' => $expiry,
        ));
396
        handle_event('updateuser', $user->id);
397
        db_commit();
Richard Mansfield's avatar
Richard Mansfield committed
398
399
400
401
    }

    redirect('/admin/users/edit.php?id='.$user->id);
}
402
403
404

$smarty = smarty();
$smarty->assign('user', $user);
405
406
407
408
$smarty->assign('suspended', $suspended);
if ($suspended) {
    $smarty->assign('suspendedby', get_string('suspendedby', 'admin', $suspender));
}
409
$smarty->assign('suspendform', $suspendform);
Richard Mansfield's avatar
Richard Mansfield committed
410
411
$smarty->assign('siteform', $siteform);
$smarty->assign('institutionform', $institutionform);
Richard Mansfield's avatar
Richard Mansfield committed
412
413
414
415
416
417
418

if ($id != $USER->get('id') && is_null($USER->get('parentuser'))) {
    $loginas = get_string('loginasuser', 'admin', $user->username);
} else {
    $loginas = null;
}
$smarty->assign('loginas', $loginas);
419
420
421
$smarty->display('admin/users/edit.tpl');

?>