edit.php 11.1 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<?php
/**
 * This program is part of Mahara
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
 *
 * @package    mahara
 * @subpackage admin
 * @author     Richard Mansfield <richard.mansfield@catalyst.net.nz>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL
 * @copyright  (C) 2006,2007 Catalyst IT Ltd http://catalyst.net.nz
 *
 */

define('INTERNAL', 1);
28
define('INSTITUTIONALADMIN', 1);
29
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
30
define('TITLE', get_string('accountsettings', 'admin'));
31
32
33
34
35
36
37
38
39
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
require_once('pieforms/pieform.php');

$id = param_integer('id');
if (!$user = get_record('usr', 'id', $id)) {
    throw new UserNotFoundException("User not found");
}

40
41
42
43
44
// Deny access to institutional admins from different institutions to the displayed user
$userinstitution = get_record('usr_institution', 'usr', $id, null, null, null, null,
                              'usr,institution,studentid,staff,admin,'.db_format_tsfield('expiry'));
global $USER;
if (!$USER->get('admin')) {
45
    if (empty($userinstitution) || !$USER->is_institutional_admin($userinstitution->institution)) {
46
47
48
        redirect(get_config('wwwroot').'user/view.php?id='.$id);
    }
}
49
50
51

if (empty($user->suspendedcusr)) {
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
52
        'name'       => 'edituser_suspend',
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'reason' => array(
                'type'        => 'text',
                'title'       => get_string('reason'),
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('suspenduser','admin'),
            ),
        )
    ));
} else {
    $suspendform = pieform(array(
Richard Mansfield's avatar
Richard Mansfield committed
72
        'name'       => 'edituser_unsuspend',
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
        'plugintype' => 'core',
        'pluginname' => 'admin',
        'elements'   => array(
            'id' => array(
                 'type'    => 'hidden',
                 'value'   => $id,
            ),
            'submit' => array(
                'type'  => 'submit',
                'value' => get_string('unsuspenduser','admin'),
            ),
        )
    ));
}

Richard Mansfield's avatar
Richard Mansfield committed
88
function edituser_suspend_submit(Pieform $form, $values) {
89
90
91
92
93
94
    global $SESSION;
    suspend_user($values['id'], $values['reason']);
    $SESSION->add_ok_msg(get_string('usersuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}

Richard Mansfield's avatar
Richard Mansfield committed
95
function edituser_unsuspend_submit(Pieform $form, $values) {
96
97
98
99
100
101
102
103
    global $SESSION;
    unsuspend_user($values['id']);
    $SESSION->add_ok_msg(get_string('userunsuspended', 'admin'));
    redirect('/admin/users/edit.php?id=' . $values['id']);
}


// Site-wide account settings
Richard Mansfield's avatar
Richard Mansfield committed
104
$elements = array();
105
106
107
108
109
110
111
112
113
114
115
116
117
118
$elements['id'] = array(
    'type'    => 'hidden',
    'rules'   => array('integer' => true),
    'value'   => $id,
);
$elements['password'] = array(
    'type'         => 'text',
    'title'        => get_string('resetpassword','admin'),
);
$elements['passwordchange'] = array(
    'type'         => 'checkbox',
    'title'        => get_string('forcepasswordchange','admin'),
    'defaultvalue' => $user->passwordchange,
);
119
120
121
122
123
124
125
126
127
128
129
130
if ($USER->get('admin')) {
    $elements['staff'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('sitestaff','admin'),
        'defaultvalue' => $user->staff,
    );
    $elements['admin'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('siteadmin','admin'),
        'defaultvalue' => $user->admin,
    );
}
131
132
133
134
135
136
$elements['quota'] = array(
    'type'         => 'text',
    'title'        => get_string('filequota','admin'),
    'defaultvalue' => $user->quota / 1048576,
    'rules'        => array('integer' => true),
);
137
138
139
140
141
142

$authinstances = auth_get_auth_instances();
if (count($authinstances) > 1) {
    $options = array();

    foreach ($authinstances as $authinstance) {
143
144
145
        if ($USER->get('admin') || $USER->is_institutional_admin($authinstance->name)) {
            $options[$authinstance->id] = $authinstance->displayname. ': '.$authinstance->instancename;
        }
146
147
148
149
150
151
152
153
154
155
    }

    $elements['authinstance'] = array(
        'type' => 'select',
        'title' => get_string('authenticatedby', 'admin'),
        'options' => $options,
        'defaultvalue' => $user->authinstance
    );
}

156
157
158
159
160
$elements['submit'] = array(
    'type'  => 'submit',
    'value' => get_string('savechanges','admin'),
);

Richard Mansfield's avatar
Richard Mansfield committed
161
162
$siteform = pieform(array(
    'name'       => 'edituser_site',
163
164
165
166
167
168
169
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));


Richard Mansfield's avatar
Richard Mansfield committed
170
function edituser_site_submit(Pieform $form, $values) {
171
172
173
174
175
176
177
178
179
    if (!$user = get_record('usr', 'id', $values['id'])) {
        return false;
    }

    if (isset($values['password']) && $values['password'] !== '') {
        $user->password = $values['password'];
    }
    $user->passwordchange = (int) ($values['passwordchange'] == 'on');
    $user->quota = $values['quota'] * 1048576;
180
181
182
183
184
185
186
187
188
189
190
191
192

    global $USER;
    if ($USER->get('admin')) {  // Not editable by institutional admins
        $user->staff = (int) ($values['staff'] == 'on');
        $user->admin = (int) ($values['admin'] == 'on');
    }

    // Authinstance can be changed by institutional admins if both the
    // old and new authinstances belong to the admin's institutions
    if (isset($values['authinstance']) &&
        ($USER->get('admin') || 
         ($USER->is_institutional_admin(get_field('auth_instance', 'institution', 'id', $values['authinstance'])) &&
          $USER->is_institutional_admin(get_field('auth_instance', 'institution', 'id', $user->authinstance))))) {
193
194
        $user->authinstance = $values['authinstance'];
    }
195
196
197
198
199
200
201

    update_record('usr', $user);

    redirect('/admin/users/edit.php?id='.$user->id);
}


Richard Mansfield's avatar
Richard Mansfield committed
202
203
204
205
// Institution settings
$allinstitutions = get_records_array('institution');
$options = array();
foreach ($allinstitutions as $i) {
206
    if ($USER->get('admin') || $i->name == 'mahara' || $i->name == $userinstitution->institution) {
207
208
        $options[$i->name] = $i->displayname;
    }
Richard Mansfield's avatar
Richard Mansfield committed
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
}

$elements = array(
    'id' => array(
         'type'    => 'hidden',
         'value'   => $id,
     ),
    'institution' => array(
         'type'         => 'select',
         'title'        => get_string('institution'),
         'options'      => $options,
         'defaultvalue' => empty($userinstitution) ? 'mahara' : $userinstitution->institution
    ),
    'change' => array(
        'type'  => 'submit',
        'value' => get_string('changeinstitution','admin'),
    ),
);

if ($userinstitution) {
    $elements['subtitle'] = array(
        'type'         => 'html',
        'title'        => get_string('settingsfor', 'admin'),
        'value'        => $options[$userinstitution->institution],
    );
    $currentdate = getdate();
    $elements['expiry'] = array(
        'type'         => 'date',
        'title'        => get_string('membershipexpiry'),
        'minyear'      => $currentdate['year'],
        'maxyear'      => $currentdate['year'] + 20
    );
    if (!empty($userinstitution->expiry)) {
        $elements['expiry']['defaultvalue'] = $userinstitution->expiry;
    }
    $elements['studentid'] = array(
        'type'         => 'text',
        'title'        => get_string('studentid'),
        'defaultvalue' => $userinstitution->studentid,
    );
    $elements['staff'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('institutionstaff','admin'),
        'defaultvalue' => $userinstitution->staff,
    );
    $elements['admin'] = array(
        'type'         => 'checkbox',
        'title'        => get_string('institutionadmin','admin'),
        'defaultvalue' => $userinstitution->admin,
    );
    $elements['submit'] = array(
        'type'  => 'submit',
        'value' => get_string('update'),
    );
}
264

Richard Mansfield's avatar
Richard Mansfield committed
265
266
267
268
269
270
271
272
273
274
275
276
277
278
$institutionform = pieform(array(
    'name'       => 'edituser_institution',
    'renderer'   => 'table',
    'plugintype' => 'core',
    'pluginname' => 'admin',
    'elements'   => $elements,
));

function edituser_institution_submit(Pieform $form, $values) {
    if (!$user = get_record('usr', 'id', $values['id'])) {
        return false;
    }
    $userinstitution = get_record('usr_institution', 'usr', $user->id);

279
280
281
282
283
284
285
286
    // Make sure institutional admins are from the same institution as
    // the user being edited
    global $USER;
    if (!$USER->get('admin')
        && (!$userinstitution || !$USER->is_institutional_admin($userinstitution->institution))) {
        redirect('/admin/users/edit.php?id='.$user->id);
    }

Richard Mansfield's avatar
Richard Mansfield committed
287
    if (isset($values['change'])) {
288
        // Do nothing if there's no change to the institution
Richard Mansfield's avatar
Richard Mansfield committed
289
290
291
292
        if (!$userinstitution && $values['institution'] == 'mahara'
            || $userinstitution && $values['institution'] == $userinstitution->institution) {
            redirect('/admin/users/edit.php?id='.$user->id);
        }
293
294
295
296
297
        // Don't let institutional admins change the institution, but let them unset it
        if (!$USER->get('admin') && $values['institution'] != 'mahara') {
            redirect('/admin/users/edit.php?id='.$user->id);
        }

Richard Mansfield's avatar
Richard Mansfield committed
298
299
300
301
302
303
304
        delete_records('usr_institution', 'usr', $user->id);
        if ($values['institution'] != 'mahara') {
            insert_record('usr_institution', (object) array(
                'usr' => $user->id,
                'institution' => $values['institution']  // ctime, expiry, etc
            ));
        }
305
        handle_event('updateuser', $user->id);
Richard Mansfield's avatar
Richard Mansfield committed
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
    } else { // Changing settings for an existing institution
        $newuser = (object) array(
            'usr'         => $userinstitution->usr,
            'institution' => $userinstitution->institution,
            'ctime'       => $userinstitution->ctime,
            'studentid'   => $values['studentid'],
            'staff'       => (int) ($values['staff'] == 'on'),
            'admin'       => (int) ($values['admin'] == 'on'),
        );
        if ($values['expiry']) {
            $newuser->expiry = db_format_timestamp($values['expiry']);
        }
        delete_records('usr_institution', 'usr', $user->id);
        insert_record('usr_institution', $newuser);
    }

    redirect('/admin/users/edit.php?id='.$user->id);
}
324
325
326
327

$smarty = smarty();
$smarty->assign('user', $user);
$smarty->assign('suspendform', $suspendform);
Richard Mansfield's avatar
Richard Mansfield committed
328
329
$smarty->assign('siteform', $siteform);
$smarty->assign('institutionform', $institutionform);
330
331
332
$smarty->display('admin/users/edit.tpl');

?>