Commit 2f961b22 authored by Fergus Whyte's avatar Fergus Whyte Committed by Gold
Browse files

Bug 1915963: Bring back masquerading and other admin actions for inst. admin

Institution admins can masquerade, but they couldn't do so from the
profile page of an account holder any more. The link to the account
settings page was missing as well.

They can now also again suspend and delete account holders.

behatnotneeded

Change-Id: I28aadf237bd280ce2f22e052a122de9488ce327c
parent 34b3b2e1
......@@ -792,10 +792,17 @@ $deleteform = pieform(array(
function edituser_delete_validate(Pieform $form, $values) {
global $USER, $SESSION;
if (!$USER->get('admin')) {
$user = new User;
$user->find_by_id($values['id']);
if (!$USER->is_admin_for_user($user)) {
$form->set_error('submit', get_string('deletefailed', 'admin'));
$SESSION->add_error_msg(get_string('deletefailed', 'admin'));
}
// Don't let an admin delete themseleves if they are the last one.
if ($values['id'] === $USER->get('id') && $USER->get('admin') && (count_records('usr', 'admin', 1, 'deleted', 0) == 1)) {
$form->set_error('submit', get_string('deletefailedonlyadmin', 'admin'));
$SESSION->add_error_msg(get_string('deletefailedonlyadmin', 'admin'));
}
// Check to see if there are any pending archives in the export_queue for this user.
// We can't delete them if there are.
if ($results = count_records('export_queue', 'usr', $values['id'])) {
......@@ -806,10 +813,8 @@ function edituser_delete_validate(Pieform $form, $values) {
function edituser_delete_submit(Pieform $form, $values) {
global $SESSION, $USER;
if ($USER->get('admin')) {
delete_user($values['id']);
$SESSION->add_ok_msg(get_string('userdeletedsuccessfully', 'admin'));
}
delete_user($values['id']);
$SESSION->add_ok_msg(get_string('userdeletedsuccessfully', 'admin'));
redirect('/admin/users/search.php');
}
......@@ -1066,7 +1071,7 @@ $smarty->assign('siteform', $siteform);
$smarty->assign('institutions', count($allinstitutions));
$smarty->assign('institutionform', $institutionform);
$smarty->assign('loginas', $id != $USER->get('id') && is_null($USER->get('parentuser')));
$smarty->assign('loginas', $USER->is_admin_for_user($user));
$smarty->assign('PAGEHEADING', display_name($user));
$smarty->assign('SUBSECTIONHEADING', TITLE);
setpageicon($smarty, 'icon-user-cog');
......@@ -1075,8 +1080,8 @@ setpageicon($smarty, 'icon-user-cog');
# the current user; or if they are the current user, they're not the only
# admin
if ($id != $USER->get('id') || count_records('usr', 'admin', 1, 'deleted', 0) > 1) {
$smarty->assign('suspendable', ($USER->get('admin') || !$user->get('admin') && !$user->get('staff')));
$smarty->assign('deletable', $USER->get('admin'));
$adminforuser = $USER->is_admin_for_user($user);
$smarty->assign('suspendable', $adminforuser);
$smarty->assign('deletable', $adminforuser);
}
$smarty->display('admin/users/edit.tpl');
......@@ -593,6 +593,7 @@ $string['oneormorelinksarebad'] = 'One or more of the links here ar
$string['confirmdeletemenuitem'] = 'Do you really want to delete this item?';
$string['deletingmenuitem'] = 'Deleting item';
$string['deletefailed'] = 'Failed deleting item';
$string['deletefailedonlyadmin'] = 'You cannot delete this account. It is the only site administrator account.';
$string['externallink'] = 'External link';
$string['editlinksandresources'] = 'Edit links and resources';
$string['linkedto'] = 'Linked to';
......
......@@ -12,7 +12,7 @@
<span class="sr-only">{$loginas}</span>
</a>
{if $USER->get('admin')}
{if $adminforuser}
<a href="{$WWWROOT}admin/users/edit.php?id={$USERID}" class="btn-edit btn btn-secondary" title="{str tag=accountsettings section=admin}">
<span class="icon-cogs icon left" role="presentation" aria-hidden="true"></span>
<span class="sr-only">{str tag=accountsettings section=admin}</span>
......
......@@ -336,7 +336,8 @@ if (!empty($loggedinid) && $loggedinid != $userid) {
$remoteuserrelationship = $relationship;
}
if ($userid != $USER->get('id') && $USER->is_admin_for_user($user) && is_null($USER->get('parentuser'))) {
$adminforuser = $USER->is_admin_for_user($user);
if ($userid != $USER->get('id') && $adminforuser && is_null($USER->get('parentuser'))) {
$loginas = get_string('loginasuser', 'admin', display_username($user));
} else {
$loginas = null;
......@@ -390,6 +391,7 @@ if ($remoteuserrelationship) {
$smarty->assign('relationship', $relationship);
}
$smarty->assign('adminforuser', $adminforuser);
$smarty->assign('loginas', $loginas);
$smarty->assign('INLINEJAVASCRIPT', $blocksjs . $inlinejs);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment