Fix bug with institutional quotas (bug #801092)

When institutional admins try to add/edit users,
the default quota value passed in the form was a string
ie. 50MB

This fix changes it so that if institutionaloverride is disabled
and the user is not a site admin, then don't set the quota

Change-Id: Idc1607dac992fe3a0bde8996659f90441d1c4753
Signed-off-by: Hugh Davenport <hugh@catalyst.net.nz>

htdocs/admin/users/add.php

@@ -185,10 +185,12 @@ function adduser_validate(Pieform $form, $values) {
     $email     = $values['email'];
     $password  = $values['password'];
 
-    $maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
-    $maxquota = get_config_plugin('artefact', 'file', 'maxquota');
-    if ($maxquotaenabled && $values['quota'] > $maxquota) {
-        $form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
+    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
+        $maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
+        $maxquota = get_config_plugin('artefact', 'file', 'maxquota');
+        if ($maxquotaenabled && $values['quota'] > $maxquota) {
+            $form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
+        }
     }
 
     if (method_exists($authobj, 'is_username_valid_admin')) {
@@ -283,13 +285,15 @@ function adduser_submit(Pieform $form, $values) {
         'lastname'       => ($values['lastname']) ? $values['lastname'] : 'User',
         'email'          => $values['email'],
         'password'       => $values['password'],
-        'quota'          => $values['quota'],
         'passwordchange' => 1,
     );
     if ($USER->get('admin')) {  // Not editable by institutional admins
         $user->staff = (int) ($values['staff'] == 'on');
         $user->admin = (int) ($values['admin'] == 'on');
     }
+    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
+        $user->quota = $values['quota'];
+    }
 
     $authinstance = get_record('auth_instance', 'id', $values['authinstance']);
     if (!isset($values['remoteusername'])){

htdocs/admin/users/edit.php

@@ -201,11 +201,13 @@ function edituser_site_validate(Pieform $form, $values) {
     if (!$user = get_record('usr', 'id', $values['id'])) {
         return false;
     }
-    $maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
-    $maxquota = get_config_plugin('artefact', 'file', 'maxquota');
-    if ($maxquotaenabled && $values['quota'] > $maxquota) {
-        $form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
-        $SESSION->add_error_msg(get_string('maxquotaexceeded', 'artefact.file', display_size($maxquota)));
+    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
+        $maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
+        $maxquota = get_config_plugin('artefact', 'file', 'maxquota');
+        if ($maxquotaenabled && $values['quota'] > $maxquota) {
+            $form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
+            $SESSION->add_error_msg(get_string('maxquotaexceeded', 'artefact.file', display_size($maxquota)));
+        }
     }
 
     $userobj = new User();
@@ -261,7 +263,9 @@ function edituser_site_submit(Pieform $form, $values) {
         return false;
     }
 
-    $user->quota = $values['quota'];
+    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
+        $user->quota = $values['quota'];
+    }
     $user->expiry = db_format_timestamp($values['expiry']);
 
 

htdocs/admin/users/institutions.php

@@ -447,8 +447,10 @@ function institution_validate(Pieform $form, $values) {
     if (!empty($values['name']) && !$form->get_error('name') && record_exists('institution', 'name', $values['name'])) {
         $form->set_error('name', get_string('institutionnamealreadytaken', 'admin'));
     }
-    if (get_config_plugin('artefact', 'file', 'maxquotaenabled') && get_config_plugin('artefact', 'file', 'maxquota') < $values['defaultquota']) {
-        $form->set_error('defaultquota', get_string('maxquotatoolow', 'artefact.file'));
+    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
+        if (get_config_plugin('artefact', 'file', 'maxquotaenabled') && get_config_plugin('artefact', 'file', 'maxquota') < $values['defaultquota']) {
+            $form->set_error('defaultquota', get_string('maxquotatoolow', 'artefact.file'));
+        }
     }
 }
 

htdocs/admin/users/uploadcsv.php

@@ -185,10 +185,12 @@ function uploadcsv_validate(Pieform $form, $values) {
         return;
     }
 
-    $maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
-    $maxquota = get_config_plugin('artefact', 'file', 'maxquota');
-    if ($maxquotaenabled && $values['quota'] > $maxquota) {
-        $form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
+    if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
+        $maxquotaenabled = get_config_plugin('artefact', 'file', 'maxquotaenabled');
+        $maxquota = get_config_plugin('artefact', 'file', 'maxquota');
+        if ($maxquotaenabled && $values['quota'] > $maxquota) {
+            $form->set_error('quota', get_string('maxquotaexceededform', 'artefact.file', display_size($maxquota)));
+        }
     }
 
     require_once('csvfile.php');
@@ -470,7 +472,9 @@ function uploadcsv_submit(Pieform $form, $values) {
         $user->lastname     = $record[$formatkeylookup['lastname']];
         $user->password     = $record[$formatkeylookup['password']];
         $user->email        = $record[$formatkeylookup['email']];
-        $user->quota        = $values['quota'];
+        if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) {
+            $user->quota        = $values['quota'];
+        }
 
         if (isset($formatkeylookup['studentid'])) {
             $user->studentid = $record[$formatkeylookup['studentid']];