Commit 81eb16db authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Remove links in search results where users are in institutions which are not...

Remove links in search results where users are in institutions which are not administered by the logged in user
parent bc1f910e
......@@ -214,6 +214,9 @@ function get_admin_user_search_results($search, $offset, $limit, $sortby, $sortd
if ($results['count']) {
foreach ($results['data'] as &$result) {
$result['name'] = display_name($result);
if (!empty($result['institutions'])) {
$result['institutions'] = array_combine($result['institutions'],$result['institutions']);
}
}
}
return $results;
......@@ -234,13 +237,23 @@ function build_admin_user_search_results($search, $offset, $limit, $sortby, $sor
$searchurl = get_config('wwwroot') . 'admin/users/search.php?' . join('&', $params)
. '&limit=' . $limit;
$usernametemplate = '<a href="' . get_config('wwwroot') . 'admin/users/edit.php?id={$r.id}">{$r.username|escape}</a>';
if (!$USER->get('admin')) {
// Only create the edit link if the returned user belongs to an institution that the viewer administers
$cond = array();
foreach ($USER->get('admininstitutions') as $i) {
$cond[] = 'isset($r.institutions.' . $i . ')';
}
$usernametemplate = '{if ' . join('||', $cond) . '}' . $usernametemplate . '{else}{$r.username}{/if}';
}
$cols = array(
'icon' => array('name' => '',
'template' => '<img src="' . get_config('wwwroot') . 'thumb.php?type=profileicon&size=40x40&id={$r.id}" alt="' . get_string('profileimage') . '" />'),
'firstname' => array('name' => get_string('firstname')),
'lastname' => array('name' => get_string('lastname')),
'username' => array('name' => get_string('username'),
'template' => '{if $USER->get(\'admin\') || !empty($r.institutions)}<a href="' . get_config('wwwroot') . 'admin/users/edit.php?id={$r.id}">{$r.username|escape}</a>{else}{$r.username}{/if}'),
'template' => $usernametemplate),
'email' => array('name' => get_string('email')),
);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment