Commit a015acde authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Allow members of invitefriends groups to invite users on profile (bug #845290)



The profile page contains controls to send group invitations, but
only if you're a group admin or tutor.  It makes sense to allow
members of groups with the invitefriends setting to send invitations
in this way too.

Change-Id: Ic4d987d38d2f052a5a4672a06df75290014cc82a
Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
parent 5b3fc7fb
...@@ -41,8 +41,12 @@ if (!$user) { ...@@ -41,8 +41,12 @@ if (!$user) {
throw new UserNotFoundException(get_string('usernotfound', 'group', $userid)); throw new UserNotFoundException(get_string('usernotfound', 'group', $userid));
} }
if (group_user_access($groupid) != 'admin') { $role = group_user_access($groupid);
throw new AccessDeniedException(get_string('cannotinvitetogroup', 'group'));
if ($role != 'admin' && !group_user_can_assess_submitted_views($group->id, $USER->get('id'))) {
if (!$group->invitefriends || !is_friend($user->id, $USER->get('id'))) {
throw new AccessDeniedException(get_string('cannotinvitetogroup', 'group'));
}
} }
if (record_exists('group_member', 'group', $groupid, 'member', $userid) if (record_exists('group_member', 'group', $groupid, 'member', $userid)
...@@ -74,6 +78,7 @@ $form = pieform(array( ...@@ -74,6 +78,7 @@ $form = pieform(array(
'options' => $roles, 'options' => $roles,
'title' => get_string('Role', 'group'), 'title' => get_string('Role', 'group'),
'defaultvalue' => call_static_method('GroupType' . $group->grouptype, 'default_role'), 'defaultvalue' => call_static_method('GroupType' . $group->grouptype, 'default_role'),
'ignore' => $role != 'admin',
), ),
'submit' => array( 'submit' => array(
'type' => 'submitcancel', 'type' => 'submitcancel',
...@@ -90,7 +95,7 @@ $smarty->display('group/invite.tpl'); ...@@ -90,7 +95,7 @@ $smarty->display('group/invite.tpl');
function invitetogroup_submit(Pieform $form, $values) { function invitetogroup_submit(Pieform $form, $values) {
global $SESSION, $USER, $group, $user; global $SESSION, $USER, $group, $user;
group_invite_user($group, $user->id, $USER, $values['role']); group_invite_user($group, $user->id, $USER, isset($values['role']) ? $values['role'] : null);
$SESSION->add_ok_msg(get_string('userinvited', 'group')); $SESSION->add_ok_msg(get_string('userinvited', 'group'));
redirect('/user/view.php?id=' . $user->id); redirect('/user/view.php?id=' . $user->id);
} }
...@@ -1807,7 +1807,7 @@ function group_get_user_groups($userid=null, $roles=null) { ...@@ -1807,7 +1807,7 @@ function group_get_user_groups($userid=null, $roles=null) {
if (!isset($usergroups[$userid])) { if (!isset($usergroups[$userid])) {
$groups = get_records_sql_array(" $groups = get_records_sql_array("
SELECT g.id, g.name, gm.role, g.jointype, g.request, g.grouptype, gtr.see_submitted_views, g.category, SELECT g.id, g.name, gm.role, g.jointype, g.request, g.grouptype, gtr.see_submitted_views, g.category,
g.hidemembers, gm1.role AS loggedinrole g.hidemembers, g.invitefriends, gm1.role AS loggedinrole
FROM {group} g FROM {group} g
JOIN {group_member} gm ON gm.group = g.id JOIN {group_member} gm ON gm.group = g.id
JOIN {grouptype_roles} gtr ON g.grouptype = gtr.grouptype AND gm.role = gtr.role JOIN {grouptype_roles} gtr ON g.grouptype = gtr.grouptype AND gm.role = gtr.role
......
...@@ -117,10 +117,17 @@ if (!empty($loggedinid) && $loggedinid != $userid) { ...@@ -117,10 +117,17 @@ if (!empty($loggedinid) && $loggedinid != $userid) {
$invitedlist = array(); // Groups admin'ed by the logged in user that the displayed user has been invited to $invitedlist = array(); // Groups admin'ed by the logged in user that the displayed user has been invited to
$requestedlist = array(); // Groups admin'ed by the logged in user that the displayed user has requested membership of $requestedlist = array(); // Groups admin'ed by the logged in user that the displayed user has requested membership of
// Get all groups that the logged in user is an admin of, or where the logged in user // Get all groups where either:
// has a role in the list of roles who are allowed to assess submitted views for the // - the logged in user is an admin, or
// group's grouptype // - the logged in user has a role which is allowed to assess submitted views, or
if ($groups = group_get_user_admintutor_groups()) { // - the logged in user is a member & is allowed to invite friends (when the displayed user is a friend)
$groups = array();
foreach (group_get_user_groups() as $g) {
if ($g->role == 'admin' || $g->see_submitted_views || ($is_friend && $g->invitefriends)) {
$groups[] = $g;
}
}
if ($groups) {
$invitelist = array(); // List of groups the displayed user can be invited to join $invitelist = array(); // List of groups the displayed user can be invited to join
$controlledlist = array(); // List of groups the displayed user can be directly added to $controlledlist = array(); // List of groups the displayed user can be directly added to
...@@ -138,7 +145,8 @@ if (!empty($loggedinid) && $loggedinid != $userid) { ...@@ -138,7 +145,8 @@ if (!empty($loggedinid) && $loggedinid != $userid) {
continue; // Already a member continue; // Already a member
} }
} }
if ($group->jointype == 'controlled') { $canadd = $group->role == 'admin' || $group->see_submitted_views;
if ($canadd && $group->jointype == 'controlled') {
$controlledlist[$group->id] = $group->name; $controlledlist[$group->id] = $group->name;
} }
if (!isset($invitedlist[$group->id])) { if (!isset($invitedlist[$group->id])) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment