Commit aa6d0541 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Allow institutional staff to create controlled groups & view their users' key profile fields

parent 8918ac11
......@@ -84,6 +84,7 @@ class User {
'institutions' => array(),
'theme' => null,
'admininstitutions' => array(),
'staffinstitutions' => array(),
'parentuser' => null,
'sesskey' => ''
);
......@@ -393,6 +394,23 @@ class User {
return isset($a[$institution]);
}
public function is_institutional_staff($institution = null) {
$a = $this->get('staffinstitutions');
if (is_null($institution)) {
return !empty($a);
}
return isset($a[$institution]);
}
/**
* There is currently no difference in privileges of site staff
* and institutional staff
*/
public function can_create_controlled_groups() {
return $this->get('admin') || $this->get('staff') || $this->is_institutional_admin()
|| $this->is_institutional_staff();
}
public function can_edit_institution($institution = null) {
return $this->get('admin') || $this->is_institutional_admin($institution);
}
......@@ -401,7 +419,15 @@ class User {
if ($this->get('admin')) {
return true;
}
foreach ($user->get('institutions') as $i) {
if (!$this->is_institutional_admin()) {
return false;
}
if ($user instanceof User) {
$userinstitutions = $user->get('institutions');
} else {
$userinstitutions = load_user_institutions($user->id);
}
foreach ($userinstitutions as $i) {
if ($this->is_institutional_admin($i->institution)) {
return true;
}
......@@ -409,6 +435,27 @@ class User {
return false;
}
public function is_staff_for_user($user) {
if ($this->get('admin') || $this->get('staff')) {
return true;
}
if (!$this->is_institutional_admin() && !$this->is_institutional_staff()) {
return false;
}
if ($user instanceof User) {
$userinstitutions = $user->get('institutions');
} else {
$userinstitutions = load_user_institutions($user->id);
}
foreach ($userinstitutions as $i) {
if ($this->is_institutional_admin($i->institution)
|| $this->is_institutional_staff($i->institution)) {
return true;
}
}
return false;
}
public function set_admin_institutions($institutions) {
if (empty($institutions)) {
$this->set('admininstitutions', array());
......@@ -429,16 +476,21 @@ class User {
protected function reset_institutions() {
$institutions = load_user_institutions($this->id);
$admininstitutions = array();
$staffinstitutions = array();
foreach ($institutions as $i) {
if ($i->admin) {
$admininstitutions[$i->institution] = $i->institution;
}
if ($i->staff) {
$staffinstitutions[$i->institution] = $i->institution;
}
if (empty($this->theme)) {
$this->theme = $i->theme;
}
}
$this->institutions = $institutions;
$this->admininstitutions = $admininstitutions;
$this->staffinstitutions = $staffinstitutions;
}
}
......
......@@ -35,7 +35,8 @@ $joinoptions = array(
'request' => get_string('membershiptype.request'),
'open' => get_string('membershiptype.open'),
);
if ($USER->get('admin') || $USER->get('staff')) {
global $USER;
if ($USER->can_create_controlled_groups()) {
$joinoptions['controlled'] = get_string('membershiptype.controlled');
}
......@@ -108,7 +109,7 @@ function creategroup_submit(Pieform $form, $values) {
);
// If the user is a staff member, they should be added as a tutor automatically
if ($values['membershiptype'] == 'controlled' && ($USER->get('staff') && $USER->get('admin'))) {
if ($values['membershiptype'] == 'controlled' && $USER->can_create_controlled_groups()) {
log_debug('Adding staff user to group');
insert_record(
'group_member',
......
......@@ -44,7 +44,7 @@ $joinoptions = array(
'request' => get_string('membershiptype.request'),
'open' => get_string('membershiptype.open'),
);
if ($USER->get('admin') || $USER->get('staff')) {
if ($USER->can_create_controlled_groups()) {
$joinoptions['controlled'] = get_string('membershiptype.controlled');
}
......
......@@ -241,7 +241,7 @@ function user_can_access_group($group, $user=null) {
if ($user->get('admin')) {
$membertypes = GROUP_MEMBERSHIP_ADMIN;
}
if ($user->get('staff')) {
if ($user->get('staff') || $user->is_institutional_admin() || $user->is_institutional_staff()) {
$membertypes = $membertypes | GROUP_MEMBERSHIP_STAFF;
}
if ($group->owner == $user->get('id')) {
......@@ -287,4 +287,6 @@ function group_add_member($groupid, $userid) {
$user = optional_userobj($userid);
}
?>
......@@ -313,7 +313,7 @@ function display_name($user, $userto=null, $nameonly=false) {
$userto->firstname = $USER->get('firstname');
$userto->lastname = $USER->get('lastname');
$userto->admin = $USER->get('admin') || $USER->is_institutional_admin();
$userto->staff = $USER->get('staff');
$userto->staff = $USER->get('staff') || $USER->is_institutional_staff();
}
if (is_array($user)) {
$user = (object)$user;
......
......@@ -78,7 +78,7 @@ $name = display_name($user);
define('TITLE', $name);
// If the logged in user is on staff, get full name, institution, id number, email address
if ($USER->get('staff')) {
if ($USER->is_staff_for_user($user)) {
$userfields['fullname'] = $user->firstname . ' ' . $user->lastname;
$institutions = get_column_sql('
SELECT i.displayname
......@@ -95,7 +95,7 @@ if ($USER->get('staff')) {
// Get public profile fields:
safe_require('artefact', 'internal');
if ($USER->get('admin')) {
if ($USER->is_admin_for_user($user)) {
$publicfields = call_static_method(generate_artefact_class_name('profile'),'get_all_fields');
}
else {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment