Commit ae2c23cc authored by Robert Lyon's avatar Robert Lyon Committed by Gerrit Code Review

Merge changes from topic 'GDPR'

* changes:
  Bug 1746259: Add the T&C to the register form
  Bug 1746259: Withdraw consent to the T&C
  Bug 1746259: Show the T&C on the after login page
  Bug 1746259: Display and edit the T&C of an institution
  Bug 1746259: Make the data on the site's 'Legal' page editable
parents f3170517 8c507c8b
......@@ -16,7 +16,7 @@ define('SECTION_PLUGINNAME', 'account');
define('SECTION_PAGE', 'userprivacy');
require(dirname(dirname(__FILE__)) . '/init.php');
require_once(get_config('docroot') . 'lib/user.php');
define('TITLE', get_string('privacy', 'admin'));
define('TITLE', get_string('legal', 'admin'));
if (!is_logged_in()) {
throw new AccessDeniedException();
......@@ -24,8 +24,7 @@ if (!is_logged_in()) {
$form = privacy_form();
// JQuery logic for panel hide/show.
// Needed here because there are multiple dropdown panels on this page.
// JQuery logic for panel hide/show submit button.
$js = <<< EOF
$( document ).ready(function() {
$(".state-label").click(function() {
......@@ -33,19 +32,9 @@ $js = <<< EOF
showSubmitButton();
});
});
function showSubmitButton() {
if ($('body').find(".redraw-consent").length == 0) {
$('#agreetoprivacy_submit_container').addClass('js-hidden');
$('#agreetoprivacy_submit').addClass('js-hidden');
}
else {
$('#agreetoprivacy_submit_container').removeClass('js-hidden');
$('#agreetoprivacy_submit').removeClass('js-hidden');
}
}
EOF;
$smarty = smarty();
$smarty = smarty(array('privacy'));
setpageicon($smarty, 'icon-umbrella');
$smarty->assign('form', $form);
......
......@@ -19,26 +19,24 @@ require(dirname(dirname(dirname(__FILE__))) . '/init.php');
define('TITLE', get_string('legal', 'admin'));
$versionid = param_integer('id', null);
$fs = param_alpha('fs', 'privacy');
if (!is_logged_in()) {
throw new AccessDeniedException();
}
// Get the site privacy statement and T&C.
$data = get_institution_versioned_content('mahara');
$data = get_records_sql_assoc("
SELECT s.id, s.version, u.firstname, u.lastname, u.id AS userid, s.content, s.ctime, s.type
FROM {site_content_version} s
LEFT JOIN {usr} u ON s.author = u.id
WHERE s.institution = ?
ORDER BY s.id DESC", array('mahara'));
if ($data) {
// Add the displayname of user
foreach ($data as $k => $v) {
$v->displayname = display_name($v->userid, null, true);
// Add to an array the latest versions of both T&C and privacy statement.
$latestVersions = array();
foreach ($data as $key => $content) {
if ($content->current != null) {
array_push($latestVersions, $key);
}
$content->displayname = display_name($content->userid, null, true);
}
$selectedtab = 'privacy';
$selectedtab = $fs;
if ($versionid) {
if ($pageoptions = get_record('site_content_version', 'id', $versionid, 'institution', 'mahara')) {
$selectedtab = $pageoptions->type;
......@@ -50,7 +48,7 @@ if ($versionid) {
'version' => array(
'type' => 'text',
'title' => get_string('version', 'admin'),
'description' => get_string('lastversion', 'admin', $pageoptions->version),
'description' => get_string($data[$versionid]->type . 'lastversion', 'admin', $pageoptions->version),
'defaultvalue' => '',
'rules' => array(
'required' => true,
......@@ -58,6 +56,7 @@ if ($versionid) {
)
),
'pageinstitution' => array('type' => 'hidden', 'value' => 'mahara'),
'activetab' => array('type' => 'hidden', 'value' => $selectedtab),
'pagetext' => array(
'name' => 'pagetext',
'type' => 'wysiwyg',
......@@ -74,7 +73,7 @@ if ($versionid) {
'class' => 'btn-primary',
'type' => 'submitcancel',
'value' => array(get_string('savechanges', 'admin'), get_string('cancel')),
'goto' => get_config('wwwroot') . 'admin/site/privacy.php',
'goto' => get_config('wwwroot') . 'admin/site/privacy.php?fs=' . $selectedtab,
),
)
));
......@@ -85,36 +84,46 @@ if ($versionid) {
}
function editsitepage_validate(Pieform $form, $values) {
// Check if the version entered by the user already exists.
if (record_exists('site_content_version', 'institution', $values['pageinstitution'], 'version', $values['version'])) {
$form->set_error('version', get_string('versionalreadyexist', 'admin', $values['version']));
// Check if the version entered by the user already exists for a specific content type.
if (record_exists('site_content_version', 'institution', $values['pageinstitution'], 'version', $values['version'], 'type', $values['activetab'])) {
$form->set_error('version', get_string('versionalreadyexist', 'admin', get_string($values['activetab'] . 'lowcase', 'admin'), $values['version']));
}
}
function editsitepage_submit(Pieform $form, $values) {
global $USER, $SESSION;
$id = get_field('site_content_version', 'id', 'version', $values['version']);
require_once('embeddedimage.php');
// Update the pagetext with any embedded image info
$pagetext = EmbeddedImage::prepare_embedded_images($values['pagetext'], 'staticpages', $id);
$data = new StdClass;
$data->content = $pagetext;
$data->content = $values['pagetext'];
$data->author = $USER->get('id');
$data->institution = $values['pageinstitution'];
$data->ctime = db_format_timestamp(time());
$data->version = $values['version'];
$data->type = 'privacy';
$data->type = $values['activetab'];
try {
insert_record('site_content_version', $data);
$id = insert_record('site_content_version', $data, 'id', true);
if ($id) {
require_once('embeddedimage.php');
$pagetext = EmbeddedImage::prepare_embedded_images($values['pagetext'], 'staticpages', $id);
// If there is an embedded image, update the src so users can have visibility
if ($values['pagetext'] != $pagetext) {
// Update the pagetext with any embedded image info
$updated = new stdClass();
$updated->id = $id;
$updated->content = $pagetext;
update_record('site_content_version', $updated, 'id');
}
// Auto accept the PS/T&C to avoid situation in which
// the admin is asked to agree to the PS/T&C he has just created.
save_user_reply_to_agreement($USER->get('id'), $id, 1);
}
$SESSION->add_ok_msg(get_string('pagesaved', 'admin'));
}
catch (SQLException $e) {
$SESSION->add_ok_msg(get_string('savefailed', 'admin'));
}
redirect(get_config('wwwroot').'admin/site/privacy.php');
redirect(get_config('wwwroot').'admin/site/privacy.php?fs=' . $values['activetab']);
}
// JQuery logic for tab hide/show and to keep the same tab active on page refresh.
......@@ -136,8 +145,7 @@ else {
setpageicon($smarty, 'icon-umbrella');
$smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->assign('results', $data);
$smarty->assign('latestversion', null);
$smarty->assign('latestVersions', $latestVersions);
$smarty->assign('versionid', $versionid);
$smarty->assign('latestprivacyid', null);
$smarty->assign('link', "admin/site/privacy.php?id=");
$smarty->display('admin/site/privacy.tpl');
......@@ -19,8 +19,8 @@ define('MENUITEM', 'manageinstitutions/privacy');
require_once('institution.php');
define('TITLE', get_string('legal', 'admin'));
define('SUBSECTIONHEADING', get_string('privacy', 'admin'));
$versionid = param_integer('id', null);
$fs = param_alpha('fs', 'privacy');
if (!is_logged_in()) {
throw new AccessDeniedException();
......@@ -51,19 +51,38 @@ $institutionselector = pieform(array(
$wwwroot = get_config('wwwroot');
// The "Add one" link displayed when an institution has no privay statement of its own.
$href = $wwwroot . 'admin/users/institutionprivacy.php?institution=' . $institution . '&id=0';
$privacies = get_records_sql_assoc("
SELECT s.id, s.version, u.firstname, u.lastname, u.id AS userid, s.content, s.ctime
FROM {site_content_version} s
LEFT JOIN {usr} u ON s.author = u.id
WHERE s.type = 'privacy' AND s.institution = ?
ORDER BY s.id DESC", array($institution));
$href = $wwwroot . 'admin/users/institutionprivacy.php?institution=' . $institution . '&id=0&fs=' . $fs;
// Get the institution's privacy statements and T&Cs.
$privacies = get_institution_versioned_content($institution);
// Add to an array the latest versions of both T&C and privacy statement.
$latestVersions = array(); $types = array();
if ($privacies) {
foreach ($privacies as $key => $content) {
if ($content->current != null) {
array_push($latestVersions, $key);
}
if (!in_array($content->type, $types)) {
// Useful in case an institution has just one type of content.
// Will use the $types to know on which tab to display the versions table.
array_push($types, $content->type);
}
$content->displayname = display_name($content->userid, null, true);
}
}
// Add 0 to $latestVersions, to allow the creation of a first privacy/T&C
if (count($types) <= 1) {
array_push($latestVersions, 0);
}
// Site privacy and T&C to display in an expandable panel.
$sitecontent = get_latest_privacy_versions(array('mahara'));
$selectedtab = $fs;
$form = false;
if ($versionid !== null) {
$pageoptions = get_record('site_content_version', 'id', $versionid, 'institution', $institution);
if ($versionid === 0 || $pageoptions) {
$selectedtab = ($versionid === 0) ? $selectedtab : $pageoptions->type;
$form = pieform(array(
'name' => 'editsitepage',
'jsform' => false,
......@@ -72,7 +91,7 @@ if ($versionid !== null) {
'version' => array(
'type' => 'text',
'title' => get_string('version', 'admin'),
'description' => $pageoptions ? get_string('lastversion', 'admin', $pageoptions->version) : '',
'description' => $pageoptions ? get_string($privacies[$versionid]->type . 'lastversion', 'admin', $pageoptions->version) : '',
'defaultvalue' => '',
'rules' => array(
'required' => true,
......@@ -80,6 +99,7 @@ if ($versionid !== null) {
)
),
'pageinstitution' => array('type' => 'hidden', 'value' => $institution),
'activetab' => array('type' => 'hidden', 'value' => $selectedtab),
'pagetext' => array(
'name' => 'pagetext',
'type' => 'wysiwyg',
......@@ -96,7 +116,7 @@ if ($versionid !== null) {
'class' => 'btn-primary',
'type' => 'submitcancel',
'value' => array(get_string('savechanges', 'admin'), get_string('cancel')),
'goto' => get_config('wwwroot') . 'admin/users/institutionprivacy.php?institution=' . $institution,
'goto' => get_config('wwwroot') . 'admin/users/institutionprivacy.php?institution=' . $institution . '&fs=' . $selectedtab,
),
)
));
......@@ -107,69 +127,67 @@ if ($versionid !== null) {
}
function editsitepage_validate(Pieform $form, $values) {
// Check if the version entered by the user already exists
if (record_exists('site_content_version', 'institution', $values['pageinstitution'], 'version', $values['version'])) {
$form->set_error('version', get_string('versionalreadyexist', 'admin', $values['version']));
// Check if the version entered by the user already exists for a specific content type.
if (record_exists('site_content_version', 'institution', $values['pageinstitution'], 'version', $values['version'], 'type', $values['activetab'])) {
$form->set_error('version', get_string('versionalreadyexist', 'admin', get_string($values['activetab'] . 'lowcase', 'admin'), $values['version']));
}
}
function editsitepage_submit(Pieform $form, $values) {
global $USER, $SESSION;
$id = get_field('site_content_version', 'id', 'version', $values['version']);
require_once('embeddedimage.php');
// Update the pagetext with any embedded image info
$pagetext = EmbeddedImage::prepare_embedded_images($values['pagetext'], 'staticpages', $id);
$data = new StdClass;
$data->content = $pagetext;
$data->content = $values['pagetext'];
$data->author = $USER->get('id');
$data->institution = $values['pageinstitution'];
$data->ctime = db_format_timestamp(time());
$data->version = $values['version'];
$data->type = 'privacy';
$data->type = $values['activetab'];
try {
insert_record('site_content_version', $data);
$id = insert_record('site_content_version', $data, 'id', true);
if ($id) {
require_once('embeddedimage.php');
$pagetext = EmbeddedImage::prepare_embedded_images($values['pagetext'], 'staticpages', $id);
// If there is an embedded image, update the src so users can have visibility
if ($values['pagetext'] != $pagetext) {
// Update the pagetext with any embedded image info
$updated = new stdClass();
$updated->id = $id;
$updated->content = $pagetext;
update_record('site_content_version', $updated, 'id');
}
// Auto accept the PS/T&C to avoid situation in which
// the admin is asked to agree to the PS/T&C he has just created.
save_user_reply_to_agreement($USER->get('id'), $id, 1);
}
$SESSION->add_ok_msg(get_string('pagesaved', 'admin'));
}
catch (SQLException $e) {
$SESSION->add_ok_msg(get_string('savefailed', 'admin'));
}
redirect(get_config('wwwroot').'admin/users/institutionprivacy.php?institution=' . $values['pageinstitution']);
redirect(get_config('wwwroot').'admin/users/institutionprivacy.php?institution=' . $values['pageinstitution'] . '&fs=' . $values['activetab']);
}
// Site privacy to display in an expandable panel
$siteprivacycontent = get_record_sql("
SELECT s.content, s.ctime
FROM {site_content_version} s
WHERE s.type = 'privacy' AND s.institution = ?
ORDER BY s.id DESC
LIMIT 1", array('mahara'));
$js = <<< EOF
jQuery(function($) {
function reloadUsers() {
window.location.href = '{$wwwroot}admin/users/institutionprivacy.php?institution=' + $('#usertypeselect_institution').val();
}
$(document).ready(function() {
checkActiveTab('$selectedtab');
$('#usertypeselect_institution').on('change', reloadUsers);
});
EOF;
$smarty = smarty();
$smarty = smarty(array('privacy'));
setpageicon($smarty, 'icon-umbrella');
$smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->assign('href', $href);
$smarty->assign('siteprivacycontent', $siteprivacycontent);
$smarty->assign('lastupdated', get_string('lastupdatedon', 'blocktype.externalfeed', format_date(strtotime($siteprivacycontent->ctime))));
$smarty->assign('sitecontent', $sitecontent);
$smarty->assign('versionid', $versionid);
$smarty->assign('privacies', $privacies);
$smarty->assign('results', $privacies);
$smarty->assign('pageeditform', $form);
$smarty->assign('institution', $institution);
$smarty->assign('latestversion', $privacies ? reset($privacies)->version : 0);
$smarty->assign('latestprivacyid', $privacies ? reset($privacies)->id : 0);
$smarty->assign('version', $versionid && $pageoptions ? $pageoptions->version : '');
$smarty->assign('latestVersions', $latestVersions);
$smarty->assign('institutionselector', $institutionselector);
$smarty->assign('types', implode(' ', $types));
$smarty->assign('link', "admin/users/institutionprivacy.php?institution={$institution}&id=");
$smarty->display('admin/users/institutionprivacy.tpl');
This diff is collapsed.
......@@ -931,20 +931,25 @@ function fetch_graph_data(opts) {
function updateUrlParameter(url, param, value) {
var found = false;
var vars = url.split("?");
varparams = vars[1].split("&");
for (var i = 0; i < varparams.length; i++) {
var pair = varparams[i].split("=");
if (pair[0] == param) {
pair[1] = value;
found = true;
if (typeof(vars[1]) !== 'undefined') {
varparams = vars[1].split("&");
for (var i = 0; i < varparams.length; i++) {
var pair = varparams[i].split("=");
if (pair[0] == param) {
pair[1] = value;
found = true;
}
varparams[i] = pair.join("=");
}
vars[1] = varparams.join("&");
url = vars.join("?");
if (!found) {
url = url + '&' + param + '=' + value;
}
varparams[i] = pair.join("=");
}
vars[1] = varparams.join("&");
url = vars.join("?");
if (!found) {
url = url + '&' + param + '=' + value;
else {
url = url + '?' + param + '=' + value;
}
return url;
}
......
......@@ -15,6 +15,9 @@ function checkActiveTab(activeTab) {
}
function showTab(el) {
var newurl = updateUrlParameter(location.href, 'fs', el.replace("#", ""));
history.pushState(null, null, newurl);
var i;
var x = $(".tab");
for (i = 0; i < x.length; i++) {
......@@ -22,4 +25,52 @@ function showTab(el) {
}
$(el).removeClass("js-hidden");
$(el + '-text').removeClass("js-hidden");
// Institution Legal: Useful in case an institution has just one type of content (privacy/T&C).
if (typeof types != 'undefined') {
showNoContentAddOne(el);
}
}
function showNoContentAddOne(el) {
$('.nocontent').addClass("js-hidden");
var activetab = el.replace("#", "");
if (types.indexOf(activetab) != -1) {
$('#results').removeClass("js-hidden");
$('#no-results').addClass("js-hidden");
$('#no-' + activetab).addClass("js-hidden");
}
else {
$('#results').addClass("js-hidden");
$('#no-results').removeClass("js-hidden");
$('#no-' + activetab).removeClass("js-hidden");
var url = $('#no-results').find('a').prop('href');
if (url) {
if (getUrlParameter('fs', url)) {
var newurl = updateUrlParameter(url, 'fs', activetab);
$('#no-results').find('a').prop('href', newurl);
}
}
}
}
function reloadUsers() {
var appendfs = '';
if (url = getUrlParameter('fs', location.href)) {
appendfs = '&fs=' + url;
}
window.location.href = config.wwwroot + 'admin/users/institutionprivacy.php?institution=' + $('#usertypeselect_institution').val() + appendfs;
}
// User's Legal page: show the submit button if the user changes
// the value of one or more switches from YES to NO.
function showSubmitButton() {
if ($('body').find(".redraw-consent").length == 0) {
$('#agreetoprivacy_submit_container').addClass('js-hidden');
$('#agreetoprivacy_submit').addClass('js-hidden');
}
else {
$('#agreetoprivacy_submit_container').removeClass('js-hidden');
$('#agreetoprivacy_submit').removeClass('js-hidden');
}
}
\ No newline at end of file
......@@ -21,4 +21,4 @@ $institution = param_alphanum('institution', null);
$privacy = get_latest_privacy_versions(array($institution));
json_headers();
print json_encode($privacy[0]);
print json_encode($privacy);
......@@ -89,7 +89,9 @@ $string['usedefault'] = 'Use site default';
$string['usedefaultdescription3'] = 'Use the site\'s default text for the selected page type.';
$string['staticpagesdescription'] = 'Edit the content of static pages in Mahara (Home, Terms and Conditions, etc.)';
$string['institutionprivacypagedescription'] = 'Edit the privacy statement for your institution, which is displayed in addition to the site privacy statement. The version you edited last becomes the current privacy statement automatically. You see the current site privacy statement as reference.';
$string['institutiontermspagedescription'] = 'Edit the terms and conditions for your institution, which is displayed in addition to the site terms and conditions. The version you edited last becomes the current terms and conditions automatically. You see the current site terms and conditions as reference.';
$string['noinstitutionprivacy'] = 'There is no privacy statement for this institution yet.';
$string['noinstitutionterms'] = 'There are no terms and conditions for this institution yet.';
$string['menus'] = 'Menus';
$string['menusdescription'] = 'Manage the links and files within the "Links and resources" and footer menus';
$string['sitefiles'] = 'Site files';
......@@ -1340,25 +1342,34 @@ $string['creationdate'] = 'Creation date';
$string['version'] = 'Version';
$string['viewversion'] = 'View version %s';
$string['editversion'] = 'Edit version %s';
$string['lastversion'] = 'Privacy statements must have unique version names of up to 15 characters. The latest version for this privacy statement is "%s".';
$string['versionalreadyexist'] = 'A privacy statement with the version name "%s" already exists.';
$string['siteprivacystatement'] = 'Site privacy statement';
$string['privacylastversion'] = 'Privacy statements must have unique version names of up to 15 characters. The latest version for this privacy statement is "%s".';
$string['termsandconditionslastversion'] = 'Terms and conditions must have unique version names of up to 15 characters. The latest version for this privacy statement is "%s".';
$string['versionalreadyexist'] = 'A %s version with the name "%s" already exists.';
$string['siteprivacy'] = 'Site privacy statement';
$string['sitetermsandconditions'] = 'Site terms and conditions';
$string['addoneversionlink'] = '<a href="%s">Add one</a> if you need it.';
$string['privacyversionfor'] = 'Privacy statement for version "%s" is as follows:';
$string['termsversionfor'] = 'Terms and conditions for version "%s" is as follows:';
$string['institutionprivacystatement'] = 'Institution privacy statement';
$string['userprivacypagedescription'] = 'Displayed are the current privacy statements to which you consented.';
$string['institutiontermsandconditions'] = 'Institution terms and conditions';
$string['userprivacypagedescription'] = 'Displayed are the current privacy statements and terms and conditions to which you consented.';
$string['lastupdated'] = 'Last updated on';
$string['newprivacy'] = 'Before entering your account, please read the privacy statement displayed below.';
$string['privacyagreement'] = 'I consent to this privacy statement';
$string['newprivacy'] = 'Before entering your account, please read the information displayed below.';
$string['privacyagreement'] = 'I consent to this %s';
$string['privacyagreementdescription'] = 'By choosing "Yes", you give your consent to the clauses of the privacy statement above.';
$string['privacyagreedto'] = 'You agreed to this privacy statement in %s.';
$string['privacyagreedto'] = 'You agreed to this %s in %s.';
$string['agreementsaved'] = 'Agreement saved';
$string['refuseprivacy'] = 'Refuse privacy statement';
$string['refuseprivacy'] = 'Refuse privacy statement or terms and condititons';
$string['confirmprivacyrefusal'] = 'Are you really sure you wish to continue?';
$string['privacyrefusaldetails'] = 'If you do not consent to the privacy statement, your account will be suspended.';
$string['privacyrefusaldetails'] = 'If you do not consent to the privacy statements or terms and conditions, your account will be suspended.';
$string['privacyrefusal'] = 'Refused to consent to the privacy statement.';
$string['registerprivacyrefusal'] = 'Your account will not be created when you do not consent to the privacy statement.';
$string['registerprivacydetails'] = 'Please read the privacy statement. If you do not consent to it, you cannot create an account on the site.';
$string['registerrefusal'] = 'Your account will not be created when you do not consent to the %s.';
$string['registerprivacy'] = 'Please read the privacy statement. If you don not consent to it, you cannot create an account on the site.';
$string['registertermsandconditions'] = 'Please read the terms and conditions. If you don not consent to them, you cannot create an account on the site.';
$string['enterreason'] = 'Please enter the reason of refusal here...';
$string['hasrefused'] = 'has refused the privacy statement';
$string['privacylowcase'] = 'privacy statement';
$string['termsandconditionslowcase'] = 'terms and conditions';
$string['hasrefused'] = 'has refused the %s';
$string['privacyandtotheterms'] = 'privacy statement and to the terms and conditions';
$string['privacyandtheterms'] = 'privacy statement and the terms and conditions';
......@@ -769,7 +769,7 @@ The %s Team';
$string['institutionmemberrefusedprivacy'] = 'Hello %s,
The user %s, with the username %s, has refused the privacy statement. Their user account was suspended.
The user %s, with the username %s, has refused the %s. Their user account was suspended.
%s %s
Please contact the user via email at %s if you wish to discuss the refusal.
......@@ -886,7 +886,7 @@ $string['youraccounthasbeensuspendedtextcron'] = 'Your account at %s has been su
$string['youraccounthasbeensuspendedreasontext'] = "Your account at %s has been suspended by %s. Reason:\n\n%s";
$string['youraccounthasbeensuspendedreasontextcron'] = "Your account at %s has been suspended. Reason:\n\n%s";
$string['youraccounthasbeenunsuspendedtext2'] = 'Your account at %s has been unsuspended. You may once again log in and use the site.'; // can't provide a login link because we don't know how they log in - it might be by xmlrpc
$string['youraccounthasbeensuspendedtext3'] = 'Your account on %s has been suspended because you refused to consent to the privacy statement';
$string['youraccounthasbeensuspendedtext3'] = 'Your account on %s has been suspended because you refused to consent to the %s.';
// size of stuff
$string['sizemb'] = 'MB';
......
......@@ -472,8 +472,9 @@ class Institution {
*
* @param integer $studentid The id of the user who has refused the privacy statement.
* @param string $reason The reson why the user refused the privacy statement.
* @param array $whathasbeenrefused The content (privacy statement or terms or both) that the user has refused.
*/
public function send_admin_institution_refused_privacy_message($studentid, $reason) {
public function send_admin_institution_refused_privacy_message($studentid, $reason, $whathasbeenrefused) {
$student = new User();
$student->find_by_id($studentid);
$studentname = display_name($student, null, true);
......@@ -489,6 +490,7 @@ class Institution {
$thereasonis = get_string('thereasonis', 'mahara');
$reason = '"' . urldecode($reason) . '"';
}
$contentrefused = count($whathasbeenrefused) > 1 ? 'privacyandtheterms' : $whathasbeenrefused[0];
// check if there are admins - otherwise there are no site admins?!?!?
if (count($admins) > 0) {
require_once('activity.php');
......@@ -499,9 +501,9 @@ class Institution {
$user->find_by_id($id);
$message = (object) array(
'users' => array($id),
'subject' => $studentname . ' ' . get_string('hasrefused', 'admin'),
'subject' => $studentname . ' ' . get_string('hasrefused', 'admin', get_string($contentrefused, 'admin')),
'message' => get_string_from_language($lang, 'institutionmemberrefusedprivacy', 'mahara',
$user->firstname, $studentname, $student->username,
$user->firstname, $studentname, $student->username, get_string($contentrefused, 'admin'),
$thereasonis, $reason, $student->email, get_config('sitename')),
);
activity_occurred('maharamessage', $message);
......
......@@ -1426,7 +1426,7 @@ function suspend_user($suspendeduserid, $reason, $suspendinguserid=null) {
$suspendrec = new StdClass;
$suspendrec->id = $suspendeduserid;
$suspendrec->suspendedcusr = $suspendinguserid;
$suspendrec->suspendedreason = $reason == 'privacyrefusal' ? get_string($reason, 'admin') : $reason;
$suspendrec->suspendedreason = is_array($reason) ? get_string('privacyrefusal', 'admin') : $reason;
$suspendrec->suspendedctime = db_format_timestamp(time());
update_record('usr', $suspendrec, 'id');
......@@ -1449,9 +1449,9 @@ function suspend_user($suspendeduserid, $reason, $suspendinguserid=null) {
get_config('sitename'), display_name($suspendinguserid, $suspendeduserid));
}
}
else if ($reason == 'privacyrefusal') {
$message->message = get_string_from_language($lang, 'youraccounthasbeensuspendedtext3', 'mahara',
get_config('sitename'));
else if (is_array($reason)) {
$message->message = get_string_from_language($lang, 'youraccounthasbeensuspendedtext3', 'mahara',
get_config('sitename'), get_string(count($reason) == 1 ? $reason[0] : 'privacyandtotheterms', 'admin'));
}
else {
if ($iscron) {
......@@ -3244,18 +3244,17 @@ function get_latest_privacy_versions($institutions = array(), $ignoreagreevalue
$useragreementsql = $joinsql . " {usr_agreement} u ON s2.current = u.sitecontentid AND u.usr = ? AND u.agreed = 1";
$params = array($USER->get('id'));
}
$latestversions = get_records_sql_array("
SELECT s.id, s.version, s.content, s.ctime, s.institution, " . $userdetails . "
CASE s.institution WHEN 'mahara' THEN 1 ELSE 2 END as type
$select = count($institutions) == 1 ? 's.type, s.id' : 's.id, s.type';
$latestversions = get_records_sql_assoc("
SELECT " . $select . ", s.id, s.version, s.content, s.ctime, s.institution, " . $userdetails . "
CASE s.institution WHEN 'mahara' THEN 1 ELSE 2 END AS site
FROM {site_content_version} s
INNER JOIN (SELECT MAX(id) as current, institution
INNER JOIN (SELECT MAX(id) AS current, institution, type
FROM {site_content_version}
WHERE type = 'privacy'
GROUP BY institution) s2 ON s.institution = s2.institution AND s.id = s2.current
GROUP BY institution, type) s2 ON s.institution = s2.institution AND s.id = s2.current
" . $useragreementsql . "
WHERE s.type = 'privacy' AND s.institution IN (" . join(',',array_map('db_quote',$institutions)) . ")
ORDER BY type", $params);