Commit c812a32a authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Fix copying of institution views during sso new user creation (bug 3248)

parent b95c05c9
......@@ -708,7 +708,7 @@ class User {
*
* @param array $templateids A list of viewids to copy.
*/
public function copy_views($templateids) {
public function copy_views($templateids, $checkviewaccess=true) {
if (!$templateids) {
// Nothing to do
return;
......@@ -729,7 +729,7 @@ class User {
'owner' => $this->get('id'),
'title' => $views[$tid]->title,
'description' => $views[$tid]->description,
), $tid, $this->get('id'));
), $tid, $this->get('id'), $checkviewaccess);
}
db_commit();
}
......
......@@ -215,6 +215,7 @@ class Institution {
}
public function addUserAsMember($user) {
global $USER;
if ($this->isFull()) {
throw new SystemException('Trying to add a user to an institution that already has a full quota of members');
}
......@@ -260,9 +261,10 @@ class Institution {
insert_record('usr_institution', $userinst);
delete_records('usr_institution_request', 'usr', $userinst->usr, 'institution', $this->name);
// Copy institution views to the user's portfolio
$checkviewaccess = empty($user->newuser) && !$USER->get('admin');
$userobj = new User();
$userobj->find_by_id($user->id);
$userobj->copy_views(get_column('view', 'id', 'institution', $this->name, 'copynewuser', 1));
$userobj->copy_views(get_column('view', 'id', 'institution', $this->name, 'copynewuser', 1), $checkviewaccess);
require_once('activity.php');
activity_occurred('maharamessage', $message);
handle_event('updateuser', $userinst->usr);
......
......@@ -1236,6 +1236,8 @@ function create_user($user, $profile=array(), $institution=null, $remoteauth=nul
else {
$user->id = insert_record('usr', $user, 'id', true);
}
// Bypass access check for 'copynewuser' institution/site views, because this user may not be logged in yet
$user->newuser = true;
set_profile_field($user->id, 'email', $user->email);
set_profile_field($user->id, 'firstname', $user->firstname);
......@@ -1252,7 +1254,7 @@ function create_user($user, $profile=array(), $institution=null, $remoteauth=nul
$institution = new Institution($institution);
}
if ($institution->name != 'mahara') {
$institution->addUserAsMember($user);
$institution->addUserAsMember($user); // uses $user->newuser
}
}
......@@ -1272,9 +1274,10 @@ function create_user($user, $profile=array(), $institution=null, $remoteauth=nul
}
// Copy site views to the new user's profile
$checkviewaccess = !$user->newuser;
$userobj = new User();
$userobj->find_by_id($user->id);
$userobj->copy_views(get_column('view', 'id', 'institution', 'mahara', 'copynewuser', 1));
$userobj->copy_views(get_column('view', 'id', 'institution', 'mahara', 'copynewuser', 1), $checkviewaccess);
handle_event('createuser', $user);
db_commit();
......
......@@ -135,7 +135,7 @@ class View {
* @throws SystemException under various circumstances, see the source for
* more information
*/
public static function create_from_template($viewdata, $templateid, $userid=null) {
public static function create_from_template($viewdata, $templateid, $userid=null, $checkaccess=true) {
if (is_null($userid)) {
global $USER;
$userid = $USER->get('id');
......@@ -155,7 +155,7 @@ class View {
if (!$template->get('template') && !$user->can_edit_view($template)) {
throw new SystemException("View::create_from_template: Attempting to create a View from another View that is not marked as a template");
}
else if (!can_view_view($templateid, $userid)) {
else if ($checkaccess && !can_view_view($templateid, $userid)) {
throw new SystemException("View::create_from_template: User $userid is not permitted to copy View $templateid");
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment